Merge branch 'release-2.1.5'

Author: tofu-rocketry

.travis.yml

@@ -16,6 +16,7 @@ install:
   - pip install python-ldap
   - pip install dirq
   - pip install unittest2
+  - pip install coveralls
 
 before_script:
   - export TMPDIR=$PWD/tmp
@@ -24,6 +25,7 @@ before_script:
 script:
   - export PYTHONPATH=$PYTHONPATH:`pwd -P`
   - cd test
-  #- unit2 -b discover
-  # Don't run test_crypto until it's fixed
-  - unit2 -b test_brokers test_ssm
+  - coverage run --source=ssm,bin -m unittest2 discover --buffer
+
+after_success:
+  - coveralls

CHANGELOG

@@ -1,5 +1,25 @@
 Changelog for ssm
 =================
+ * Fri Nov 28 2014 Adrian Coveney <adrian.coveney@stfc.ac.uk> - 2.1.5-1
+ - (No changes from pre-release version.)
+
+ * Fri Nov 28 2014 Adrian Coveney <adrian.coveney@stfc.ac.uk> - 2.1.5-0.4.rc4
+ - Corrected namespace of overridden variable (to enable SSL/TLS changes).
+
+ * Fri Nov 28 2014 Adrian Coveney <adrian.coveney@stfc.ac.uk> - 2.1.5-0.3.rc3
+ - Removed python-ssl as a dependency as it can be option in some contexts.
+ - Made it possible for old versions of stomp.py (3.0.3 and lower) to use
+   SSL/TLS versions that aren't SSL 3.0.
+
+ * Thu Nov 27 2014 Adrian Coveney <adrian.coveney@stfc.ac.uk> - 2.1.5-0.2.rc2
+ - Added a warning for old versions of stomp.py (3.0.3 and lower) that are
+   limited to using SSL 3.0 for secure connections.
+
+ * Tue Nov 25 2014 Adrian Coveney <adrian.coveney@stfc.ac.uk> - 2.1.5-0.1.rc1
+ - The highest version of SSL/TLS available is now used (previously only SSLv3).
+ - Added python-ssl as a dependency (SL5/EL5 only).
+ - Minor tweaks made to logging calls and the logging level of certain messages.
+
  * Fri Aug 08 2014 Adrian Coveney <adrian.coveney@stfc.ac.uk> - 2.1.4-1
  - Corrected version number used in Python code.
 

README.md

@@ -1,6 +1,8 @@
 # Secure Stomp Messenger
 
 [![Build Status](https://travis-ci.org/apel/ssm.svg?branch=dev)](https://travis-ci.org/apel/ssm)
+[![Coverage Status](https://coveralls.io/repos/apel/ssm/badge.png?branch=dev)](https://coveralls.io/r/apel/ssm?branch=dev)
+[![Code Health](https://landscape.io/github/apel/ssm/dev/landscape.png)](https://landscape.io/github/apel/ssm/dev)
 
 Secure Stomp Messenger (SSM) is designed to simply send messages
 using the STOMP protocol.  Messages are signed and may be encrypted
@@ -20,7 +22,7 @@ The EPEL repository must be enabled.  This can be done by installing
 the RPM for your version of SL, which is available on this page:
 http://fedoraproject.org/wiki/EPEL
 
-The python stomp library
+The python stomp library (N.B. version 4 is currently not supported)
 * `yum install stomppy`
 
 The python daemon library

apel-ssm.spec

@@ -4,7 +4,7 @@
 %endif
 
 Name:           apel-ssm
-Version:        2.1.4
+Version:        2.1.5
 %define releasenumber 1
 Release:        %{releasenumber}%{?dist}
 Summary:        Secure stomp messenger
@@ -92,6 +92,26 @@ rm -rf $RPM_BUILD_ROOT
 %doc %_defaultdocdir/%{name}
 
