diff options
Diffstat (limited to 'ipalib')
| -rw-r--r-- | ipalib/backend.py | 6 | ||||
| -rw-r--r-- | ipalib/certstore.py | 4 | ||||
| -rw-r--r-- | ipalib/cli.py | 8 | ||||
| -rw-r--r-- | ipalib/frontend.py | 4 | ||||
| -rw-r--r-- | ipalib/krb_utils.py | 18 | ||||
| -rw-r--r-- | ipalib/parameters.py | 14 | ||||
| -rw-r--r-- | ipalib/plugable.py | 8 | ||||
| -rw-r--r-- | ipalib/plugins/aci.py | 10 | ||||
| -rw-r--r-- | ipalib/plugins/automount.py | 8 | ||||
| -rw-r--r-- | ipalib/plugins/baseldap.py | 24 | ||||
| -rw-r--r-- | ipalib/plugins/batch.py | 2 | ||||
| -rw-r--r-- | ipalib/plugins/cert.py | 12 | ||||
| -rw-r--r-- | ipalib/plugins/dns.py | 16 | ||||
| -rw-r--r-- | ipalib/plugins/group.py | 4 | ||||
| -rw-r--r-- | ipalib/plugins/host.py | 6 | ||||
| -rw-r--r-- | ipalib/plugins/migration.py | 18 | ||||
| -rw-r--r-- | ipalib/plugins/otptoken.py | 2 | ||||
| -rw-r--r-- | ipalib/plugins/permission.py | 4 | ||||
| -rw-r--r-- | ipalib/plugins/pwpolicy.py | 2 | ||||
| -rw-r--r-- | ipalib/plugins/radiusproxy.py | 2 | ||||
| -rw-r--r-- | ipalib/plugins/realmdomains.py | 2 | ||||
| -rw-r--r-- | ipalib/plugins/service.py | 2 | ||||
| -rw-r--r-- | ipalib/plugins/trust.py | 8 | ||||
| -rw-r--r-- | ipalib/plugins/user.py | 6 | ||||
| -rw-r--r-- | ipalib/plugins/vault.py | 2 | ||||
| -rw-r--r-- | ipalib/rpc.py | 50 | ||||
| -rw-r--r-- | ipalib/session.py | 6 | ||||
| -rw-r--r-- | ipalib/util.py | 14 | ||||
| -rw-r--r-- | ipalib/x509.py | 6 |
29 files changed, 134 insertions, 134 deletions
diff --git a/ipalib/backend.py b/ipalib/backend.py index d510bc733..240fae4b3 100644 --- a/ipalib/backend.py +++ b/ipalib/backend.py @@ -127,14 +127,14 @@ class Executioner(Backend): if _name not in self.Command: raise CommandError(name=_name) result = self.Command[_name](*args, **options) - except PublicError, e: + except PublicError as e: error = e - except StandardError, e: + except StandardError as e: self.exception( 'non-public: %s: %s', e.__class__.__name__, str(e) ) error = InternalError() - except Exception, e: + except Exception as e: self.exception( 'unhandled exception: %s: %s', e.__class__.__name__, str(e) ) diff --git a/ipalib/certstore.py b/ipalib/certstore.py index 3a5555c95..533a77f91 100644 --- a/ipalib/certstore.py +++ b/ipalib/certstore.py @@ -36,7 +36,7 @@ def _parse_cert(dercert): issuer = x509.get_issuer(dercert, x509.DER) serial_number = x509.get_serial_number(dercert, x509.DER) public_key_info = x509.get_der_public_key_info(dercert, x509.DER) - except (NSPRError, PyAsn1Error), e: + except (NSPRError, PyAsn1Error) as e: raise ValueError("failed to decode certificate: %s" % e) subject = str(subject).replace('\\;', '\\3b') @@ -55,7 +55,7 @@ def init_ca_entry(entry, dercert, nickname, trusted, ext_key_usage): if ext_key_usage is not None: try: cert_eku = x509.get_ext_key_usage(dercert, x509.DER) - except NSPRError, e: + except NSPRError as e: raise ValueError("failed to decode certificate: %s" % e) if cert_eku is not None: cert_eku -= {x509.EKU_SERVER_AUTH, x509.EKU_CLIENT_AUTH, diff --git a/ipalib/cli.py b/ipalib/cli.py index 4104e6482..52904eada 100644 --- a/ipalib/cli.py +++ b/ipalib/cli.py @@ -1283,7 +1283,7 @@ class cli(backend.Executioner): f = open(fname, 'r') raw = f.read() f.close() - except IOError, e: + except IOError as e: raise ValidationError( name=to_cli(p.cli_name), error='%s: %s:' % (fname, e[1]) @@ -1291,7 +1291,7 @@ class cli(backend.Executioner): elif p.stdin_if_missing: try: raw = sys.stdin.read() - except IOError, e: + except IOError as e: raise ValidationError( name=to_cli(p.cli_name), error=e[1] ) @@ -1341,9 +1341,9 @@ def run(api): except KeyboardInterrupt: print '' api.log.info('operation aborted') - except PublicError, e: + except PublicError as e: error = e - except StandardError, e: + except StandardError as e: api.log.exception('%s: %s', e.__class__.__name__, str(e)) error = InternalError() if error is not None: diff --git a/ipalib/frontend.py b/ipalib/frontend.py index 2ca3aaea8..1fe7ff0f0 100644 --- a/ipalib/frontend.py +++ b/ipalib/frontend.py @@ -463,7 +463,7 @@ class Command(HasParam): try: value = values.get(p.name) values[p.name] = p(value, **values) - except InvocationError, e: + except InvocationError as e: errors[p.name] = str(e) return dict( values=values, @@ -591,7 +591,7 @@ class Command(HasParam): try: return param(raw, **kw) - except (ValidationError, ConversionError), e: + except (ValidationError, ConversionError) as e: # Display error and prompt again self.Backend.textui.print_prompt_attribute_error(unicode(label), unicode(e.error)) diff --git a/ipalib/krb_utils.py b/ipalib/krb_utils.py index 9a557ce5c..19cd0ad79 100644 --- a/ipalib/krb_utils.py +++ b/ipalib/krb_utils.py @@ -166,7 +166,7 @@ class KRB5_CCache(object): self.scheme, self.name = krb5_parse_ccache(ccache) self.ccache = krbV.CCache(name=str(ccache), context=self.context) self.principal = self.ccache.principal() - except krbV.Krb5Error, e: + except krbV.Krb5Error as e: error_code = e.args[0] message = e.args[1] if error_code == KRB5_FCC_NOFILE: @@ -212,7 +212,7 @@ class