def config_set_option(section, opt, val=None, delete=False, update=True, **kwargs):
"""
Sets a config option. If val is not specified the current/default value is
returned. If val is specified, opt is set to val and the new value is returned.
If an option was modified get_config is called with **kwargs unless update is set
to False (override_conffile defaults to config['conffile']).
If val is not specified and delete is True then the option is removed from the
config/reset to the default value.
"""
cp = get_configParser(config['conffile'])
# don't allow "internal" options
general_opts = [i for i in DEFAULTS.keys() if not i in ['user', 'pass', 'passx']]
if section != 'general':
section = config['apiurl_aliases'].get(section, section)
scheme, host, path = \
parse_apisrv_url(config.get('scheme', 'https'), section)
section = urljoin(scheme, host, path)
sections = {}
for url in cp.sections():
if url == 'general':
sections[url] = url
else:
scheme, host, path = \
parse_apisrv_url(config.get('scheme', 'https'), url)
apiurl = urljoin(scheme, host, path)
sections[apiurl] = url
section = sections.get(section.rstrip('/'), section)
if not section in cp.sections():
raise oscerr.ConfigError('unknown section \'%s\'' % section, config['conffile'])
if section == 'general' and not opt in general_opts or \
section != 'general' and not opt in api_host_options:
raise oscerr.ConfigError('unknown config option \'%s\'' % opt, config['conffile'])
run = False
if val:
cp.set(section, opt, val)
write_config(config['conffile'], cp)
run = True
elif delete and cp.has_option(section, opt):
cp.remove_option(section, opt)
write_config(config['conffile'], cp)
run = True
if run and update:
kw = {'override_conffile': config['conffile'],
'override_no_keyring': config['use_keyring'],
'override_no_gnome_keyring': config['gnome_keyring']}
kw.update(kwargs)
get_config(**kw)
if cp.has_option(section, opt):
return (opt, cp.get(section, opt, raw=True))
return (opt, None)
def get_config(override_conffile=None,
override_apiurl=None,
override_debug=None,
override_http_debug=None,
override_http_full_debug=None,
override_traceback=None,
override_post_mortem=None,
override_no_keyring=None,
override_no_gnome_keyring=None,
override_verbose=None):
"""do the actual work (see module documentation)"""
global config
conffile = override_conffile or os.environ.get('OSC_CONFIG', '~/.oscrc')
conffile = os.path.expanduser(conffile)
if not os.path.exists(conffile):
raise oscerr.NoConfigfile(conffile, \
account_not_configured_text % conffile)
# okay, we made sure that .oscrc exists
# make sure it is not world readable, it may contain a password.
os.chmod(conffile, 0600)
cp = get_configParser(conffile)
if not cp.has_section('general'):
# FIXME: it might be sufficient to just assume defaults?
msg = config_incomplete_text % conffile
msg += new_conf_template % DEFAULTS
raise oscerr.ConfigError(msg, conffile)
config = dict(cp.items('general', raw=1))
config['conffile'] = conffile
for i in boolean_opts:
try:
config[i] = cp.getboolean('general', i)
except ValueError, e:
raise oscerr.ConfigError(
'cannot parse \'%s\' setting: ' % i + str(e), conffile)
def get_config(override_conffile=None,
override_apiurl=None,
override_debug=None,
override_http_debug=None,
override_http_full_debug=None,
override_traceback=None,
override_post_mortem=None,
override_no_keyring=None,
override_no_gnome_keyring=None,
override_verbose=None):
"""do the actual work (see module documentation)"""
global config
conffile = override_conffile or os.environ.get('OSC_CONFIG', '~/.oscrc')
conffile = os.path.expanduser(conffile)
if not os.path.exists(conffile):
raise oscerr.NoConfigfile(conffile, \
account_not_configured_text % conffile)
# okay, we made sure that .oscrc exists
# make sure it is not world readable, it may contain a password.
os.chmod(conffile, 0o600)
cp = get_configParser(conffile)
if not cp.has_section('general'):
# FIXME: it might be sufficient to just assume defaults?
msg = config_incomplete_text % conffile
msg += new_conf_template % DEFAULTS
raise oscerr.ConfigError(msg, conffile)
config = dict(cp.items('general', raw=1))
config['conffile'] = conffile
for i in boolean_opts:
try:
config[i] = cp.getboolean('general', i)
except ValueError as e:
raise oscerr.ConfigError(
'cannot parse \'%s\' setting: ' % i + str(e), conffile)
config['packagecachedir'] = os.path.expanduser(config['packagecachedir'])
config['exclude_glob'] = config['exclude_glob'].split()
re_clist = re.compile('[, ]+')
config['extra-pkgs'] = [
i.strip() for i in re_clist.split(config['extra-pkgs'].strip()) if i
]
# collect the usernames, passwords and additional options for each api host
api_host_options = {}
# Regexp to split extra http headers into a dictionary
# the text to be matched looks essentially looks this:
# "Attribute1: value1, Attribute2: value2, ..."
# there may be arbitray leading and intermitting whitespace.
# the following regexp does _not_ support quoted commas within the value.
http_header_regexp = re.compile(r"\s*(.*?)\s*:\s*(.*?)\s*(?:,\s*|\Z)")
# override values which we were called with
# This needs to be done before processing API sections as it might be already used there
if override_no_keyring:
config['use_keyring'] = False
if override_no_gnome_keyring:
config['gnome_keyring'] = False
aliases = {}
for url in [x for x in cp.sections() if x != 'general']:
# backward compatiblity
scheme, host, path = parse_apisrv_url(config.get('scheme', 'https'),
url)
apiurl = urljoin(scheme, host, path)
user = None
password = None
if config['use_keyring'] and GENERIC_KEYRING:
try:
# Read from keyring lib if available
user = cp.get(url, 'user', raw=True)
password = str(keyring.get_password(host, user))
except:
# Fallback to file based auth.
pass
elif config['gnome_keyring'] and GNOME_KEYRING:
# Read from gnome keyring if available
try:
gk_data = gnomekeyring.find_network_password_sync(
protocol=scheme, server=host, object=path)
if not 'user' in gk_data[0]:
raise oscerr.ConfigError('no user found in keyring',
conffile)
user = gk_data[0]['user']
if 'password' in gk_data[0]:
password = str(gk_data[0]['password'])
else:
# this is most likely an error
print('warning: no password found in keyring',
file=sys.stderr)
except gnomekeyring.NoMatchError:
# Fallback to file based auth.
pass
if not user is None and len(user) == 0:
user = None
print('Warning: blank user in the keyring for the ' \
'apiurl %s.\nPlease fix your keyring entry.', file=sys.stderr)
if user is not None and password is None:
err = (
'no password defined for "%s".\nPlease fix your keyring '
'entry or gnome-keyring setup.\nAssuming an empty password.' %
url)
print(err, file=sys.stderr)
password = ''
# Read credentials from config
if user is None:
#FIXME: this could actually be the ideal spot to take defaults
#from the general section.
user = cp.get(url, 'user',
raw=True) # need to set raw to prevent '%' expansion
password = cp.get(url, 'pass', raw=True) # especially on password!
try:
passwordx = passx_decode(cp.get(
url, 'passx', raw=True)) # especially on password!
except:
passwordx = ''
if password == None or password == 'your_password':
password = ''
if user is None or user == '':
raise oscerr.ConfigError(
'user is blank for %s, please delete or complete the "user=" entry in %s.'
% (apiurl, config['conffile']), config['conffile'])
if config['plaintext_passwd'] and passwordx or not config[
'plaintext_passwd'] and password:
if config['plaintext_passwd']:
if password != passwordx:
print('%s: rewriting from encoded pass to plain pass' %
url,
file=sys.stderr)
add_section(conffile, url, user, passwordx)
password = passwordx
else:
if password != passwordx:
print('%s: rewriting from plain pass to encoded pass' %
url,
file=sys.stderr)
add_section(conffile, url, user, password)
if not config['plaintext_passwd']:
password = passwordx
if cp.has_option(url, 'http_headers'):
http_headers = cp.get(url, 'http_headers')
http_headers = http_header_regexp.findall(http_headers)
else:
http_headers = []
if cp.has_option(url, 'aliases'):
for i in cp.get(url, 'aliases').split(','):
key = i.strip()
if key == '':
continue
if key in aliases:
msg = 'duplicate alias entry: \'%s\' is already used for another apiurl' % key
raise oscerr.ConfigError(msg, conffile)
aliases[key] = url
api_host_options[apiurl] = {
'user': user,
'pass': password,
'http_headers': http_headers
}
optional = ('email', 'sslcertck', 'cafile', 'capath')
for key in optional:
if cp.has_option(url, key):
if key == 'sslcertck':
api_host_options[apiurl][key] = cp.getboolean(url, key)
else:
api_host_options[apiurl][key] = cp.get(url, key)
if cp.has_option(url, 'build-root', proper=True):
