From 5888be3f06738f6a93cd6afab930369bdd2eb023 Mon Sep 17 00:00:00 2001
From: "Chris St. Pierre" <chris.a.st.pierre@gmail.com>
Date: Fri, 25 Apr 2014 07:52:35 -0400
Subject: reduce logging from failed decryption with decrypt=lax

---
 .../Server/Plugins/Cfg/CfgEncryptedGenerator.py     | 21 +++++++++++----------
 1 file changed, 11 insertions(+), 10 deletions(-)

(limited to 'src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenerator.py')

diff --git a/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenerator.py b/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenerator.py
index cf7eae75b..0a30a070a 100644
--- a/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenerator.py
+++ b/src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenerator.py
@@ -1,12 +1,11 @@
 """ CfgEncryptedGenerator lets you encrypt your plaintext
 :ref:`server-plugins-generators-cfg` files on the server. """
 
-import Bcfg2.Server.Plugins.Cfg
 from Bcfg2.Server.Plugin import PluginExecutionError
-from Bcfg2.Server.Plugins.Cfg import CfgGenerator
+from Bcfg2.Server.Plugins.Cfg import CfgGenerator, SETUP
 try:
     from Bcfg2.Encryption import bruteforce_decrypt, EVPError, \
-        get_algorithm
+        get_algorithm, CFG_SECTION
     HAS_CRYPTO = True
 except ImportError:
     HAS_CRYPTO = False
@@ -27,7 +26,6 @@ class CfgEncryptedGenerator(CfgGenerator):
         CfgGenerator.__init__(self, fname, spec, encoding)
         if not HAS_CRYPTO:
             raise PluginExecutionError("M2Crypto is not available")
-    __init__.__doc__ = CfgGenerator.__init__.__doc__
 
     def handle_event(self, event):
         CfgGenerator.handle_event(self, event)
@@ -36,15 +34,18 @@ class CfgEncryptedGenerator(CfgGenerator):
         # todo: let the user specify a passphrase by name
         try:
             self.data = bruteforce_decrypt(
-                self.data,
-                setup=Bcfg2.Server.Plugins.Cfg.SETUP,
-                algorithm=get_algorithm(Bcfg2.Server.Plugins.Cfg.SETUP))
+                self.data, setup=SETUP,
+                algorithm=get_algorithm(SETUP))
         except EVPError:
-            raise PluginExecutionError("Failed to decrypt %s" % self.name)
-    handle_event.__doc__ = CfgGenerator.handle_event.__doc__
+            strict = SETUP.cfp.get(CFG_SECTION, "decrypt",
+                                   default="strict")
+            msg = "Cfg: Failed to decrypt %s" % self.name
+            if strict:
+                raise PluginExecutionError(msg)
+            else:
+                self.logger.debug(msg)
 
     def get_data(self, entry, metadata):
         if self.data is None:
             raise PluginExecutionError("Failed to decrypt %s" % self.name)
         return CfgGenerator.get_data(self, entry, metadata)
-    get_data.__doc__ = CfgGenerator.get_data.__doc__
-- 
cgit v1.2.3-1-g7c22