Require passlib over crypt in password_hash for Mac OS X/Darwin. Fixes #11244
This commit is contained in:
parent
f1e4ae5fc3
commit
a4e2d1eb62
1 changed files with 15 additions and 2 deletions
|
@ -42,6 +42,12 @@ from ansible.parsing.yaml.dumper import AnsibleDumper
|
||||||
from ansible.utils.hashing import md5s, checksum_s
|
from ansible.utils.hashing import md5s, checksum_s
|
||||||
from ansible.utils.unicode import unicode_wrap, to_unicode
|
from ansible.utils.unicode import unicode_wrap, to_unicode
|
||||||
|
|
||||||
|
try:
|
||||||
|
import passlib.hash
|
||||||
|
HAS_PASSLIB = True
|
||||||
|
except:
|
||||||
|
HAS_PASSLIB = False
|
||||||
|
|
||||||
|
|
||||||
UUID_NAMESPACE_ANSIBLE = uuid.UUID('361E6D51-FAEC-444A-9079-341386DA8E2E')
|
UUID_NAMESPACE_ANSIBLE = uuid.UUID('361E6D51-FAEC-444A-9079-341386DA8E2E')
|
||||||
|
|
||||||
|
@ -266,8 +272,15 @@ def get_encrypted_password(password, hashtype='sha512', salt=None):
|
||||||
r = SystemRandom()
|
r = SystemRandom()
|
||||||
salt = ''.join([r.choice(string.ascii_letters + string.digits) for _ in range(16)])
|
salt = ''.join([r.choice(string.ascii_letters + string.digits) for _ in range(16)])
|
||||||
|
|
||||||
saltstring = "$%s$%s" % (cryptmethod[hashtype],salt)
|
if not HAS_PASSLIB:
|
||||||
encrypted = crypt.crypt(password,saltstring)
|
if sys.platform.startswith('darwin'):
|
||||||
|
raise errors.AnsibleFilterError('|password_hash requires the passlib python module to generate password hashes on Mac OS X/Darwin')
|
||||||
|
saltstring = "$%s$%s" % (cryptmethod[hashtype],salt)
|
||||||
|
encrypted = crypt.crypt(password, saltstring)
|
||||||
|
else:
|
||||||
|
cls = getattr(passlib.hash, '%s_crypt' % hashtype)
|
||||||
|
encrypted = cls.encrypt(password, salt=salt)
|
||||||
|
|
||||||
return encrypted
|
return encrypted
|
||||||
|
|
||||||
return None
|
return None
|
||||||
|
|
Loading…
Reference in a new issue