Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
C
caucase
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Labels
Merge Requests
2
Merge Requests
2
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Jobs
Commits
Open sidebar
nexedi
caucase
Commits
3750b5c2
Commit
3750b5c2
authored
Dec 22, 2021
by
Vincent Pelletier
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
all: Use named arguments of datetime.timedelta .
Positional arguments are comparatively a lot harder to understand.
parent
3b5e0085
Changes
5
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
36 additions
and
37 deletions
+36
-37
caucase/ca.py
caucase/ca.py
+6
-6
caucase/cli.py
caucase/cli.py
+7
-8
caucase/http.py
caucase/http.py
+3
-3
caucase/test.py
caucase/test.py
+19
-19
caucase/utils.py
caucase/utils.py
+1
-1
No files found.
caucase/ca.py
View file @
3750b5c2
...
...
@@ -167,7 +167,7 @@ class CertificateAuthority(object):
self
.
_ca_key_size
=
ca_key_size
self
.
_digest_list
=
digest_list
self
.
_default_digest_class
=
getattr
(
hashes
,
self
.
digest_list
[
0
].
upper
())
self
.
_crt_life_time
=
datetime
.
timedelta
(
crt_life_time
,
0
)
self
.
_crt_life_time
=
datetime
.
timedelta
(
days
=
crt_life_time
)
self
.
_crl_base_url
=
crl_base_url
self
.
_ca_subject
=
x509
.
Name
([
x509
.
NameAttribute
(
...
...
@@ -180,14 +180,14 @@ class CertificateAuthority(object):
if
ca_life_period
<
3
:
raise
ValueError
(
"ca_life_period must be >= 3 to allow CA rollout"
)
self
.
_crl_life_time
=
datetime
.
timedelta
(
crt_life_time
*
crl_renew_period
,
0
,
days
=
crt_life_time
*
crl_renew_period
,
)
self
.
_crl_renew_time
=
datetime
.
timedelta
(
crt_life_time
*
crl_renew_period
*
.
5
,
0
,
days
=
crt_life_time
*
crl_renew_period
*
.
5
,
)
self
.
_ca_life_time
=
datetime
.
timedelta
(
days
=
crt_life_time
*
ca_life_period
,
)
self
.
_ca_life_time
=
datetime
.
timedelta
(
crt_life_time
*
ca_life_period
,
0
)
self
.
_loadCAKeyPairList
()
self
.
_renewCAIfNeeded
()
...
...
caucase/cli.py
View file @
3750b5c2
...
...
@@ -84,7 +84,7 @@ class RetryingCaucaseClient(CaucaseClient):
connection
.
close
()
# Resets HTTPConnection state machine.
# Note: repr(str(exception)) is nicer than repr(exception), without
# letting non-printable characters through.
next_try
=
datetime
.
datetime
.
utcnow
()
+
datetime
.
timedelta
(
0
,
10
)
next_try
=
datetime
.
datetime
.
utcnow
()
+
datetime
.
timedelta
(
seconds
=
10
)
print
(
u'Got a network error, retrying at %s, %s: %r'
%
(
next_try
.
strftime
(
u'%Y-%m-%d %H:%M:%S +0000'
),
...
...
@@ -654,8 +654,7 @@ def main(argv=None, stdout=sys.stdout, stderr=sys.stderr):
updated
,
error
=
client
.
renewCRT
(
crt_key_list
=
args
.
renew_crt
,
renewal_deadline
=
datetime
.
datetime
.
utcnow
()
+
datetime
.
timedelta
(
args
.
threshold
,
0
,
days
=
args
.
threshold
,
),
key_len
=
args
.
key_len
,
ca_certificate_list
=
ca_list
,
...
...
@@ -867,10 +866,10 @@ def updater(argv=None, until=utils.until):
MODE_SERVICE
:
cas_url
,
MODE_USER
:
args
.
ca_url
+
'/cau'
,
}[
args
.
mode
]
threshold
=
datetime
.
timedelta
(
args
.
threshold
,
0
)
crl_threshold
=
datetime
.
timedelta
(
args
.
crl_threshold
,
0
)
max_sleep
=
datetime
.
timedelta
(
args
.
max_sleep
,
0
)
min_sleep
=
datetime
.
timedelta
(
0
,
60
)
threshold
=
datetime
.
timedelta
(
days
=
args
.
threshold
)
crl_threshold
=
datetime
.
timedelta
(
days
=
args
.
crl_threshold
)
max_sleep
=
datetime
.
timedelta
(
days
=
args
.
max_sleep
)
min_sleep
=
datetime
.
timedelta
(
seconds
=
60
)
updated
=
RetryingCaucaseClient
.
updateCAFile
(
cas_url
,
args
.
cas_ca
,
...
...
@@ -897,7 +896,7 @@ def updater(argv=None, until=utils.until):
# through.
client
.
getCertificateSigningRequest
(
csr_id
)
# Still here ? Ok, wait a bit and try again.
until
(
datetime
.
datetime
.
utcnow
()
+
datetime
.
timedelta
(
0
,
60
))
until
(
datetime
.
datetime
.
utcnow
()
+
datetime
.
timedelta
(
seconds
=
60
))
else
:
with
open
(
args
.
crt
,
'ab'
)
as
crt_file
:
crt_file
.
write
(
crt_pem
)
...