KRB5_CCache(object): else: try: krbV_principal = krbV.Principal(str(principal), self.context) - except Exception, e: + except Exception as e: self.error('could not create krbV principal from "%s", %s', principal, e) raise e @@ -227,13 +227,13 @@ class KRB5_CCache(object): None) # adlist try: cred = self.ccache.get_credentials(creds_tuple, KRB5_GC_CACHED) - except krbV.Krb5Error, e: + except krbV.Krb5Error as e: error_code = e.args[0] if error_code == KRB5_CC_NOTFOUND: raise KeyError('"%s" credential not found in "%s" ccache' % \ (krbV_principal.name, self.ccache_str())) raise e - except Exception, e: + except Exception as e: raise e return cred @@ -273,7 +273,7 @@ class KRB5_CCache(object): else: try: krbV_principal = krbV.Principal(str(principal), self.context) - except Exception, e: + except Exception as e: self.error('could not create krbV principal from "%s", %s', principal, e) raise e @@ -288,9 +288,9 @@ class KRB5_CCache(object): return authtime, starttime, endtime, renew_till - except KeyError, e: + except KeyError as e: raise e - except Exception, e: + except Exception as e: self.error('get_credential_times failed, principal="%s" error="%s"', krbV_principal.name, e) raise e @@ -314,9 +314,9 @@ class KRB5_CCache(object): try: authtime, starttime, endtime, renew_till = self.get_credential_times(principal) - except KeyError, e: + except KeyError as e: return False - except Exception, e: + except Exception as e: self.error('credential_is_valid failed, principal="%s" error="%s"', principal, e) raise e diff --git a/ipalib/parameters.py b/ipalib/parameters.py index 6cc6f8c92..7b27b70c2 100644 --- a/ipalib/parameters.py +++ b/ipalib/parameters.py @@ -1134,7 +1134,7 @@ class Decimal(Number): if isinstance(value, (basestring, float)): try: value = decimal.Decimal(value) - except Exception, e: + except Exception as e: raise ValueError( '%s: cannot parse kwarg %s: %s' % ( name, kwparam, str(e))) @@ -1189,7 +1189,7 @@ class Decimal(Number): quantize_exp = decimal.Decimal(10) ** -self.precision try: value = value.quantize(quantize_exp) - except decimal.DecimalException, e: + except decimal.DecimalException as e: raise ConversionError(name=self.get_param_name(), error=unicode(e)) return value @@ -1203,7 +1203,7 @@ class Decimal(Number): value = value.quantize(decimal.Decimal(1)) \ if value == value.to_integral() \ else value.normalize() - except decimal.DecimalException, e: + except decimal.DecimalException as e: raise ConversionError(name=self.get_param_name(), error=unicode(e)) @@ -1224,7 +1224,7 @@ class Decimal(Number): if isinstance(value, (basestring, float)): try: value = decimal.Decimal(value) - except decimal.DecimalException, e: + except decimal.DecimalException as e: raise ConversionError(name=self.get_param_name(), index=index, error=unicode(e)) @@ -1363,7 +1363,7 @@ class Bytes(Data): if isinstance(value, unicode): try: value = base64.b64decode(value) - except TypeError, e: + except TypeError as e: raise Base64DecodeError(reason=str(e)) return super(Bytes, self)._convert_scalar(value, index) @@ -1826,7 +1826,7 @@ class AccessTime(Str): def _rule_required(self, _, value): try: self._check(value) - except ValueError, e: + except ValueError as e: raise ValidationError(name=self.get_param_name(), error=e.args[0]) except IndexError: raise ValidationError( @@ -1847,7 +1847,7 @@ class DNParam(Param): try: dn = DN(value) - except Exception, e: + except Exception as e: raise ConversionError(name=self.get_param_name(), index=index, error=ugettext(e)) return dn diff --git a/ipalib/plugable.py b/ipalib/plugable.py index 45b346376..8b82b60f8 100644 --- a/ipalib/plugable.py +++ b/ipalib/plugable.py @@ -429,7 +429,7 @@ class API(ReadOnly): filename=self.env.log, level=level, format=LOGGING_FORMAT_FILE)]) - except IOError, e: + except IOError as e: log.error('Cannot open log file %r: %s', self.env.log, e) return @@ -541,7 +541,7 @@ class API(ReadOnly): subpackage = module[:-2] try: plugins = importlib.import_module(subpackage) - except ImportError, e: + except ImportError as e: self.log.error("cannot import plugins sub-package %s: %s", subpackage, e) raise @@ -565,9 +565,9 @@ class API(ReadOnly): self.log.debug("importing plugin module %s", name) try: module = importlib.import_module(name) - except errors.SkipPluginModule, e: + except errors.SkipPluginModule as e: self.log.debug("skipping plugin module %s: %s", name, e.reason) - except StandardError, e: + except StandardError as e: if self.env.startup_traceback: import traceback self.log.error("could not load plugin module %s\n%s", name, diff --git a/ipalib/plugins/aci.py b/ipalib/plugins/aci.py index 158909837..0ff28b84e 100644 --- a/ipalib/plugins/aci.py +++ b/ipalib/plugins/aci.py @@ -244,7 +244,7 @@ def _make_aci(ldap, current, aciname, kw): # This will raise NotFound if the permission doesn't exist try: entry_attrs = api.Command['permission_show'](kw['permission'])['result'] - except errors.NotFound, e: + except errors.NotFound as e: if 'test' in kw and not kw.get('test'): raise e else: @@ -304,7 +304,7 @@ def _make_aci(ldap, current, aciname, kw): if not target.startswith('ldap:///'): target = 'ldap:///%s' % target a.set_target(target) - except SyntaxError, e: + except SyntaxError as e: raise errors.ValidationError(name='target', error=_('Syntax Error: %(error)s') % dict(error=str(e))) return a @@ -370,7 +370,7 @@ def _aci_to_kw(ldap, a, test=False, pkey_only=False): entry = ldap.make_entry(dn) try: entry = ldap.get_entry(groupdn, ['cn']) - except errors.NotFound, e: + except errors.NotFound as e: # FIXME, use real name here if test: dn = DN(('cn', 'test'), api.env.container_permission, @@ -389,7 +389,7 @@ def _convert_strings_to_acis(acistrs): for a in acistrs: try: acis.append(ACI(a)) - except SyntaxError, e: + except SyntaxError as e: root_logger.warning("Failed to parse: %s" % a) return acis @@ -651,7 +651,7 @@ class aci_mod(crud.Update): try: result = self.api.Command['aci_add'](aciname, **newkw)['result'] - except Exception, e: + except Exception as e: # ACI could not be added, try to restore the old deleted ACI and # report the ADD error back to user try: diff --git a/ipalib/plugins/automount.py b/ipalib/plugins/automount.py index 0a5c121ca..304bed71f 100644 --- a/ipalib/plugins/automount.py +++ b/ipalib/plugins/automount.py @@ -407,7 +407,7 @@ class automountlocation_import(LDAPQuery): fp = open(filename, 'r') map = fp.readlines() fp.close() - except IOError, e: + except IOError as e: if e.errno == 2: raise errors.NotFound( reason=_('File %(file)s not found') % {'file': filename} @@ -453,7 +453,7 @@ class automountlocation_import(LDAPQuery): automountkey=unicode(am[0]), automountinformation=unicode(' '.join(am[1:]))) result['keys'].append([am[0], u'auto.master']) - except errors.DuplicateEntry, e: + except errors.DuplicateEntry as e: if unicode(am[0]) in DEFAULT_KEYS: # ignore conflict when the key was pre-created by the framework pass @@ -469,7 +469,7 @@ class automountlocation_import(LDAPQuery): try: api.Command['automountmap_add'](args[0], unicode(am[1])) result['maps'].append(am[1]) - except errors.DuplicateEntry, e: + except errors.DuplicateEntry as e: if unicode(am[1]) in DEFAULT_MAPS: # ignore conflict when the map was pre-created by the framework pass @@ -515,7 +515,7 @@ class automountlocation_import(LDAPQuery): automountkey=key, automountinformation=unicode(' '.join(am[1:]))) result['keys'].append([key,m]) - except errors.DuplicateEntry, e: + except errors.DuplicateEntry as e: if options.get('continue', False): result['duplicatekeys'].append(am[0]) pass diff --git a/ipalib/plugins/baseldap.py b/ipalib/plugins/baseldap.py index 36a5d5f49..0fdc63eee 100644 --- a/ipalib/plugins/baseldap.py +++ b/ipalib/plugins/baseldap.py @@ -311,7 +311,7 @@ def wait_for_value(ldap, dn, attr, value): def validate_externalhost(ugettext, hostname): try: validate_hostname(hostname, check_fqdn=False, allow_underscore=True) - except ValueError, e: + except ValueError as e: return unicode(e) @@ -1099,9 +1099,9 @@ last, after all sets and adds."""), # validate, convert and encode params try: value = param(value) - except errors.ValidationError, err: + except errors.ValidationError as err: raise errors.ValidationError(name=attr, error=err.error) - except errors.ConversionError, err: + except errors.ConversionError as err: raise errors.ConversionError(name=attr, error=err.error) if isinstance(value, tuple): value = list(value) @@ -1143,7 +1143,7 @@ last, after all sets and adds."""), while True: try: return func(*call_args, **call_kwargs) - except errors.ExecutionError, e: + except errors.ExecutionError as e: if not callbacks: raise # call exc_callback in the next loop @@ -1507,7 +1507,7 @@ class LDAPUpdate(LDAPQuery, crud.Update): update.update(entry_attrs) self._exc_wrapper(keys, options, ldap.update_entry)(update) - except errors.EmptyModlist, e: + except errors.EmptyModlist as e: if not rdnupdate: raise e except errors.NotFound: @@ -1684,7 +1684,7 @@ class LDAPModMember(LDAPQuery): ldap_obj = self.api.Object[ldap_obj_name] try: dns[attr][ldap_obj_name].append(ldap_obj.get_dn(name)) - except errors.PublicError, e: + except errors.PublicError as e: failed[attr][ldap_obj_name].append((name, unicode(e))) return (dns, failed) @@ -1732,7 +1732,7 @@ class LDAPAddMember(LDAPModMember): continue try: ldap.add_entry_to_group(m_dn, dn, attr, allow_same=self.allow_same) - except errors.PublicError, e: + except errors.PublicError as e: ldap_obj = self.api.Object[ldap_obj_name] failed[attr][ldap_obj_name].append(( ldap_obj.get_primary_key_from_dn(m_dn), @@ -1833,7 +1833,7 @@ class LDAPRemoveMember(LDAPModMember): continue try: ldap.remove_entry_from_group(m_dn, dn, attr) - except errors.PublicError, e: + except errors.PublicError as e: ldap_obj = self.api.Object[ldap_obj_name] failed[attr][ldap_obj_name].append(( ldap_obj.get_primary_key_from_dn(m_dn), @@ -2193,12 +2193,12 @@ class LDAPAddReverseMember(LDAPModReverseMember): completed = completed + 1 else: failed['member'][self.reverse_attr].append((attr, result['failed']['member'][self.member_attr][0][1])) - except errors.NotFound, e: + except errors.NotFound