diff options
author | Chris St. Pierre <chris.a.st.pierre@gmail.com> | 2014-04-25 10:55:41 -0400 |
---|---|---|
committer | Chris St. Pierre <chris.a.st.pierre@gmail.com> | 2014-04-25 10:55:41 -0400 |
commit | cc27d0525f40ae5a7896992f4e42b8b9037d5b22 (patch) | |
tree | a8ca451a6fb356b305e56eefd193f2d6b3023898 /src/lib/Bcfg2/Server/Plugin/helpers.py | |
parent | 1ed010e2af5df7544dc316984736159de0c8a8ec (diff) | |
parent | c3edef5bd2b55266fee96327f17a093a0fb9cce4 (diff) | |
download | bcfg2-cc27d0525f40ae5a7896992f4e42b8b9037d5b22.tar.gz bcfg2-cc27d0525f40ae5a7896992f4e42b8b9037d5b22.tar.bz2 bcfg2-cc27d0525f40ae5a7896992f4e42b8b9037d5b22.zip |
Merge branch 'maint'
Conflicts:
misc/bcfg2.spec
src/lib/Bcfg2/Client/Client.py
src/lib/Bcfg2/Client/Tools/APK.py
src/lib/Bcfg2/Client/Tools/MacPorts.py
src/lib/Bcfg2/Client/Tools/Pacman.py
src/lib/Bcfg2/Client/Tools/YUM.py
src/lib/Bcfg2/Server/Admin/Minestruct.py
src/lib/Bcfg2/Server/Admin/Pull.py
src/lib/Bcfg2/Server/Admin/Viz.py
src/lib/Bcfg2/Server/Core.py
src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenerator.py
src/lib/Bcfg2/Server/Plugins/Cfg/CfgPrivateKeyCreator.py
src/lib/Bcfg2/Server/Plugins/Properties.py
src/lib/Bcfg2/settings.py
src/sbin/bcfg2-crypt
src/sbin/bcfg2-info
src/sbin/bcfg2-lint
src/sbin/bcfg2-yum-helper
testsuite/Testsrc/Testlib/TestServer/TestPlugins/TestCfg/TestCfgEncryptedGenerator.py
testsuite/Testsrc/Testlib/TestServer/TestPlugins/TestProperties.py
Diffstat (limited to 'src/lib/Bcfg2/Server/Plugin/helpers.py')
-rw-r--r-- | src/lib/Bcfg2/Server/Plugin/helpers.py | 22 |
1 files changed, 9 insertions, 13 deletions
diff --git a/src/lib/Bcfg2/Server/Plugin/helpers.py b/src/lib/Bcfg2/Server/Plugin/helpers.py index 407e9df46..b5ab1c18b 100644 --- a/src/lib/Bcfg2/Server/Plugin/helpers.py +++ b/src/lib/Bcfg2/Server/Plugin/helpers.py @@ -757,9 +757,6 @@ class StructFile(XMLFileBacked): err)) if HAS_CRYPTO and self.encryption: - lax_decrypt = self.xdata.get( - "lax_decryption", - str(Bcfg2.Options.setup.lax_decryption)).lower() == "true" for el in self.xdata.xpath("//*[@encrypted]"): try: el.text = self._decrypt(el).encode('ascii', @@ -768,10 +765,14 @@ class StructFile(XMLFileBacked): self.logger.info("%s: Decrypted %s to gibberish, skipping" % (self.name, el.tag)) except Bcfg2.Server.Encryption.EVPError: + lax_decrypt = self.xdata.get( + "lax_decryption", + str(Bcfg2.Options.setup.lax_decryption)).lower() == \ + "true" msg = "Failed to decrypt %s element in %s" % (el.tag, self.name) if lax_decrypt: - self.logger.warning(msg) + self.logger.debug(msg) else: raise PluginExecutionError(msg) Index.__doc__ = XMLFileBacked.Index.__doc__ @@ -783,16 +784,11 @@ class StructFile(XMLFileBacked): passes = Bcfg2.Options.setup.passphrases try: passphrase = passes[element.get("encrypted")] - try: - return Bcfg2.Server.Encryption.ssl_decrypt(element.text, - passphrase) - except Bcfg2.Server.Encryption.EVPError: - # error is raised below - pass + return Bcfg2.Server.Encryption.ssl_decrypt(element.text, + passphrase) except KeyError: - # bruteforce_decrypt raises an EVPError with a sensible - # error message, so we just let it propagate up the stack - return Bcfg2.Server.Encryption.bruteforce_decrypt(element.text) + raise Bcfg2.Server.Encryption.EVPError("No passphrase named '%s'" % + element.get("encrypted")) raise Bcfg2.Server.Encryption.EVPError("Failed to decrypt") def _include_element(self, item, metadata, *args): |