subject:"\[update\] py\-passlib to make Ansible encrypt passwords"

[update] py-passlib to make Ansible encrypt passwords

2017-01-19 Thread Jiri B

Hi,

while playing with Ansible I saw an issue with password_hash('blowfish')
filter - it did not work[1], and I found py-passlib has newer version.

With py-passlib 1.7.0 I am able with little change in Ansible (22 chars
long salt) to make encrypted passwords using Blowfish on OpenBSD.

With old py-passlib I could not make passwords to have '2b' ident.

I did not test much, not enough skills here :/ There sure will be
some mistakes, sorry.

(My goal was just make Ansible do valid passwords encryption. Not sure
I follow good way.)

j.

[1] https://marc.info/?l=openbsd-ports&m=148482296414763&w=2

~~
--- /usr/local/lib/python2.7/site-packages/ansible/plugins/filter/core.py.orig  
Thu Jan 19 18:46:05 2017
+++ /usr/local/lib/python2.7/site-packages/ansible/plugins/filter/core.py   
Thu Jan 19 18:48:42 2017
@ -247,6 +247,8 @@ def get_encrypted_password(password, hashtype='sha512'
 r = SystemRandom()
 if hashtype in ['md5']:
 saltsize = 8
+elif hashtype in ['blowfish']:
+saltsize = 22
 else:
 saltsize = 16
 salt = ''.join([r.choice(string.ascii_letters + string.digits) for 
_ in range(saltsize)])
#
~~~

Diff:

~~~
Index: Makefile
===
RCS file: /cvs/ports/security/py-passlib/Makefile,v
retrieving revision 1.8
diff -u -p -u -p -r1.8 Makefile
--- Makefile3 Jan 2017 19:26:14 -   1.8
+++ Makefile19 Jan 2017 17:49:35 -
@@ -2,10 +2,9 @@
 
 COMMENT =  Python module providing a password hashing framework
 
-MODPY_EGG_VERSION =1.6.5
+MODPY_EGG_VERSION =1.7.0
 DISTNAME = passlib-${MODPY_EGG_VERSION}
 PKGNAME =  py-passlib-${MODPY_EGG_VERSION}
-REVISION = 0
 
 CATEGORIES =   security
 
Index: distinfo
===
RCS file: /cvs/ports/security/py-passlib/distinfo,v
retrieving revision 1.2
diff -u -p -u -p -r1.2 distinfo
--- distinfo15 Jan 2016 12:46:36 -  1.2
+++ distinfo19 Jan 2017 17:49:35 -
@@ -1,2 +1,2 @@
-SHA256 (passlib-1.6.5.tar.gz) = qD009T3JsXqkLJo1w/vMUSDz/LB/f4ch7EXmonvjR/w=
-SIZE (passlib-1.6.5.tar.gz) = 417044
+SHA256 (passlib-1.7.0.tar.gz) = C+T2BTNXxOu6VXigZfva11qERQHUxtkdSjoMFZTGq+0=
+SIZE (passlib-1.7.0.tar.gz) = 637909
Index: pkg/PLIST
===
RCS file: /cvs/ports/security/py-passlib/pkg/PLIST,v
retrieving revision 1.3
diff -u -p -u -p -r1.3 PLIST
--- pkg/PLIST   13 May 2014 09:18:24 -  1.3
+++ pkg/PLIST   19 Jan 2017 17:49:35 -
@@ -1,11 +1,12 @@
 @comment $OpenBSD: PLIST,v 1.3 2014/05/13 09:18:24 sthen Exp $
 lib/python${MODPY_VERSION}/site-packages/passlib/
-lib/python${MODPY_VERSION}/site-packages/passlib-${MODPY_EGG_VERSION}-py${MODPY_VERSION}.egg-info/
-lib/python${MODPY_VERSION}/site-packages/passlib-${MODPY_EGG_VERSION}-py${MODPY_VERSION}.egg-info/PKG-INFO
-lib/python${MODPY_VERSION}/site-packages/passlib-${MODPY_EGG_VERSION}-py${MODPY_VERSION}.egg-info/SOURCES.txt
-lib/python${MODPY_VERSION}/site-packages/passlib-${MODPY_EGG_VERSION}-py${MODPY_VERSION}.egg-info/dependency_links.txt
-lib/python${MODPY_VERSION}/site-packages/passlib-${MODPY_EGG_VERSION}-py${MODPY_VERSION}.egg-info/top_level.txt
-lib/python${MODPY_VERSION}/site-packages/passlib-${MODPY_EGG_VERSION}-py${MODPY_VERSION}.egg-info/zip-safe
+lib/python${MODPY_VERSION}/site-packages/passlib-${MODPY_EGG_VERSION}.post20170119181752-py${MODPY_VERSION}.egg-info/
+lib/python${MODPY_VERSION}/site-packages/passlib-${MODPY_EGG_VERSION}.post20170119181752-py${MODPY_VERSION}.egg-info/PKG-INFO
+lib/python${MODPY_VERSION}/site-packages/passlib-${MODPY_EGG_VERSION}.post20170119181752-py${MODPY_VERSION}.egg-info/SOURCES.txt
+lib/python${MODPY_VERSION}/site-packages/passlib-${MODPY_EGG_VERSION}.post20170119181752-py${MODPY_VERSION}.egg-info/dependency_links.txt
+lib/python${MODPY_VERSION}/site-packages/passlib-${MODPY_EGG_VERSION}.post20170119181752-py${MODPY_VERSION}.egg-info/requires.txt
+lib/python${MODPY_VERSION}/site-packages/passlib-${MODPY_EGG_VERSION}.post20170119181752-py${MODPY_VERSION}.egg-info/top_level.txt
+lib/python${MODPY_VERSION}/site-packages/passlib-${MODPY_EGG_VERSION}.post20170119181752-py${MODPY_VERSION}.egg-info/zip-safe
 lib/python${MODPY_VERSION}/site-packages/passlib/__init__.py
 
