1
0
mirror of https://github.com/laurivosandi/certidude synced 2024-12-23 00:25:18 +00:00

Use unicode literals for logging

This commit is contained in:
Lauri Võsandi 2016-03-29 08:54:55 +03:00
parent acc0e29109
commit 799b9e19c8
7 changed files with 21 additions and 21 deletions

View File

@ -31,7 +31,7 @@ class CertificateStatusResource(object):
class CertificateAuthorityResource(object):
def on_get(self, req, resp):
logger.info("Served CA certificate to %s", req.context.get("remote_addr"))
logger.info(u"Served CA certificate to %s", req.context.get("remote_addr"))
resp.stream = open(config.AUTHORITY_CERTIFICATE_PATH, "rb")
resp.append_header("Content-Type", "application/x-x509-ca-cert")
resp.append_header("Content-Disposition", "attachment; filename=%s.crt" %
@ -104,7 +104,7 @@ class BundleResource(object):
@login_required
def on_get(self, req, resp):
common_name = req.context["user"].mail
logger.info("Signing bundle %s for %s", common_name, req.context.get("user"))
logger.info(u"Signing bundle %s for %s", common_name, req.context.get("user"))
resp.set_header("Content-Type", "application/x-pkcs12")
resp.set_header("Content-Disposition", "attachment; filename=%s.p12" % common_name.encode("ascii"))
resp.body, cert = authority.generate_pkcs12_bundle(common_name,

View File

@ -32,7 +32,7 @@ class RequestListResource(object):
csr = Request(body)
if not csr.common_name:
logger.warning("Rejected signing request without common name from %s",
logger.warning(u"Rejected signing request without common name from %s",
req.context.get("remote_addr"))
raise falcon.HTTPBadRequest(
"Bad request",
@ -71,7 +71,7 @@ class RequestListResource(object):
pass
except errors.DuplicateCommonNameError:
# TODO: Certificate renewal
logger.warning("Rejected signing request with overlapping common name from %s",
logger.warning(u"Rejected signing request with overlapping common name from %s",
req.context.get("remote_addr"))
raise falcon.HTTPConflict(
"CSR with such CN already exists",
@ -86,11 +86,11 @@ class RequestListResource(object):
click.echo("Redirecting to: %s" % url)
resp.status = falcon.HTTP_SEE_OTHER
resp.set_header("Location", url.encode("ascii"))
logger.debug("Redirecting signing request from %s to %s", req.context.get("remote_addr"), url)
logger.debug(u"Redirecting signing request from %s to %s", req.context.get("remote_addr"), url)
else:
# Request was accepted, but not processed
resp.status = falcon.HTTP_202
logger.info("Signing request from %s stored", req.context.get("remote_addr"))
logger.info(u"Signing request from %s stored", req.context.get("remote_addr"))
class RequestDetailResource(object):
@ -100,7 +100,7 @@ class RequestDetailResource(object):
Fetch certificate signing request as PEM
"""
csr = authority.get_request(cn)
logger.debug("Signing request %s was downloaded by %s",
logger.debug(u"Signing request %s was downloaded by %s",
csr.common_name, req.context.get("remote_addr"))
return csr
@ -118,7 +118,7 @@ class RequestDetailResource(object):
resp.body = "Certificate successfully signed"
resp.status = falcon.HTTP_201
resp.location = os.path.join(req.relative_uri, "..", "..", "signed", cn)
logger.info("Signing request %s signed by %s from %s", csr.common_name,
logger.info(u"Signing request %s signed by %s from %s", csr.common_name,
req.context.get("user"), req.context.get("remote_addr"))
@ -131,6 +131,6 @@ class RequestDetailResource(object):
# Logging implemented in the function above
except EnvironmentError as e:
resp.body = "No certificate CN=%s found" % cn
logger.warning("User %s failed to delete signing request %s from %s, reason: %s",
logger.warning(u"User %s failed to delete signing request %s from %s, reason: %s",
req.context["user"], cn, req.context.get("remote_addr"), e)
raise falcon.HTTPNotFound()

View File

@ -6,7 +6,7 @@ logger = logging.getLogger("api")
class RevocationListResource(object):
def on_get(self, req, resp):
logger.debug("Revocation list requested by %s", req.context.get("remote_addr"))
logger.debug(u"Revocation list requested by %s", req.context.get("remote_addr"))
resp.set_header("Content-Type", "application/x-pkcs7-crl")
resp.append_header("Content-Disposition", "attachment; filename=ca.crl")
resp.body = export_crl()

