cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Use AES256 if the cipher is not write-whitelisted

Browse source
This commit is contained in:
Abhijit Menon-Sen 2015-08-25 14:54:23 +05:30
parent 47bcdf5952
commit 017566a2d9
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
lib/ansible/parsing/vault/__init__.py
View file

@ -132,11 +132,11 @@ class VaultLib:
if self.is_encrypted(b_data):
raise AnsibleError("data is already encrypted")
if not self.cipher_name:
if not self.cipher_name or self.cipher_name not in CIPHER_WRITE_WHITELIST:
self.cipher_name = u"AES256"
cipher_class_name = u'Vault{0}'.format(self.cipher_name)
if cipher_class_name in globals() and self.cipher_name in CIPHER_WHITELIST:
if cipher_class_name in globals():
Cipher = globals()[cipher_class_name]
this_cipher = Cipher()
else: