diff options
author | Chris St. Pierre <chris.a.st.pierre@gmail.com> | 2013-11-11 13:44:24 -0500 |
---|---|---|
committer | Chris St. Pierre <chris.a.st.pierre@gmail.com> | 2013-11-11 13:44:24 -0500 |
commit | ba22b9e3f8d993d7e0c4c762fac338c8684e3f81 (patch) | |
tree | 04d0ad85197f25cdc4bc29d2aeeb0e9ee819fbbe /src | |
parent | 16d4a64be162ed6555a7ad497b148b3accb83af0 (diff) | |
download | bcfg2-ba22b9e3f8d993d7e0c4c762fac338c8684e3f81.tar.gz bcfg2-ba22b9e3f8d993d7e0c4c762fac338c8684e3f81.tar.bz2 bcfg2-ba22b9e3f8d993d7e0c4c762fac338c8684e3f81.zip |
bcfg2-crypt: better debugging, error handling with Properties files
Diffstat (limited to 'src')
-rwxr-xr-x | src/sbin/bcfg2-crypt | 40 |
1 files changed, 37 insertions, 3 deletions
diff --git a/src/sbin/bcfg2-crypt b/src/sbin/bcfg2-crypt index 4567bc512..c67334738 100755 --- a/src/sbin/bcfg2-crypt +++ b/src/sbin/bcfg2-crypt @@ -18,6 +18,33 @@ except ImportError: raise SystemExit(1) +def print_xml(element, keep_text=False): + """ Render an XML element for error output. This prefixes the + line number and removes children for nicer display. + + :param element: The element to render + :type element: lxml.etree._Element + :param keep_text: Do not discard text content from the element for + display + :type keep_text: boolean + """ + xml = None + if len(element) or element.text: + el = copy.copy(element) + if el.text and not keep_text: + el.text = '...' + for child in el.iterchildren(): + el.remove(child) + xml = lxml.etree.tostring( + el, + xml_declaration=False).decode("UTF-8").strip() + else: + xml = lxml.etree.tostring( + element, + xml_declaration=False).decode("UTF-8").strip() + return "%s (line %s)" % (xml, element.sourceline) + + class PassphraseError(Exception): """ Exception raised when there's a problem determining the passphrase to encrypt or decrypt with """ @@ -245,6 +272,7 @@ class PropertiesEncryptor(Encryptor, PropertiesCryptoMixin): except PassphraseError: self.logger.error(str(sys.exc_info()[1])) return False + self.logger.debug("Encrypting %s" % print_xml(elt)) elt.text = Bcfg2.Encryption.ssl_encrypt( elt.text, passphrase, Bcfg2.Encryption.get_algorithm(self.setup)).strip() @@ -267,9 +295,15 @@ class PropertiesDecryptor(Decryptor, PropertiesCryptoMixin): except PassphraseError: self.logger.error(str(sys.exc_info()[1])) return False - decrypted = Bcfg2.Encryption.ssl_decrypt( - elt.text, passphrase, - Bcfg2.Encryption.get_algorithm(self.setup)).strip() + self.logger.debug("Decrypting %s" % print_xml(elt)) + try: + decrypted = Bcfg2.Encryption.ssl_decrypt( + elt.text, passphrase, + Bcfg2.Encryption.get_algorithm(self.setup)).strip() + except EVPError: + + self.logger.error("Could not decrypt %s, skipping" % + print_xml(elt)) try: elt.text = decrypted.encode('ascii', 'xmlcharrefreplace') elt.set("encrypted", pname) |