archive
/
ansible
mirror of https://github.com/ansible/ansible.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Use AES256 if the cipher is not write-whitelisted

Browse Source
pull/12106/head
Abhijit Menon-Sen 9 years ago
parent 47bcdf5952
commit 017566a2d9
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File

4
lib/ansible/parsing/vault/__init__.py
Unescape Escape View File

@ -132,11 +132,11 @@ class VaultLib:
if self.is_encrypted(b_data): if self.is_encrypted(b_data):
raise AnsibleError("data is already encrypted") raise AnsibleError("data is already encrypted")
if not self.cipher_name: if not self.cipher_name or self.cipher_name not in CIPHER_WRITE_WHITELIST:
self.cipher_name = u"AES256" self.cipher_name = u"AES256"
cipher_class_name = u'Vault{0}'.format(self.cipher_name) cipher_class_name = u'Vault{0}'.format(self.cipher_name)
if cipher_class_name in globals() and self.cipher_name in CIPHER_WHITELIST: if cipher_class_name in globals():
Cipher = globals()[cipher_class_name] Cipher = globals()[cipher_class_name]
this_cipher = Cipher() this_cipher = Cipher()
else: else:

Write Preview
Loading…
Cancel
Save