From dd69c7dbe68e8f8674994a54ea913f2dd2e52c32 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Wed, 8 Jun 2011 10:54:41 -0400 Subject: Make data type of certificates more obvious/predictable internally. For the most part certificates will be treated as being in DER format. When we load a certificate we will generally accept it in any format but will convert it to DER before proceeding in normalize_certificate(). This also re-arranges a bit of code to pull some certificate-specific functions out of ipalib/plugins/service.py into ipalib/x509.py. This also tries to use variable names to indicate what format the certificate is in at any given point: dercert: DER cert: PEM nsscert: a python-nss Certificate object rawcert: unknown format ticket 32 --- ipalib/util.py | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'ipalib/util.py') diff --git a/ipalib/util.py b/ipalib/util.py index 78b954ee2..cc887c348 100644 --- a/ipalib/util.py +++ b/ipalib/util.py @@ -30,6 +30,7 @@ import re from types import NoneType from ipalib import errors +from ipalib.text import _ from ipapython import dnsclient @@ -185,3 +186,20 @@ def validate_ipaddr(ipaddr): except socket.error: return False return True + +def check_writable_file(filename): + """ + Determine if the file is writable. If the file doesn't exist then + open the file to test writability. + """ + if filename is None: + raise errors.FileError(reason='Filename is empty') + try: + if os.path.exists(filename): + if not os.access(filename, os.W_OK): + raise errors.FileError(reason=_('Permission denied: %(file)s') % dict(file=filename)) + else: + fp = open(filename, 'w') + fp.close() + except (IOError, OSError), e: + raise errors.FileError(reason=str(e)) -- cgit