def fromParser(self, name, parser):
type = parser.get(name, "type").lower()
server = username = password = owner = env = None
if type != 'libvirt':
server = parser.get(name, "server")
username = parser.get(name, "username")
try:
password = parser.get(name, "password")
except NoOptionError:
password = None
if password is None:
try:
crypted = parser.get(name, "encrypted_password")
password = Password.decrypt(crypted)
except NoOptionError:
password = None
try:
owner = parser.get(name, "owner")
except NoOptionError:
owner = None
try:
env = parser.get(name, "env")
except NoOptionError:
env = None
return Config(name, type, server, username, password, owner, env)
def fromParser(self, name, parser):
type = parser.get(name, "type").lower()
server = username = password = owner = env = None
if type != 'libvirt':
server = parser.get(name, "server")
username = parser.get(name, "username")
try:
password = parser.get(name, "password")
except NoOptionError:
password = None
if password is None:
try:
crypted = parser.get(name, "encrypted_password")
password = Password.decrypt(crypted)
except NoOptionError:
password = None
try:
owner = parser.get(name, "owner")
except NoOptionError:
owner = None
try:
env = parser.get(name, "env")
except NoOptionError:
env = None
return Config(name, type, server, username, password, owner, env)
def __init__(self, name, type, defaults=None, **kwargs):
super(Config, self).__init__(defaults=defaults, **kwargs)
self._name = name
self._type = type
if self._type not in VIRTWHO_TYPES:
raise InvalidOption('Invalid type "%s", must be one of following %s' %
(self._type, ", ".join(VIRTWHO_TYPES)))
for password_option, decrypted_option in self.PASSWORD_OPTIONS:
try:
pwd = self._options[password_option]
except KeyError:
continue
try:
self._options[decrypted_option] = Password.decrypt(unhexlify(pwd))
except (TypeError, IndexError):
raise InvalidPasswordFormat(
"Option \"{option}\" in config named \"{name}\" can't be decrypted, possibly corrupted"
.format(option=password_option, name=name))
for old_name, new_name in self.RENAMED_OPTIONS:
try:
self._options[new_name] = self._options[old_name]
except KeyError:
pass
for option in self.LATIN1_OPTIONS:
value = self._options.get(option)
if not value:
continue
try:
value.encode('latin1')
except UnicodeDecodeError:
raise InvalidOption("Option '{}' is not in latin1 encoding".format(option))
def __init__(self, name, type, defaults=None, **kwargs):
super(Config, self).__init__(defaults=defaults, **kwargs)
self._name = name
self._type = type
if self._type not in VIRTWHO_TYPES:
raise InvalidOption('Invalid type "%s", must be one of following %s' %
(self._type, ", ".join(VIRTWHO_TYPES)))
for password_option, decrypted_option in self.PASSWORD_OPTIONS:
try:
pwd = self._options[password_option]
except KeyError:
continue
try:
self._options[decrypted_option] = Password.decrypt(unhexlify(pwd))
except (TypeError, IndexError):
raise InvalidPasswordFormat(
"Option \"{option}\" in config named \"{name}\" can't be decrypted, possibly corrupted"
.format(option=password_option, name=name))
for old_name, new_name in self.RENAMED_OPTIONS:
try:
self._options[new_name] = self._options[old_name]
except KeyError:
pass
for option in self.LATIN1_OPTIONS:
value = self._options.get(option)
if not value:
continue
try:
value.encode('latin1')