 %changelog
+ * Fri Nov 28 2014 Adrian Coveney <adrian.coveney@stfc.ac.uk> - 2.1.5-1
+ - (No changes from pre-release version.)
+
+ * Fri Nov 28 2014 Adrian Coveney <adrian.coveney@stfc.ac.uk> - 2.1.5-0.4.rc4
+ - Corrected namespace of overridden variable (to enable SSL/TLS changes).
+
+ * Fri Nov 28 2014 Adrian Coveney <adrian.coveney@stfc.ac.uk> - 2.1.5-0.3.rc3
+ - Removed python-ssl as a dependency as it can be option in some contexts.
+ - Made it possible for old versions of stomp.py (3.0.3 and lower) to use
+   SSL/TLS versions that aren't SSL 3.0.
+
+ * Thu Nov 27 2014 Adrian Coveney <adrian.coveney@stfc.ac.uk> - 2.1.5-0.2.rc2
+ - Added a warning for old versions of stomp.py (3.0.3 and lower) that are
+   limited to using SSL 3.0 for secure connections.
+
+ * Tue Nov 25 2014 Adrian Coveney <adrian.coveney@stfc.ac.uk> - 2.1.5-0.1.rc1
+ - The highest version of SSL/TLS available is now used (previously only SSLv3).
+ - Added python-ssl as a dependency (SL5/EL5 only).
+ - Minor tweaks made to logging calls and the logging level of certain messages.
+
  * Fri Aug 08 2014 Adrian Coveney <adrian.coveney@stfc.ac.uk> - 2.1.4-1
  - Corrected version number used in Python code.
 

bin/__init__.py

@@ -0,0 +1 @@
+# This file exists so that the tests can import modules from the bin directory

bin/receiver.py

@@ -53,15 +53,15 @@ def get_dns(dn_file):
             elif line.strip().startswith('/'):
                 dns.append(line.strip())
             else:
-                log.warn('DN in incorrect format: %s' % line)
+                log.warn('DN in incorrect format: %s', line)
     finally:
         if f is not None:
             f.close()
     # If no valid DNs, SSM cannot receive any messages.
     if len(dns) == 0:
         raise Ssm2Exception('No valid DNs found in %s.  SSM will not start' % dn_file)
-    
-    log.debug('%s DNs found.' % len(dns))
+
+    log.debug('%s DNs found.', len(dns))
     return dns
 
 
@@ -108,8 +108,8 @@ def main():
     log = logging.getLogger('ssmreceive')
 
     log.info(LOG_BREAK)
-    log.info('Starting receiving SSM version %s.%s.%s.' % __version__)
-        
+    log.info('Starting receiving SSM version %s.%s.%s.', *__version__)
+
     # If we can't get a broker to connect to, we have to give up.
     try:
         bg = StompBrokerGetter(cp.get('broker','bdii'))
@@ -131,7 +131,7 @@ def main():
             log.info(LOG_BREAK)
             sys.exit(1)
     except ldap.SERVER_DOWN, e:
-        log.error('Could not connect to LDAP server: %s' % e)
+        log.error('Could not connect to LDAP server: %s', e)
         log.error('System will exit.')
         log.info(LOG_BREAK)
         sys.exit(1)    
@@ -165,7 +165,7 @@ def main():
         ssm.set_dns(dns)
 
     except Exception, e:
-        log.fatal('Failed to initialise SSM: %s' % e)
+        log.fatal('Failed to initialise SSM: %s', e)
         log.info(LOG_BREAK)
         sys.exit(1)
 
