Add the option to silence output from the X509 create_private_key function (#33943)

* By default the create_private_key function generates progress status output to stdout, in some cases this is not convenient as it mixes into the current stdout. This is due to the underlying M2Crypto's modules keygen_callback function which writes dots as progress feedback to stdout This change adds the ability to silence the output from the function if you do now what it. * Added versionadded Default to True to preserve current behaviour
2024-11-08 09:23:56 +00:00 · 2016-06-13 18:42:29 +02:00 · 2016-06-13 18:42:29 +02:00 · ea6c868c74
commit ea6c868c74
parent 537c002872
2 changed files with 30 additions and 4 deletions
--- a/salt/modules/x509.py
+++ b/salt/modules/x509.py
@ -330,6 +330,14 @@ def _get_pubkey_hash(cert):
    return _pretty_hex(sha_hash)


+def _keygen_callback():
+    '''
+    Replacement keygen callback function which silences the output
+    sent to stdout by the default keygen function
+    '''
+    return
+
+
 def get_pem_entry(text, pem_type=None):
    '''
    Returns a properly formatted PEM string from the input text fixing
@ -637,7 +645,7 @@ def write_pem(text, path, pem_type=None):
    return 'PEM written to {0}'.format(path)


-def create_private_key(path=None, text=False, bits=2048):
+def create_private_key(path=None, text=False, bits=2048, verbose=True):
    '''
    Creates a private key in PEM format.

@ -650,6 +658,11 @@ def create_private_key(path=None, text=False, bits=2048):
    bits:
        Length of the private key in bits. Default 2048

+    verbose:
+        Provide visual feedback on stdout. Default True
+
+        .. versionadded:: Carbon
+
    CLI Example:

    .. code-block:: bash
@ -661,7 +674,12 @@ def create_private_key(path=None, text=False, bits=2048):
    if path and text:
        raise salt.exceptions.SaltInvocationError('Either path or text must be specified, not both.')

-    rsa = M2Crypto.RSA.gen_key(bits, M2Crypto.m2.RSA_F4)            # pylint: disable=no-member
+    if verbose:
+        _callback_func = M2Crypto.RSA.keygen_callback
+    else:
+        _callback_func = _keygen_callback
+
+    rsa = M2Crypto.RSA.gen_key(bits, M2Crypto.m2.RSA_F4, _callback_func)  # pylint: disable=no-member
    bio = M2Crypto.BIO.MemoryBuffer()
    rsa.save_key_bio(bio, cipher=None)

--- a/salt/states/x509.py
+++ b/salt/states/x509.py
@ -203,7 +203,8 @@ def _revoked_to_list(revs):
 def private_key_managed(name,
                        bits=2048,
                        new=False,
-                        backup=False):
+                        backup=False,
+                        verbose=True,):
    '''
    Manage a private key's existence.

@ -222,6 +223,12 @@ def private_key_managed(name,
        When replacing an existing file, backup the old file onthe minion.
        Default is False.

+    verbose:
+        Provide visual feedback on stdout, dots while key is generated.
+        Default is True.
+
+        .. versionadded:: Carbon
+
    Example:

    The jinja templating in this example ensures a private key is generated if the file doesn't exist
@ -268,7 +275,8 @@ def private_key_managed(name,
        bkroot = os.path.join(__opts__['cachedir'], 'file_backup')
        salt.utils.backup_minion(name, bkroot)

-    ret['comment'] = __salt__['x509.create_private_key'](path=name, bits=bits)
+    ret['comment'] = __salt__['x509.create_private_key'](
+        path=name, bits=bits, verbose=verbose)
    ret['result'] = True

    return ret