summaryrefslogtreecommitdiffstats
path: root/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenshiGenerator.py
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenshiGenerator.py')
-rw-r--r--src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenshiGenerator.py25
1 files changed, 20 insertions, 5 deletions
diff --git a/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenshiGenerator.py b/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenshiGenerator.py
index 140d4a486..0d5d98ba6 100644
--- a/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenshiGenerator.py
+++ b/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenshiGenerator.py
@@ -1,10 +1,15 @@
-import logging
+""" Handle encrypted Genshi templates (.crypt.genshi or .genshi.crypt
+files) """
+
from Bcfg2.Compat import StringIO
from Bcfg2.Server.Plugins.Cfg.CfgGenshiGenerator import CfgGenshiGenerator
-from Bcfg2.Server.Plugins.Cfg.CfgEncryptedGenerator import decrypt, \
- CfgEncryptedGenerator
+from Bcfg2.Server.Plugins.Cfg.CfgEncryptedGenerator import CfgEncryptedGenerator
-logger = logging.getLogger(__name__)
+try:
+ from Bcfg2.Encryption import bruteforce_decrypt
+except ImportError:
+ # CfgGenshiGenerator will raise errors if crypto doesn't exist
+ pass
try:
from genshi.template import TemplateLoader
@@ -14,13 +19,23 @@ except ImportError:
class EncryptedTemplateLoader(TemplateLoader):
+ """ Subclass :class:`genshi.template.TemplateLoader` to decrypt
+ the data on the fly as it's read in using
+ :func:`Bcfg2.Encryption.bruteforce_decrypt` """
def _instantiate(self, cls, fileobj, filepath, filename, encoding=None):
- plaintext = StringIO(decrypt(fileobj.read()))
+ plaintext = StringIO(bruteforce_decrypt(fileobj.read()))
return TemplateLoader._instantiate(self, cls, plaintext, filepath,
filename, encoding=encoding)
class CfgEncryptedGenshiGenerator(CfgGenshiGenerator):
+ """ CfgEncryptedGenshiGenerator lets you encrypt your Genshi
+ :ref:`server-plugins-generators-cfg` files on the server """
+
+ #: handle .crypt.genshi or .genshi.crypt files
__extensions__ = ['genshi.crypt', 'crypt.genshi']
+
+ #: Use a TemplateLoader class that decrypts the data on the fly
+ #: when it's read in
__loader_cls__ = EncryptedTemplateLoader
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-07-10 01:45:44 +0000