From 71c679e1a0105490bd5845a15de5e8f1a32e2166 Mon Sep 17 00:00:00 2001
From: "Chris St. Pierre" <chris.a.st.pierre@gmail.com>
Date: Tue, 11 Sep 2012 10:32:30 -0400
Subject: Cfg: documented all Cfg modules, added development docs

---
 .../Server/Plugins/Cfg/CfgEncryptedGenerator.py    | 34 ++++++++--------------
 1 file changed, 12 insertions(+), 22 deletions(-)

(limited to 'src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenerator.py')

diff --git a/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenerator.py b/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenerator.py
index 2c926fae7..71e407d17 100644
--- a/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenerator.py
+++ b/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenerator.py
@@ -1,35 +1,22 @@
+""" CfgEncryptedGenerator lets you encrypt your plaintext
+:ref:`server-plugins-generators-cfg` files on the server. """
+
 import logging
 import Bcfg2.Server.Plugin
 from Bcfg2.Server.Plugins.Cfg import CfgGenerator, SETUP
 try:
-    from Bcfg2.Encryption import ssl_decrypt, EVPError
+    from Bcfg2.Encryption import bruteforce_decrypt, EVPError
     have_crypto = True
 except ImportError:
     have_crypto = False
 
 logger = logging.getLogger(__name__)
 
-def passphrases():
-    section = "encryption"
-    if SETUP.cfp.has_section(section):
-        return dict([(o, SETUP.cfp.get(section, o))
-                     for o in SETUP.cfp.options(section)])
-    else:
-        return dict()
-
-def decrypt(crypted):
-    if not have_crypto:
-        msg = "Cfg: M2Crypto is not available: %s" % entry.get("name")
-        logger.error(msg)
-        raise Bcfg2.Server.Plugin.PluginExecutionError(msg)
-    for passwd in passphrases().values():
-        try:
-            return ssl_decrypt(crypted, passwd)
-        except EVPError:
-            pass
-    raise EVPError("Failed to decrypt")
-
 class CfgEncryptedGenerator(CfgGenerator):
+    """ CfgEncryptedGenerator lets you encrypt your plaintext
+    :ref:`server-plugins-generators-cfg` files on the server. """
+
+    #: Handle .crypt files
     __extensions__ = ["crypt"]
 
     def __init__(self, fname, spec, encoding):
@@ -38,6 +25,7 @@ class CfgEncryptedGenerator(CfgGenerator):
             msg = "Cfg: M2Crypto is not available: %s" % entry.get("name")
             logger.error(msg)
             raise Bcfg2.Server.Plugin.PluginExecutionError(msg)
+    __init__.__doc__ = CfgGenerator.__init__.__doc__
 
     def handle_event(self, event):
         if event.code2str() == 'deleted':
@@ -51,13 +39,15 @@ class CfgEncryptedGenerator(CfgGenerator):
             return
         # todo: let the user specify a passphrase by name
         try:
-            self.data = decrypt(crypted)
+            self.data = bruteforce_decrypt(crypted, setup=SETUP)
         except EVPError:
             msg = "Failed to decrypt %s" % self.name
             logger.error(msg)
             raise Bcfg2.Server.Plugin.PluginExecutionError(msg)
+    handle_event.__doc__ = CfgGenerator.handle_event.__doc__
 
     def get_data(self, entry, metadata):
         if self.data is None:
             raise Bcfg2.Server.Plugin.PluginExecutionError("Failed to decrypt %s" % self.name)
         return CfgGenerator.get_data(self, entry, metadata)
+    get_data.__doc__ = CfgGenerator.get_data.__doc__
-- 
cgit v1.2.3-1-g7c22