cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Cleanup logic and be more paranoid about passwords with spaces

Browse source
This commit is contained in:
Toshio Kuratomi 2015-10-12 12:55:33 -07:00
parent 5c5806d669
commit b58d7470d4
1 changed files with 21 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

35
lib/ansible/plugins/lookup/password.py
View file

@ -134,22 +134,29 @@ class LookupModule(LookupBase):
f.write(content + '\n')
else:
content = open(path).read().rstrip()
sep = content.find(' ')
if sep >= 0:
password = content[:sep]
salt = content[sep + 1:].split('=')[1]
else:
password = content
salt = None
if params['encrypt'] is not None:
try:
sep = content.rindex(' ')
except ValueError:
password = content
salt = None
else:
salt_field = content[sep + 1:]
if salt_field.startswith('salt='):
password = content[:sep]
salt = salt_field[len('salt=':]
else:
password = content
salt = None
# crypt requested, add salt if missing
if (params['encrypt'] is not None and not salt):
salt = self.random_salt()
content = '%s salt=%s' % (password, salt)
with open(path, 'w') as f:
os.chmod(path, 0o600)
f.write(content + '\n')
# crypt requested, add salt if missing
if not salt:
salt = self.random_salt()
content = '%s salt=%s' % (password, salt)
with open(path, 'w') as f:
os.chmod(path, 0o600)
f.write(content + '\n')
if params['encrypt']:
password = do_encrypt(password, params['encrypt'], salt=salt)