...
caucase/http.py
View file @
3750b5c2
...
...
@@ -320,7 +320,7 @@ def getSSLContext(
)),
)
http_cas_certificate_list
=
http_cas
.
getCACertificateList
()
threshold_delta
=
datetime
.
timedelta
(
threshold
,
0
)
threshold_delta
=
datetime
.
timedelta
(
days
=
threshold
)
exists
=
os
.
path
.
exists
(
server_key_path
)
if
exists
:
try
:
...
...
@@ -812,7 +812,7 @@ def main(
server_side
=
True
,
)
if
args
.
backup_directory
:
backup_period
=
datetime
.
timedelta
(
args
.
backup_period
,
0
)
backup_period
=
datetime
.
timedelta
(
days
=
args
.
backup_period
)
try
:
next_backup
=
max
(
utils
.
timestamp2datetime
(
os
.
stat
(
x
).
st_ctime
)
...
...
@@ -881,7 +881,7 @@ def main(
next_backup
=
now
+
backup_period
else
:
os
.
unlink
(
tmp_backup_path
)
next_backup
=
now
+
datetime
.
timedelta
(
0
,
3600
)
next_backup
=
now
+
datetime
.
timedelta
(
seconds
=
3600
)
next_deadline
=
min
(
next_ssl_update
,
next_backup
,
...
...
caucase/test.py
View file @
3750b5c2
...
...
@@ -497,7 +497,7 @@ class CaucaseTest(TestCase):
if
not_before
is
None
:
# pragma: no cover
not_before
=
datetime
.
datetime
.
utcnow
()
if
not_after
is
None
:
# pragma: no cover
not_after
=
not_before
+
datetime
.
timedelta
(
10
,
0
)
not_after
=
not_before
+
datetime
.
timedelta
(
days
=
1
0
)
private_key
=
utils
.
generatePrivateKey
(
2048
)
subject
=
x509
.
Name
([
x509
.
NameAttribute
(
...
...
@@ -564,7 +564,7 @@ class CaucaseTest(TestCase):
if
not_before
is
None
:
# pragma: no cover
not_before
=
datetime
.
datetime
.
utcnow
()
if
not_after
is
None
:
# pragma: no cover
not_after
=
not_before
+
datetime
.
timedelta
(
10
,
0
)
not_after
=
not_before
+
datetime
.
timedelta
(
days
=
1
0
)
crt_key
=
utils
.
generatePrivateKey
(
2048
)
return
crt_key
,
x509
.
CertificateBuilder
(
subject_name
=
x509
.
Name
([
...
...
@@ -612,7 +612,7 @@ class CaucaseTest(TestCase):
if
last_update
is
None
:
# pragma: no cover
last_update
=
datetime
.
datetime
.
utcnow
()
if
next_update
is
None
:
# pragma: no cover
next_update
=
last_update
+
datetime
.
timedelta
(
5
,
0
)
next_update
=
last_update
+
datetime
.
timedelta
(
days
=
5
)
return
x509
.
CertificateRevocationListBuilder
(
issuer_name
=
ca_crt
.
issuer
,
last_update
=
last_update
,
...
...
@@ -1280,7 +1280,7 @@ class CaucaseTest(TestCase):
self
.
_server_db
,
table_prefix
=
'cas'
,
).
storeCRLLastUpdate
(
last_update
=
utils
.
datetime2timestamp
(
now
-
datetime
.
timedelta
(
16
)),
last_update
=
utils
.
datetime2timestamp
(
now
-
datetime
.
timedelta
(
days
=
16
)),
)
self
.
_startServer
()
self
.
_runClient
()
...
...
@@ -1687,7 +1687,7 @@ class CaucaseTest(TestCase):
old_cau_pem
=
self
.
_setCACertificateRemainingLifeTime
(
'user'
,
cau_crt
.
serial_number
,
datetime
.
timedelta
(
100
,
0
),
datetime
.
timedelta
(
days
=
10
0
),
)
utils
.
saveCertList
(
self
.
_client_user_ca_crt
,
[
old_cau_pem
])
self
.
_startServer
(
timeout
=
20
)
...
...
@@ -1732,7 +1732,7 @@ class CaucaseTest(TestCase):
'user'
,
new_cau_crt
.
serial_number
,
new_cau_crt
.
not_valid_after
-
new_cau_crt
.
not_valid_before
-
datetime
.
timedelta
(
100
,
0
),
datetime
.
timedelta
(
days
=
10
0
),
)
utils
.
saveCertList
(
self
.
_client_user_ca_crt
,
...
...
@@ -1830,7 +1830,7 @@ class CaucaseTest(TestCase):
old_cau_pem
=
self
.
_setCACertificateRemainingLifeTime
(
'user'
,
cau_crt
.
serial_number
,
datetime
.
timedelta
(
-
1
,
0
),
datetime
.
timedelta
(
days
=-
1
),
)
utils
.
saveCertList
(
self
.
