a )g ) @sddlmZmZmZeZddlZddlZddlZddl Z ddl Z ddl m Z ddl mZddlmZmZddlmZddlmZmZddlmZdZZd ZZzXddlZddlZdd l m!Z!m"Z"zdd l#m$Z$Wne%ydd l&m$Z$Yn0d ZWn*e'y"Z(ze(ZWYdZ([(n dZ([(00zddl)Z)d ZWn*e'y^Z(ze(ZWYdZ([(n dZ([(00eZ*d gZ+e,Z-dZ.e.ej/dfddZ0dddZ1Gddde2Z3Gddde3Z4Gddde3Z5dddZ6ddd Z7dS) )absolute_importdivisionprint_functionN) namedtuple) constants) AnsibleErrorAnsibleAssertionError) text_type)to_textto_bytes)DisplayF) HasRawSalt PrefixWrapper)bcrypt64T do_encryptcsXttstdtf|dur0tn t|dfddt|DS)aReturn a random password string of length containing only chars :kwarg length: The number of characters in the new password. Defaults to 20. :kwarg chars: The characters to choose from. The default is all ascii letters, ascii digits, and these symbols ``.,:-_`` z%s (%s) is not a text_typeNc3s|]}VqdSN)choice).0ZdummycharsZrandom_generator9/usr/lib/python3.9/site-packages/ansible/utils/encrypt.py Az"random_password..) isinstancer rtyperandomZ SystemRandomZRandomjoinrange)lengthrZseedrrrrandom_password3s    r"cCstjtjd}t||dS)zhReturn a text string suitable for use as a salt for the hash functions we use to encrypt passwords. z./)r!r)string ascii_lettersdigitsr")r!Z salt_charsrrr random_saltDsr'c @sheZdZedgdZeddddddeddd d dded d d dddedd dddddZddZdS)BaseHashalgo)crypt_id salt_sizeimplicit_rounds salt_exactimplicit_ident1r#NFZ2b T5i)6i )Z md5_cryptbcryptZ sha256_cryptZ sha512_cryptcCs ||_dSr) algorithmselfr6rrr__init__VszBaseHash.__init__)__name__ __module__ __qualname__rr) algorithmsr9rrrrr(Msr(csFeZdZfddZdddZddZdd Zd d Zd d ZZ S) CryptHashcsjtt||ts tdtdtjdr4td||j vrLtd|j t j ddd|j ||_ dS) NzYcrypt.crypt cannot be used as the 'crypt' python library is not installed or is unusable.orig_excdarwinzKcrypt.crypt not supported on Mac OS X/Darwin, install passlib python module+crypt.crypt does not support '%s' algorithmzEncryption using the Python crypt module is deprecated. The Python crypt module is deprecated and will be removed from Python 3.13. Install the passlib library for continued encryption functionality.g\(\@)version)superr>r9 HAS_CRYPTrCRYPT_Esysplatform startswithr=r6displayZ deprecated algo_datar7 __class__rrr9[s   zCryptHash.__init__NcCs0|||}||}||}|||||Sr)_salt_rounds_ident_hashr8secretsaltr+roundsidentrrrhashqs   zCryptHash.hashcCsr|p |jj}|pt|}td|r,td|jjrNt||jjkrNtdn |jjsnt||jjkrntd|S)Nz[^./0-9A-Za-z]zinvalid characters in saltzinvalid salt size)rKr+r'researchrr-len)r8rTr+retrrrrNws    zCryptHash._saltcCs||jjkrdS|SdSr)rKr,)r8rUrrrrOs zCryptHash._roundscCs|s |jjS|jdkr|SdSNr5)rKr*r6)r8rVrrrrPs  zCryptHash._identc Csd}|rd|}|r |d|7}|d|7}zt||}d}Wn,tyl}zd}|}WYd}~n d}~00|std|j|d|S)Nrz$%sz $rounds=%drBr?)cryptOSErrorrr6) r8rSrTrUrVZ saltstringresultr@errrrQs$   zCryptHash._hash)NNNN) r:r;r<r9rWrNrOrPrQ __classcell__rrrLrr>Zs    r>csFeZdZfddZdddZddZdd Zd d Zd d ZZ S) PasslibHashcsZtt||ts$td|tdzttj||_ Wnt yTtd|Yn0dS)Nz6passlib must be installed and usable to hash with '%s'r?z'passlib does not support '%s' algorithm) rDrbr9PASSLIB_AVAILABLEr PASSLIB_EgetattrpasslibrW crypt_algo Exceptionr7rLrrr9s zPasslibHash.__init__NcCs2||}||}||}|j|||||dS)NrTr+rUrV) _clean_salt _clean_rounds _clean_identrQrRrrrrWs   zPasslibHash.hashcCs:d}|s(|j|jvr$|j|jjS|S|jdkr6|S|Sr\)r6r=getr.)r8rVr[rrrrls  zPasslibHash._clean_identcCs^|sdStt|jtr|jjn|jtr8t|ddd}nt|ddd}|jdkrZt |}|S)Nasciistrict)encodingerrorsr5) issubclassrrgrwrappedr r r r6rZ repair_unused)r8rTr[rrrrjs   zPasslibHash._clean_saltcCs.|j|j}|r|S|r&|jr&|jSdSdSr)r=rmr6r,)r8rUrKrrrrks  zPasslibHash._clean_roundsc Csi}|r||d<|r||d<|r(||d<|r4||d<zZt|jdr\|jjfi||}n0t|jdr~|jj|fi|}ntdtjWn0ty}ztd|d WYd}~n d}~00|std |j t |d d S) NrTr+rUrVrWencryptz*installed passlib version %s not supportedzCould not hash the secret.r?z"failed to hash with algorithm '%s'ro)rq) hasattrrgZusingrWrtrrf __version__ ValueErrorr6r ) r8rSrTr+rUrVZsettingsr_r`rrrrQs(  "zPasslibHash._hash)NNNN) r:r;r<r9rWrlrjrkrQrarrrLrrbs    rbcCsHtrt|j|||||dStr8t|j|||||dStdtddS)NrizFUnable to encrypt nor hash, either crypt or passlib must be installed.r?)rcrbrWrEr>rrF)rSr6rTr+rUrVrrrpasslib_or_crypt s rxcCst|||||dS)N)r+rTrV)rx)r_rtr+rTrVrrrrs)r#)NNNN)NNN)8Z __future__rrrrZ __metaclass__ZmultiprocessingrrXr$rG collectionsrZansiblerCZansible.errorsrrZansible.module_utils.sixr Zansible.module_utils._textr r Zansible.utils.displayr rdrFrErcrfZ passlib.hashZpasslib.utils.handlersr rZpasslib.utils.binaryr ImportErrorZ passlib.utilsrhr`r]rJ__all__LockZ_LOCKZDEFAULT_PASSWORD_LENGTHZDEFAULT_PASSWORD_CHARSr"r'objectr(r>rbrxrrrrrsR       U[