archive
/
ansible
mirror of https://github.com/ansible/ansible.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Cleanup logic and be more paranoid about passwords with spaces

Browse Source
pull/12587/merge
Toshio Kuratomi 9 years ago
parent 5c5806d669
commit b58d7470d4
1 changed files with 22 additions and 15 deletions
Show Stats Download Patch File Download Diff File

37
lib/ansible/plugins/lookup/password.py
Unescape Escape View File

@ -134,22 +134,29 @@ class LookupModule(LookupBase):
f.write(content + '\n') f.write(content + '\n')
else: else:
content = open(path).read().rstrip() content = open(path).read().rstrip()
sep = content.find(' ')
if sep >= 0: if params['encrypt'] is not None:
password = content[:sep] try:
salt = content[sep + 1:].split('=')[1] sep = content.rindex(' ')
else: except ValueError:
password = content password = content
salt = None salt = None
else:
# crypt requested, add salt if missing salt_field = content[sep + 1:]
if (params['encrypt'] is not None and not salt): if salt_field.startswith('salt='):
salt = self.random_salt() password = content[:sep]
content = '%s salt=%s' % (password, salt) salt = salt_field[len('salt=':]
with open(path, 'w') as f: else:
os.chmod(path, 0o600) password = content
f.write(content + '\n') salt = None
# crypt requested, add salt if missing
if not salt:
salt = self.random_salt()
content = '%s salt=%s' % (password, salt)
with open(path, 'w') as f:
os.chmod(path, 0o600)
f.write(content + '\n')
if params['encrypt']: if params['encrypt']:
password = do_encrypt(password, params['encrypt'], salt=salt) password = do_encrypt(password, params['encrypt'], salt=salt)

Write Preview
Loading…
Cancel
Save