api_host_options[apiurl]['build-root'] = cp.get(url,
'build-root',
raw=True)
if not 'sslcertck' in api_host_options[apiurl]:
api_host_options[apiurl]['sslcertck'] = True
if scheme == 'http':
api_host_options[apiurl]['sslcertck'] = False
if cp.has_option(url, 'trusted_prj'):
api_host_options[apiurl]['trusted_prj'] = cp.get(
url, 'trusted_prj').split(' ')
else:
api_host_options[apiurl]['trusted_prj'] = []
# add the auth data we collected to the config dict
config['api_host_options'] = api_host_options
config['apiurl_aliases'] = aliases
apiurl = aliases.get(config['apiurl'], config['apiurl'])
config['apiurl'] = urljoin(*parse_apisrv_url(None, apiurl))
# backward compatibility
if 'apisrv' in config:
apisrv = config['apisrv'].lstrip('http://')
apisrv = apisrv.lstrip('https://')
scheme = config.get('scheme', 'https')
config['apiurl'] = urljoin(scheme, apisrv)
if 'apisrc' in config or 'scheme' in config:
print('Warning: Use of the \'scheme\' or \'apisrv\' in ~/.oscrc is deprecated!\n' \
'Warning: See README for migration details.', file=sys.stderr)
if 'build_platform' in config:
print(
'Warning: Use of \'build_platform\' config option is deprecated! (use \'build_repository\' instead)',
file=sys.stderr)
config['build_repository'] = config['build_platform']
config['verbose'] = int(config['verbose'])
# override values which we were called with
if override_verbose:
config['verbose'] = override_verbose + 1
if override_debug:
config['debug'] = override_debug
if override_http_debug:
config['http_debug'] = override_http_debug
if override_http_full_debug:
config['http_debug'] = override_http_full_debug or config['http_debug']
config['http_full_debug'] = override_http_full_debug
if override_traceback:
config['traceback'] = override_traceback
if override_post_mortem:
config['post_mortem'] = override_post_mortem
if override_apiurl:
apiurl = aliases.get(override_apiurl, override_apiurl)
# check if apiurl is a valid url
config['apiurl'] = urljoin(*parse_apisrv_url(None, apiurl))
# XXX unless config['user'] goes away (and is replaced with a handy function, or
# config becomes an object, even better), set the global 'user' here as well,
# provided that there _are_ credentials for the chosen apiurl:
try:
config['user'] = get_apiurl_usr(config['apiurl'])
except oscerr.ConfigMissingApiurl as e:
e.msg = config_missing_apiurl_text % config['apiurl']
e.file = conffile
raise e
# finally, initialize urllib2 for to use the credentials for Basic Authentication
init_basicauth(config)
def get_config(override_conffile=None,
override_apiurl=None,
override_debug=None,
override_http_debug=None,
override_http_full_debug=None,
override_traceback=None,
override_post_mortem=None,
override_no_keyring=None,
override_no_gnome_keyring=None,
override_verbose=None):
"""do the actual work (see module documentation)"""
global config
if not override_conffile:
conffile = identify_conf()
else:
conffile = override_conffile
conffile = os.path.expanduser(conffile)
if not os.path.exists(conffile):
raise oscerr.NoConfigfile(conffile, \
account_not_configured_text % conffile)
# okay, we made sure that oscrc exists
# make sure it is not world readable, it may contain a password.
os.chmod(conffile, 0o600)
cp = get_configParser(conffile)
if not cp.has_section('general'):
# FIXME: it might be sufficient to just assume defaults?
msg = config_incomplete_text % conffile
msg += new_conf_template % DEFAULTS
raise oscerr.ConfigError(msg, conffile)
config = dict(cp.items('general', raw=1))
config['conffile'] = conffile
typed_opts = ((boolean_opts, cp.getboolean), (integer_opts, cp.getint))
for opts, meth in typed_opts:
for opt in opts:
try:
config[opt] = meth('general', opt)
except ValueError as e:
msg = 'cannot parse \'%s\' setting: %s' % (opt, str(e))
raise oscerr.ConfigError(msg, conffile)
config['packagecachedir'] = os.path.expanduser(config['packagecachedir'])
config['exclude_glob'] = config['exclude_glob'].split()
re_clist = re.compile('[, ]+')
config['extra-pkgs'] = [
i.strip() for i in re_clist.split(config['extra-pkgs'].strip()) if i
]
