diff options
-rw-r--r-- | base/common/python/pki/__init__.py | 14 | ||||
-rw-r--r-- | base/common/python/pki/cert.py | 130 | ||||
-rw-r--r-- | base/common/python/pki/cli.py | 2 | ||||
-rw-r--r-- | base/common/python/pki/encoder.py | 4 | ||||
-rw-r--r-- | base/common/python/pki/key.py | 32 | ||||
-rw-r--r-- | base/common/python/pki/profile.py | 82 | ||||
-rw-r--r-- | base/common/python/pki/upgrade.py | 4 | ||||
-rwxr-xr-x | base/common/sbin/pki-upgrade | 8 | ||||
-rw-r--r-- | base/server/python/pki/server/__init__.py | 4 | ||||
-rw-r--r-- | base/server/python/pki/server/deployment/pkihelper.py | 24 | ||||
-rw-r--r-- | base/server/python/pki/server/deployment/pkiparser.py | 6 | ||||
-rw-r--r-- | base/server/python/pki/server/deployment/pkiscriptlet.py | 4 | ||||
-rw-r--r-- | base/server/python/pki/server/deployment/scriptlets/initialization.py | 2 | ||||
-rwxr-xr-x | base/server/sbin/pki-server-upgrade | 2 | ||||
-rwxr-xr-x | base/server/sbin/pkidestroy | 2 | ||||
-rwxr-xr-x | base/server/sbin/pkispawn | 10 | ||||
-rw-r--r-- | dogtag.pylintrc | 11 | ||||
-rwxr-xr-x | pylint-build-scan.sh | 35 | ||||
-rw-r--r-- | specs/pki-core.spec | 6 |
19 files changed, 176 insertions, 206 deletions
diff --git a/base/common/python/pki/__init__.py b/base/common/python/pki/__init__.py index 01ac26393..d80e6c6c7 100644 --- a/base/common/python/pki/__init__.py +++ b/base/common/python/pki/__init__.py @@ -27,10 +27,10 @@ import re import requests -CONF_DIR = '/etc/pki' +CONF_DIR = '/etc/pki' SHARE_DIR = '/usr/share/pki' -BASE_DIR = '/var/lib' -LOG_DIR = '/var/log/pki' +BASE_DIR = '/var/lib' +LOG_DIR = '/var/log/pki' PACKAGE_VERSION = SHARE_DIR + '/VERSION' CERT_HEADER = "-----BEGIN CERTIFICATE-----" @@ -117,7 +117,7 @@ def implementation_version(): raise Exception('Missing implementation version.') -#pylint: disable-msg=R0903 +#pylint: disable=R0903 class Attribute(object): """ Class representing a key/value pair. @@ -131,7 +131,7 @@ class Attribute(object): self.value = value -#pylint: disable-msg=R0903 +#pylint: disable=R0903 class AttributeList(object): """ Class representing a list of attributes. @@ -139,7 +139,7 @@ class AttributeList(object): This class is needed because of a JavaMapper used in the REST API. """ - # pylint: disable-msg=C0103 + # pylint: disable=C0103 def __init__(self): """ Constructor """ self.Attribute = [] @@ -151,7 +151,7 @@ class ResourceMessage(object): It is essentially a list of attributes. """ - # pylint: disable-msg=C0103 + # pylint: disable=C0103 def __init__(self, class_name): """ Constructor """ self.Attributes = AttributeList() diff --git a/base/common/python/pki/cert.py b/base/common/python/pki/cert.py index 6a27ee723..1fe323f24 100644 --- a/base/common/python/pki/cert.py +++ b/base/common/python/pki/cert.py @@ -344,9 +344,9 @@ class CertSearchRequest(object): setattr(self, CertSearchRequest.search_params[param], value) setattr(self, 'serialNumberRangeInUse', True) - if param in { - 'email', 'common_name', 'user_id', 'org_unit', 'org', - 'locality', 'state', 'country', 'match_exactly' + if param in {\ + 'email', 'common_name', 'user_id', 'org_unit', 'org',\ + 'locality', 'state', 'country', 'match_exactly'\ }: setattr(self, CertSearchRequest.search_params[param], value) setattr(self, 'subjectInUse', True) @@ -382,16 +382,16 @@ class CertSearchRequest(object): setattr(self, CertSearchRequest.search_params[param], value) setattr(self, 'validNotAfterInUse', True) - if param in { - 'validity_operation', 'validity_count', 'validity_unit' + if param in {\ + 'validity_operation', 'validity_count', 'validity_unit'\ }: setattr(self, CertSearchRequest.search_params[param], value) setattr(self, 'validityLengthInUse', True) - if param in { - 'cert_type_sub_email_ca', 'cert_type_sub_ssl_ca', - 'cert_type_secure_email', 'cert_type_ssl_client', - 'cert_type_ssl_server' + if param in {\ + 'cert_type_sub_email_ca', 'cert_type_sub_ssl_ca',\ + 'cert_type_secure_email', 'cert_type_ssl_client',\ + 'cert_type_ssl_server'\ }: setattr(self, CertSearchRequest.search_params[param], value) setattr(self, 