@@ -206,7 +206,7 @@ def main():
         dc.close()
     except Exception, e:
         log.error('Unexpected exception: ' + str(e))
-        log.error('Exception type: %s' % e.__class__)
+        log.error('Exception type: %s', e.__class__)
         log.error('The SSM will exit.')
         ssm.shutdown()
         dc.close()

bin/sender.py

@@ -64,19 +64,19 @@ def main():
     log = logging.getLogger('ssmsend')
 
     log.info(LOG_BREAK)
-    log.info('Starting sending SSM version %s.%s.%s.' % __version__)
+    log.info('Starting sending SSM version %s.%s.%s.', *__version__)
     # If we can't get a broker to connect to, we have to give up.
     try:
         bdii_url = cp.get('broker','bdii')
-        log.info('Retrieving broker details from %s ...' % bdii_url)
+        log.info('Retrieving broker details from %s ...', bdii_url)
         bg = StompBrokerGetter(bdii_url)
         use_ssl = cp.getboolean('broker', 'use_ssl')
         if use_ssl:
             service = STOMP_SSL_SERVICE
         else:
             service = STOMP_SERVICE
         brokers = bg.get_broker_hosts_and_ports(service, cp.get('broker','network'))
-        log.info('Found %s brokers.' % len(brokers))
+        log.info('Found %s brokers.', len(brokers))
     except ConfigParser.NoOptionError, e:
         try:
             host = cp.get('broker', 'host')
@@ -90,7 +90,7 @@ def main():
             print 'SSM failed to start.  See log file for details.'
             sys.exit(1)
     except ldap.LDAPError, e:
-        log.error('Could not connect to LDAP server: %s' % e)
+        log.error('Could not connect to LDAP server: %s', e)
         log.error('System will exit.')
         log.info(LOG_BREAK)
         print 'SSM failed to start.  See log file for details.'
@@ -140,12 +140,12 @@ def main():
 
     except (Ssm2Exception, CryptoException), e:
         print 'SSM failed to complete successfully.  See log file for details.'
-        log.error('SSM failed to complete successfully: %s' % e)
+        log.error('SSM failed to complete successfully: %s', e)
     except Exception, e:
         print 'SSM failed to complete successfully.  See log file for details.'
-        log.error('Unexpected exception in SSM: %s' % (str(e)))
-        log.error('Exception type: %s' % e.__class__)
-        
+        log.error('Unexpected exception in SSM: %s', e)
+        log.error('Exception type: %s', e.__class__)
+
     try:
         sender.close_connection()
     except UnboundLocalError:

ssm/__init__.py

@@ -19,7 +19,7 @@
 import logging
 import sys
 
-__version__ = (2, 1, 4)
+__version__ = (2, 1, 5)
 
 LOG_BREAK = '========================================'
 

ssm/brokers.py

@@ -41,7 +41,7 @@ def __init__(self, bdii_url):
         Set up the LDAP connection and strings which are re-used.
         '''
         # Set up the LDAP connection
-        log.debug('Connecting to %s...' % bdii_url)
+        log.debug('Connecting to %s...', bdii_url)
         self._ldap_conn = ldap.initialize(bdii_url)
 
         self._base_dn = 'o=grid'

ssm/crypto.py

@@ -58,7 +58,7 @@ def check_cert_key(certpath, keypath):
         cert = _from_file(certpath)
         key = _from_file(keypath)
     except IOError, e:
-        log.error('Could not find cert or key file: %s' % e)
+        log.error('Could not find cert or key file: %s', e)
         return False
 
     # Two things the same have the same modulus.
@@ -102,7 +102,7 @@ def sign(text, certpath, keypath):
         return signed_msg
 
     except OSError, e:
-        log.error('Failed to sign message: %s' % e)
+        log.error('Failed to sign message: %s', e)
         raise CryptoException('Message signing failed.  Check cert and key permissions.')
 
 
@@ -241,8 +241,8 @@ def verify_cert(certstring, capath, check_crls=True):
     # If it fails, openssl prints 'error'
     # So:
     log.info('Certificate verification: ' + str(message).strip())
-      
-    return ('OK' in message and not 'error' in message)
+
+    return ('OK' in message and 'error' not in message)
 
 
 def verify_cert_path(certpath, capath, check_crls=True):