all: Use named arguments of datetime.timedelta .

Positional arguments are comparatively a lot harder to understand.

caucase/ca.py

@@ -167,7 +167,7 @@ class CertificateAuthority(object):
     self._ca_key_size = ca_key_size
     self._digest_list = digest_list
     self._default_digest_class = getattr(hashes, self.digest_list[0].upper())
-    self._crt_life_time = datetime.timedelta(crt_life_time, 0)
+    self._crt_life_time = datetime.timedelta(days=crt_life_time)
     self._crl_base_url = crl_base_url
     self._ca_subject = x509.Name([
       x509.NameAttribute(
@@ -180,14 +180,14 @@ class CertificateAuthority(object):
     if ca_life_period < 3:
       raise ValueError("ca_life_period must be >= 3 to allow CA rollout")
     self._crl_life_time = datetime.timedelta(
-      crt_life_time * crl_renew_period,
-      0,
+      days=crt_life_time * crl_renew_period,
     )
     self._crl_renew_time = datetime.timedelta(
-      crt_life_time * crl_renew_period * .5,
-      0,
+      days=crt_life_time * crl_renew_period * .5,
+    )
+    self._ca_life_time = datetime.timedelta(
+      days=crt_life_time * ca_life_period,
     )
-    self._ca_life_time = datetime.timedelta(crt_life_time * ca_life_period, 0)
     self._loadCAKeyPairList()
     self._renewCAIfNeeded()
 

caucase/cli.py

@@ -84,7 +84,7 @@ class RetryingCaucaseClient(CaucaseClient):
         connection.close() # Resets HTTPConnection state machine.
         # Note: repr(str(exception)) is nicer than repr(exception), without
         # letting non-printable characters through.
-        next_try = datetime.datetime.utcnow() + datetime.timedelta(0, 10)
+        next_try = datetime.datetime.utcnow() + datetime.timedelta(seconds=10)
         print(
           u'Got a network error, retrying at %s, %s: %r' % (
             next_try.strftime(u'%Y-%m-%d %H:%M:%S +0000'),
@@ -654,8 +654,7 @@ def main(argv=None, stdout=sys.stdout, stderr=sys.stderr):
       updated, error = client.renewCRT(
         crt_key_list=args.renew_crt,
         renewal_deadline=datetime.datetime.utcnow() + datetime.timedelta(
-          args.threshold,
-          0,
+          days=args.threshold,
         ),
         key_len=args.key_len,
         ca_certificate_list=ca_list,
@@ -867,10 +866,10 @@ def updater(argv=None, until=utils.until):
       MODE_SERVICE: cas_url,
       MODE_USER: args.ca_url + '/cau',
     }[args.mode]
-    threshold = datetime.timedelta(args.threshold, 0)
-    crl_threshold = datetime.timedelta(args.crl_threshold, 0)
-    max_sleep = datetime.timedelta(args.max_sleep, 0)
-    min_sleep = datetime.timedelta(0, 60)
+    threshold = datetime.timedelta(days=args.threshold)
+    crl_threshold = datetime.timedelta(days=args.crl_threshold)
+    max_sleep = datetime.timedelta(days=args.max_sleep)
+    min_sleep = datetime.timedelta(seconds=60)
     updated = RetryingCaucaseClient.updateCAFile(
       cas_url,
       args.cas_ca,
@@ -897,7 +896,7 @@ def updater(argv=None, until=utils.until):
           # through.
           client.getCertificateSigningRequest(csr_id)
           # Still here ? Ok, wait a bit and try again.
-          until(datetime.datetime.utcnow() + datetime.timedelta(0, 60))
+          until(datetime.datetime.utcnow() + datetime.timedelta(seconds=60))
         else:
           with open(args.crt, 'ab') as crt_file:
             crt_file.write(crt_pem)