'certTypeInUse', True) @@ -1045,8 +1045,8 @@ def main(): cert_client.get_enrollment_template('caUserCert') #Enrolling an user certificate - print('Enrolling an user certificate') - print('-----------------------------') + print 'Enrolling an user certificate' + print '-----------------------------' inputs = dict() inputs['cert_request_type'] = 'crmf' @@ -1072,19 +1072,19 @@ def main(): for enrollment_result in enrollment_results: request_data = enrollment_result.request cert_data = enrollment_result.cert - print('Request ID: ' + request_data.request_id) - print('Request Status:' + request_data.request_status) - print('Serial Number: ' + cert_data.serial_number) - print('Issuer: ' + cert_data.issuer_dn) - print('Subject: ' + cert_data.subject_dn) - print('Pretty Print:') - print(cert_data.pretty_repr) + print 'Request ID: ' + request_data.request_id + print 'Request Status:' + request_data.request_status + print 'Serial Number: ' + cert_data.serial_number + print 'Issuer: ' + cert_data.issuer_dn + print 'Subject: ' + cert_data.subject_dn + print 'Pretty Print:' + print cert_data.pretty_repr print # Enrolling a server certificate - print("Enrolling a server certificate") - print('------------------------------') + print "Enrolling a server certificate" + print '------------------------------' inputs = dict() inputs['cert_request_type'] = 'pkcs10' @@ -1109,40 +1109,40 @@ def main(): for enrollment_result in enrollment_results_2: request_data = enrollment_result.request cert_data = enrollment_result.cert - print('Request ID: ' + request_data.request_id) - print('Request Status:' + request_data.request_status) + print 'Request ID: ' + request_data.request_id + print 'Request Status:' + request_data.request_status if cert_data is not None: # store cert_id for usage later cert_id = cert_data.serial_number - print('Serial Number: ' + cert_id) - print('Issuer: ' + cert_data.issuer_dn) - print('Subject: ' + cert_data.subject_dn) - print('Pretty Print:') - print(cert_data.pretty_repr) + print 'Serial Number: ' + cert_id + print 'Issuer: ' + cert_data.issuer_dn + print 'Subject: ' + cert_data.subject_dn + print 'Pretty Print:' + print cert_data.pretty_repr print # List all the VALID certs - print('An example listing all VALID certs') - print('----------------------------------') + print 'An example listing all VALID certs' + print '----------------------------------' search_params = {'status': 'VALID'} cert_data_list = cert_client.list_certs(**search_params) for cert_data_info in cert_data_list: - print("Serial Number: " + cert_data_info.serial_number) - print("Subject DN: " + cert_data_info.subject_dn) - print("Status: " + cert_data_info.status) + print "Serial Number: " + cert_data_info.serial_number + print "Subject DN: " + cert_data_info.subject_dn + print "Status: " + cert_data_info.status print #Trying to get a non-existing cert #Assuming that there is no certificate with serial number = 100 try: cert_data = cert_client.get_cert(100) - print('Serial Number: ' + cert_data.serial_number) - print('Issuer: ' + cert_data.issuer_dn) - print('Subject: ' + cert_data.subject_dn) + print 'Serial Number: ' + cert_data.serial_number + print 'Issuer: ' + cert_data.issuer_dn + print 'Subject: ' + cert_data.subject_dn except pki.CertNotFoundException: - print("Certificate with ID 100 does not exist") + print "Certificate with ID 100 does not exist" print # Certificate Serial Number used for CertClient methods. @@ -1151,54 +1151,54 @@ def main(): # before. #Get certificate data - print('Getting information of a certificate') - print('------------------------------------') + print 'Getting information of a certificate' + print '------------------------------------' cert_data = cert_client.get_cert(cert_id) # Print the certificate information - print('Serial Number: ' + cert_data.serial_number) - print('Issuer: ' + cert_data.issuer_dn) - print('Subject: ' + cert_data.subject_dn) - print('Status: ' + cert_data.status) - print('Not Before: ' + cert_data.not_before) - print('Not After: ' + cert_data.not_after) - print('Encoded: ') - print(cert_data.encoded) - print("Pretty print format: ") - print(cert_data.pretty_repr) + print 'Serial Number: ' + cert_data.serial_number + print 'Issuer: ' + cert_data.issuer_dn + print 'Subject: ' + cert_data.subject_dn + print 'Status: ' + cert_data.status + print 'Not Before: ' + cert_data.not_before + print 'Not After: ' + cert_data.not_after + print 'Encoded: ' + print cert_data.encoded + print "Pretty print format: " + print cert_data.pretty_repr print # Review a certificate - used to get a nonce for revoke request. - print('Reviewing a certificate') - print('-----------------------') + print 'Reviewing a certificate' + print '-----------------------' cert_data = cert_client.review_cert(cert_id) - print('Serial Number: ' + cert_data.serial_number) - print('Issuer: ' + cert_data.issuer_dn) - print('Subject: ' + cert_data.subject_dn) - print('Status: ' + cert_data.status) - print('Nonce: ' + str(cert_data.nonce)) + print 'Serial Number: ' + cert_data.serial_number + print 'Issuer: ' + cert_data.issuer_dn + print 'Subject: ' + cert_data.subject_dn + print 'Status: ' + cert_data.status + print 'Nonce: ' + str(cert_data.nonce) print #Revoke a certificate - print('Revoking a certificate') - print('----------------------') + print 'Revoking a certificate' + print '----------------------' cert_request_info = cert_client.hold_cert(cert_data.serial_number, comments="Test revoking a cert") - print('Request ID: ' + cert_request_info.request_id) - print('Request Type: ' + cert_request_info.request_type) - print('Request Status: ' + cert_request_info.request_status) + print 'Request ID: ' + cert_request_info.request_id + print 'Request Type: ' + cert_request_info.request_type + print 'Request Status: ' + cert_request_info.request_status print #Un-revoke a certificate - print('Un-revoking a certificate') - print('-------------------------') + print 'Un-revoking a certificate' + print '-------------------------' cert_request_info = cert_client.unrevoke_cert(cert_data.serial_number) - print('Request ID: ' + cert_request_info.request_id) - print('Request Type: ' + cert_request_info.request_type) - print('Request Status: ' + cert_request_info.request_status) + print 'Request ID: ' + cert_request_info.request_id + print 'Request Type: ' + cert_request_info.request_type + print 'Request Status: ' + cert_request_info.request_status print diff --git a/base/common/python/pki/cli.py b/base/common/python/pki/cli.py index d44875fcb..2b6811314 100644 --- a/base/common/python/pki/cli.py +++ b/base/common/python/pki/cli.py @@ -124,7 +124,7 @@ class CLI(object): # Module doesn't have children. Keep looking. # If there's no more dashes, stop. - if i<0: + if i < 0: break position = i + 1 diff --git a/base/common/python/pki/encoder.py b/base/common/python/pki/encoder.py index 88a92f243..7b621f290 100644 --- a/base/common/python/pki/encoder.py +++ b/base/common/python/pki/encoder.py @@ -31,7 +31,7 @@ class CustomTypeEncoder(json.JSONEncoder): http://stackoverflow.com/questions/12949064/python-what-happens- when-instance-variable-name-is-same-as-method-name """ - # pylint: disable-msg=E0202 + # pylint: disable=E0202 def default(self, obj): for k, v in TYPES.items(): if isinstance(obj, v): @@ -44,7 +44,7 @@ class CustomTypeEncoder(json.JSONEncoder): def attr_name_conversion(attr_dict, object_class): if not hasattr(object_class, 'json_attribute_names'): return attr_dict - reverse_dict = {v: k for k,v in + reverse_dict = {v: k for k, v in object_class.json_attribute_names.iteritems()} new_dict = dict() for k, v in attr_dict.items(): diff --git a/base/common/python/pki/key.py b/base/common/python/pki/key.py index bcc56747e..3ff6e3dba 100644 --- a/base/common/python/pki/key.py +++ b/base/common/python/pki/key.py @@ -34,7 +34,7 @@ import pki.encoder as encoder #should be moved to request.py -#pylint: disable-msg=R0903 +#pylint: disable=R0903 class RequestId(object): """ Class representing a Request ID @@ -45,7 +45,7 @@ class RequestId(object): self.value = req_id -#pylint: