lib/forj-account.rb in forj-0.0.42 vs lib/forj-account.rb in forj-0.0.43
- old
+ new
@@ -79,11 +79,15 @@
return nil if not key
key = key.to_sym if key.class == String
section = rhGet(@oConfig.getAppDefault(:account_section_mapping, key), :section)
yInterm = nil
- yInterm = rhGet(@hAccountData, section) if section
+ if section
+ yInterm = rhGet(@hAccountData, section)
+ else
+ Logging.debug("ForjAccount.get: No section found for key '%s'." % [key])
+ end
@oConfig.get(key, yInterm , default )
end
def exist?(key)
return nil if not key
@@ -428,16 +432,19 @@
hpcloud_os_user = ask('Enter hpcloud username: ') do |q|
q.validate = /\w+/
q.default = forj_user if forj_user
end
-
# Checking key file used to encrypt/decrypt passwords
key_file = File.join($FORJ_CREDS_PATH, '.key')
if not File.exists?(key_file)
# Need to create a random key.
- entr = { :key => rand(36**10).to_s(36), :salt => Time.now.to_i.to_s, :iv => OpenSSL::Cipher::Cipher.new('aes-256-cbc').random_iv}
+ entr = {
+ :key => rand(36**10).to_s(36),
+ :salt => Time.now.to_i.to_s,
+ :iv => Base64::strict_encode64(OpenSSL::Cipher::Cipher.new('aes-256-cbc').random_iv)
+ }
Logging.debug("Writing '%s' key file" % key_file)
File.open(key_file, 'w') do |out|
out.write(Base64::encode64(entr.to_yaml))
end
@@ -446,18 +453,24 @@
encoded_key = IO.read(key_file)
entr = YAML.load(Base64::decode64(encoded_key))
end
if enc_hpcloud_os_key
- hpcloud_os_key_hidden = '*' * Encryptor.decrypt(
- :value => Base64::strict_decode64(enc_hpcloud_os_key),
- :key => entr[:key],
- :iv => entr[:iv],
- :salt => entr[:salt]
+ begin
+ hpcloud_os_key_hidden = '*' * Encryptor.decrypt(
+ :value => Base64::strict_decode64(enc_hpcloud_os_key),
+ :key => entr[:key],
+ :iv => Base64::strict_decode64(entr[:iv]),
+ :salt => entr[:salt]
).length
- hpcloud_os_key_hidden="[%s]" % hpcloud_os_key_hidden
- Logging.message("A password is already set for '%s'. If you want to keep it, just press Enter" % [hpcloud_os_user])
+ rescue => e
+ Logging.error("Unable to decrypt your password. You will need to re-enter it.")
+ enc_hpcloud_os_key = ""
+ else
+ hpcloud_os_key_hidden="[%s]" % hpcloud_os_key_hidden
+ Logging.message("A password is already set for '%s'. If you want to keep it, just press Enter" % [hpcloud_os_user])
+ end
else
hpcloud_os_key_hidden = ""
end
hpcloud_os_key = ""
@@ -465,15 +478,27 @@
# ask for password.
hpcloud_os_key = ask("Enter hpcloud password for '%s': %s" % [hpcloud_os_user, hpcloud_os_key_hidden]) do |q|
q.echo = '*'
end
if hpcloud_os_key == "" and enc_hpcloud_os_key
- hpcloud_os_key = Encryptor.decrypt(:value => Base64::strict_decode64(enc_hpcloud_os_key), :key => entr[:key], :iv => entr[:iv], :salt => entr[:salt])
+ hpcloud_os_key = Encryptor.decrypt(
+ :value => Base64::strict_decode64(enc_hpcloud_os_key),
+ :key => entr[:key],
+ :iv => Base64::strict_decode64(entr[:iv]),
+ :salt => entr[:salt]
+ )
else
Logging.message("The password cannot be empty.") if hpcloud_os_key == ""
end
end
- enc_hpcloud_os_key = Base64::strict_encode64(Encryptor.encrypt(:value => hpcloud_os_key, :key => entr[:key], :iv => entr[:iv], :salt => entr[:salt]))
+ enc_hpcloud_os_key = Base64::strict_encode64(
+ Encryptor.encrypt(
+ :value => hpcloud_os_key,
+ :key => entr[:key],
+ :iv => Base64::strict_decode64(entr[:iv]),
+ :salt => entr[:salt]
+ )
+ )
cloud_fog = File.join($FORJ_CREDS_PATH, @sAccountName+'.g64')
# Security fix: Remove old temp file with clear password.
old_file = '%s/master.forj-13.5' % [$FORJ_CREDS_PATH]