From 3b109ec578e2f979ae7dabdf538ca9047a4a68ce Mon Sep 17 00:00:00 2001
From: kevgliss <kevgliss@gmail.com>
Date: Wed, 2 Sep 2015 09:12:05 -0700
Subject: [PATCH] Cleaning up temporary file creation, and revocation checking

---
 lemur/certificates/verify.py | 14 ++++++++------
 lemur/manage.py              | 28 ++++++++++++++++------------
 2 files changed, 24 insertions(+), 18 deletions(-)

diff --git a/lemur/certificates/verify.py b/lemur/certificates/verify.py
index 432c487c..79afdf50 100644
--- a/lemur/certificates/verify.py
+++ b/lemur/certificates/verify.py
@@ -21,12 +21,12 @@ from tempfile import NamedTemporaryFile
 @contextmanager
 def mktempfile():
     with NamedTemporaryFile(delete=False) as f:
-        fi = f
+        name = f.name
 
     try:
-        yield fi
+        yield name
     finally:
-        os.unlink(fi.name)
+        os.unlink(name)
 
 
 def ocsp_verify(cert_path, issuer_chain_path):
@@ -113,8 +113,10 @@ def verify_string(cert_string, issuer_string):
     :return: True if valid, False otherwise
     """
     with mktempfile() as cert_tmp:
-        cert_tmp.write(cert_string)
+        with open(cert_tmp, 'w') as f:
+            f.write(cert_string)
         with mktempfile() as issuer_tmp:
-            issuer_tmp.write(issuer_string)
-            status = verify(cert_tmp.path, issuer_tmp.path)
+            with open(issuer_tmp, 'w') as f:
+                f.write(issuer_string)
+            status = verify(cert_tmp, issuer_tmp)
     return status
diff --git a/lemur/manage.py b/lemur/manage.py
index b21e60a7..42137576 100755
--- a/lemur/manage.py
+++ b/lemur/manage.py
@@ -148,12 +148,15 @@ def check_revoked():
     as `unknown`.
     """
     for cert in cert_service.get_all_certs():
-        if cert.chain:
-            status = verify_string(cert.body, cert.chain)
-        else:
-            status = verify_string(cert.body, "")
+        try:
+            if cert.chain:
+                status = verify_string(cert.body, cert.chain)
+            else:
+                status = verify_string(cert.body, "")
 
-        cert.status = 'valid' if status else "invalid"
+            cert.status = 'valid' if status else 'invalid'
+        except Exception as e:
+            cert.status = 'unknown'
         database.update(cert)
 
 
@@ -183,7 +186,7 @@ def generate_settings():
     return output
 
 
-@manager.option('-s', '--sources', dest='labels', default='', required=False)
+@manager.option('-s', '--sources', dest='labels')
 def sync_sources(labels):
     """
     Attempts to run several methods Certificate discovery. This is
@@ -209,13 +212,14 @@ def sync_sources(labels):
             try:
                 sync_lock.acquire(timeout=10)    # wait up to 10 seconds
 
-                if labels:
-                    sys.stdout.write("[+] Staring to sync sources: {labels}!\n".format(labels=labels))
-                    labels = labels.split(",")
-                else:
-                    sys.stdout.write("[+] Starting to sync ALL sources!\n")
+                sys.stdout.write("[+] Staring to sync sources: {labels}!\n".format(labels=labels))
+                labels = labels.split(",")
+
+                if labels[0] == 'all':
+                    sync()
+                else:
+                    sync(labels=labels)
 
-                sync(labels=labels)
                 sys.stdout.write(
                     "[+] Finished syncing sources. Run Time: {time}\n".format(
                         time=(time.time() - start_time)