disable-msg=R0903 +#pylint: disable=R0903 class KeyData(object): """ This is the object that contains the encoded wrapped secret @@ -57,7 +57,7 @@ class KeyData(object): 'nonceData': 'nonce_data', 'wrappedPrivateData': 'wrapped_private_data' } - # pylint: disable-msg=C0103 + # pylint: disable=C0103 def __init__(self): """ Constructor """ self.algorithm = None @@ -108,7 +108,7 @@ class KeyInfo(object): 'ownerName': 'owner_name', 'publicKey': 'public_key' } - # pylint: disable-msg=C0103 + # pylint: disable=C0103 def __init__(self): """ Constructor """ self.client_key_id = None @@ -140,7 +140,7 @@ class KeyInfo(object): return None -#pylint: disable-msg=R0903 +#pylint: disable=R0903 class KeyInfoCollection(object): """ This class represents data returned when searching the DRM archived @@ -176,7 +176,7 @@ class KeyRequestInfo(object): 'keyURL': 'key_url', 'requestStatus': 'request_status' } - # pylint: disable-msg=C0103 + # pylint: disable=C0103 def __init__(self): """ Constructor """ self.request_url = None @@ -212,7 +212,7 @@ class KeyRequestInfo(object): return None -#pylint: disable-msg=R0903 +#pylint: disable=R0903 class KeyRequestInfoCollection(object): """ This class represents the data returned when searching the key @@ -248,7 +248,7 @@ class KeyRequestResponse(object): which contains the wrapped secret (if that operation is supported). """ - # pylint: disable-msg=C0103 + # pylint: disable=C0103 def __init__(self): """ Constructor """ self.request_info = None @@ -705,14 +705,14 @@ class KeyClient(object): key_size=key_size) @pki.handle_exceptions() - def archive_encrypted_data(self, - client_key_id, - data_type, - encrypted_data, - wrapped_session_key, - algorithm_oid=None, - nonce_iv=None, - key_algorithm=None, + def archive_encrypted_data(self,\ + client_key_id,\ + data_type,\ + encrypted_data,\ + wrapped_session_key,\ + algorithm_oid=None,\ + nonce_iv=None,\ + key_algorithm=None,\ key_size=None): """ Archive a secret (symmetric key or passphrase) on the DRM. diff --git a/base/common/python/pki/profile.py b/base/common/python/pki/profile.py index 42efec1c6..050f854a4 100644 --- a/base/common/python/pki/profile.py +++ b/base/common/python/pki/profile.py @@ -1168,46 +1168,46 @@ def main(): #Fetching a list of profiles profile_data_infos = profile_client.list_profiles() - print('List of profiles:') - print('-----------------') + print 'List of profiles:' + print '-----------------' for profile_data_info in profile_data_infos: - print(' Profile ID: ' + profile_data_info.profile_id) - print(' Profile Name: ' + profile_data_info.profile_name) - print(' Profile Description: ' + profile_data_info.profile_description) + print ' Profile ID: ' + profile_data_info.profile_id + print ' Profile Name: ' + profile_data_info.profile_name + print ' Profile Description: ' + profile_data_info.profile_description print # Get a specific profile profile_data = profile_client.get_profile('caUserCert') - print('Profile Data for caUserCert:') - print('----------------------------') - print(' Profile ID: ' + profile_data.profile_id) - print(' Profile Name: ' + profile_data.name) - print(' Profile Description: ' + profile_data.description) - print(' Is profile enabled? ' + str(profile_data.enabled)) - print(' Is profile visible? ' + str(profile_data.visible)) + print 'Profile Data for caUserCert:' + print '----------------------------' + print ' Profile ID: ' + profile_data.profile_id + print ' Profile Name: ' + profile_data.name + print ' Profile Description: ' + profile_data.description + print ' Is profile enabled? ' + str(profile_data.enabled) + print ' Is profile visible? ' + str(profile_data.visible) print # Disabling a profile - print('Disabling a profile:') - print('--------------------') + print 'Disabling a profile:' + print '--------------------' profile_client.disable_profile('caUserCert') profile = profile_client.get_profile('caUserCert') - print(' Profile ID: ' + profile.profile_id) - print(' Is profile enabled? ' + str(profile.enabled)) + print ' Profile ID: ' + profile.profile_id + print ' Is