# collect the usernames, passwords and additional options for each api host
api_host_options = {}
# Regexp to split extra http headers into a dictionary
# the text to be matched looks essentially looks this:
# "Attribute1: value1, Attribute2: value2, ..."
# there may be arbitray leading and intermitting whitespace.
# the following regexp does _not_ support quoted commas within the value.
http_header_regexp = re.compile(r"\s*(.*?)\s*:\s*(.*?)\s*(?:,\s*|\Z)")
# override values which we were called with
# This needs to be done before processing API sections as it might be already used there
if override_no_keyring:
config['use_keyring'] = False
if override_no_gnome_keyring:
config['gnome_keyring'] = False
aliases = {}
for url in [x for x in cp.sections() if x != 'general']:
# backward compatiblity
scheme, host, path = parse_apisrv_url(config.get('scheme', 'https'),
url)
apiurl = urljoin(scheme, host, path)
creds_mgr = _get_credentials_manager(url, cp)
# if the deprecated gnomekeyring is used we should use the apiurl instead of url
# (that's what the old code did), but this makes things more complex
# (also, it is very unlikely that url and apiurl differ)
user = _extract_user_compat(cp, url, creds_mgr)
if user is None:
raise oscerr.ConfigMissingCredentialsError(
'No user found in section %s' % url, conffile, url)
password = creds_mgr.get_password(url, user)
if password is None:
raise oscerr.ConfigMissingCredentialsError(
'No password found in section %s' % url, conffile, url)
if cp.has_option(url, 'http_headers'):
http_headers = cp.get(url, 'http_headers')
http_headers = http_header_regexp.findall(http_headers)
else:
http_headers = []
if cp.has_option(url, 'aliases'):
for i in cp.get(url, 'aliases').split(','):
key = i.strip()
if key == '':
continue
if key in aliases:
msg = 'duplicate alias entry: \'%s\' is already used for another apiurl' % key
raise oscerr.ConfigError(msg, conffile)
aliases[key] = url
entry = {'user': user, 'pass': password, 'http_headers': http_headers}
api_host_options[apiurl] = APIHostOptionsEntry(entry)
optional = ('realname', 'email', 'sslcertck', 'cafile', 'capath')
for key in optional:
if cp.has_option(url, key):
if key == 'sslcertck':
api_host_options[apiurl][key] = cp.getboolean(url, key)
else:
api_host_options[apiurl][key] = cp.get(url, key)
if cp.has_option(url, 'build-root', proper=True):
api_host_options[apiurl]['build-root'] = cp.get(url,
'build-root',
raw=True)
if not 'sslcertck' in api_host_options[apiurl]:
api_host_options[apiurl]['sslcertck'] = True
if scheme == 'http':
api_host_options[apiurl]['sslcertck'] = False
if cp.has_option(url, 'trusted_prj'):
api_host_options[apiurl]['trusted_prj'] = cp.get(
url, 'trusted_prj').split(' ')
else:
api_host_options[apiurl]['trusted_prj'] = []
# add the auth data we collected to the config dict
config['api_host_options'] = api_host_options
config['apiurl_aliases'] = aliases
apiurl = aliases.get(config['apiurl'], config['apiurl'])
config['apiurl'] = urljoin(*parse_apisrv_url(None, apiurl))
# backward compatibility
if 'apisrv' in config:
apisrv = config['apisrv'].lstrip('http://')
apisrv = apisrv.lstrip('https://')
scheme = config.get('scheme', 'https')
config['apiurl'] = urljoin(scheme, apisrv)
if 'apisrc' in config or 'scheme' in config:
print('Warning: Use of the \'scheme\' or \'apisrv\' in oscrc is deprecated!\n' \
'Warning: See README for migration details.', file=sys.stderr)
if 'build_platform' in config:
print(
'Warning: Use of \'build_platform\' config option is deprecated! (use \'build_repository\' instead)',
file=sys.stderr)
config['build_repository'] = config['build_platform']
if config['plaintext_passwd']:
print(
'The \'plaintext_passwd\' option is deprecated and will be ignored',
file=sys.stderr)
config['verbose'] = int(config['verbose'])
# override values which we were called with
if override_verbose:
config['verbose'] = override_verbose + 1
if override_debug:
config['debug'] = override_debug
if override_http_debug:
config['http_debug'] = override_http_debug
if override_http_full_debug:
config['http_debug'] = override_http_full_debug or config['http_debug']
config['http_full_debug'] = override_http_full_debug
if override_traceback:
config['traceback'] = override_traceback
if override_post_mortem:
config['post_mortem'] = override_post_mortem
if override_apiurl:
apiurl = aliases.get(override_apiurl, override_apiurl)
# check if apiurl is a valid url
config['apiurl'] = urljoin(*parse_apisrv_url(None, apiurl))
# XXX unless config['user'] goes away (and is replaced with a handy function, or
# config becomes an object, even better), set the global 'user' here as well,
# provided that there _are_ credentials for the chosen apiurl:
try:
config['user'] = get_apiurl_usr(config['apiurl'])
except oscerr.ConfigMissingApiurl as e:
e.msg = config_missing_apiurl_text % config['apiurl']
e.file = conffile
raise e
# finally, initialize urllib2 for to use the credentials for Basic Authentication
init_basicauth(config, os.stat(conffile).st_mtime)
def config_set_option(section,
opt,
val=None,
delete=False,
update=True,
creds_mgr_descr=None,
**kwargs):
"""
Sets a config option. If val is not specified the current/default value is
returned. If val is specified, opt is set to val and the new value is returned.
