chef - [chef] Re: Using Python to talk to the Chef server from Windows PE

Subscribers: 1946
Owners
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

General discussion about Chef

[chef] Re: Using Python to talk to the Chef server from Windows PE

From: Noah Kantrowitz < >
To:
Subject: [chef] Re: Using Python to talk to the Chef server from Windows PE
Date: Mon, 26 May 2014 14:23:40 -0700

You would probably be best off compiling your own statically linked openssl
DLL, but I have no idea how to do that. This should eventually get easier as
I've been talking to the cryptography.io folks about getting status windows
builds of that, which could then be used.

--Noah

On May 26, 2014, at 9:03 AM, "Wright, Jordan M."
< >
wrote:

> I have Python Windows install scripts that run in Windows PE. During a
> re-install (with the same machine name) the chef-client will fail since the
> client cert already exists. I am attempting to delete the client from the
> chef server during a re-install in Window PE.
>
> Is there example code for making an API call to the Chef Server in Python
> 3.x from Window PE 3.0?
>
> I found pychef (https://github.com/Scalr/pychef) that will delete the
> client key. The problem is that it required OpenSSL which in turn requires
> Visual C++ 2008 Redistributables
> (http://www.microsoft.com/en-us/download/details.aspx?id=29). I have been
> unsuccessful in getting the Visual C++ 2008 Redistributables loaded in
> Windows PE. I have tried just to copy the DLLs but that throws the
> following error.
>
>     The application failed to start because its side-by-side configuration
> is
>     incorrect. Please see the application event log or use the command-line
>     sxstrace.exe tool for more detail
>
> Is there a way to get the Visual C++ 2008 Redistributables into Windows PE?
>
> Alternatively, I found a RSA library (http://stuvel.eu/rsa) that is pure
> python. I made an attempt to use that library instead of OpenSSL by
> replacing the Key class.
>
> import rsa
>
> class Key(object):
>     def __init__(self, key):
>         if isinstance(key, str):
>             if key.startswith('-----'):
>                 # PEM formatted text
>                 key_data = key
>             else:
>                 key_data = open(key, 'rb').read()
>         else:
>             key_data = key.read()
>
>         self.private_key = rsa.PrivateKey.load_pkcs1(key_data)
>
>     def private_encrypt(self, data):
>         return rsa.encrypt(data.encode('utf-8'), self.private_key)
>
> The code runs but I get back HTTP Error 401: Unauthorized.
>
>     Invalid signature for user or client 'testcert'
>
> I don't know too much about encryption so I assume I am just using the
> library wrong or need to change some setting. Will the pure python library
> work for talking to the Chef server? If so, what is the proper way to use
> it?
>
> Thanks,
> Jordan Wright

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

[chef] Using Python to talk to the Chef server from Windows PE, Wright, Jordan M., 05/26/2014
- [chef] Re: Using Python to talk to the Chef server from Windows PE, Seth Falcon, 05/26/2014
  - [chef] RE: Re: Using Python to talk to the Chef server from Windows PE, Wright, Jordan M., 05/26/2014
- [chef] Re: Using Python to talk to the Chef server from Windows PE, Noah Kantrowitz, 05/26/2014