[Freeipa-devel] [PATCH] Add encrypt_file and decrypt_file functions
Rob Crittenden
rcritten at redhat.com
Thu Aug 7 20:53:14 UTC 2008
Simo Sorce wrote:
> See patch, these functions will be used in ipa-replica-prepare and
> ipa-replica-install to make the data more safe.
>
>
>
Just a few minor things.
You check that the password exists during encryption but not decryption.
Should we do any validation that dest is ok? I suppose we'll find out
soon enough from the call to run...
A cleaner way of handling a failure would use try/except/finally, though
Python 2.4 makes it a little icky. It would look something like this
for encrypt_file()
try:
try:
os.mkdir(gpgdir)
args = ...
except:
raise
finally:
#clean up
shutil.rmtree(tempdir, ignore_errors=True)
The way it is now is fine but the cleanup code (one line) is duplicated).
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20080807/69d9b5a5/attachment.bin>
More information about the Freeipa-devel
mailing list