If an option was modified get_config is called with **kwargs unless update is set
to False (override_conffile defaults to config['conffile']).
If val is not specified and delete is True then the option is removed from the
config/reset to the default value.
"""
cp = get_configParser(config['conffile'])
# don't allow "internal" options
general_opts = [
i for i in DEFAULTS.keys() if not i in ['user', 'pass', 'passx']
]
if section != 'general':
section = config['apiurl_aliases'].get(section, section)
scheme, host, path = \
parse_apisrv_url(config.get('scheme', 'https'), section)
section = urljoin(scheme, host, path)
sections = {}
for url in cp.sections():
if url == 'general':
sections[url] = url
else:
scheme, host, path = \
parse_apisrv_url(config.get('scheme', 'https'), url)
apiurl = urljoin(scheme, host, path)
sections[apiurl] = url
section = sections.get(section.rstrip('/'), section)
if not section in cp.sections():
raise oscerr.ConfigError('unknown section \'%s\'' % section,
config['conffile'])
if section == 'general' and not opt in general_opts or \
section != 'general' and not opt in api_host_options:
raise oscerr.ConfigError('unknown config option \'%s\'' % opt,
config['conffile'])
run = False
if val:
if opt == 'pass':
creds_mgr = _get_credentials_manager(section, cp)
user = _extract_user_compat(cp, section, creds_mgr)
old_pw = creds_mgr.get_password(section, user, defer=False)
try:
creds_mgr.delete_password(section, user)
if creds_mgr_descr:
creds_mgr_new = creds_mgr_descr.create(cp)
else:
creds_mgr_new = creds_mgr
creds_mgr_new.set_password(section, user, val)
write_config(config['conffile'], cp)
opt = credentials.AbstractCredentialsManager.config_entry
old_pw = None
finally:
if old_pw is not None:
creds_mgr.set_password(section, user, old_pw)
# not nice, but needed if the Credentials Manager will change
# something in cp
write_config(config['conffile'], cp)
else:
cp.set(section, opt, val)
write_config(config['conffile'], cp)
run = True
elif delete and (cp.has_option(section, opt) or opt == 'pass'):
if opt == 'pass':
creds_mgr = _get_credentials_manager(section, cp)
user = _extract_user_compar(cp, section, creds_mgr)
creds_mgr.delete_password(section, user)
else:
cp.remove_option(section, opt)
write_config(config['conffile'], cp)
run = True
if run and update:
kw = {
'override_conffile': config['conffile'],
'override_no_keyring': config['use_keyring'],
'override_no_gnome_keyring': config['gnome_keyring']
}
kw.update(kwargs)
get_config(**kw)
if cp.has_option(section, opt):
return (opt, cp.get(section, opt, raw=True))
return (opt, None)
# Read credentials from config
if user is None:
#FIXME: this could actually be the ideal spot to take defaults
#from the general section.
user = cp.get(url, 'user', raw=True) # need to set raw to prevent '%' expansion
password = cp.get(url, 'pass', raw=True) # especially on password!
try:
passwordx = cp.get(url, 'passx', raw=True).decode('base64').decode('bz2') # especially on password!
except:
passwordx = ''
if password == None or password == 'your_password':
password = ''
if user is None or user == '':
raise oscerr.ConfigError('user is blank for %s, please delete of complete the "user=" entry in %s.' % (apiurl, config['conffile']), config['conffile'])
if config['plaintext_passwd'] and passwordx or not config['plaintext_passwd'] and password:
if config['plaintext_passwd']:
if password != passwordx:
print >>sys.stderr, '%s: rewriting from encoded pass to plain pass' % url
add_section(conffile, url, user, passwordx)
password = passwordx
else:
if password != passwordx:
print >>sys.stderr, '%s: rewriting from plain pass to encoded pass' % url
add_section(conffile, url, user, password)
if not config['plaintext_passwd']:
password = passwordx
