Skip to content

R
re6stnet
Commit 37401c55 authored by zhifan huang's avatar zhifan huang
Browse files
Options

test: use tempfile and auto remove it 

change tools.decrpt func to use tempfile instead create a never removed
file
parent c07f4775
Hide whitespace changes
Inline Side-by-side
Showing with 17 additions and 10 deletions
re6st/tests/tools.py
View file @ 37401c55
...@@ -2,7 +2,9 @@ import sys ...@@ -2,7 +2,9 @@ import sys
import os import os
import time import time
import subprocess import subprocess
import tempfile
import logging
logger = logging.getLogger(__name__)
with open(os.devnull, "wb") as null: with open(os.devnull, "wb") as null:
tmp = sys.stderr tmp = sys.stderr
...@@ -16,7 +18,7 @@ with open(os.devnull, "wb") as null: ...@@ -16,7 +18,7 @@ with open(os.devnull, "wb") as null:
def generate_csr(): def generate_csr():
"""generate a certificate request """generate a certificate request
return: return:
crypto.Pekey and crypto.X509Req both in pem format crypto.Pekey and crypto.X509Req both in pem format
""" """
key = crypto.PKey() key = crypto.PKey()
...@@ -33,7 +35,7 @@ def generate_csr(): ...@@ -33,7 +35,7 @@ def generate_csr():
def generate_cert(ca, ca_key, csr, prefix, serial, not_after=None): def generate_cert(ca, ca_key, csr, prefix, serial, not_after=None):
"""generate a certificate """generate a certificate
return return
crypto.X509Cert in pem format crypto.X509Cert in pem format
""" """
if type(ca) is str: if type(ca) is str:
...@@ -97,7 +99,7 @@ def create_ca_file(pkey_file, cert_file, serial=0x120010db80042): ...@@ -97,7 +99,7 @@ def create_ca_file(pkey_file, cert_file, serial=0x120010db80042):
pkey_file.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, key)) pkey_file.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, key))
with open(cert_file, 'w') as cert_file: with open(cert_file, 'w') as cert_file:
cert_file.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert)) cert_file.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
return key, cert return key, cert
...@@ -105,14 +107,19 @@ def prefix2cn(prefix): ...@@ -105,14 +107,19 @@ def prefix2cn(prefix):
return "%u/%u" % (int(prefix, 2), len(prefix)) return "%u/%u" % (int(prefix, 2), len(prefix))
def serial2prefix(serial): def serial2prefix(serial):
return bin(serial)[2:].rjust(16, '0') return bin(serial)[2:].rjust(16, '0')
# pkey: private key # pkey: private key
def decrypt(pkey, incontent): def decrypt(pkey, incontent):
with open("node.key", 'w') as f: fd, key_path = tempfile.mkstemp()
f.write(pkey) os.write(fd, pkey)
args = "openssl rsautl -decrypt -inkey node.key".split() os.close(fd)
p = subprocess.Popen( args = ['openssl', 'rsautl', '-decrypt', '-inkey', key_path]
args, stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE) p = subprocess.Popen(args, stdin=subprocess.PIPE, stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
outcontent, err = p.communicate(incontent) outcontent, err = p.communicate(incontent)
try:
os.unlink(key_path)
except:
logger.error("leaked file %s", key_path)
return outcontent return outcontent
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7