From 4cadcccc488fd12cb9d765cbcf5b2781072dc712 Mon Sep 17 00:00:00 2001 From: James Cammarata Date: Tue, 29 Apr 2014 14:27:51 -0500 Subject: [PATCH] Catch pycrypto warning about gmp and show a nice warning on stderr --- lib/ansible/utils/__init__.py | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/lib/ansible/utils/__init__.py b/lib/ansible/utils/__init__.py index 4e779170a1..3a308d16a3 100644 --- a/lib/ansible/utils/__init__.py +++ b/lib/ansible/utils/__init__.py @@ -44,6 +44,7 @@ import getpass import sys import textwrap import json +import warnings #import vault from vault import VaultLib @@ -75,9 +76,20 @@ except: KEYCZAR_AVAILABLE=False try: - import keyczar.errors as key_errors - from keyczar.keys import AesKey - KEYCZAR_AVAILABLE=True + from Crypto.pct_warnings import PowmInsecureWarning + with warnings.catch_warnings(record=True) as warning_handler: + warnings.simplefilter("error", PowmInsecureWarning) + try: + import keyczar.errors as key_errors + from keyczar.keys import AesKey + except PowmInsecureWarning: + display("The version of gmp you have installed has a known issue regarding timing vulnerabilities when used with pycrypto. " + \ + "If possible, you should update it (ie. yum update gmp).", color="purple", stderr=True) + warnings.resetwarnings() + warnings.simplefilter("ignore") + import keyczar.errors as key_errors + from keyczar.keys import AesKey + KEYCZAR_AVAILABLE=True except ImportError: pass