as e: msg = str(e) (attr, msg) = msg.split(':', 1) failed['member'][self.reverse_attr].append((attr, unicode(msg.strip()))) - except errors.PublicError, e: + except errors.PublicError as e: failed['member'][self.reverse_attr].append((attr, unicode(msg))) # Update the member data. @@ -2294,12 +2294,12 @@ class LDAPRemoveReverseMember(LDAPModReverseMember): completed = completed + 1 else: failed['member'][self.reverse_attr].append((attr, result['failed']['member'][self.member_attr][0][1])) - except errors.NotFound, e: + except errors.NotFound as e: msg = str(e) (attr, msg) = msg.split(':', 1) failed['member'][self.reverse_attr].append((attr, unicode(msg.strip()))) - except errors.PublicError, e: + except errors.PublicError as e: failed['member'][self.reverse_attr].append((attr, unicode(msg))) # Update the member data. diff --git a/ipalib/plugins/batch.py b/ipalib/plugins/batch.py index 2002eef88..9b9ab6544 100644 --- a/ipalib/plugins/batch.py +++ b/ipalib/plugins/batch.py @@ -106,7 +106,7 @@ class batch(Command): '%s: batch: %s(%s): SUCCESS', context.principal, name, ', '.join(api.Command[name]._repr_iter(**params)) ) result['error']=None - except Exception, e: + except Exception as e: if isinstance(e, errors.RequirementError) or \ isinstance(e, errors.CommandError): self.info( diff --git a/ipalib/plugins/cert.py b/ipalib/plugins/cert.py index 610f21493..c0b459d38 100644 --- a/ipalib/plugins/cert.py +++ b/ipalib/plugins/cert.py @@ -134,7 +134,7 @@ def validate_pkidate(ugettext, value): """ try: ts = time.strptime(value, '%Y-%m-%d') - except ValueError, e: + except ValueError as e: return str(e) return None @@ -151,9 +151,9 @@ def validate_csr(ugettext, csr): return try: request = pkcs10.load_certificate_request(csr) - except TypeError, e: + except TypeError as e: raise errors.Base64DecodeError(reason=str(e)) - except Exception, e: + except Exception as e: raise errors.CertificateOperationError(error=_('Failure decoding Certificate Signing Request: %s') % e) def normalize_csr(csr): @@ -365,7 +365,7 @@ class cert_request(VirtualCommand): subject = pkcs10.get_subject(csr) extensions = pkcs10.get_extensions(csr) subjectaltname = pkcs10.get_subjectaltname(csr) or () - except (NSPRError, PyAsn1Error), e: + except (NSPRError, PyAsn1Error) as e: raise errors.CertificateOperationError( error=_("Failure decoding Certificate Signing Request: %s") % e) @@ -613,7 +613,7 @@ class cert_show(VirtualCommand): hostname = None try: self.check_access() - except errors.ACIError, acierr: + except errors.ACIError as acierr: self.debug("Not granted by ACI to retrieve certificate, looking at principal") bind_principal = getattr(context, 'principal') if not bind_principal.startswith('host/'): @@ -681,7 +681,7 @@ class cert_revoke(VirtualCommand): hostname = None try: self.check_access() - except errors.ACIError, acierr: + except errors.ACIError as acierr: self.debug("Not granted by ACI to revoke certificate, looking at principal") try: # Let cert_show() handle verifying that the subject of the diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py index 1de3f16c2..4376d83ce 100644 --- a/ipalib/plugins/dns.py +++ b/ipalib/plugins/dns.py @@ -395,7 +395,7 @@ def _validate_bind_aci(ugettext, bind_acis): try: ip = CheckedIPAddress(bind_aci, parse_netmask=True, allow_network=True, allow_loopback=True) - except (netaddr.AddrFormatError, ValueError), e: + except (netaddr.AddrFormatError, ValueError) as e: return unicode(e) except UnboundLocalError: return _(u"invalid address format") @@ -481,7 +481,7 @@ def _validate_nsec3param_record(ugettext, value): try: binascii.a2b_hex(salt) - except TypeError, e: + except TypeError as e: return _('salt value: %(err)s') % {'err': e} return None @@ -575,7 +575,7 @@ def add_records_for_host_validation(option_name, host, domain, ip_addresses, che for ip_address in ip_addresses: try: ip = CheckedIPAddress(ip_address, match_local=False) - except Exception, e: + except Exception as e: raise errors.ValidationError(name=option_name, error=unicode(e)) if check_forward: @@ -977,7 +977,7 @@ class ForwardRecord(DNSRecord): try: add_records_for_host(keys[-1], keys[-2], record, add_forward=False, add_reverse=True) - except Exception, e: + except Exception as e: raise errors.NonFatalError( reason=_('Cannot create reverse record for "%(value)s": %(exc)s') \ % dict(value=record, exc=unicode(e))) @@ -2073,7 +2073,7 @@ class DNSZoneBase(LDAPObject): permission_name = self.permission_name(zone) try: api.Command['permission_del'](permission_name, force=True) - except errors.NotFound, e: + except errors.NotFound as e: if zone == DNSName.root: # special case root zone raise # compatibility, older IPA versions which allows to create zone @@ -3544,12 +3544,12 @@ class dnsrecord_add(LDAPCreate): try: idnsname = DNSName(kw['idnsname']) - except Exception, e: + except Exception as e: raise errors.ValidationError(name='idnsname', error=unicode(e)) try: zonename = DNSName(kw['dnszoneidnsname']) - except Exception, e: + except Exception as e: raise errors.ValidationError(name='dnszoneidnsname', error=unicode(e)) # check