|
|
|
@ -34,7 +34,7 @@ from ansible.parsing.ajson import AnsibleJSONEncoder
|
|
|
|
|
from ansible.parsing.yaml.dumper import AnsibleDumper
|
|
|
|
|
from ansible.template import recursive_check_defined
|
|
|
|
|
from ansible.utils.display import Display
|
|
|
|
|
from ansible.utils.encrypt import passlib_or_crypt
|
|
|
|
|
from ansible.utils.encrypt import passlib_or_crypt, PASSLIB_AVAILABLE
|
|
|
|
|
from ansible.utils.hashing import md5s, checksum_s
|
|
|
|
|
from ansible.utils.unicode import unicode_wrap
|
|
|
|
|
from ansible.utils.vars import merge_hash
|
|
|
|
@ -281,10 +281,27 @@ def get_encrypted_password(password, hashtype='sha512', salt=None, salt_size=Non
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
hashtype = passlib_mapping.get(hashtype, hashtype)
|
|
|
|
|
|
|
|
|
|
unknown_passlib_hashtype = False
|
|
|
|
|
if PASSLIB_AVAILABLE and hashtype not in passlib_mapping and hashtype not in passlib_mapping.values():
|
|
|
|
|
unknown_passlib_hashtype = True
|
|
|
|
|
display.deprecated(
|
|
|
|
|
f"Checking for unsupported password_hash passlib hashtype '{hashtype}'. "
|
|
|
|
|
"This will be an error in the future as all supported hashtypes must be documented.",
|
|
|
|
|
version='2.19'
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
try:
|
|
|
|
|
return passlib_or_crypt(password, hashtype, salt=salt, salt_size=salt_size, rounds=rounds, ident=ident)
|
|
|
|
|
except AnsibleError as e:
|
|
|
|
|
reraise(AnsibleFilterError, AnsibleFilterError(to_native(e), orig_exc=e), sys.exc_info()[2])
|
|
|
|
|
except Exception as e:
|
|
|
|
|
if unknown_passlib_hashtype:
|
|
|
|
|
# This can occur if passlib.hash has the hashtype attribute, but it has a different signature than the valid choices.
|
|
|
|
|
# In 2.19 this will replace the deprecation warning above and the extra exception handling can be deleted.
|
|
|
|
|
choices = ', '.join(passlib_mapping)
|
|
|
|
|
raise AnsibleFilterError(f"{hashtype} is not in the list of supported passlib algorithms: {choices}") from e
|
|
|
|
|
raise
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def to_uuid(string, namespace=UUID_NAMESPACE_ANSIBLE):
|
|
|
|
|