From 21d6e1d493dc5652b2242ef2e0dc7e1c12714d20 Mon Sep 17 00:00:00 2001 From: "Paulo E. Castro" Date: Fri, 25 Apr 2025 23:52:39 +0100 Subject: [PATCH] pybind/mgr: Appropriately rename function. Signed-off-by: Paulo E. Castro --- src/pybind/mgr/cephadm/cert_mgr.py | 4 ++-- src/pybind/mgr/mgr_util.py | 8 ++++---- src/pybind/mgr/tests/test_tls.py | 4 ++-- src/python-common/ceph/cryptotools/cryptotools.py | 8 ++++---- src/python-common/ceph/cryptotools/remote.py | 4 ++-- 5 files changed, 14 insertions(+), 14 deletions(-) diff --git a/src/pybind/mgr/cephadm/cert_mgr.py b/src/pybind/mgr/cephadm/cert_mgr.py index aabc587db17..b0514b0695b 100644 --- a/src/pybind/mgr/cephadm/cert_mgr.py +++ b/src/pybind/mgr/cephadm/cert_mgr.py @@ -2,7 +2,7 @@ from typing import TYPE_CHECKING, Tuple, Union, List, Dict, Optional, cast, Any import logging from cephadm.ssl_cert_utils import SSLCerts, SSLConfigException -from mgr_util import verify_tls, verify_cacrt_content, ServerConfigException +from mgr_util import verify_tls, certificate_days_to_expire, ServerConfigException from cephadm.ssl_cert_utils import get_certificate_info, get_private_key_info from cephadm.tlsobject_types import Cert, PrivKey from cephadm.tlsobject_store import TLSObjectStore, TLSObjectScope, TLSObjectException @@ -350,7 +350,7 @@ class CertMgr: Returns: CertInfo """ try: - days_to_expiration = verify_tls(cert.cert, key.key) if key else verify_cacrt_content(cert.cert) + days_to_expiration = verify_tls(cert.cert, key.key) if key else certificate_days_to_expire(cert.cert) is_close_to_expiration = days_to_expiration < self.mgr.certificate_renewal_threshold_days return CertInfo(cert_name, target, cert.user_made, True, is_close_to_expiration, days_to_expiration, "") except ServerConfigException as e: diff --git a/src/pybind/mgr/mgr_util.py b/src/pybind/mgr/mgr_util.py index f5c04f0189c..b343f1a0384 100644 --- a/src/pybind/mgr/mgr_util.py +++ b/src/pybind/mgr/mgr_util.py @@ -643,10 +643,10 @@ def create_self_signed_cert(organisation: str = 'Ceph', return cert, pkey -def verify_cacrt_content(crt: str) -> int: +def certificate_days_to_expire(crt: str) -> int: try: cc = ceph.cryptotools.remote.CryptoCaller() - return cc.verify_cacrt_content(crt) + return cc.certificate_days_to_expire(crt) except ValueError as err: raise ServerConfigException(f'Invalid certificate: {err}') @@ -662,7 +662,7 @@ def verify_cacrt(cert_fname): try: with open(cert_fname) as f: - verify_cacrt_content(f.read()) + certificate_days_to_expire(f.read()) except ValueError as e: raise ServerConfigException( 'Invalid certificate {}: {}'.format(cert_fname, str(e))) @@ -681,7 +681,7 @@ def verify_tls(crt, key): # type: (str, str) -> int cc = ceph.cryptotools.remote.CryptoCaller() try: - days_to_expiration = cc.verify_cacrt_content(crt) + days_to_expiration = cc.certificate_days_to_expire(crt) cc.verify_tls(crt, key) except ValueError as err: raise ServerConfigException(str(err)) diff --git a/src/pybind/mgr/tests/test_tls.py b/src/pybind/mgr/tests/test_tls.py index 7cba929fe43..840869514f1 100644 --- a/src/pybind/mgr/tests/test_tls.py +++ b/src/pybind/mgr/tests/test_tls.py @@ -1,4 +1,4 @@ -from mgr_util import create_self_signed_cert, verify_tls, ServerConfigException, get_cert_issuer_info, verify_cacrt_content +from mgr_util import create_self_signed_cert, verify_tls, ServerConfigException, get_cert_issuer_info, certificate_days_to_expire from OpenSSL import crypto, SSL import unittest @@ -59,4 +59,4 @@ class TLSchecks(unittest.TestCase): # expired certificate self.assertRaisesRegex(ServerConfigException, 'Certificate issued by "Ceph/cephadm" expired', - verify_cacrt_content, expired_cert) + certificate_days_to_expire, expired_cert) diff --git a/src/python-common/ceph/cryptotools/cryptotools.py b/src/python-common/ceph/cryptotools/cryptotools.py index 15284276ff8..9d2f6d6db04 100644 --- a/src/python-common/ceph/cryptotools/cryptotools.py +++ b/src/python-common/ceph/cryptotools/cryptotools.py @@ -88,7 +88,7 @@ def _get_cert_issuer_info(crt: str) -> Tuple[Optional[str], Optional[str]]: return (org_name, cn) -def verify_cacrt_content(args: Namespace) -> None: +def certificate_days_to_expire(args: Namespace) -> None: crt = sys.stdin.read() crt_buffer = crt.encode() if isinstance(crt, str) else crt @@ -180,9 +180,9 @@ if __name__ == "__main__": parser_bar.add_argument('--certificate', required=False, action='store_true') parser_bar.set_defaults(func=create_self_signed_cert) - # create the parser for the "verify_cacrt_content" command - parser_bar = subparsers.add_parser('verify_cacrt_content') - parser_bar.set_defaults(func=verify_cacrt_content) + # create the parser for the "certificate_days_to_expire" command + parser_bar = subparsers.add_parser('certificate_days_to_expire') + parser_bar.set_defaults(func=certificate_days_to_expire) # create the parser for the "get_cert_issuer_info" command parser_bar = subparsers.add_parser('get_cert_issuer_info') diff --git a/src/python-common/ceph/cryptotools/remote.py b/src/python-common/ceph/cryptotools/remote.py index 04d015382a1..6271288e4f8 100644 --- a/src/python-common/ceph/cryptotools/remote.py +++ b/src/python-common/ceph/cryptotools/remote.py @@ -129,10 +129,10 @@ class CryptoCaller: ) self._result_json(result) # for errors only - def verify_cacrt_content(self, crt: str) -> int: + def certificate_days_to_expire(self, crt: str) -> int: """Verify a CA Certificate return the number of days until expiration.""" result = self._run( - ["verify_cacrt_content"], + ["certificate_days_to_expire"], input_data=crt, capture_output=True, check=True, -- 2.39.5