Skip to content

A
ansible
Commit b58d7470 by Toshio Kuratomi
Options

Cleanup logic and be more paranoid about passwords with spaces

parent 5c5806d6
Showing with 11 additions and 4 deletions
lib/ansible/plugins/lookup/password.py
...@@ -134,17 +134,24 @@ class LookupModule(LookupBase): ...@@ -134,17 +134,24 @@ class LookupModule(LookupBase):
f.write(content + '\n') f.write(content + '\n')
else: else:
content = open(path).read().rstrip() content = open(path).read().rstrip()
sep = content.find(' ')
if sep >= 0: if params['encrypt'] is not None:
try:
sep = content.rindex(' ')
except ValueError:
password = content
salt = None
else:
salt_field = content[sep + 1:]
if salt_field.startswith('salt='):
password = content[:sep] password = content[:sep]
salt = content[sep + 1:].split('=')[1] salt = salt_field[len('salt=':]
else: else:
password = content password = content
salt = None salt = None
# crypt requested, add salt if missing # crypt requested, add salt if missing
if (params['encrypt'] is not None and not salt): if not salt:
salt = self.random_salt() salt = self.random_salt()
content = '%s salt=%s' % (password, salt) content = '%s salt=%s' % (password, salt)
with open(path, 'w') as f: with open(path, 'w') as f:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment