cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Backport/2.8/57135 (#57137)

Browse source 
* Fix netapp_e_iscsi_target chap secret size and clearing functionality.

* Add changelogs fragment for PR #57135
This commit is contained in:
Nathan Swartz 2019-05-29 13:55:59 -05:00 committed by Toshio Kuratomi
parent f511bec4ff
commit 0365d73102
3 changed files with 10 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
changelogs/fragments/57135-netapp_e_iscsi_target-fix-chap-secret-size-and-clearing.yaml Normal file
View file

@ -0,0 +1,2 @@
bugfixes:
- netapp_e_iscsi_target - fix netapp_e_iscsi_target chap secret size and clearing functionality

11
lib/ansible/modules/storage/netapp/netapp_e_iscsi_target.py
View file

@ -39,7 +39,8 @@ options:
- When this value is specified, we will always trigger an update (changed=True). We have no way of verifying - When this value is specified, we will always trigger an update (changed=True). We have no way of verifying
whether or not the password has changed. whether or not the password has changed.
- The chap secret may only use ascii characters with values between 32 and 126 decimal. - The chap secret may only use ascii characters with values between 32 and 126 decimal.
- The chap secret must be no less than 12 characters, but no more than 16 characters in length. - The chap secret must be no less than 12 characters, but no greater than 57 characters in length.
- The chap secret is cleared when not specified or an empty string.
aliases: aliases:
- chap - chap
- password - password
@ -158,9 +159,9 @@ class IscsiTarget(object):
if not self.url.endswith('/'): if not self.url.endswith('/'):
self.url += '/' self.url += '/'
if self.chap_secret is not None: if self.chap_secret:
if len(self.chap_secret) < 12 or len(self.chap_secret) > 16: if len(self.chap_secret) < 12 or len(self.chap_secret) > 57:
self.module.fail_json(msg="The provided CHAP secret is not valid, it must be between 12 and 16" self.module.fail_json(msg="The provided CHAP secret is not valid, it must be between 12 and 57"
" characters in length.") " characters in length.")
for c in self.chap_secret: for c in self.chap_secret:
@ -226,7 +227,7 @@ class IscsiTarget(object):
body['alias'] = self.name body['alias'] = self.name
# If the CHAP secret was provided, we trigger an update. # If the CHAP secret was provided, we trigger an update.
if self.chap_secret is not None: if self.chap_secret:
update = True update = True
body.update(dict(enableChapAuthentication=True, body.update(dict(enableChapAuthentication=True,
chapSecret=self.chap_secret)) chapSecret=self.chap_secret))

4
test/units/modules/storage/netapp/test_netapp_e_iscsi_target.py
View file

@ -35,13 +35,13 @@ class IscsiTargetTest(ModuleTestCase):
def test_validate_params(self): def test_validate_params(self):
"""Ensure we can pass valid parameters to the module""" """Ensure we can pass valid parameters to the module"""
for i in range(12, 16): for i in range(12, 57):
secret = 'a' * i secret = 'a' * i
self._set_args(dict(chap=secret)) self._set_args(dict(chap=secret))
tgt = IscsiTarget() tgt = IscsiTarget()
def test_invalid_chap_secret(self): def test_invalid_chap_secret(self):
for secret in [11 * 'a', 17 * 'a', u'©' * 12]: for secret in [11 * 'a', 58 * 'a']:
with self.assertRaisesRegexp(AnsibleFailJson, r'.*?CHAP secret is not valid.*') as result: with self.assertRaisesRegexp(AnsibleFailJson, r'.*?CHAP secret is not valid.*') as result:
self._set_args(dict(chap=secret)) self._set_args(dict(chap=secret))
tgt = IscsiTarget() tgt = IscsiTarget()