Skip to content

A
ansible
Commit 6f34a633 by James Cammarata
Options

Differentiate decryption failures from empty data files in ansible-vault 

Fixes #6822
parent eb15d2f6
Showing with 2 additions and 2 deletions
lib/ansible/utils/vault.py
...@@ -123,7 +123,7 @@ class VaultLib(object): ...@@ -123,7 +123,7 @@ class VaultLib(object):
# try to unencrypt data # try to unencrypt data
data = this_cipher.decrypt(data, self.password) data = this_cipher.decrypt(data, self.password)
if not data: if data is None:
raise errors.AnsibleError("Decryption failed") raise errors.AnsibleError("Decryption failed")
return data return data
...@@ -210,7 +210,7 @@ class VaultEditor(object): ...@@ -210,7 +210,7 @@ class VaultEditor(object):
this_vault = VaultLib(self.password) this_vault = VaultLib(self.password)
if this_vault.is_encrypted(tmpdata): if this_vault.is_encrypted(tmpdata):
dec_data = this_vault.decrypt(tmpdata) dec_data = this_vault.decrypt(tmpdata)
if not dec_data: if dec_data is None:
raise errors.AnsibleError("Decryption failed") raise errors.AnsibleError("Decryption failed")
else: else:
self.write_data(dec_data, self.filename) self.write_data(dec_data, self.filename)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment