Commit 0824f004 by Alan Fairless

Revised patch for more password entropy

parent dc4d589c
......@@ -19,6 +19,7 @@ import os
import pwd
import sys
import ConfigParser
from string import ascii_letters, digits
# copied from utils, avoid circular reference fun :)
def mk_boolean(value):
......@@ -148,6 +149,8 @@ ACCELERATE_TIMEOUT = get_config(p, 'accelerate', 'accelerate_timeout
ACCELERATE_CONNECT_TIMEOUT = get_config(p, 'accelerate', 'accelerate_connect_timeout', 'ACCELERATE_CONNECT_TIMEOUT', 1.0, floating=True)
PARAMIKO_PTY = get_config(p, 'paramiko_connection', 'pty', 'ANSIBLE_PARAMIKO_PTY', True, boolean=True)
# characters included in auto-generated passwords
DEFAULT_PASSWORD_CHARS = ascii_letters + digits + ".,:-_"
# non-configurable things
......@@ -20,7 +20,6 @@
from ansible import utils, errors
import os
import errno
import random
from string import ascii_letters, digits
......@@ -33,10 +32,7 @@ class LookupModule(object):
def random_salt(self):
salt_chars = ascii_letters + digits + './'
salt = []
for _ in range(8):
return ''.join(salt)
return utils.random_password(length=8, chars=salt_chars)
def run(self, terms, inject=None, **kwargs):
......@@ -76,7 +72,7 @@ class LookupModule(object):
if not os.path.isdir(pathdir):
chars = ascii_letters + digits + ".,:-_"
password = ''.join(random.choice(chars) for _ in range(length))
password = utils.random_password(length)
if encrypt is not None:
salt = self.random_salt()
content = '%s salt=%s' % (password, salt)
......@@ -1006,4 +1006,13 @@ def combine_vars(a, b):
return dict(a.items() + b.items())
def random_password(length=20, chars=C.DEFAULT_PASSWORD_CHARS):
'''Return a random password string of length containing only chars.'''
password = []
while len(password) < length:
new_char = os.urandom(1)
if new_char in chars:
return ''.join(password)
......@@ -174,6 +174,8 @@ def randompass():
# we play it safe :)
import random
import string
# as of python 2.4, this reseeds the PRNG from urandom
lower = ''.join(random.choice(string.ascii_lowercase) for x in range(6))
upper = ''.join(random.choice(string.ascii_uppercase) for x in range(6))
number = ''.join(random.choice(string.digits) for x in range(6))
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment