diff options
author | Yanis Guenane <yguenane@gmail.com> | 2017-11-25 04:29:07 +0100 |
---|---|---|
committer | Abhijeet Kasurde <akasurde@redhat.com> | 2017-11-25 03:29:06 +0000 |
commit | 32635577a337f3a3039b0bb37498d46b42f0fe60 (patch) | |
tree | eefebcf6ab960dbfef63976bc1cae58e579e4ec2 /lib/ansible | |
parent | 748107d3694f2417b57fc5c77bb4a27eb0bbf49f (diff) | |
download | ansible-32635577a337f3a3039b0bb37498d46b42f0fe60.tar.gz |
openssl_publickey: Do not fail on empty existing file (#33255)
Currently during the check phase, the code considers the file to be
a public key if the file exist - which is not necessarily true.
This commits aims to ensure that the file is actually a publickey else
returns false for the check.
Diffstat (limited to 'lib/ansible')
-rw-r--r-- | lib/ansible/modules/crypto/openssl_publickey.py | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/lib/ansible/modules/crypto/openssl_publickey.py b/lib/ansible/modules/crypto/openssl_publickey.py index 0073f84c0e..3717c93548 100644 --- a/lib/ansible/modules/crypto/openssl_publickey.py +++ b/lib/ansible/modules/crypto/openssl_publickey.py @@ -211,10 +211,13 @@ class PublicKey(crypto_utils.OpenSSLObject): if not os.path.exists(self.privatekey_path): return False - current_publickey = crypto.dump_publickey( - crypto.FILETYPE_ASN1, - crypto.load_publickey(crypto.FILETYPE_PEM, open(self.path, 'rb').read()) - ) + try: + current_publickey = crypto.dump_publickey( + crypto.FILETYPE_ASN1, + crypto.load_publickey(crypto.FILETYPE_PEM, open(self.path, 'rb').read()) + ) + except crypto.Error: + return False desired_publickey = crypto.dump_publickey( crypto.FILETYPE_ASN1, |