- From: Noah Kantrowitz <
>
- To:
- Subject: [chef] Re: Using Python to talk to the Chef server from Windows PE
- Date: Mon, 26 May 2014 14:23:40 -0700
You would probably be best off compiling your own statically linked openssl
DLL, but I have no idea how to do that. This should eventually get easier as
I've been talking to the cryptography.io folks about getting status windows
builds of that, which could then be used.
--Noah
On May 26, 2014, at 9:03 AM, "Wright, Jordan M."
<
>
wrote:
>
I have Python Windows install scripts that run in Windows PE. During a
>
re-install (with the same machine name) the chef-client will fail since the
>
client cert already exists. I am attempting to delete the client from the
>
chef server during a re-install in Window PE.
>
>
Is there example code for making an API call to the Chef Server in Python
>
3.x from Window PE 3.0?
>
>
I found pychef (https://github.com/Scalr/pychef) that will delete the
>
client key. The problem is that it required OpenSSL which in turn requires
>
Visual C++ 2008 Redistributables
>
(http://www.microsoft.com/en-us/download/details.aspx?id=29). I have been
>
unsuccessful in getting the Visual C++ 2008 Redistributables loaded in
>
Windows PE. I have tried just to copy the DLLs but that throws the
>
following error.
>
>
The application failed to start because its side-by-side configuration
>
is
>
incorrect. Please see the application event log or use the command-line
>
sxstrace.exe tool for more detail
>
>
Is there a way to get the Visual C++ 2008 Redistributables into Windows PE?
>
>
Alternatively, I found a RSA library (http://stuvel.eu/rsa) that is pure
>
python. I made an attempt to use that library instead of OpenSSL by
>
replacing the Key class.
>
>
import rsa
>
>
class Key(object):
>
def __init__(self, key):
>
if isinstance(key, str):
>
if key.startswith('-----'):
>
# PEM formatted text
>
key_data = key
>
else:
>
key_data = open(key, 'rb').read()
>
else:
>
key_data = key.read()
>
>
self.private_key = rsa.PrivateKey.load_pkcs1(key_data)
>
>
def private_encrypt(self, data):
>
return rsa.encrypt(data.encode('utf-8'), self.private_key)
>
>
The code runs but I get back HTTP Error 401: Unauthorized.
>
>
Invalid signature for user or client 'testcert'
>
>
I don't know too much about encryption so I assume I am just using the
>
library wrong or need to change some setting. Will the pure python library
>
work for talking to the Chef server? If so, what is the proper way to use
>
it?
>
>
Thanks,
>
Jordan Wright
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
Archive powered by MHonArc 2.6.16.