diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/lib/Bcfg2/Options.py | 6 | ||||
-rwxr-xr-x | src/sbin/bcfg2-crypt | 18 |
2 files changed, 20 insertions, 4 deletions
diff --git a/src/lib/Bcfg2/Options.py b/src/lib/Bcfg2/Options.py index e617e3e38..34f4b2bc6 100644 --- a/src/lib/Bcfg2/Options.py +++ b/src/lib/Bcfg2/Options.py @@ -907,6 +907,11 @@ DECRYPT = \ default=False, cmd='--decrypt', long_arg=True) +DECRYPT_STDOUT = \ + Option('Decrypt the specified file to stdout', + default=False, + cmd='--stdout', + long_arg=True) CRYPT_PASSPHRASE = \ Option('Encryption passphrase (name or passphrase)', default=None, @@ -963,6 +968,7 @@ SERVER_COMMON_OPTIONS = dict(repo=SERVER_REPOSITORY, CRYPT_OPTIONS = dict(encrypt=ENCRYPT, decrypt=DECRYPT, + decrypt_stdout=DECRYPT_STDOUT, passphrase=CRYPT_PASSPHRASE, xpath=CRYPT_XPATH, properties=CRYPT_PROPERTIES, diff --git a/src/sbin/bcfg2-crypt b/src/sbin/bcfg2-crypt index a40bab994..cb1b956fb 100755 --- a/src/sbin/bcfg2-crypt +++ b/src/sbin/bcfg2-crypt @@ -321,8 +321,8 @@ def main(): if not setup['args']: print(setup.hm) raise SystemExit(1) - elif setup['encrypt'] and setup['decrypt']: - print("You cannot specify both --encrypt) and --decrypt") + elif setup['encrypt'] and (setup['decrypt_stdout'] or setup['decrypt']): + print("You cannot specify both --encrypt and --decrypt or --stdout") raise SystemExit(1) elif setup['cfg'] and setup['properties']: print("You cannot specify both --cfg and --properties") @@ -375,9 +375,19 @@ def main(): if setup['encrypt']: if not encryptor.encrypt(fname): print("Failed to encrypt %s, skipping" % fname) - elif setup['decrypt']: - if not encryptor.decrypt(fname): + elif setup['decrypt'] or setup['decrypt_stdout']: + data = encryptor.decrypt(fname) + if not data: print("Failed to decrypt %s, skipping" % fname) + continue + if setup['decrypt_stdout']: + if len(setup['args']) > 1: + print("----- %s -----" % fname) + print(data) + if len(setup['args']) > 1: + print("") + else: + encryptor.write_decrypted(fname, data=data) else: logger.info("Neither --encrypt nor --decrypt specified, " "determining mode") |