diff options
| author | Chris St. Pierre <chris.a.st.pierre@gmail.com> | 2013-01-17 09:20:37 -0500 |
|---|---|---|
| committer | Chris St. Pierre <chris.a.st.pierre@gmail.com> | 2013-01-17 09:20:37 -0500 |
| commit | ae58c24f72a8ed72327fbc3f7305bd69ec6a13db (patch) | |
| tree | e8614b54239161156d76424251cfc868643488a0 /src/lib/Bcfg2/Server/Plugins/Properties.py | |
| parent | 873a373c7eda0ba523ea8b78c3c45d7e8f189628 (diff) | |
| download | bcfg2-ae58c24f72a8ed72327fbc3f7305bd69ec6a13db.tar.gz bcfg2-ae58c24f72a8ed72327fbc3f7305bd69ec6a13db.tar.bz2 bcfg2-ae58c24f72a8ed72327fbc3f7305bd69ec6a13db.zip | |
Made a few encryption things simpler:
* Only one strict/lax setting, in [encryption], rather than separate
settings in [properties] and [sshkeys]
* No longer necessary to enable encryption on each Properties file
Diffstat (limited to 'src/lib/Bcfg2/Server/Plugins/Properties.py')
| -rw-r--r-- | src/lib/Bcfg2/Server/Plugins/Properties.py | 37 |
1 files changed, 18 insertions, 19 deletions
diff --git a/src/lib/Bcfg2/Server/Plugins/Properties.py b/src/lib/Bcfg2/Server/Plugins/Properties.py index b3c0a6ae5..a51dd8adc 100644 --- a/src/lib/Bcfg2/Server/Plugins/Properties.py +++ b/src/lib/Bcfg2/Server/Plugins/Properties.py @@ -205,28 +205,27 @@ class XMLPropertyFile(Bcfg2.Server.Plugin.StructFile, PropertyFile): def Index(self): Bcfg2.Server.Plugin.StructFile.Index(self) - if self.xdata.get("encryption", "false").lower() != "false": + strict = self.xdata.get( + "decrypt", + SETUP.cfp.get(Bcfg2.Encryption.CFG_SECTION, "decrypt", + default="strict")) == "strict" + for el in self.xdata.xpath("//*[@encrypted]"): if not HAS_CRYPTO: raise PluginExecutionError("Properties: M2Crypto is not " "available: %s" % self.name) - strict = self.xdata.get( - "decrypt", - SETUP.cfp.get("properties", "decrypt", - default="strict")) == "strict" - for el in self.xdata.xpath("//*[@encrypted]"): - try: - el.text = self._decrypt(el).encode('ascii', - 'xmlcharrefreplace') - except UnicodeDecodeError: - LOGGER.info("Properties: Decrypted %s to gibberish, " - "skipping" % el.tag) - except Bcfg2.Encryption.EVPError: - msg = "Properties: Failed to decrypt %s element in %s" % \ - (el.tag, self.name) - if strict: - raise PluginExecutionError(msg) - else: - LOGGER.warning(msg) + try: + el.text = self._decrypt(el).encode('ascii', + 'xmlcharrefreplace') + except UnicodeDecodeError: + LOGGER.info("Properties: Decrypted %s to gibberish, " + "skipping" % el.tag) + except Bcfg2.Encryption.EVPError: + msg = "Properties: Failed to decrypt %s element in %s" % \ + (el.tag, self.name) + if strict: + raise PluginExecutionError(msg) + else: + LOGGER.warning(msg) Index.__doc__ = Bcfg2.Server.Plugin.StructFile.Index.__doc__ def _decrypt(self, element): |