profile enabled? ' + str(profile.enabled) print # Disabling a profile - print('Enabling a profile:') - print('-------------------') + print 'Enabling a profile:' + print '-------------------' profile_client.enable_profile('caUserCert') profile = profile_client.get_profile('caUserCert') - print(' Profile ID: ' + profile_data.profile_id) - print(' Is profile enabled? ' + str(profile.enabled)) + print ' Profile ID: ' + profile_data.profile_id + print ' Is profile enabled? ' + str(profile.enabled) print #profile_client.delete_profile('MySampleProfile') # Create a new sample profile - print('Creating a new profile:') - print('-----------------------') + print 'Creating a new profile:' + print '-----------------------' profile_data = Profile(name="My Sample User Cert Enrollment", profile_id="MySampleProfile", @@ -1323,12 +1323,12 @@ def main(): sort_keys=True, indent=4)) # Create a new profile created_profile = profile_client.create_profile(profile_data) - print(created_profile) + print created_profile print # Test creating a new profile with a duplicate profile id - print ("Create a profile with duplicate profile id.") - print ("-------------------------------------------") + print "Create a profile with duplicate profile id." + print "-------------------------------------------" try: profile_data = Profile(name="My Sample User Cert Enrollment", @@ -1351,14 +1351,14 @@ def main(): profile_data.add_input(profile_input) profile_client.create_profile(profile_data) - # pylint: disable-msg=W0703 + # pylint: disable=W0703 except pki.BadRequestException as e: print 'MySampleProfile ' + str(e) print # Modify the above created profile - print('Modifying the profile MySampleProfile.') - print('-----------------------------------') + print 'Modifying the profile MySampleProfile.' + print '-----------------------------------' fetch = profile_client.get_profile('MySampleProfile') profile_input2 = ProfileInput("i2", "keyGenInputImpl") @@ -1373,40 +1373,40 @@ def main(): output_file.write(json.dumps(fetch, cls=encoder.CustomTypeEncoder, sort_keys=True, indent=4)) - print(modified_profile) + print modified_profile print # Delete a profile - print ("Deleting the profile MySampleProfile.") - print ("----------------------------------") + print "Deleting the profile MySampleProfile." + print "----------------------------------" profile_client.delete_profile('MySampleProfile') - print ("Deleted profile MySampleProfile.") + print "Deleted profile MySampleProfile." print # Testing deletion of a profile - print('Test profile deletion.') - print('----------------------') + print 'Test profile deletion.' + print '----------------------' try: profile_client.get_profile('MySampleProfile') - # pylint: disable-msg=W0703 + # pylint: disable=W0703 except pki.ProfileNotFoundException as e: print str(e) print # Creating a profile from file - print('Creating a profile using file input.') - print('------------------------------------') + print 'Creating a profile using file input.' + print '------------------------------------' original = profile_client.create_profile_from_file( file_path + 'original.json') - print(original) + print original print # Modifying a profile from file - print('Modifying a profile using file input.') - print('------------------------------------') + print 'Modifying a profile using file input.' + print '------------------------------------' modified = profile_client.modify_profile_from_file( file_path + 'modified.json') - print(modified) + print modified print # Test clean up diff --git a/base/common/python/pki/upgrade.py b/base/common/python/pki/upgrade.py index 9ff89fa92..5534069c1 100644 --- a/base/common/python/pki/upgrade.py +++ b/base/common/python/pki/upgrade.py @@ -622,7 +622,7 @@ class PKIUpgrader(object): except pki.PKIException: raise - except Exception as e: # pylint: disable-msg=W0703 + except Exception as e: # pylint: disable=W0703 print @@ -689,7 +689,7 @@ class PKIUpgrader(object): except pki.PKIException: raise - except Exception as e: # pylint: disable-msg=W0703 + except Exception