Revised patch for more password entropy

pull/4769/head
Alan Fairless 11 years ago
parent dc4d589ce0
commit 0824f004d9

@ -19,6 +19,7 @@ import os
import pwd
import sys
import ConfigParser
from string import ascii_letters, digits
# copied from utils, avoid circular reference fun :)
def mk_boolean(value):
@ -148,6 +149,8 @@ ACCELERATE_TIMEOUT = get_config(p, 'accelerate', 'accelerate_timeout
ACCELERATE_CONNECT_TIMEOUT = get_config(p, 'accelerate', 'accelerate_connect_timeout', 'ACCELERATE_CONNECT_TIMEOUT', 1.0, floating=True)
PARAMIKO_PTY = get_config(p, 'paramiko_connection', 'pty', 'ANSIBLE_PARAMIKO_PTY', True, boolean=True)
# characters included in auto-generated passwords
DEFAULT_PASSWORD_CHARS = ascii_letters + digits + ".,:-_"
# non-configurable things
DEFAULT_SUDO_PASS = None

@ -20,7 +20,6 @@
from ansible import utils, errors
import os
import errno
import random
from string import ascii_letters, digits
@ -33,10 +32,7 @@ class LookupModule(object):
def random_salt(self):
salt_chars = ascii_letters + digits + './'
salt = []
for _ in range(8):
salt.append(random.choice(salt_chars))
return ''.join(salt)
return utils.random_password(length=8, chars=salt_chars)
def run(self, terms, inject=None, **kwargs):
@ -76,7 +72,7 @@ class LookupModule(object):
if not os.path.isdir(pathdir):
os.makedirs(pathdir)
chars = ascii_letters + digits + ".,:-_"
password = ''.join(random.choice(chars) for _ in range(length))
password = utils.random_password(length)
if encrypt is not None:
salt = self.random_salt()
content = '%s salt=%s' % (password, salt)

@ -1006,4 +1006,13 @@ def combine_vars(a, b):
else:
return dict(a.items() + b.items())
def random_password(length=20, chars=C.DEFAULT_PASSWORD_CHARS):
'''Return a random password string of length containing only chars.'''
password = []
while len(password) < length:
new_char = os.urandom(1)
if new_char in chars:
password.append(new_char)
return ''.join(password)

@ -174,6 +174,8 @@ def randompass():
# we play it safe :)
import random
import string
# as of python 2.4, this reseeds the PRNG from urandom
random.seed()
lower = ''.join(random.choice(string.ascii_lowercase) for x in range(6))
upper = ''.join(random.choice(string.ascii_uppercase) for x in range(6))
number = ''.join(random.choice(string.digits) for x in range(6))

Loading…
Cancel
Save