Source code for Bcfg2.Server.Plugins.Cfg.CfgEncryptedGenshiGenerator
""" Handle encrypted Genshi templates (.crypt.genshi or .genshi.crypt
files) """
from Bcfg2.Compat import StringIO
from Bcfg2.Server.Plugin import PluginExecutionError
from Bcfg2.Server.Plugins.Cfg import SETUP
from Bcfg2.Server.Plugins.Cfg.CfgGenshiGenerator import CfgGenshiGenerator
try:
from Bcfg2.Encryption import bruteforce_decrypt, get_algorithm
HAS_CRYPTO = True
except ImportError:
HAS_CRYPTO = False
try:
from genshi.template import TemplateLoader
except ImportError:
# CfgGenshiGenerator will raise errors if genshi doesn't exist
TemplateLoader = object # pylint: disable=C0103
class EncryptedTemplateLoader(TemplateLoader):
""" Subclass :class:`genshi.template.TemplateLoader` to decrypt
the data on the fly as it's read in using
:func:`Bcfg2.Encryption.bruteforce_decrypt` """
def _instantiate(self, cls, fileobj, filepath, filename, encoding=None):
plaintext = \
StringIO(bruteforce_decrypt(fileobj.read(),
algorithm=get_algorithm(SETUP)))
return TemplateLoader._instantiate(self, cls, plaintext, filepath,
filename, encoding=encoding)
[docs]class CfgEncryptedGenshiGenerator(CfgGenshiGenerator):
""" CfgEncryptedGenshiGenerator lets you encrypt your Genshi
:ref:`server-plugins-generators-cfg` files on the server """
#: handle .crypt.genshi or .genshi.crypt files
__extensions__ = ['genshi.crypt', 'crypt.genshi']
#: Override low priority from parent class
__priority__ = 0
#: Use a TemplateLoader class that decrypts the data on the fly
#: when it's read in
__loader_cls__ = EncryptedTemplateLoader
def __init__(self, fname, spec, encoding):
CfgGenshiGenerator.__init__(self, fname, spec, encoding)
if not HAS_CRYPTO:
raise PluginExecutionError("M2Crypto is not available")