as e: # pylint: disable=W0703 print diff --git a/base/common/sbin/pki-upgrade b/base/common/sbin/pki-upgrade index a985f76f3..0fbfde3d6 100755 --- a/base/common/sbin/pki-upgrade +++ b/base/common/sbin/pki-upgrade @@ -26,7 +26,7 @@ import sys import pki import pki.upgrade -# pylint: disable-msg=W0613 +# pylint: disable=W0613 def interrupt_handler(event, frame): print print @@ -135,9 +135,9 @@ def main(argv): try: upgrader = pki.upgrade.PKIUpgrader( - version = scriptlet_version, - index = scriptlet_index, - silent = silent) + version=scriptlet_version, + index=scriptlet_index, + silent=silent) if status: upgrader.status() diff --git a/base/server/python/pki/server/__init__.py b/base/server/python/pki/server/__init__.py index 3c471071f..063acd738 100644 --- a/base/server/python/pki/server/__init__.py +++ b/base/server/python/pki/server/__init__.py @@ -29,8 +29,8 @@ import subprocess import pki INSTANCE_BASE_DIR = '/var/lib/pki' -REGISTRY_DIR = '/etc/sysconfig/pki' -SUBSYSTEM_TYPES = ['ca', 'kra', 'ocsp', 'tks', 'tps'] +REGISTRY_DIR = '/etc/sysconfig/pki' +SUBSYSTEM_TYPES = ['ca', 'kra', 'ocsp', 'tks', 'tps'] class PKISubsystem(object): diff --git a/base/server/python/pki/server/deployment/pkihelper.py b/base/server/python/pki/server/deployment/pkihelper.py index 02a2c9e32..ec0f0a2d4 100644 --- a/base/server/python/pki/server/deployment/pkihelper.py +++ b/base/server/python/pki/server/deployment/pkihelper.py @@ -925,13 +925,13 @@ class Instance: # present within the PKI 'tomcat' registry directory for instance in os.listdir( self.mdict['pki_instance_type_registry_path']): - if os.path.isdir( - os.path.join( - self.mdict['pki_instance_type_registry_path'], + if os.path.isdir(\ + os.path.join(\ + self.mdict['pki_instance_type_registry_path'],\ instance)) and not\ - os.path.islink( - os.path.join( - self.mdict['pki_instance_type_registry_path'], + os.path.islink(\ + os.path.join(\ + self.mdict['pki_instance_type_registry_path'],\ instance)): rv += 1 config.pki_log.debug(log.PKIHELPER_TOMCAT_INSTANCES_2, @@ -987,7 +987,7 @@ class Instance: # catching all exceptions because we do not want to break if underlying # requests or urllib3 use a different exception. # If the connection fails, we will time out in any case - # pylint: disable-msg=W0703 + # pylint: disable=W0703 try: client = pki.system.SystemStatusClient(connection) response = client.get_status() @@ -1739,7 +1739,7 @@ class File: extra=config.PKI_INDENTATION_LEVEL_2) open(name, "w").close() with open(name, "w") as FILE: - noise = ''.join(random.choice(string.ascii_letters + + noise = ''.join(random.choice(string.ascii_letters +\ string.digits) for x in range(random_bytes)) FILE.write(noise) # chmod <perms> <name> @@ -2656,7 +2656,7 @@ class KRAConnector: # get a list of all the CA's in the security domain # noinspection PyBroadException - # pylint: disable-msg=W0703 + # pylint: disable=W0703 sechost = cs_cfg.get('securitydomain.host') secport = cs_cfg.get('securitydomain.httpsadminport') try: @@ -2676,7 +2676,7 @@ class KRAConnector: # the auth is not successful or servers are down. In the # worst case, we will time out anyways. # noinspection PyBroadException - # pylint: disable-msg=W0703 + # pylint: disable=W0703 try: self.execute_using_sslget( ca_port, ca_host, subsystemnick, @@ -3675,8 +3675,8 @@ class ConfigClient: with open(self.mdict['pki_external_admin_csr_path'], "w") as f: f.write("-----BEGIN CERTIFICATE REQUEST-----\n") admin_certreq = None - with open(os.path.join( - self.mdict['pki_client_database_dir'], + with open(os.path.join(\ + self.mdict['pki_client_database_dir'],\ "admin_pkcs10.bin.asc"), "r") as f: admin_certreq = f.read() with open(self.mdict['pki_external_admin_csr_path'], "a") as f: diff --git a/base/server/python/pki/server/deployment/pkiparser.py b/base/server/python/pki/server/deployment/pkiparser.py index 92d3e66ba..1e3912084 100644 --- a/base/server/python/pki/server/deployment/pkiparser.py +++ b/base/server/python/pki/server/deployment/pkiparser.py @@ -619,7 +619,7 @@ class PKIConfigParser: # and add this