zone type @@ -4181,7 +4181,7 @@ class dns_is_enabled(Command): ent = ldap.find_entries(filter=self.filter, base_dn=self.base_dn) if len(ent): dns_enabled = True - except Exception, e: + except Exception as e: pass return dict(result=dns_enabled, value=pkey_to_value(None, options)) diff --git a/ipalib/plugins/group.py b/ipalib/plugins/group.py index edecebb06..381693cf1 100644 --- a/ipalib/plugins/group.py +++ b/ipalib/plugins/group.py @@ -520,7 +520,7 @@ class group_add_member(LDAPAddMember): else: try: actual_sid = domain_validator.get_trusted_domain_object_sid(sid) - except errors.PublicError, e: + except errors.PublicError as e: failed_sids.append((sid, e.strerror)) else: sids.append(actual_sid) @@ -577,7 +577,7 @@ class group_remove_member(LDAPRemoveMember): else: try: actual_sid = domain_validator.get_trusted_domain_object_sid(sid) - except errors.PublicError, e: + except errors.PublicError as e: failed_sids.append((sid, unicode(e))) else: sids.append(actual_sid) diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py index 3e882aefd..9d7748350 100644 --- a/ipalib/plugins/host.py +++ b/ipalib/plugins/host.py @@ -256,7 +256,7 @@ def validate_ipaddr(ugettext, ipaddr): """ try: CheckedIPAddress(ipaddr, match_local=False) - except Exception, e: + except Exception as e: return unicode(e) return None @@ -272,7 +272,7 @@ def normalize_hostname(hostname): def _hostname_validator(ugettext, value): try: validate_hostname(value) - except ValueError, e: + except ValueError as e: return _('invalid domain-name: %s') % unicode(e) return None @@ -674,7 +674,7 @@ class host_add(LDAPCreate): del options['ip_address'] update_sshfp_record(domain, unicode(parts[0]), entry_attrs) - except Exception, e: + except Exception as e: exc = e if options.get('random', False): try: diff --git a/ipalib/plugins/migration.py b/ipalib/plugins/migration.py index 6aeb942ec..3d8d565e0 100644 --- a/ipalib/plugins/migration.py +++ b/ipalib/plugins/migration.py @@ -29,7 +29,7 @@ from ipalib.plugins.user import NO_UPG_MAGIC if api.env.in_server and api.env.context in ['lite', 'server']: try: from ipaserver.plugins.ldap2 import ldap2 - except StandardError, e: + except StandardError as e: raise e from ipalib import _ from ipapython.dn import DN @@ -176,11 +176,11 @@ def _pre_migrate_user(ldap, pkey, dn, entry_attrs, failed, config, ctx, **kwargs api.log.warn('GID number %s of migrated user %s does not point to a known group.' \ % (entry_attrs['gidnumber'][0], pkey)) invalid_gids.add(entry_attrs['gidnumber'][0]) - except errors.SingleMatchExpected, e: + except errors.SingleMatchExpected as e: # GID number matched more groups, this should not happen api.log.warn('GID number %s of migrated user %s should match 1 group, but it matched %d groups' \ % (entry_attrs['gidnumber'][0], pkey, e.found)) - except errors.LimitsExceeded, e: + except errors.LimitsExceeded as e: api.log.warn('Search limit exceeded searching for GID %s' % entry_attrs['gidnumber'][0]) # We don't want to create a UPG so set the magic value in description @@ -240,7 +240,7 @@ def _pre_migrate_user(ldap, pkey, dn, entry_attrs, failed, config, ctx, **kwargs ', convert it', pkey, value, type(value), attr) try: value = DN(value) - except ValueError, e: + except ValueError as e: api.log.warn('%s: skipping normalization of value %s of type %s ' 'in attribute %s which could not be converted to DN: %s', pkey, value, type(value), attr, e) @@ -331,7 +331,7 @@ def _pre_migrate_group(ldap, pkey, dn, entry_attrs, failed, config, ctx, **kwarg for m in entry_attrs[member_attr]: try: m = DN(m) - except ValueError, e: + except ValueError as e: # This should be impossible unless the remote server # doesn't enforce syntax checking. api.log.error('Malformed DN %s: %s' % (m, e)) @@ -826,19 +826,19 @@ can use their Kerberos accounts.''') ) if not entry_attrs.dn: continue - except errors.NotFound, e: + except errors.NotFound as e: failed[ldap_obj_name][pkey] = unicode(e.reason) continue try: ldap.add_entry(entry_attrs) - except errors.ExecutionError, e: + except errors.ExecutionError as e: callback = self.migrate_objects[ldap_obj_name]['exc_callback'] if callable(callback): try: callback( ldap, entry_attrs.dn, entry_attrs, e, options) - except errors.ExecutionError, e: + except errors.ExecutionError as e: failed[ldap_obj_name][pkey] = unicode(e) continue else: @@ -916,7 +916,7 @@ can use their Kerberos accounts.''') try: ds_base_dn = DN(entries[0]['namingcontexts'][0]) assert isinstance(ds_base_dn, DN) - except (IndexError, KeyError), e: + except (IndexError, KeyError) as e: raise StandardError(str(e)) # migrate! diff --git a/ipalib/plugins/otptoken.py b/ipalib/plugins/otptoken.py index a1e9a85a5..eb3e3f977 100644 --- a/ipalib/plugins/otptoken.py +++ b/ipalib/plugins/otptoken.py @@ -90,7 +90,7 @@ class OTPTokenKey(Bytes): if isinstance(value, unicode): try: value = base64.b32decode(value, True) - except TypeError, e: + except TypeError as e: raise ConversionError(name=self.name, index=index, error=str(e)) return