From fbdf6e59f2d604222d3c3432494cd664f3f8f740 Mon Sep 17 00:00:00 2001 From: Klaus Frank Date: Sat, 22 Jun 2019 17:14:37 +0200 Subject: [PATCH] Fix ansible-vault cipher_whitelist (#57272) * Fix ansible-vault cipher_whitelist Fixes: #57271 * Add changelog for #57272 --- .../57272-fix-ansible-vault-whitelist-after-44320.yml | 2 ++ lib/ansible/parsing/vault/__init__.py | 3 ++- 2 files changed, 4 insertions(+), 1 deletion(-) create mode 100644 changelogs/fragments/57272-fix-ansible-vault-whitelist-after-44320.yml diff --git a/changelogs/fragments/57272-fix-ansible-vault-whitelist-after-44320.yml b/changelogs/fragments/57272-fix-ansible-vault-whitelist-after-44320.yml new file mode 100644 index 00000000000..56121e49389 --- /dev/null +++ b/changelogs/fragments/57272-fix-ansible-vault-whitelist-after-44320.yml @@ -0,0 +1,2 @@ +bugfixes: + - Remove lingering ansible vault cipher (AES) after it beeing removed in #44320 diff --git a/lib/ansible/parsing/vault/__init__.py b/lib/ansible/parsing/vault/__init__.py index 20afccc66a6..566d6999758 100644 --- a/lib/ansible/parsing/vault/__init__.py +++ b/lib/ansible/parsing/vault/__init__.py @@ -82,7 +82,7 @@ display = Display() b_HEADER = b'$ANSIBLE_VAULT' -CIPHER_WHITELIST = frozenset((u'AES', u'AES256')) +CIPHER_WHITELIST = frozenset((u'AES256',)) CIPHER_WRITE_WHITELIST = frozenset((u'AES256',)) # See also CIPHER_MAPPING at the bottom of the file which maps cipher strings # (used in VaultFile header) to a cipher class @@ -288,6 +288,7 @@ def verify_secret_is_not_empty(secret, msg=None): class VaultSecret: '''Opaque/abstract objects for a single vault secret. ie, a password or a key.''' + def __init__(self, _bytes=None): # FIXME: ? that seems wrong... Unset etc? self._bytes = _bytes