The remote verify_tls function was not raising errors when it should.
Fix the function so that it always returns an object when it succeeds or
fails gracefully. Always parse that function in the crypto caller class.
Signed-off-by: John Mulligan <jmulligan@redhat.com>
def _fail_message(msg: str) -> None:
- json.dump({'error': msg}, sys.stderr)
- sys.exit(1)
+ json.dump({'error': msg}, sys.stdout)
+ sys.exit(0)
def verify_tls(args: Namespace) -> None:
-
data = json.loads(sys.stdin.read())
crt = data['crt']
_fail_message('Private key and certificate do not match up: %s' % str(e))
except SSL.Error as e:
_fail_message(f'Invalid cert/key pair: {e}')
+ json.dump({'ok': True}, sys.stdout) # need to emit something on success
if __name__ == "__main__":
"""Given a TLS certificate and a private key raise an error
if the combination is not valid.
"""
- self._run(
+ result = self._run(
['verify_tls'],
input_data=json.dumps({'crt': crt, 'key': key}),
capture_output=True,
check=True,
)
+ self._result_json(result) # for errors only
def verify_cacrt_content(self, crt: str) -> int:
"""Verify a CA Certificate return the number of days until expiration."""
projects / ceph.git / commitdiff