caucase/http.py

@@ -320,7 +320,7 @@ def getSSLContext(
     )),
   )
   http_cas_certificate_list = http_cas.getCACertificateList()
-  threshold_delta = datetime.timedelta(threshold, 0)
+  threshold_delta = datetime.timedelta(days=threshold)
   exists = os.path.exists(server_key_path)
   if exists:
     try:
@@ -812,7 +812,7 @@ def main(
       server_side=True,
     )
   if args.backup_directory:
-    backup_period = datetime.timedelta(args.backup_period, 0)
+    backup_period = datetime.timedelta(days=args.backup_period)
     try:
       next_backup = max(
         utils.timestamp2datetime(os.stat(x).st_ctime)
@@ -881,7 +881,7 @@ def main(
             next_backup = now + backup_period
           else:
             os.unlink(tmp_backup_path)
-            next_backup = now + datetime.timedelta(0, 3600)
+            next_backup = now + datetime.timedelta(seconds=3600)
         next_deadline = min(
           next_ssl_update,
           next_backup,

caucase/test.py

@@ -497,7 +497,7 @@ class CaucaseTest(TestCase):
     if not_before is None: # pragma: no cover
       not_before = datetime.datetime.utcnow()
     if not_after is None: # pragma: no cover
-      not_after = not_before + datetime.timedelta(10, 0)
+      not_after = not_before + datetime.timedelta(days=10)
     private_key = utils.generatePrivateKey(2048)
     subject = x509.Name([
       x509.NameAttribute(
@@ -564,7 +564,7 @@ class CaucaseTest(TestCase):
     if not_before is None: # pragma: no cover
       not_before = datetime.datetime.utcnow()
     if not_after is None: # pragma: no cover
-      not_after = not_before + datetime.timedelta(10, 0)
+      not_after = not_before + datetime.timedelta(days=10)
     crt_key = utils.generatePrivateKey(2048)
     return crt_key, x509.CertificateBuilder(
       subject_name=x509.Name([
@@ -612,7 +612,7 @@ class CaucaseTest(TestCase):
     if last_update is None: # pragma: no cover
       last_update = datetime.datetime.utcnow()
     if next_update is None: # pragma: no cover
-      next_update = last_update + datetime.timedelta(5, 0)
+      next_update = last_update + datetime.timedelta(days=5)
     return x509.CertificateRevocationListBuilder(
       issuer_name=ca_crt.issuer,
       last_update=last_update,
@@ -1280,7 +1280,7 @@ class CaucaseTest(TestCase):
       self._server_db,
       table_prefix='cas',
     ).storeCRLLastUpdate(
-      last_update=utils.datetime2timestamp(now - datetime.timedelta(16)),
+      last_update=utils.datetime2timestamp(now - datetime.timedelta(days=16)),
     )
     self._startServer()
     self._runClient()
@@ -1687,7 +1687,7 @@ class CaucaseTest(TestCase):
     old_cau_pem = self._setCACertificateRemainingLifeTime(
       'user',
       cau_crt.serial_number,
-      datetime.timedelta(100, 0),
+      datetime.timedelta(days=100),
     )
     utils.saveCertList(self._client_user_ca_crt, [old_cau_pem])
     self._startServer(timeout=20)
@@ -1732,7 +1732,7 @@ class CaucaseTest(TestCase):
       'user',
       new_cau_crt.serial_number,
       new_cau_crt.not_valid_after - new_cau_crt.not_valid_before -
-      datetime.timedelta(100, 0),
+      datetime.timedelta(days=100),
     )
     utils.saveCertList(
       self._client_user_ca_crt,
@@ -1830,7 +1830,7 @@ class CaucaseTest(TestCase):
     old_cau_pem = self._setCACertificateRemainingLifeTime(
       'user',
       cau_crt.serial_number,
-      datetime.timedelta(-1, 0),
+      datetime.timedelta(days=-1),
     )
     utils.saveCertList(
       self._client_user_ca_crt,
@@ -1909,7 +1909,7 @@ class CaucaseTest(TestCase):
     ) in list(crl_pem_dict.items()):
       crl_pem_dict[authority_key_identifier] = (
         crl_pem,
-        datetime.datetime.utcnow() - datetime.timedelta(0, 1),
+        datetime.datetime.utcnow() - datetime.timedelta(seconds=1),
       )
     cau_ca_list = cau.getCACertificateList()
     new_crl_pem_dict = cau.getCertificateRevocationListDict()
@@ -1981,7 +1981,7 @@ class CaucaseTest(TestCase):
             ],
             None,
           ),
-          delta=datetime.timedelta(20, 0)
+          delta=datetime.timedelta(days=20)
         )
       ))
       server_key_file.write(ca_crt_pem)
@@ -3326,9 +3326,9 @@ class CaucaseTest(TestCase):
 