super(OTPTokenKey, self)._convert_scalar(value, index) diff --git a/ipalib/plugins/permission.py b/ipalib/plugins/permission.py index 7d2a4dd15..1c636d8c0 100644 --- a/ipalib/plugins/permission.py +++ b/ipalib/plugins/permission.py @@ -1002,7 +1002,7 @@ class permission_add(baseldap.LDAPCreate): def post_callback(self, ldap, dn, entry, *keys, **options): try: self.obj.add_aci(entry) - except Exception, e: + except Exception as e: # Adding the ACI failed. # We want to be 100% sure the ACI is not there, so try to # remove it. (This is a no-op if the ACI was not added.) @@ -1185,7 +1185,7 @@ class permission_mod(baseldap.LDAPUpdate): context.permision_moving_aci = True try: context.old_aci_info = self.obj.remove_aci(old_entry) - except errors.NotFound, e: + except errors.NotFound as e: self.log.error('permission ACI not found: %s' % e) # To pass data to postcallback, we currently need to use the context diff --git a/ipalib/plugins/pwpolicy.py b/ipalib/plugins/pwpolicy.py index 165d54889..cb8ef29ee 100644 --- a/ipalib/plugins/pwpolicy.py +++ b/ipalib/plugins/pwpolicy.py @@ -491,7 +491,7 @@ class pwpolicy_mod(LDAPUpdate): self.api.Command.cosentry_mod( keys[-1], cospriority=options['cospriority'] ) - except errors.EmptyModlist, e: + except errors.EmptyModlist as e: if len(entry_attrs) == 1: # cospriority only was passed raise e else: diff --git a/ipalib/plugins/radiusproxy.py b/ipalib/plugins/radiusproxy.py index 5d8f3a727..e30f35f9d 100644 --- a/ipalib/plugins/radiusproxy.py +++ b/ipalib/plugins/radiusproxy.py @@ -76,7 +76,7 @@ def validate_radiusserver(ugettext, server): try: validate_hostname(server, check_fqdn=True, allow_underscore=True) - except ValueError, e: + except ValueError as e: raise errors.ValidationError(name="ipatokenradiusserver", error=e.message) diff --git a/ipalib/plugins/realmdomains.py b/ipalib/plugins/realmdomains.py index c53340591..871ea79c4 100644 --- a/ipalib/plugins/realmdomains.py +++ b/ipalib/plugins/realmdomains.py @@ -56,7 +56,7 @@ def _domain_name_normalizer(d): def _domain_name_validator(ugettext, value): try: validate_domain_name(value, allow_slash=False) - except ValueError, e: + except ValueError as e: return unicode(e) diff --git a/ipalib/plugins/service.py b/ipalib/plugins/service.py index a21d004c8..6d0299164 100644 --- a/ipalib/plugins/service.py +++ b/ipalib/plugins/service.py @@ -307,7 +307,7 @@ def check_required_principal(ldap, hostname, service): """ try: host_is_master(ldap, hostname) - except errors.ValidationError, e: + except errors.ValidationError as e: service_types = ['HTTP', 'ldap', 'DNS', 'dogtagldap'] if service in service_types: raise errors.ValidationError(name='principal', error=_('This principal is required by the IPA master')) diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py index 940e06a5f..866a8fb67 100644 --- a/ipalib/plugins/trust.py +++ b/ipalib/plugins/trust.py @@ -32,13 +32,13 @@ from time import sleep try: import pysss_murmur #pylint: disable=F0401 _murmur_installed = True -except Exception, e: +except Exception as e: _murmur_installed = False try: import pysss_nss_idmap #pylint: disable=F0401 _nss_idmap_installed = True -except Exception, e: +except Exception as e: _nss_idmap_installed = False if api.env.in_server and api.env.context in ['lite', 'server']: @@ -365,7 +365,7 @@ def fetch_trusted_domains_over_dbus(myapi, log, forest_name): intf = bus.get_object(DBUS_IFACE_TRUST,"/", follow_name_owner_changes=True) fetch_domains_method = intf.get_dbus_method('fetch_domains', dbus_interface=DBUS_IFACE_TRUST) (_ret, _stdout, _stderr) = fetch_domains_method(forest_name) - except dbus.DBusException, e: + except dbus.DBusException as e: log.error('Failed to call %(iface)s.fetch_domains helper.' 'DBus exception is %(exc)s.' % dict(iface=DBUS_IFACE_TRUST, exc=str(e))) if _ret != 0: @@ -1173,7 +1173,7 @@ class trust_resolve(Command): entry['name'] = [unicode(xlate[sid][pysss_nss_idmap.NAME_KEY])] entry['type'] = [idmap_type_string(xlate[sid][pysss_nss_idmap.TYPE_KEY])] result.append(entry) - except ValueError, e: + except ValueError as e: pass return dict(result=result) diff --git a/ipalib/plugins/user.py b/ipalib/plugins/user.py index 859939205..121e107c1 100644 --- a/ipalib/plugins/user.py +++ b/ipalib/plugins/user.py @@ -974,7 +974,7 @@ class user_status(LDAPQuery): other_ldap = ldap2(self.api, ldap_uri='ldap://%s' % host) try: other_ldap.connect(ccache=os.environ['KRB5CCNAME']) - except Exception, e: + except Exception as e: self.error("user_status: Connecting to %s failed with %s" % (host, str(e))) newresult = {'dn': dn} newresult['server'] = _("%(host)s failed: %(error)s") % dict(host=host, error=str(e)) @@ -994,7 +994,7 @@ class user_status(LDAPQuery): continue newtime = time.strptime(newresult[attr][0], '%Y%m%d%H%M%SZ') newresult[attr][0] = unicode(time.strftime('%Y-%m-%dT%H:%M:%SZ', newtime)) - except Exception, e: + except Exception as e: self.debug("time conversion failed with %s" % str(e)) pass newresult['server'] = host @@ -1011,7 +1011,7 @@ class user_status(LDAPQuery): count += 1 except errors.NotFound: self.obj.handle_not_found(*keys) - except Exception, e: + except Exception as e: self.error("user_status: Retrieving status for %s failed with %s" % (dn, str(e))) newresult = {'dn': dn} newresult['server'] = _("%(host)s failed") % dict(host=host) diff --git a/ipalib/plugins/vault.py b/ipalib/plugins/vault.py index ba7696c7e..1150d5f3b 100644 --- a/ipalib/plugins/vault.py +++ b/ipalib/plugins/vault.py @@ -715,7 +715,7 @@ class vault_add_internal(LDAPCreate): try: parent_dn = DN(*dn[1:]) self.obj.create_container(parent_dn, owner_dn) - except errors.DuplicateEntry, e: + except errors.DuplicateEntry as e: pass entry_attrs['owner'] = owner_dn diff --git a/ipalib/rpc.py b/ipalib/rpc.py index 4176bbd28..04b8d01d9 100644 --- a/ipalib/rpc.py +++ b/ipalib/rpc.py @@ -95,7 +95,7 @@ def update_persistent_client_session_data(principal, data): try: keyname = client_session_keyring_keyname(principal) - except Exception, e: + except Exception as e: raise ValueError(str(e)) # kernel_keyring only raises ValueError (why??) @@ -111,7 +111,7 @@ def read_persistent_client_session_data(principal): try: keyname = client_session_keyring_keyname(principal) - except Exception, e: + except Exception as e: raise ValueError(str(e)) # kernel_keyring only raises ValueError (why??) @@ -127,7 +127,7 @@ def delete_persistent_client_session_data(principal): try: keyname = client_session_keyring_keyname(principal) - except Exception, e: + except Exception as e: raise ValueError(str(e)) # kernel_keyring only raises ValueError (why??) @@ -384,7 +384,7 @@ def xml_loads(data, encoding='UTF-8'): try: (params, method) = loads(data) return (xml_unwrap(params), method) - except Fault, e: + except Fault as e: raise decode_fault(e) @@ -668,7 +668,7 @@ class KerbTransport(SSLTransport): try: session_cookie = Cookie.get_named_cookie_from_string(cookie_header, COOKIE_NAME, request_url) - except Exception, e: + except Exception as e: root_logger.error("unable to parse cookie header '%s': %s", cookie_header, e) return @@ -679,7 +679,7 @@ class KerbTransport(SSLTransport): root_logger.debug("storing cookie '%s' for principal %s", cookie_string, principal) try: update_persistent_client_session_data(principal, cookie_string) - except Exception, e: + except Exception as e: # Not fatal, we just can't use the session cookie we were sent. pass @@ -723,7 +723,7 @@ class RPCClient(Connectible): try: answers = resolver.query(name, rdatatype.SRV) - except DNSException, e: + except DNSException as e: answers = [] for answer in answers: @@ -756,13 +756,13 @@ class RPCClient(Connectible): # (possibly with more than one cookie). try: cookie_string = read_persistent_client_session_data(principal) - except Exception, e: + except Exception as e: return None # Search for the session cookie within the cookie string try: session_cookie = Cookie.get_named_cookie_from_string(cookie_string, COOKIE_NAME) - except Exception, e: + except Exception as e: return None return session_cookie @@ -805,17 +805,17 @@ class RPCClient(Connectible): # Decide if we should send the cookie to the server try: session_cookie.http_return_ok(original_url) - except Cookie.Expired, e: + except Cookie.Expired as e: self.debug("deleting session data for principal '%s': %s", principal, e) try: delete_persistent_client_session_data(principal) - except Exception, e: + except Exception as e: pass return original_url - except Cookie.URLMismatch, e: + except Cookie.URLMismatch as e: self.debug("not sending session cookie, URL mismatch: %s", e) return original_url - except Exception, e: + except Exception as e: self.error("not sending session cookie, unknown error: %s", e) return original_url @@ -872,7 +872,7 @@ class RPCClient(Connectible): command = getattr(serverproxy, 'ping') try: response = command([], {}) - except Fault, e: + except Fault as e: e = decode_fault(e) if e.faultCode in errors_by_code: error = errors_by_code[e.faultCode] @@ -885,23 +885,23 @@ class RPCClient(Connectible): ) # We don't care about the response, just that we got one break - except KerberosError, krberr: + except KerberosError as krberr: # kerberos error on one server is likely on all raise errors.KerberosError(major=str(krberr), minor='') - except ProtocolError, e: + except ProtocolError as e: if hasattr(context, 'session_cookie') and e.errcode == 401: # Unauthorized. Remove the session and try again. delattr(context, 'session_cookie') try: delete_persistent_client_session_data(principal) - except Exception, e: + except Exception as e: # This shouldn't happen if we have a session but it isn't fatal. pass return self.create_connection(ccache, verbose, fallback, delegate) if not fallback: raise serverproxy = None - except Exception, e: + except Exception as e: if not fallback: raise else: @@ -948,7 +948,7 @@ class RPCClient(Connectible): params = [args, kw] try: return self._call_command(command, params) - except Fault, e: + except Fault as e: e = decode_fault(e) self.debug('Caught fault %d from server %s: %s', e.faultCode, server, e.faultString) @@ -960,9 +960,9 @@ class RPCClient(Connectible): error=e.faultString, server=server, ) - except NSPRError, e: + except NSPRError as e: raise NetworkError(uri=server, error=str(e)) - except ProtocolError, e: + except ProtocolError as e: # By catching a 401 here we can detect the case where we have # a single IPA server and the session is invalid. Otherwise # we always have to do a ping(). @@ -973,7 +973,7 @@ class RPCClient(Connectible): try: principal = getattr(context, 'principal', None) delete_persistent_client_session_data(principal) - except Exception, e: + except Exception as e: # This shouldn't happen if we have a session but it isn't fatal. pass @@ -995,9 +995,9 @@ class RPCClient(Connectible): current_conn.conn._ServerProxy__transport.dbdir = dbdir return self.forward(name, *args, **kw) raise NetworkError(uri=server, error=e.errmsg) - except socket.error, e: + except socket.error as e: raise NetworkError(uri=server, error=str(e)) - except (OverflowError, TypeError), e: + except (OverflowError, TypeError) as e: raise XMLRPCMarshallError(error=str(e)) @@ -1049,7 +1049,7 @@ class JSONServerProxy(object): try: response = json_decode_binary(json.loads(response)) - except ValueError, e: + except ValueError as e: raise JSONError(str(e)) if self.__verbose >= 2: diff --git a/ipalib/session.py b/ipalib/session.py index ec6c2081c..a124fe027 100644 --- a/ipalib/session.py +++ b/ipalib/session.py @@ -706,7 +706,7 @@ class SessionAuthManager(object): for auth_mgr in self.auth_managers.values(): try: auth_mgr.logout(session_data) - except Exception, e: + except Exception as e: self.error('%s auth_mgr logout failed: %s', auth_mgr.name, e) #------------------------------------------------------------------------------- @@ -963,7 +963,7 @@ class MemcacheSessionManager(SessionManager): try: session_cookie = Cookie.get_named_cookie_from_string(cookie_header, self.session_cookie_name) - except Exception, e: + except Exception as e: session_cookie = None if session_cookie: session_id = session_cookie.value @@ -1272,7 +1272,7 @@ def release_ipa_ccache(ccache_name): if os.path.exists(name): try: os.unlink(name) - except Exception, e: + except Exception as e: root_logger.error('unable to delete session ccache file "%s", %s', name, e) else: raise ValueError('ccache scheme "%s" unsupported (%s)', scheme, ccache_name) diff --git a/ipalib/util.py b/ipalib/util.py index 5a670146e..7baec85d6 100644 --- a/ipalib/util.py +++ b/ipalib/util.py @@ -83,7 +83,7 @@ def validate_host_dns(log, fqdn): 'IPA: found %d A records for %s: %s' % (len(answers), fqdn, ' '.join(str(answer) for answer in answers)) ) - except DNSException, e: + except DNSException as e: log.debug( 'IPA: DNS A record lookup failed for %s' % fqdn ) @@ -94,7 +94,7 @@ def validate_host_dns(log, fqdn): 'IPA: found %d AAAA records for %s: %s' % (len(answers), fqdn, ' '.join(str(answer) for answer in answers)) ) - except DNSException, e: + except DNSException as e: log.debug( 'IPA: DNS AAAA record lookup failed for %s' % fqdn ) @@ -186,7 +186,7 @@ def check_writable_file(filename): else: fp = open(filename, 'w') fp.close() - except (IOError, OSError), e: + except (IOError, OSError) as e: raise errors.FileError(reason=str(e)) def normalize_zonemgr(zonemgr): @@ -287,13 +287,13 @@ def normalize_sshpubkey(value): def validate_sshpubkey(ugettext, value): try: SSHPublicKey(value) - except ValueError, UnicodeDecodeError: + except ValueError as UnicodeDecodeError: return _('invalid SSH public key') def validate_sshpubkey_no_options(ugettext, value): try: pubkey = SSHPublicKey(value) - except ValueError, UnicodeDecodeError: + except ValueError as UnicodeDecodeError: return _('invalid SSH public key') if pubkey.has_options(): @@ -313,7 +313,7 @@ def convert_sshpubkey_post(ldap, dn, entry_attrs): for pubkey in pubkeys: try: pubkey = SSHPublicKey(pubkey) - except ValueError, UnicodeDecodeError: + except ValueError as UnicodeDecodeError: continue fp = pubkey.fingerprint_hex_md5() @@ -525,7 +525,7 @@ def get_reverse_zone_default(ip_address): def validate_rdn_param(ugettext, value): try: rdn = RDN(value) - except Exception, e: + except Exception as e: return str(e) return None diff --git a/ipalib/x509.py b/ipalib/x509.py index 092d451c6..21c287feb 100644 --- a/ipalib/x509.py +++ b/ipalib/x509.py @@ -285,7 +285,7 @@ def normalize_certificate(rawcert): if util.isvalid_base64(rawcert): try: dercert = base64.b64decode(rawcert) - except Exception, e: + except Exception as e: raise errors.Base64DecodeError(reason=str(e)) else: dercert = rawcert @@ -326,7 +326,7 @@ def write_certificate(rawcert, filename): fp = open(filename, 'w') fp.write(make_pem(base64.b64encode(dercert))) fp.close() - except (IOError, OSError), e: + except (IOError, OSError) as e: raise errors.FileError(reason=str(e)) def write_certificate_list(rawcerts, filename): @@ -344,7 +344,7 @@ def write_certificate_list(rawcerts, filename): cert = base64.b64encode(cert) cert = make_pem(cert) f.write(cert + '\n') - except (IOError, OSError), e: + except (IOError, OSError) as e: raise errors.FileError(reason=str(e)) def verify_cert_subject(ldap, hostname, dercert): |