to the "sensitive" key value pairs read in from # the configuration file self.mdict['pki_one_time_pin'] = \ - ''.join(random.choice(string.ascii_letters + string.digits) + ''.join(random.choice(string.ascii_letters + string.digits)\ for x in range(20)) if self.mdict['pki_subsystem'] in\ config.PKI_TOMCAT_SUBSYSTEMS: @@ -1118,8 +1118,8 @@ class PKIConfigParser: # Stand-alone PKI self.mdict['pki_security_domain_type'] = "new" self.mdict['pki_issuing_ca'] = "External CA" - elif (config.pki_subsystem != "CA" or - config.str2bool(self.mdict['pki_clone']) or + elif (config.pki_subsystem != "CA" or\ + config.str2bool(self.mdict['pki_clone']) or\ config.str2bool(self.mdict['pki_subordinate'])): # PKI KRA, PKI OCSP, PKI RA, PKI TKS, PKI TPS, # CA Clone, KRA Clone, OCSP Clone, TKS Clone, TPS Clone diff --git a/base/server/python/pki/server/deployment/pkiscriptlet.py b/base/server/python/pki/server/deployment/pkiscriptlet.py index 2bf4d0750..c446c18f8 100644 --- a/base/server/python/pki/server/deployment/pkiscriptlet.py +++ b/base/server/python/pki/server/deployment/pkiscriptlet.py @@ -27,14 +27,14 @@ import abc class AbstractBasePkiScriptlet(object): __metaclass__ = abc.ABCMeta - # pylint: disable-msg=W0613 + # pylint: disable=W0613 @abc.abstractmethod def spawn(self, deployer): """Retrieve data from the specified PKI dictionary and use it to install a new PKI instance.""" return - # pylint: disable-msg=W0613 + # pylint: disable=W0613 @abc.abstractmethod def destroy(self, deployer): """Retrieve data from the specified PKI dictionary and diff --git a/base/server/python/pki/server/deployment/scriptlets/initialization.py b/base/server/python/pki/server/deployment/scriptlets/initialization.py index 632e21d8e..48b120c46 100644 --- a/base/server/python/pki/server/deployment/scriptlets/initialization.py +++ b/base/server/python/pki/server/deployment/scriptlets/initialization.py @@ -49,7 +49,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): else: config.pki_log.info(log.INITIALIZATION_SPAWN_1, __name__, extra=config.PKI_INDENTATION_LEVEL_1) - if (deployer.mdict['pki_subsystem'] == "CA" or + if (deployer.mdict['pki_subsystem'] == "CA" or\ config.str2bool(deployer.mdict['pki_standalone'])) and\ config.str2bool(deployer.mdict['pki_external_step_two']): # verify that this External CA (Step 2), or Stand-alone PKI diff --git a/base/server/sbin/pki-server-upgrade b/base/server/sbin/pki-server-upgrade index 212fc2675..d149bc045 100755 --- a/base/server/sbin/pki-server-upgrade +++ b/base/server/sbin/pki-server-upgrade @@ -28,7 +28,7 @@ import pki.upgrade import pki.server.upgrade -# pylint: disable-msg=W0613 +# pylint: disable=W0613 def interrupt_handler(event, frame): print print diff --git a/base/server/sbin/pkidestroy b/base/server/sbin/pkidestroy index f0fa27a00..dbd658a20 100755 --- a/base/server/sbin/pkidestroy +++ b/base/server/sbin/pkidestroy @@ -50,7 +50,7 @@ error was: #Handle the Keyboard Interrupt -# pylint: disable-msg=W0613 +# pylint: disable=W0613 def interrupt_handler(event, frame): print print '\nUninstallation canceled.' diff --git a/base/server/sbin/pkispawn b/base/server/sbin/pkispawn index 04eec6ab9..45789fe87 100755 --- a/base/server/sbin/pkispawn +++ b/base/server/sbin/pkispawn @@ -53,7 +53,7 @@ error was: # Handle the Keyboard Interrupt -# pylint: disable-msg=W0613 +# pylint: disable=W0613 def interrupt_handler(event, frame): print print '\nInstallation canceled.' @@ -505,7 +505,7 @@ def main(argv): instance = scriptlet.PkiScriptlet() try: rv = instance.spawn(deployer) - # pylint: disable-msg=W0703 + # pylint: disable=W0703 except Exception: log_error_details() print @@ -546,9 +546,9 @@ def print_install_information(mdict): % mdict['pki_client_database_dir'] print log.PKI_CHECK_STATUS_MESSAGE % mdict['pki_instance_name'] print log.PKI_INSTANCE_RESTART_MESSAGE % mdict['pki_instance_name'] - if (((config.pki_subsystem == "KRA" or - config.pki_subsystem == "OCSP") and - config.str2bool(mdict['pki_standalone'])) and + if (((config.pki_subsystem == "KRA" or\ + config.pki_subsystem == "OCSP") and\ + config.str2bool(mdict['pki_standalone'])) and\ not config.str2bool(mdict['pki_external_step_two'])): # Stand-alone PKI KRA/OCSP (External CA Step 1) print log.PKI_CONFIGURATION_STANDALONE_1 % config.pki_subsystem diff --git a/dogtag.pylintrc b/dogtag.pylintrc index 511a2a07e..495b25c47 100644 --- a/dogtag.pylintrc +++ b/dogtag.pylintrc @@ -37,7 +37,10 @@ load-plugins= # String statement has no effect Used when a string is used as a statement (which of course has no effect). This is a particular case of W0104 with its own message so you can easily disable it if you’re # using those strings as documentation, instead of comments. # W0511 (fixme): Used when a warning note as FIXME or XXX is detected. # W0142: Used when a function or method is called using *args or **kwargs to dispatch arguments. This doesn't improve readability and should be used with care. -disable=W0511,W0105,W0142 +# +# C and R messages are disabled by default. To clean up the code, enable C and +# R messages temporarily. +disable=W0511,W0105,W0142,C,R [REPORTS] @@ -47,12 +50,6 @@ disable=W0511,W0105,W0142 # mypackage.mymodule.MyReporterClass. output-format=text -# Include message's id in output -include-ids=yes - -# Include symbolic ids of messages in output -symbols=no - # Put messages in a separate file for each module / package specified on the # command line instead of printing them on stdout. Reports (if any) will be # written in a file name "pylint_global.[txt|html]". diff --git a/pylint-build-scan.sh b/pylint-build-scan.sh index a4bff6bfc..cbaf972f0 100755 --- a/pylint-build-scan.sh +++ b/pylint-build-scan.sh @@ -15,43 +15,16 @@ PYLINT_RC_FILE_PATH="`cd $2/.. ; pwd`/dogtag.pylintrc" PYTHON_PACKAGE_DIR="$HOME_DIR`python -c "from distutils.sysconfig import get_python_lib; print(get_python_lib())"`" -PYLINT_REPORT_PATH="`cd $HOME_DIR/../.. ; pwd`/pylint-report" - cd $PYTHON_PACKAGE_DIR FILES="pki/" +FILES="$FILES $HOME_DIR/usr/bin/pki" FILES="$FILES $HOME_DIR/usr/sbin/pkispawn" FILES="$FILES $HOME_DIR/usr/sbin/pkidestroy" FILES="$FILES $HOME_DIR/usr/sbin/pki-upgrade" FILES="$FILES $HOME_DIR/usr/sbin/pki-server" FILES="$FILES $HOME_DIR/usr/sbin/pki-server-upgrade" -rv=`pylint --rcfile=$PYLINT_RC_FILE_PATH $FILES >> $PYLINT_REPORT_PATH` - -status=$? - -#Excerpt from pylint man page -#OUTPUT STATUS CODE -# Pylint should leave with following status code: -# * 0 if everything went fine -# * 1 if a fatal message was issued -# * 2 if an error message was issued -# * 4 if a warning message was issued -# * 8 if a refactor message was issued -# * 16 if a convention message was issued -# * 32 on usage error -# -# status 1 to 16 will be bit-ORed so you can know which different categories has been issued by analysing pylint output status code - -result=0 -if [ $(($status&1)) -eq 1 ] || [ $(($status&2)) -eq 2 ] || [ $(($status&4)) -eq 4 ] -then - echo -e "\n===============================================================================\n" - echo -e " Pylint has reported errors or warnings in the python code.\n" - echo -e " The report generated can be viewed at $PYLINT_REPORT_PATH.\n" - echo -e " If the issues shown are false positives, re-build pki-core after marking them" - echo -e " ignored in the configuration file dogtag.pylintrc, in the source code. \n" - echo -e "===============================================================================\n" - result=1 -fi -exit $result +pylint --rcfile=$PYLINT_RC_FILE_PATH $FILES + +exit $? diff --git a/specs/pki-core.spec b/specs/pki-core.spec index 8df878cd4..a9d9db6d2 100644 --- a/specs/pki-core.spec +++ b/specs/pki-core.spec @@ -628,10 +628,10 @@ ln -s %{_javadir}/pki/pki-tps.jar %{buildroot}%{_datadir}/pki/tps/webapps/tps/WE %if %{with server} %if ! 0%{?rhel} -# Scanning the python code with pylint. A return value of 0 represents there are no -# errors or warnings reported by pylint. +# Scanning the python code with pylint. sh ../pylint-build-scan.sh %{buildroot} `pwd` -if [ $? -eq 1 ]; then +if [ $? -ne 0 ]; then + echo "pylint failed. RC: $?" exit 1 fi %endif |