except UnicodeDecodeError:
raise InvalidOption("Option '{}' is not in latin1 encoding".format(option))
def testBoth(self):
f, filename = tempfile.mkstemp()
self.addCleanup(os.unlink, filename)
Password.KEYFILE = filename
pwd = "Test password"
encrypted = Password.encrypt(pwd)
self.assertEqual(pwd, Password.decrypt(encrypted))
self.assertEqual(os)
def testBoth(self):
f, filename = tempfile.mkstemp()
self.addCleanup(os.unlink, filename)
Password.KEYFILE = filename
pwd = "Test password"
encrypted = Password.encrypt(pwd)
self.assertEqual(pwd, Password.decrypt(encrypted))
self.assertEqual(os)
def _read_password(self, name, parser):
try:
password = parser.get(name, "password")
except NoOptionError:
password = None
if password is None:
try:
crypted = parser.get(name, "encrypted_password")
password = Password.decrypt(password)
except NoOptionError:
return None
def _read_password(self, name, parser):
try:
password = parser.get(name, "password")
except NoOptionError:
password = None
if password is None:
try:
crypted = parser.get(name, "encrypted_password")
password = Password.decrypt(password)
except NoOptionError:
return None
def _get_password(self, option_name, encryped_option_name):
pwd = self._options.get(option_name, None)
if pwd is None:
encrypted_password = self._options.get(encryped_option_name, None)
if encrypted_password is None:
return None
try:
pwd = Password.decrypt(unhexlify(encrypted_password))
except TypeError:
raise InvalidPasswordFormat("Password can't be decrypted, possibly corrupted")
return pwd
def _get_password(self, option_name, encryped_option_name):
pwd = self._options.get(option_name, None)
if pwd is None:
encrypted_password = self._options.get(encryped_option_name, None)
if encrypted_password is None:
return None
try:
pwd = Password.decrypt(unhexlify(encrypted_password))
except TypeError:
raise InvalidPasswordFormat(
"Password can't be decrypted, possibly corrupted")
return pwd
def fromParser(self, name, parser):
type = parser.get(name, "type").lower()
server = username = password = owner = env = None
try:
server = parser.get(name, "server")
except NoOptionError:
# Use '' as libvirt url when not given, for backward compatibility
if type == 'libvirt':
server = ''
else:
raise
try:
username = parser.get(name, "username")
except NoOptionError:
username = None
try:
password = parser.get(name, "password")
except NoOptionError:
password = None
if password is None:
try:
crypted = parser.get(name, "encrypted_password")
password = Password.decrypt(unhexlify(crypted))
except NoOptionError:
password = None
try:
owner = parser.get(name, "owner")
except NoOptionError:
owner = None
try:
env = parser.get(name, "env")
except NoOptionError:
env = None
return Config(name, type, server, username, password, owner, env)
def testBackslash(self):
self.mock_pwd_file()
pwd = 'abc\\def'
self.assertEqual(
Password.decrypt(Password.encrypt(pwd)),
pwd)
def testPercent(self):
self.mock_pwd_file()
pwd = 'abc%%def'
self.assertEqual(
Password.decrypt(Password.encrypt(pwd)),
pwd)
def testBoth(self):
self.mock_pwd_file()
pwd = "Test password"
encrypted = Password.encrypt(pwd)
self.assertEqual(pwd, Password.decrypt(encrypted))
def testCryptedPasswordWithoutKey(self):
from password import Password, InvalidKeyFile
Password.KEYFILE = "/some/nonexistant/file"
passwd = "TestSecretPassword!"