View File

@ -26,7 +26,7 @@ class TagResource(RelationalMixin):
args = req.get_param("cn"), req.get_param("key"), req.get_param("value")
rowid = self.sql_execute("tag_insert.sql", *args)
push.publish("tag-added", str(rowid))
logger.debug("Tag cn=%s, key=%s, value=%s added" % args)
logger.debug(u"Tag cn=%s, key=%s, value=%s added" % args)
class TagDetailResource(RelationalMixin):
@ -60,7 +60,7 @@ class TagDetailResource(RelationalMixin):
from certidude import push
args = req.get_param("value"), identifier
self.sql_execute("tag_update.sql", *args)
logger.debug("Tag %s updated, value set to %s",
logger.debug(u"Tag %s updated, value set to %s",
identifier, req.get_param("value"))
push.publish("tag-updated", identifier)
@ -73,4 +73,4 @@ class TagDetailResource(RelationalMixin):
from certidude import push
self.sql_execute("tag_delete.sql", identifier)
push.publish("tag-removed", identifier)
logger.debug("Tag %s removed" % identifier)
logger.debug(u"Tag %s removed" % identifier)

View File

@ -131,7 +131,7 @@ def authenticate(optional=False):
conn.simple_bind_s(user if "@" in user else "%s@%s" % (user, constants.DOMAIN), passwd)
except ldap.LDAPError, e:
resp.append_header("WWW-Authenticate", "Basic")
logger.critical("LDAP bind authentication failed for user %s from %s",
logger.critical(u"LDAP bind authentication failed for user %s from %s",
repr(user), req.context.get("remote_addr"))
raise falcon.HTTPUnauthorized("Forbidden",
"Please authenticate with %s domain account or supply UPN" % constants.DOMAIN)
@ -166,7 +166,7 @@ def authenticate(optional=False):
import simplepam
if not simplepam.authenticate(user, passwd, "sshd"):
logger.critical("Basic authentication failed for user %s from %s",
logger.critical(u"Basic authentication failed for user %s from %s",
repr(user), req.context.get("remote_addr"))
raise falcon.HTTPUnauthorized("Forbidden", "Invalid password")
@ -194,7 +194,7 @@ def authorize_admin(func):
def whitelist_authorize_admin(resource, req, resp, *args, **kwargs):
# Check for username whitelist
if not req.context.get("user") or req.context.get("user") not in config.ADMIN_WHITELIST:
logger.info("Rejected access to administrative call %s by %s from %s, user not whitelisted",
logger.info(u"Rejected access to administrative call %s by %s from %s, user not whitelisted",
req.env["PATH_INFO"], req.context.get("user"), req.context.get("remote_addr"))
raise falcon.HTTPForbidden("Forbidden", "User %s not whitelisted" % req.context.get("user"))
return func(resource, req, resp, *args, **kwargs)
@ -203,7 +203,7 @@ def authorize_admin(func):
if req.context.get("user").is_admin():
req.context["admin_authorized"] = True
return func(resource, req, resp, *args, **kwargs)
logger.info("User '%s' not authorized to access administrative API", req.context.get("user").name)
logger.info(u"User '%s' not authorized to access administrative API", req.context.get("user").name)
raise falcon.HTTPForbidden("Forbidden", "User not authorized to perform administrative operations")
if config.AUTHORIZATION_BACKEND == "whitelist":

View File

@ -29,7 +29,7 @@ def csrf_protection(func):
return func(self, req, resp, *args, **kwargs)
# Kaboom!
logger.warning("Prevented clickbait from '%s' with user agent '%s'",
logger.warning(u"Prevented clickbait from '%s' with user agent '%s'",
referrer or "-", req.user_agent)
raise falcon.HTTPUnauthorized("Forbidden",
"No suitable UA or referrer provided, cross-site scripting disabled")
@ -105,12 +105,12 @@ def serialize(func):
("attachment; filename=%s" % r.suggested_filename).encode("ascii"))
resp.body = r.dump()
elif hasattr(r, "content_type"):
logger.debug("Client did not accept application/json or %s, "
logger.debug(u"Client did not accept application/json or %s, "
"client expected %s", r.content_type, req.accept)
raise falcon.HTTPUnsupportedMediaType(
"Client did not accept application/json or %s" % r.content_type)
else:
logger.debug("Client did not accept application/json, client expected %s", req.accept)
logger.debug(u"Client did not accept application/json, client expected %s", req.accept)
raise falcon.HTTPUnsupportedMediaType(
"Client did not accept application/json")
return r

View File

@ -15,7 +15,7 @@ def whitelist_subnets(subnets):
if req.context.get("remote_addr") in subnet:
break
else:
logger.info("Rejected access to administrative call %s by %s from %s, source address not whitelisted",
logger.info(u"Rejected access to administrative call %s by %s from %s, source address not whitelisted",
req.env["PATH_INFO"],
req.context.get("user", "unauthenticated user"),
req.context.get("remote_addr"))