Addresses #6579 Disallow vault passwords with newline characters by stripping them in utils

This commit is contained in:
James Tanner 2014-03-19 15:56:14 -04:00
parent 5f428041db
commit 8c2e1e2baa
2 changed files with 5 additions and 0 deletions

View file

@ -105,6 +105,7 @@ def _read_password(filename):
f = open(filename, "rb") f = open(filename, "rb")
data = f.read() data = f.read()
f.close f.close
data = data.strip()
return data return data
def execute_create(args, options, parser): def execute_create(args, options, parser):

View file

@ -810,6 +810,10 @@ def ask_vault_passwords(ask_vault_pass=False, ask_new_vault_pass=False, confirm_
if new_vault_pass != new_vault_pass2: if new_vault_pass != new_vault_pass2:
raise errors.AnsibleError("Passwords do not match") raise errors.AnsibleError("Passwords do not match")
# enforce no newline chars at the end of passwords
vault_pass = vault_pass.strip()
new_vault_pass = new_vault_pass.strip()
return vault_pass, new_vault_pass return vault_pass, new_vault_pass
def ask_passwords(ask_pass=False, ask_sudo_pass=False, ask_su_pass=False, ask_vault_pass=False): def ask_passwords(ask_pass=False, ask_sudo_pass=False, ask_su_pass=False, ask_vault_pass=False):