${MODPY_COMMENT}lib/python${MODPY_VERSION}/site-packages/passlib/${MODPY_PYCACHE}/
 
lib/python${MODPY_VERSION}/site-packages/passlib/${MODPY_PYCACHE}__init__.${MODPY_PYC_MAGIC_TAG}pyc
@@ -16,8 +17,16 @@ lib/python${MODPY_VERSION}/site-packages
 
lib/python${MODPY_VERSION}/site-packages/passlib/${MODPY_PYCACHE}hash.${MODPY_PYC_MAGIC_TAG}pyc
 
lib/python${MODPY_VERSION}/site-packages/passlib/${MODPY_PYCACHE}hosts.${MODPY_PYC_MAGIC_TAG}pyc
 
lib/python${MODPY_VERSION}/site-packages/passlib/${MODPY_PYCACHE}ifc.${MODPY_PYC_MAGIC_TAG}pyc
+lib/python${MODPY_VE

Re: [update] py-passlib to make Ansible encrypt passwords

2017-01-19 Thread Stuart Henderson

On 2017/01/19 12:58, Jiri B wrote:
> Hi,
> 
> while playing with Ansible I saw an issue with password_hash('blowfish')
> filter - it did not work[1], and I found py-passlib has newer version.
> 
> With py-passlib 1.7.0 I am able with little change in Ansible (22 chars
> long salt) to make encrypted passwords using Blowfish on OpenBSD.
> 
> With old py-passlib I could not make passwords to have '2b' ident.
> 
> I did not test much, not enough skills here :/ There sure will be
> some mistakes, sorry.
> 
> (My goal was just make Ansible do valid passwords encryption. Not sure
> I follow good way.)
> 
> j.
> 
> [1] https://marc.info/?l=openbsd-ports&m=148482296414763&w=2
> 
> ~~
> --- 
> /usr/local/lib/python2.7/site-packages/ansible/plugins/filter/core.py.orig  
> Thu Jan 19 18:46:05 2017
> +++ /usr/local/lib/python2.7/site-packages/ansible/plugins/filter/core.py 
>   Thu Jan 19 18:48:42 2017
> @ -247,6 +247,8 @@ def get_encrypted_password(password, hashtype='sha512'
>  r = SystemRandom()
>  if hashtype in ['md5']:
>  saltsize = 8
> +elif hashtype in ['blowfish']:
> +saltsize = 22
>  else:
>  saltsize = 16
>  salt = ''.join([r.choice(string.ascii_letters + string.digits) 
> for _ in range(saltsize)])
> #
> ~~~
> 
> Diff:

Here is a better diff for passlib. Updates HOMEPAGE and fixes the
egg-version mess. I'm not using passlib for anything at the moment so
haven't tested runtime yet but it should be equivalent to your diff
apart from those fixes.

Index: Makefile
===
RCS file: /cvs/ports/security/py-passlib/Makefile,v
retrieving revision 1.8
diff -u -p -r1.8 Makefile
--- Makefile3 Jan 2017 19:26:14 -   1.8
+++ Makefile19 Jan 2017 20:36:22 -
@@ -2,16 +2,15 @@
 
 COMMENT =  Python module providing a password hashing framework
 
-MODPY_EGG_VERSION =1.6.5
+MODPY_EGG_VERSION =1.7.0
 DISTNAME = passlib-${MODPY_EGG_VERSION}
 PKGNAME =  py-passlib-${MODPY_EGG_VERSION}
-REVISION = 0
 
 CATEGORIES =   security
 
 MAINTAINER =   Stuart Henderson 
 
-HOMEPAGE = https://pythonhosted.org/passlib/
+HOMEPAGE = https://bitbucket.org/ecollins/passlib/wiki/Home
 
 # BSD
 PERMIT_PACKAGE_CDROM = Yes
@@ -25,6 +24,7 @@ FLAVOR ?=
 
 TEST_DEPENDS = devel/py-nose${MODPY_FLAVOR} \
devel/py-mock${MODPY_FLAVOR}
+MAKE_ENV = PASSLIB_SETUP_TAG_RELEASE=no
 
 do-test:
cd ${WRKSRC} && \
Index: distinfo
===
RCS file: /cvs/ports/security/py-passlib/distinfo,v
retrieving revision 1.2
diff -u -p -r1.2 distinfo
--- distinfo15 Jan 2016 12:46:36 -  1.2
+++ distinfo19 Jan 2017 20:36:22 -
@@ -1,2 +1,2 @@
-SHA256 (passlib-1.6.5.tar.gz) = qD009T3JsXqkLJo1w/vMUSDz/LB/f4ch7EXmonvjR/w=
-SIZE (passlib-1.6.5.tar.gz) = 417044
+SHA256 (passlib-1.7.0.tar.gz) = C+T2BTNXxOu6VXigZfva11qERQHUxtkdSjoMFZTGq+0=
+SIZE (passlib-1.7.0.tar.gz) = 637909
Index: patches/patch-passlib_hosts_py
===
RCS file: /cvs/ports/security/py-passlib/patches/patch-passlib_hosts_py,v
retrieving revision 1.1
diff -u -p -r1.1 patch-passlib_hosts_py
--- patches/patch-passlib_hosts_py  15 Jan 2016 12:46:37 -  1.1
+++ patches/patch-passlib_hosts_py  19 Jan 2017 20:36:22 -
@@ -1,7 +1,7 @@
 $OpenBSD: patch-passlib_hosts_py,v 1.1 2016/01/15 12:46:37 sthen Exp $
 passlib/hosts.py.orig  Sun Jul 26 03:39:39 2015
-+++ passlib/hosts.py   Fri Jan 15 12:46:20 2016
-@@ -48,7 +48,8 @@ linux_context = linux2_context = LazyCryptContext(
+--- passlib/hosts.py.orig  Wed Nov 23 03:20:22 2016
 passlib/hosts.py   Mon Jan 16 14:26:12 2017
+@@ -47,7 +47,8 @@ linux_context = linux2_context = LazyCryptContext(
  # referencing source via -http://fxr.googlebit.com
  # freebsd 6,7,8 - des, md5, bcrypt, bsd_nthash
  # netbsd - des, ext, md5, bcrypt, sha1
Index: pkg/PLIST
===
RCS file: /cvs/ports/security/py-passlib/pkg/PLIST,v
retrieving revision 1.3
diff -u -p -r1.3 PLIST
--- pkg/PLIST   13 May 2014 09:18:24 -  1.3
+++ pkg/PLIST   19 Jan 2017 20:36:22 -
@@ -4,6 +4,7 @@ lib/python${MODPY_VERSION}/site-packages
 
lib/python${MODPY_VERSION}/site-packages/passlib-${MODPY_EGG_VERSION}-py${MODPY_VERSION}.egg-info/PKG-INFO
 
lib/python${MODPY_VERSION}/site-packages/passlib-${MODPY_EGG_VERSION}-py${MODPY_VERSION}.egg-info/SOURCES.txt
 
lib/python${MODPY_VERSION}/site-packages/passlib-${MODPY_EGG_VERSION}-py${MODPY_VERSION}.egg-info/dependency_links.txt
+lib/python${MODPY_VERSION}/site-packages/passlib-${MODPY_EGG_VERSION}-py${MODPY_VERSION}.egg-info/requires.txt
 
lib/python${MODPY_VERSION}/site-packages/passlib-${MODPY_EGG_VERSION}-py${

[update] py-passlib to make Ansible encrypt passwords

Re: [update] py-passlib to make Ansible encrypt passwords

2 matches

Site Navigation

Mail list logo

Footer information