diff options
Diffstat (limited to 'src/lib/Bcfg2/Server/Plugins/Cfg')
-rw-r--r-- | src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenerator.py | 21 | ||||
-rw-r--r-- | src/lib/Bcfg2/Server/Plugins/Cfg/CfgPrivateKeyCreator.py | 14 |
2 files changed, 17 insertions, 18 deletions
diff --git a/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenerator.py b/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenerator.py index cf7eae75b..0a30a070a 100644 --- a/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenerator.py +++ b/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenerator.py @@ -1,12 +1,11 @@ """ CfgEncryptedGenerator lets you encrypt your plaintext :ref:`server-plugins-generators-cfg` files on the server. """ -import Bcfg2.Server.Plugins.Cfg from Bcfg2.Server.Plugin import PluginExecutionError -from Bcfg2.Server.Plugins.Cfg import CfgGenerator +from Bcfg2.Server.Plugins.Cfg import CfgGenerator, SETUP try: from Bcfg2.Encryption import bruteforce_decrypt, EVPError, \ - get_algorithm + get_algorithm, CFG_SECTION HAS_CRYPTO = True except ImportError: HAS_CRYPTO = False @@ -27,7 +26,6 @@ class CfgEncryptedGenerator(CfgGenerator): CfgGenerator.__init__(self, fname, spec, encoding) if not HAS_CRYPTO: raise PluginExecutionError("M2Crypto is not available") - __init__.__doc__ = CfgGenerator.__init__.__doc__ def handle_event(self, event): CfgGenerator.handle_event(self, event) @@ -36,15 +34,18 @@ class CfgEncryptedGenerator(CfgGenerator): # todo: let the user specify a passphrase by name try: self.data = bruteforce_decrypt( - self.data, - setup=Bcfg2.Server.Plugins.Cfg.SETUP, - algorithm=get_algorithm(Bcfg2.Server.Plugins.Cfg.SETUP)) + self.data, setup=SETUP, + algorithm=get_algorithm(SETUP)) except EVPError: - raise PluginExecutionError("Failed to decrypt %s" % self.name) - handle_event.__doc__ = CfgGenerator.handle_event.__doc__ + strict = SETUP.cfp.get(CFG_SECTION, "decrypt", + default="strict") + msg = "Cfg: Failed to decrypt %s" % self.name + if strict: + raise PluginExecutionError(msg) + else: + self.logger.debug(msg) def get_data(self, entry, metadata): if self.data is None: raise PluginExecutionError("Failed to decrypt %s" % self.name) return CfgGenerator.get_data(self, entry, metadata) - get_data.__doc__ = CfgGenerator.get_data.__doc__ diff --git a/src/lib/Bcfg2/Server/Plugins/Cfg/CfgPrivateKeyCreator.py b/src/lib/Bcfg2/Server/Plugins/Cfg/CfgPrivateKeyCreator.py index e890fdecb..ac031461a 100644 --- a/src/lib/Bcfg2/Server/Plugins/Cfg/CfgPrivateKeyCreator.py +++ b/src/lib/Bcfg2/Server/Plugins/Cfg/CfgPrivateKeyCreator.py @@ -31,7 +31,6 @@ class CfgPrivateKeyCreator(CfgCreator, StructFile): pubkey_path = os.path.dirname(self.name) + ".pub" pubkey_name = os.path.join(pubkey_path, os.path.basename(pubkey_path)) self.pubkey_creator = CfgPublicKeyCreator(pubkey_name) - __init__.__doc__ = CfgCreator.__init__.__doc__ @property def category(self): @@ -55,7 +54,6 @@ class CfgPrivateKeyCreator(CfgCreator, StructFile): def handle_event(self, event): CfgCreator.handle_event(self, event) StructFile.HandleEvent(self, event) - handle_event.__doc__ = CfgCreator.handle_event.__doc__ def _gen_keypair(self, metadata, spec=None): """ Generate a keypair according to the given client medata @@ -201,10 +199,6 @@ class CfgPrivateKeyCreator(CfgCreator, StructFile): def Index(self): StructFile.Index(self) if HAS_CRYPTO: - strict = self.xdata.get( - "decrypt", - SETUP.cfp.get(Bcfg2.Encryption.CFG_SECTION, "decrypt", - default="strict")) == "strict" for el in self.xdata.xpath("//*[@encrypted]"): try: el.text = self._decrypt(el).encode('ascii', @@ -213,13 +207,17 @@ class CfgPrivateKeyCreator(CfgCreator, StructFile): self.logger.info("Cfg: Decrypted %s to gibberish, skipping" % el.tag) except Bcfg2.Encryption.EVPError: + default_strict = SETUP.cfp.get( + Bcfg2.Encryption.CFG_SECTION, "decrypt", + default="strict") + strict = self.xdata.get("decrypt", + default_strict) == "strict" msg = "Cfg: Failed to decrypt %s element in %s" % \ (el.tag, self.name) if strict: raise PluginExecutionError(msg) else: - self.logger.info(msg) - Index.__doc__ = StructFile.Index.__doc__ + self.logger.debug(msg) def _decrypt(self, element): """ Decrypt a single encrypted element """ |