added Cfg drivers for encrypted genshi/cheetah templates

author: Chris St. Pierre <chris.a.st.pierre@gmail.com> 2012-05-16 16:40:34 -0400
committer: Chris St. Pierre <chris.a.st.pierre@gmail.com> 2012-05-16 16:40:34 -0400
commit: 6548c501939194cc9927bc9fca3921e3329967f9 (patch)
tree: 0bdf2bcf294fe95088b9e81f3dc8f5427dd561e7 /src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenerator.py
parent: 8b163951cb19c1e70d90ce6f7f8b4a8a6e63da1b (diff)
download: bcfg2-6548c501939194cc9927bc9fca3921e3329967f9.tar.gz
bcfg2-6548c501939194cc9927bc9fca3921e3329967f9.tar.bz2
bcfg2-6548c501939194cc9927bc9fca3921e3329967f9.zip
1 files changed, 22 insertions, 17 deletions
diff --git a/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenerator.py b/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenerator.py
index 6ba470fd5..9b2db3100 100644
--- a/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenerator.py
+++ b/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenerator.py
@@ -9,6 +9,22 @@ except ImportError:
 
 logger = logging.getLogger(__name__)
 
+def passphrases():
+    section = "cfg:encryption"
+    if SETUP.cfp.has_section(section):
+        return dict([(o, SETUP.cfp.get(section, o))
+                     for o in SETUP.cfp.options(section)])
+    else:
+        return dict()
+
+def decrypt(crypted):
+    for passwd in passphrases().values():
+        try:
+            return ssl_decrypt(crypted, passwd)
+        except EVPError:
+            pass
+    raise EVPError("Failed to decrypt %s" % self.name)
+
 class CfgEncryptedGenerator(CfgGenerator):
     __extensions__ = ["crypt"]
 
@@ -19,15 +35,6 @@ class CfgEncryptedGenerator(CfgGenerator):
             logger.error(msg)
             raise Bcfg2.Server.Plugin.PluginExecutionError(msg)
 
-    @property
-    def passphrases(self):
-        section = "cfg:encryption"
-        if SETUP.cfp.has_section(section):
-            return dict([(o, SETUP.cfp.get(section, o))
-                         for o in SETUP.cfp.options(section)])
-        else:
-            return dict()
-
     def handle_event(self, event):
         if event.code2str() == 'deleted':
             return
@@ -39,14 +46,12 @@ class CfgEncryptedGenerator(CfgGenerator):
             logger.error("Failed to read %s" % self.name)
             return
         # todo: let the user specify a passphrase by name
-        self.data = None
-        for passwd in self.passphrases.values():
-            try:
-                self.data = ssl_decrypt(crypted, passwd)
-                return
-            except EVPError:
-                pass
-        logger.error("Failed to decrypt %s" % self.name)
+        try:
+            self.data = decrypt(crypted)
+        except EVPError:
+            err = sys.exc_info()[1]
+            logger.error(err)
+            raise Bcfg2.Server.Plugin.PluginExecutionError(err)
 
     def get_data(self, entry, metadata):
         if self.data is None:
author	Chris St. Pierre <chris.a.st.pierre@gmail.com>	2012-05-16 16:40:34 -0400
committer	Chris St. Pierre <chris.a.st.pierre@gmail.com>	2012-05-16 16:40:34 -0400
commit	6548c501939194cc9927bc9fca3921e3329967f9 (patch)
tree	0bdf2bcf294fe95088b9e81f3dc8f5427dd561e7 /src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenerator.py
parent	8b163951cb19c1e70d90ce6f7f8b4a8a6e63da1b (diff)
download	bcfg2-6548c501939194cc9927bc9fca3921e3329967f9.tar.gz bcfg2-6548c501939194cc9927bc9fca3921e3329967f9.tar.bz2 bcfg2-6548c501939194cc9927bc9fca3921e3329967f9.zip