       # Next wakeup should be 7 days before CRL expiration (default delay)
       crl, = self._getClientCRLList()
-      crl_renewal = crl.next_update - datetime.timedelta(7, 0)
+      crl_renewal = crl.next_update - datetime.timedelta(days=7)
       # Give +/-5 seconds of leeway.
-      crl_tolerance = datetime.timedelta(0, 5)
+      crl_tolerance = datetime.timedelta(seconds=5)
       self.assertGreater(
         until_updater.deadline, crl_renewal - crl_tolerance,
       )
@@ -3692,13 +3692,13 @@ class CaucaseTest(TestCase):
         );
       ''')
       now = datetime.datetime.utcnow().replace(microsecond=0)
-      ca_lifetime = datetime.timedelta(390)
-      old_ca_expiration_date = now + datetime.timedelta(100)
+      ca_lifetime = datetime.timedelta(days=390)
+      old_ca_expiration_date = now + datetime.timedelta(days=100)
       old_ca_key, old_ca_crt = self._getCAKeyPair(
         not_before=old_ca_expiration_date - ca_lifetime,
         not_after=old_ca_expiration_date,
       )
-      ca_expiration_date = now + datetime.timedelta(300)
+      ca_expiration_date = now + datetime.timedelta(days=300)
       ca_key, ca_crt = self._getCAKeyPair(
         not_before=ca_expiration_date - ca_lifetime,
         not_after=ca_expiration_date,
@@ -3731,11 +3731,11 @@ class CaucaseTest(TestCase):
         revoked_list = [
           (
             4321,
-            now - datetime.timedelta(11),
+            now - datetime.timedelta(days=11),
           ),
           (
             1234,
-            now - datetime.timedelta(10),
+            now - datetime.timedelta(days=10),
           ),
         ]
         for (serial, revocation_date) in revoked_list:
@@ -3746,7 +3746,7 @@ class CaucaseTest(TestCase):
             (
               serial,
               utils.datetime2timestamp(revocation_date),
-              utils.datetime2timestamp(now + datetime.timedelta(5)),
+              utils.datetime2timestamp(now + datetime.timedelta(days=5)),
             ),
           )
       else:
@@ -3754,7 +3754,7 @@ class CaucaseTest(TestCase):
       crl_pem = x509.CertificateRevocationListBuilder(
         issuer_name=ca_crt.issuer,
         last_update=now,
-        next_update=now + datetime.timedelta(31),
+        next_update=now + datetime.timedelta(days=31),
         extensions=[
           Extension(
             x509.CRLNumber(crl_number),
@@ -3788,7 +3788,7 @@ class CaucaseTest(TestCase):
       c.execute(
         'INSERT INTO cascrl (expiration_date, crl) VALUES (?, ?)',
         (
-          utils.datetime2timestamp(now + datetime.timedelta(15, 0)),
+          utils.datetime2timestamp(now + datetime.timedelta(days=15)),
           crl_pem,
         ),
       )

caucase/utils.py

@@ -651,7 +651,7 @@ def timestamp2datetime(value):
   """
   Convert given unix timestamp into a datetime.
   """
-  return EPOCH + datetime.timedelta(0, value)
+  return EPOCH + datetime.timedelta(seconds=value)
 
 def timestamp2IMFfixdate(value):
   """