with self.assertRaises(InvalidKeyFile):
Password.decrypt(unhexlify("06a9214036b8a15b512e03d534120006"))
def fromParser(self, name, parser):
type = parser.get(name, "type").lower()
server = username = password = owner = env = rhsm_username = rhsm_password = None
try:
server = parser.get(name, "server")
except NoOptionError:
# Use '' as libvirt url when not given, for backward compatibility
if type in ["libvirt", "vdsm", "fake"]:
server = ""
else:
raise
try:
username = parser.get(name, "username")
except NoOptionError:
username = None
try:
password = parser.get(name, "password")
except NoOptionError:
try:
encrypted_password = parser.get(name, "encrypted_password")
password = Password.decrypt(unhexlify(encrypted_password))
except TypeError:
raise InvalidPasswordFormat("Password can't be decrypted, possibly corrupted")
except NoOptionError:
password = None
try:
owner = parser.get(name, "owner")
except NoOptionError:
owner = None
try:
env = parser.get(name, "env")
except NoOptionError:
env = None
try:
rhsm_username = parser.get(name, "rhsm_username")
except NoOptionError:
rhsm_username = None
try:
rhsm_password = parser.get(name, "rhsm_password")
except NoOptionError:
rhsm_password = None
# Only attempt to get the encrypted rhsm password if we have a username:
if rhsm_username is not None and rhsm_password is None:
try:
encrypted_rhsm_password = parser.get(name, "rhsm_encrypted_password")
rhsm_password = Password.decrypt(unhexlify(encrypted_rhsm_password))
except NoOptionError:
rhsm_password = None
try:
rhsm_hostname = parser.get(name, "rhsm_hostname")
except NoOptionError:
rhsm_hostname = None
try:
rhsm_port = parser.get(name, "rhsm_port")
except NoOptionError:
rhsm_port = None
try:
rhsm_prefix = parser.get(name, "rhsm_prefix")
except NoOptionError:
rhsm_prefix = None
try:
rhsm_proxy_hostname = parser.get(name, "rhsm_proxy_hostname")
except NoOptionError:
rhsm_proxy_hostname = None
try:
rhsm_proxy_port = parser.get(name, "rhsm_proxy_port")
except NoOptionError:
rhsm_proxy_port = None
try:
rhsm_proxy_user = parser.get(name, "rhsm_proxy_user")
except NoOptionError:
rhsm_proxy_user = None
try:
rhsm_proxy_password = parser.get(name, "rhsm_proxy_password")
except NoOptionError:
try:
encrypted_password = parser.get(name, "rhsm_encrypted_proxy_password")
rhsm_proxy_password = Password.decrypt(unhexlify(encrypted_password))
except TypeError:
raise InvalidPasswordFormat("RHSM proxy password can't be decrypted, possibly corrupted")
except NoOptionError:
rhsm_proxy_password = None
try:
rhsm_insecure = parser.get(name, "rhsm_insecure")
except NoOptionError:
rhsm_insecure = None
config = Config(
name,
type,
server,
username,
password,
owner,
env,
rhsm_username,
rhsm_password,
rhsm_hostname,
rhsm_port,
rhsm_prefix,
rhsm_proxy_hostname,
rhsm_proxy_port,
rhsm_proxy_user,
rhsm_proxy_password,
rhsm_insecure,
)
try:
config.hypervisor_id = parser.get(name, "hypervisor_id")
except NoOptionError:
config.hypervisor_id = "uuid"
try:
config.filter_host_uuids = parse_list(parser.get(name, "filter_host_uuids"))
except NoOptionError:
config.filter_host_uuids = None
try:
config.exclude_host_uuids = parse_list(parser.get(name, "exclude_host_uuids"))
except NoOptionError:
config.exclude_host_uuids = None
if type == "esx":
try:
config.esx_simplified_vim = parser.get(name, "simplified_vim").lower() not in ("0", "false", "no")
except NoOptionError:
pass
try:
config.filter_host_parents = parse_list(parser.get(name, "filter_host_parents"))
except NoOptionError:
config.filter_host_parents = None
try:
config.exclude_host_parents = parse_list(parser.get(name, "exclude_host_parents"))
except NoOptionError:
config.exclude_host_parents = None
elif type == "fake":
try:
config.fake_is_hypervisor = parser.get(name, "is_hypervisor").lower() not in ("0", "false", "no")
except NoOptionError:
pass
config.fake_file = parser.get(name, "file")
return config
def testCryptedPasswordWithoutKey(self):
from password import Password, InvalidKeyFile
Password.KEYFILE = "/some/nonexistant/file"
passwd = "TestSecretPassword!"
with self.assertRaises(InvalidKeyFile):
Password.decrypt(unhexlify("06a9214036b8a15b512e03d534120006"))
def testBoth(self):
f, filename = tempfile.mkstemp()
self.addCleanup(os.unlink, filename)
Password.KEYFILE = filename
pwd = "Test password"
Password._can_write = MagicMock(retun_value=True)
encrypted = Password.encrypt(pwd)
self.assertEqual(pwd, Password.decrypt(encrypted))
