[CalendarServer-changes] [3209] CalendarServer/trunk/twistedcaldav/tap.py

source_changes at macosforge.org source_changes at macosforge.org
Wed Oct 22 11:39:33 PDT 2008


Revision: 3209
          http://trac.macosforge.org/projects/calendarserver/changeset/3209
Author:   wsanchez at apple.com
Date:     2008-10-22 11:39:32 -0700 (Wed, 22 Oct 2008)
Log Message:
-----------
Clean up _getSSLPassphrase()

Modified Paths:
--------------
    CalendarServer/trunk/twistedcaldav/tap.py

Modified: CalendarServer/trunk/twistedcaldav/tap.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/tap.py	2008-10-22 18:22:22 UTC (rev 3208)
+++ CalendarServer/trunk/twistedcaldav/tap.py	2008-10-22 18:39:32 UTC (rev 3209)
@@ -16,7 +16,7 @@
 
 import os
 import stat
-import commands
+from subprocess import Popen, PIPE
 
 from zope.interface import implements
 
@@ -366,42 +366,57 @@
 from twisted.internet.ssl import DefaultOpenSSLContextFactory
 
 def _getSSLPassphrase(*args):
+    if not config.SSLPrivateKey:
+        return None
 
-    if os.path.exists(config.SSLCertAdmin):
-        cmd = "sudo %s --get-private-key-passphrase %s" % (config.SSLCertAdmin,
-            config.SSLPrivateKey)
-        status, output = commands.getstatusoutput(cmd)
-        if status != 0:
-            log.err("Could not get passphrase for %s. %s" %
-                (config.SSLPrivateKey, output))
-            return False
-        return output
+    if config.SSLCertAdmin and os.path.isfile(config.SSLCertAdmin):
+        child = Popen(
+            args=[
+                "sudo", config.SSLCertAdmin,
+                "--get-private-key-passphrase", config.SSLPrivateKey,
+            ],
+            stdout=PIPE, stderr=PIPE,
+        )
+        output, error = child.communicate()
 
-    else:
+        if child.poll():
+            log.err("Could not get passphrase for %s: %s" % (config.SSLPrivateKey, error))
+        else:
+            return output
+
+    if config.SSLPassPhraseDialog and os.path.isfile(config.SSLPassPhraseDialog):
         sslPrivKey = open(config.SSLPrivateKey)
+        try:
+            type = None
+            for line in sslPrivKey.readlines():
+                if "-----BEGIN RSA PRIVATE KEY-----" in line:
+                    type = "RSA"
+                    break
+                elif "-----BEGIN DSA PRIVATE KEY-----" in line:
+                    type = "DSA"
+                    break
+        finally:
+            sslPrivKey.close()
 
-        type = None
-        for line in sslPrivKey.readlines():
-            if "-----BEGIN RSA PRIVATE KEY-----" in line:
-                type = "RSA"
-                break
-            elif "-----BEGIN DSA PRIVATE KEY-----" in line:
-                type = "DSA"
-                break
-
-        sslPrivKey.close()
-
         if type is None:
             log.err("Could not get private key type for %s" % (config.SSLPrivateKey,))
-            return False
+        else:
+            child = Popen(
+                args=[
+                    config.SSLPassPhraseDialog,
+                    "%s:%s" % (config.ServerHostName, config.SSLPort),
+                    type,
+                ],
+                stdout=PIPE, stderr=PIPE,
+            )
+            output, error = child.communicate()
 
-        return commands.getoutput("%s %s:%s %s" % (
-            config.SSLPassPhraseDialog,
-            config.ServerHostName,
-            config.SSLPort,
-            type
-        ))
+            if child.poll():
+                log.err("Could not get passphrase for %s: %s" % (config.SSLPrivateKey, error))
+            else:
+                return output
 
+    return None
 
 class ChainingOpenSSLContextFactory(DefaultOpenSSLContextFactory):
     def __init__(
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20081022/11626d75/attachment-0001.html>


More information about the calendarserver-changes mailing list