From cc4526867734e40f3e413f309c450bb9033a871b Mon Sep 17 00:00:00 2001 From: John Paraskevopoulos Date: Mon, 30 Sep 2019 13:22:44 +0300 Subject: Extract `PYSAML2_DELETE_TMPFILES` option to config.py - Moves parsing PYSAML2_DELETE_TMPFILES option to config.py and uses the value as a Config class property (`delete_tmpfiles`). This attribute is part of the configuration so its place is in the config.py and the corresponding class. This may add the config object dependency to classes/functions that are calling the `make_temp` function, but at the same time keeps a more layered approach since this config option is now processed and set up in the correct layer; that is the Config class and the config module. Scripts that (in)directly use classes that have methods that use the `make_temp` functions were not changed since those methods are not called when these scripts run and they are out of the scripts' scope (that is, the script functionality does not create any temp file). Those scripts are `verify_metadata`, `merge_metadata` and `mdexport` --- docs/howto/config.rst | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) (limited to 'docs') diff --git a/docs/howto/config.rst b/docs/howto/config.rst index ddb41194..0e3be8a8 100644 --- a/docs/howto/config.rst +++ b/docs/howto/config.rst @@ -1,15 +1,5 @@ .. _howto_config: -Environment variables -===================== - -PYSAML2_DELETE_TMPFILES -^^^^^^^^^^^^^^^^^^^^^^^ - -If set to "False" will keep temporary xml files in the system temporary storage. -Default: "true"; delete temporary files. - - Configuration of pySAML2 entities ================================= @@ -44,6 +34,7 @@ The basic structure of the configuration file is therefore like this:: "key_file" : "my.key", "cert_file" : "ca.pem", "xmlsec_binary" : "/usr/local/bin/xmlsec1", + "delete_tmpfiles": True, "metadata": { "local": ["edugain.xml"], }, @@ -328,6 +319,17 @@ Example:: "xmlsec_binary": "/usr/local/bin/xmlsec1", +delete_tmpfiles +^^^^^^^^^^^^^^^ + +In many cases temporary files will have to be created during the +encryption/decryption/signing/validation process. +This option defines whether these temporary files will be automatically deleted when +they are no longer needed. Setting this to False, will keep these files until they are +manually deleted or automatically deleted by the OS (i.e Linux rules for /tmp). +Absence of this option, defaults to True. + + valid_for ^^^^^^^^^ @@ -842,6 +844,7 @@ We start with a simple but fairly complete Service provider configuration:: "key_file" : "./mykey.pem", "cert_file" : "./mycert.pem", "xmlsec_binary" : "/usr/local/bin/xmlsec1", + "delete_tmpfiles": True, "attribute_map_dir": "./attributemaps", "metadata": { "local": ["idp.xml"] @@ -890,6 +893,7 @@ A slightly more complex configuration:: "key_file" : "./mykey.pem", "cert_file" : "./mycert.pem", "xmlsec_binary" : "/usr/local/bin/xmlsec1", + "delete_tmpfiles": True, "metadata" : { "local": ["example.xml"], "remote": [{ -- cgit v1.2.1