From f0d5df523b982ef1737dc0ee2e698b13041af64c Mon Sep 17 00:00:00 2001 From: Johannes Erdfelt Date: Tue, 28 Feb 2012 05:54:48 +0000 Subject: Add utils.tempdir() context manager for easy temp dirs Fixes bug 883323 (and others) Users of tempfile.mkdtemp() need to make sure the directory is cleaned up when it's done being used. Unfortunately, not all of the code does so at all, or safely (by using a try/finally block). Change-Id: I270109d83efec4f8b3dd954021493f4d96c6ab79 --- nova/auth/manager.py | 77 +++++++++++++++++++++++++--------------------------- 1 file changed, 37 insertions(+), 40 deletions(-) (limited to 'nova/auth') diff --git a/nova/auth/manager.py b/nova/auth/manager.py index 2b67907bc..e2516bcc1 100644 --- a/nova/auth/manager.py +++ b/nova/auth/manager.py @@ -24,9 +24,7 @@ Nova authentication management """ import os -import shutil import string # pylint: disable=W0402 -import tempfile import uuid import zipfile @@ -767,45 +765,44 @@ class AuthManager(object): pid = Project.safe_id(project) private_key, signed_cert = crypto.generate_x509_cert(user.id, pid) - tmpdir = tempfile.mkdtemp() - zf = os.path.join(tmpdir, "temp.zip") - zippy = zipfile.ZipFile(zf, 'w') - if use_dmz and FLAGS.region_list: - regions = {} - for item in FLAGS.region_list: - region, _sep, region_host = item.partition("=") - regions[region] = region_host - else: - regions = {'nova': FLAGS.ec2_host} - for region, host in regions.iteritems(): - rc = self.__generate_rc(user, - pid, - use_dmz, - host) - zippy.writestr(FLAGS.credential_rc_file % region, rc) - - zippy.writestr(FLAGS.credential_key_file, private_key) - zippy.writestr(FLAGS.credential_cert_file, signed_cert) - - (vpn_ip, vpn_port) = self.get_project_vpn_data(project) - if vpn_ip: - configfile = open(FLAGS.vpn_client_template, "r") - s = string.Template(configfile.read()) - configfile.close() - config = s.substitute(keyfile=FLAGS.credential_key_file, - certfile=FLAGS.credential_cert_file, - ip=vpn_ip, - port=vpn_port) - zippy.writestr(FLAGS.credential_vpn_file, config) - else: - LOG.warn(_("No vpn data for project %s"), pid) - - zippy.writestr(FLAGS.ca_file, crypto.fetch_ca(pid)) - zippy.close() - with open(zf, 'rb') as f: - read_buffer = f.read() + with utils.tempdir() as tmpdir: + zf = os.path.join(tmpdir, "temp.zip") + zippy = zipfile.ZipFile(zf, 'w') + if use_dmz and FLAGS.region_list: + regions = {} + for item in FLAGS.region_list: + region, _sep, region_host = item.partition("=") + regions[region] = region_host + else: + regions = {'nova': FLAGS.ec2_host} + for region, host in regions.iteritems(): + rc = self.__generate_rc(user, + pid, + use_dmz, + host) + zippy.writestr(FLAGS.credential_rc_file % region, rc) + + zippy.writestr(FLAGS.credential_key_file, private_key) + zippy.writestr(FLAGS.credential_cert_file, signed_cert) + + (vpn_ip, vpn_port) = self.get_project_vpn_data(project) + if vpn_ip: + configfile = open(FLAGS.vpn_client_template, "r") + s = string.Template(configfile.read()) + configfile.close() + config = s.substitute(keyfile=FLAGS.credential_key_file, + certfile=FLAGS.credential_cert_file, + ip=vpn_ip, + port=vpn_port) + zippy.writestr(FLAGS.credential_vpn_file, config) + else: + LOG.warn(_("No vpn data for project %s"), pid) + + zippy.writestr(FLAGS.ca_file, crypto.fetch_ca(pid)) + zippy.close() + with open(zf, 'rb') as f: + read_buffer = f.read() - shutil.rmtree(tmpdir) return read_buffer def get_environment_rc(self, user, project=None, use_dmz=True): -- cgit