Brian Coca
commit
2a9d5054bf
2 changed files with 74 additions and 4 deletions
|
|
@ -344,6 +344,41 @@ Square root, or the 5th::
|
|||
Note that jinja2 already provides some like abs() and round().
|
||||
|
||||
|
||||
.. _hash_filters:
|
||||
|
||||
Hashing filters
|
||||
--------------------
|
||||
.. versionadded:: 1.9
|
||||
|
||||
To get the sha1 hash of a string::
|
||||
|
||||
{{ 'test1'|hash('sha1') }}
|
||||
|
||||
To get the md5 hash of a string::
|
||||
|
||||
{{ 'test1'|hash('md5') }}
|
||||
|
||||
Get a string checksum::
|
||||
|
||||
{{ 'test2'|checksum }}
|
||||
|
||||
Other hashes (platform dependant)::
|
||||
|
||||
{{ 'test2'|hash('blowfish') }}
|
||||
|
||||
To get a sha512 password hash (random salt)::
|
||||
|
||||
{{ 'passwordsaresecret'|password_hash('sha512') }}
|
||||
|
||||
To get a sha256 password hash with a specific salt::
|
||||
|
||||
{{ 'secretpassword'|password_hash('sha256', 'mysecretsalt') }}
|
||||
|
||||
|
||||
Hash types available depend on the master system running ansible,
|
||||
'hash' depends on hashlib password_hash depends on crypt.
|
||||
|
||||
|
||||
.. _other_useful_filters:
|
||||
|
||||
Other Useful Filters
|
||||
|
|
@ -374,10 +409,6 @@ To work with Base64 encoded strings::
|
|||
{{ encoded | b64decode }}
|
||||
{{ decoded | b64encode }}
|
||||
|
||||
To take a sha1sum of a filename::
|
||||
|
||||
{{ filename | sha1 }}
|
||||
|
||||
To cast values as certain types, such as when you input a string as "True" from a vars_prompt and the system
|
||||
doesn't know it is a boolean value::
|
||||
|
||||
|
|
|
|||
|
|
@ -24,6 +24,9 @@ import pipes
|
|||
import glob
|
||||
import re
|
||||
import collections
|
||||
import crypt
|
||||
import hashlib
|
||||
import string
|
||||
import operator as py_operator
|
||||
from random import SystemRandom, shuffle
|
||||
|
||||
|
|
@ -262,6 +265,39 @@ def randomize_list(mylist):
|
|||
pass
|
||||
return mylist
|
||||
|
||||
def get_hash(data, hashtype='sha1'):
|
||||
|
||||
try: # see if hash is supported
|
||||
h = hashlib.new(hashtype)
|
||||
except:
|
||||
return None
|
||||
|
||||
h.update(data)
|
||||
return h.hexdigest()
|
||||
|
||||
def get_encrypted_password(password, hashtype='sha512', salt=None):
|
||||
|
||||
# TODO: find a way to construct dynamically from system
|
||||
cryptmethod= {
|
||||
'md5': '1',
|
||||
'blowfish': '2a',
|
||||
'sha256': '5',
|
||||
'sha512': '6',
|
||||
}
|
||||
|
||||
hastype = hashtype.lower()
|
||||
if hashtype in cryptmethod:
|
||||
if salt is None:
|
||||
r = SystemRandom()
|
||||
salt = ''.join([r.choice(string.ascii_letters + string.digits) for _ in range(16)])
|
||||
|
||||
saltstring = "$%s$%s" % (cryptmethod[hashtype],salt)
|
||||
encrypted = crypt.crypt(password,saltstring)
|
||||
return encrypted
|
||||
|
||||
return None
|
||||
|
||||
|
||||
class FilterModule(object):
|
||||
''' Ansible core jinja2 filters '''
|
||||
|
||||
|
|
@ -314,6 +350,9 @@ class FilterModule(object):
|
|||
'sha1': checksum_s,
|
||||
# checksum of string as used by ansible for checksuming files
|
||||
'checksum': checksum_s,
|
||||
# generic hashing
|
||||
'password_hash': get_encrypted_password,
|
||||
'hash': get_hash,
|
||||
|
||||
# file glob
|
||||
'fileglob': fileglob,
|
||||
|
|
|
|||
Loading…
Reference in a new issue