diff options
author | Chris St. Pierre <chris.a.st.pierre@gmail.com> | 2012-09-20 16:23:25 -0400 |
---|---|---|
committer | Chris St. Pierre <chris.a.st.pierre@gmail.com> | 2012-09-20 16:23:25 -0400 |
commit | 48c584194e4e5ec4b3561b2d6448ba4728ab0739 (patch) | |
tree | a4e2900d06d260ebde50cdf861769ef096c638af /src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenshiGenerator.py | |
parent | cf0583059bbcecbb655924afdbf16d51122703b2 (diff) | |
download | bcfg2-48c584194e4e5ec4b3561b2d6448ba4728ab0739.tar.gz bcfg2-48c584194e4e5ec4b3561b2d6448ba4728ab0739.tar.bz2 bcfg2-48c584194e4e5ec4b3561b2d6448ba4728ab0739.zip |
Encryption: improved docs, made algorithm configurable
Diffstat (limited to 'src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenshiGenerator.py')
-rw-r--r-- | src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenshiGenerator.py | 26 |
1 files changed, 19 insertions, 7 deletions
diff --git a/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenshiGenerator.py b/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenshiGenerator.py index 0d5d98ba6..6fd70e69f 100644 --- a/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenshiGenerator.py +++ b/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenshiGenerator.py @@ -1,15 +1,17 @@ """ Handle encrypted Genshi templates (.crypt.genshi or .genshi.crypt files) """ +import logging from Bcfg2.Compat import StringIO +from Bcfg2.Server.Plugin import PluginExecutionError +from Bcfg2.Server.Plugins.Cfg import SETUP from Bcfg2.Server.Plugins.Cfg.CfgGenshiGenerator import CfgGenshiGenerator -from Bcfg2.Server.Plugins.Cfg.CfgEncryptedGenerator import CfgEncryptedGenerator try: - from Bcfg2.Encryption import bruteforce_decrypt + from Bcfg2.Encryption import bruteforce_decrypt, get_algorithm + HAS_CRYPTO = True except ImportError: - # CfgGenshiGenerator will raise errors if crypto doesn't exist - pass + HAS_CRYPTO = False try: from genshi.template import TemplateLoader @@ -17,21 +19,25 @@ except ImportError: # CfgGenshiGenerator will raise errors if genshi doesn't exist TemplateLoader = object +LOGGER = logging.getLogger(__name__) + class EncryptedTemplateLoader(TemplateLoader): """ Subclass :class:`genshi.template.TemplateLoader` to decrypt the data on the fly as it's read in using :func:`Bcfg2.Encryption.bruteforce_decrypt` """ def _instantiate(self, cls, fileobj, filepath, filename, encoding=None): - plaintext = StringIO(bruteforce_decrypt(fileobj.read())) + plaintext = \ + StringIO(bruteforce_decrypt(fileobj.read(), + algorithm=get_algorithm(SETUP))) return TemplateLoader._instantiate(self, cls, plaintext, filepath, filename, encoding=encoding) - + class CfgEncryptedGenshiGenerator(CfgGenshiGenerator): """ CfgEncryptedGenshiGenerator lets you encrypt your Genshi :ref:`server-plugins-generators-cfg` files on the server """ - + #: handle .crypt.genshi or .genshi.crypt files __extensions__ = ['genshi.crypt', 'crypt.genshi'] @@ -39,3 +45,9 @@ class CfgEncryptedGenshiGenerator(CfgGenshiGenerator): #: when it's read in __loader_cls__ = EncryptedTemplateLoader + def __init__(self, fname, spec, encoding): + CfgGenshiGenerator.__init__(self, fname, spec, encoding) + if not HAS_CRYPTO: + msg = "Cfg: M2Crypto is not available" + LOGGER.error(msg) + raise PluginExecutionError(msg) |