[Freeipa-devel] [PATCH] Add encrypt_file and decrypt_file functions
Stephen Gallagher
sgallagh at redhat.com
Fri Aug 8 11:47:54 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Stephen Gallagher wrote:
> Simo Sorce wrote:
>> On Thu, 2008-08-07 at 21:16 +0000, Simo Sorce wrote:
>>> On Thu, 2008-08-07 at 16:53 -0400, Rob Crittenden wrote:
>>>> Simo Sorce wrote:
>>>>> See patch, these functions will be used in ipa-replica-prepare and
>>>>> ipa-replica-install to make the data more safe.
>>>>>
>>>>>
>>>>>
>>>> Just a few minor things.
>>>>
>>>> You check that the password exists during encryption but not decryption.
>>> ahh right
>>>
>>>> Should we do any validation that dest is ok? I suppose we'll find out
>>>> soon enough from the call to run...
>>> the operation would fail and we will get an exception, I wouldn't care
>>> too much about that at this point.
>>>
>>> the caller will need to check for exceptions anyway and decide what to
>>> do.
>>>
>>>> A cleaner way of handling a failure would use try/except/finally, though
>>>> Python 2.4 makes it a little icky. It would look something like this
>>>> for encrypt_file()
>>>>
>>>> try:
>>>> try:
>>>> os.mkdir(gpgdir)
>>>> args = ...
>>>> except:
>>>> raise
>>>> finally:
>>>> #clean up
>>>> shutil.rmtree(tempdir, ignore_errors=True)
>>>>
>>>> The way it is now is fine but the cleanup code (one line) is duplicated).
>>> right, I will change the patch to use finally
>> Attached a patch that implement this and also remove mentions of
>> 'tarfile' that were unused as Rob pointed out on IRC.
>
>
> Maybe I'm crazy, but the two functions encrypt_file() and decrypt_file()
> do not seem to be actually called anywhere.
Please disregard this. I haven't had any caffeine yet today.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkicMmoACgkQc7MaxVic+2qR4ACgpIAqdiN4ji1LDvyUJUH2pn6M
fvgAnRpG+l2fxckg3k6Y5ooWLFrGORPu
=2KML
-----END PGP SIGNATURE-----
More information about the Freeipa-devel
mailing list