ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-10-07 08:54:01 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 11

openssl_publickey: Do not fail on empty existing file (#33255)

Browse source 
Currently during the check phase, the code considers the file to be
a public key if the file exist - which is not necessarily true.

This commits aims to ensure that the file is actually a publickey else
returns false for the check.
This commit is contained in:
Yanis Guenane 2017-11-25 04:29:07 +01:00 committed by Abhijeet Kasurde
commit 32635577a3
3 changed files with 33 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

11
lib/ansible/modules/crypto/openssl_publickey.py
View file

@ -211,10 +211,13 @@ class PublicKey(crypto_utils.OpenSSLObject):
if not os.path.exists(self.privatekey_path):
return False
current_publickey = crypto.dump_publickey(
crypto.FILETYPE_ASN1,
crypto.load_publickey(crypto.FILETYPE_PEM, open(self.path, 'rb').read())
)
try:
current_publickey = crypto.dump_publickey(
crypto.FILETYPE_ASN1,
crypto.load_publickey(crypto.FILETYPE_PEM, open(self.path, 'rb').read())
)
except crypto.Error:
return False
desired_publickey = crypto.dump_publickey(
crypto.FILETYPE_ASN1,