diff options
Diffstat (limited to 'src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenshiGenerator.py')
-rw-r--r-- | src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenshiGenerator.py | 25 |
1 files changed, 20 insertions, 5 deletions
diff --git a/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenshiGenerator.py b/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenshiGenerator.py index 140d4a486..0d5d98ba6 100644 --- a/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenshiGenerator.py +++ b/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenshiGenerator.py @@ -1,10 +1,15 @@ -import logging +""" Handle encrypted Genshi templates (.crypt.genshi or .genshi.crypt +files) """ + from Bcfg2.Compat import StringIO from Bcfg2.Server.Plugins.Cfg.CfgGenshiGenerator import CfgGenshiGenerator -from Bcfg2.Server.Plugins.Cfg.CfgEncryptedGenerator import decrypt, \ - CfgEncryptedGenerator +from Bcfg2.Server.Plugins.Cfg.CfgEncryptedGenerator import CfgEncryptedGenerator -logger = logging.getLogger(__name__) +try: + from Bcfg2.Encryption import bruteforce_decrypt +except ImportError: + # CfgGenshiGenerator will raise errors if crypto doesn't exist + pass try: from genshi.template import TemplateLoader @@ -14,13 +19,23 @@ except ImportError: class EncryptedTemplateLoader(TemplateLoader): + """ Subclass :class:`genshi.template.TemplateLoader` to decrypt + the data on the fly as it's read in using + :func:`Bcfg2.Encryption.bruteforce_decrypt` """ def _instantiate(self, cls, fileobj, filepath, filename, encoding=None): - plaintext = StringIO(decrypt(fileobj.read())) + plaintext = StringIO(bruteforce_decrypt(fileobj.read())) return TemplateLoader._instantiate(self, cls, plaintext, filepath, filename, encoding=encoding) class CfgEncryptedGenshiGenerator(CfgGenshiGenerator): + """ CfgEncryptedGenshiGenerator lets you encrypt your Genshi + :ref:`server-plugins-generators-cfg` files on the server """ + + #: handle .crypt.genshi or .genshi.crypt files __extensions__ = ['genshi.crypt', 'crypt.genshi'] + + #: Use a TemplateLoader class that decrypts the data on the fly + #: when it's read in __loader_cls__ = EncryptedTemplateLoader |