diff options
author | Chris St. Pierre <chris.a.st.pierre@gmail.com> | 2013-01-17 08:01:44 -0500 |
---|---|---|
committer | Chris St. Pierre <chris.a.st.pierre@gmail.com> | 2013-01-17 09:27:07 -0500 |
commit | 72a80f89361145f1560ccc248f357a9de82eded6 (patch) | |
tree | e6827a6ec1e219c3d1a7f40a185aba67e6af738b /src/lib/Bcfg2/Server/Plugins/Properties.py | |
parent | ebe7542db7217c2fac3d7111e80f94caedfb69e2 (diff) | |
download | bcfg2-72a80f89361145f1560ccc248f357a9de82eded6.tar.gz bcfg2-72a80f89361145f1560ccc248f357a9de82eded6.tar.bz2 bcfg2-72a80f89361145f1560ccc248f357a9de82eded6.zip |
abstracted encryption support from Properties/CfgPrivateKeyCreator to StructFile
Diffstat (limited to 'src/lib/Bcfg2/Server/Plugins/Properties.py')
-rw-r--r-- | src/lib/Bcfg2/Server/Plugins/Properties.py | 43 |
1 files changed, 0 insertions, 43 deletions
diff --git a/src/lib/Bcfg2/Server/Plugins/Properties.py b/src/lib/Bcfg2/Server/Plugins/Properties.py index c5b5ea2d1..24daa2107 100644 --- a/src/lib/Bcfg2/Server/Plugins/Properties.py +++ b/src/lib/Bcfg2/Server/Plugins/Properties.py @@ -203,49 +203,6 @@ class XMLPropertyFile(Bcfg2.Server.Plugin.StructFile, PropertyFile): return True validate_data.__doc__ = PropertyFile.validate_data.__doc__ - def Index(self): - Bcfg2.Server.Plugin.StructFile.Index(self) - strict = self.xdata.get( - "decrypt", - SETUP.cfp.get(Bcfg2.Encryption.CFG_SECTION, "decrypt", - default="strict")) == "strict" - for el in self.xdata.xpath("//*[@encrypted]"): - if not HAS_CRYPTO: - raise PluginExecutionError("Properties: M2Crypto is not " - "available: %s" % self.name) - try: - el.text = self._decrypt(el).encode('ascii', - 'xmlcharrefreplace') - except UnicodeDecodeError: - LOGGER.info("Properties: Decrypted %s to gibberish, " - "skipping" % el.tag) - except Bcfg2.Encryption.EVPError: - msg = "Properties: Failed to decrypt %s element in %s" % \ - (el.tag, self.name) - if strict: - raise PluginExecutionError(msg) - else: - LOGGER.warning(msg) - Index.__doc__ = Bcfg2.Server.Plugin.StructFile.Index.__doc__ - - def _decrypt(self, element): - """ Decrypt a single encrypted properties file element """ - if not element.text or not element.text.strip(): - return - passes = Bcfg2.Encryption.get_passphrases() - try: - passphrase = passes[element.get("encrypted")] - try: - return Bcfg2.Encryption.ssl_decrypt(element.text, passphrase) - except Bcfg2.Encryption.EVPError: - # error is raised below - pass - except KeyError: - # bruteforce_decrypt raises an EVPError with a sensible - # error message, so we just let it propagate up the stack - return Bcfg2.Encryption.bruteforce_decrypt(element.text) - raise Bcfg2.Encryption.EVPError("Failed to decrypt") - def get_additional_data(self, metadata): if self.setup.cfp.getboolean("properties", "automatch", default=False): default_automatch = "true" |