_client_user_ca_crt
,
...
...
@@ -1909,7 +1909,7 @@ class CaucaseTest(TestCase):
)
in
list
(
crl_pem_dict
.
items
()):
crl_pem_dict
[
authority_key_identifier
]
=
(
crl_pem
,
datetime
.
datetime
.
utcnow
()
-
datetime
.
timedelta
(
0
,
1
),
datetime
.
datetime
.
utcnow
()
-
datetime
.
timedelta
(
seconds
=
1
),
)
cau_ca_list
=
cau
.
getCACertificateList
()
new_crl_pem_dict
=
cau
.
getCertificateRevocationListDict
()
...
...
@@ -1981,7 +1981,7 @@ class CaucaseTest(TestCase):
],
None
,
),
delta
=
datetime
.
timedelta
(
20
,
0
)
delta
=
datetime
.
timedelta
(
days
=
2
0
)
)
))
server_key_file
.
write
(
ca_crt_pem
)
...
...
@@ -3326,9 +3326,9 @@ class CaucaseTest(TestCase):
# Next wakeup should be 7 days before CRL expiration (default delay)
crl
,
=
self
.
_getClientCRLList
()
crl_renewal
=
crl
.
next_update
-
datetime
.
timedelta
(
7
,
0
)
crl_renewal
=
crl
.
next_update
-
datetime
.
timedelta
(
days
=
7
)
# Give +/-5 seconds of leeway.
crl_tolerance
=
datetime
.
timedelta
(
0
,
5
)
crl_tolerance
=
datetime
.
timedelta
(
seconds
=
5
)
self
.
assertGreater
(
until_updater
.
deadline
,
crl_renewal
-
crl_tolerance
,
)
...
...
@@ -3692,13 +3692,13 @@ class CaucaseTest(TestCase):
);
'''
)
now
=
datetime
.
datetime
.
utcnow
().
replace
(
microsecond
=
0
)
ca_lifetime
=
datetime
.
timedelta
(
390
)
old_ca_expiration_date
=
now
+
datetime
.
timedelta
(
100
)
ca_lifetime
=
datetime
.
timedelta
(
days
=
390
)
old_ca_expiration_date
=
now
+
datetime
.
timedelta
(
days
=
100
)
old_ca_key
,
old_ca_crt
=
self
.
_getCAKeyPair
(
not_before
=
old_ca_expiration_date
-
ca_lifetime
,
not_after
=
old_ca_expiration_date
,
)
ca_expiration_date
=
now
+
datetime
.
timedelta
(
300
)
ca_expiration_date
=
now
+
datetime
.
timedelta
(
days
=
300
)
ca_key
,
ca_crt
=
self
.
_getCAKeyPair
(
not_before
=
ca_expiration_date
-
ca_lifetime
,
not_after
=
ca_expiration_date
,
...
...
@@ -3731,11 +3731,11 @@ class CaucaseTest(TestCase):
revoked_list
=
[
(
4321
,
now
-
datetime
.
timedelta
(
11
),
now
-
datetime
.
timedelta
(
days
=
11
),
),
(
1234
,
now
-
datetime
.
timedelta
(
10
),
now
-
datetime
.
timedelta
(
days
=
10
),
),
]
for
(
serial
,
revocation_date
)
in
revoked_list
:
...
...
@@ -3746,7 +3746,7 @@ class CaucaseTest(TestCase):
(
serial
,
utils
.
datetime2timestamp
(
revocation_date
),
utils
.
datetime2timestamp
(
now
+
datetime
.
timedelta
(
5
)),
utils
.
datetime2timestamp
(
now
+
datetime
.
timedelta
(
days
=
5
)),
),
)
else
:
...
...
@@ -3754,7 +3754,7 @@ class CaucaseTest(TestCase):
crl_pem
=
x509
.
CertificateRevocationListBuilder
(
issuer_name
=
ca_crt
.
issuer
,
last_update
=
now
,
next_update
=
now
+
datetime
.
timedelta
(
31
),
next_update
=
now
+
datetime
.
timedelta
(
days
=
31
),
extensions
=
[
Extension
(
x509
.
CRLNumber
(
crl_number
),
...
...
@@ -3788,7 +3788,7 @@ class CaucaseTest(TestCase):
c
.
execute
(
'INSERT INTO cascrl (expiration_date, crl) VALUES (?, ?)'
,
(
utils
.
datetime2timestamp
(
now
+
datetime
.
timedelta
(
15
,
0
)),
utils
.
datetime2timestamp
(
now
+
datetime
.
timedelta
(
days
=
15
)),
crl_pem
,
),
)
...
...
caucase/utils.py
View file @
3750b5c2
...
...
@@ -651,7 +651,7 @@ def timestamp2datetime(value):
"""
Convert given unix timestamp into a datetime.
"""
return
EPOCH
+
datetime
.
timedelta
(
0
,
value
)
return
EPOCH
+
datetime
.
timedelta
(
seconds
=
value
)
def
timestamp2IMFfixdate
(
value
):
"""
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment