mauro/ansible-role-openldap-docker
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

compatibilidad python3

Browse Source
This commit is contained in:
Mauro Torrez 2019-05-25 17:40:18 -03:00
parent f7d7c0e822
commit da55eec420
1 changed files with 11 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
action_plugins/ldap.py
View File

@ -7,11 +7,12 @@ from ansible.errors import AnsibleError
from ansible.utils.vars import merge_hash from ansible.utils.vars import merge_hash
from ansible.module_utils._text import to_text from ansible.module_utils._text import to_text
from ansible.module_utils.parsing.convert_bool import boolean from ansible.module_utils.parsing.convert_bool import boolean
import six
import sys import sys
import re import re
import base64 import base64
import io import io
from six import string_types
try: try:
import ldap import ldap
import ldif import ldif
@ -44,16 +45,16 @@ from base64 import decodestring as b64decode
def makeSecret(password): def makeSecret(password):
salt = os.urandom(4) salt = os.urandom(4)
h = hashlib.sha1(password) h = hashlib.sha1(password.encode('utf-8'))
h.update(salt) h.update(salt)
return "{SSHA}" + b64encode(h.digest() + salt)[:-1] return "{SSHA}" + b64encode(h.digest() + salt)[:-1].decode()
def checkPassword(challenge_password, password): def checkPassword(challenge_password, password):
try: try:
challenge_bytes = b64decode(challenge_password[6:]) challenge_bytes = b64decode(challenge_password[6:])
digest = challenge_bytes[:20] digest = challenge_bytes[:20]
salt = challenge_bytes[20:] salt = challenge_bytes[20:]
hr = hashlib.sha1(password) hr = hashlib.sha1(password.encode('utf-8'))
hr.update(salt) hr.update(salt)
return digest == hr.digest() return digest == hr.digest()
except: except:
@ -266,7 +267,7 @@ class ActionModule(ActionBase):
qfilter = '(objectClass=*)' qfilter = '(objectClass=*)'
# armar el filtro de búsqueda agregando los filtros adicionales # armar el filtro de búsqueda agregando los filtros adicionales
if isinstance(self.search_filter, string_types): if isinstance(self.search_filter, six.string_types):
qfilter = self.search_filter qfilter = self.search_filter
else: else:
for f in self.search_filter: for f in self.search_filter:
@ -381,7 +382,7 @@ class ActionModule(ActionBase):
'''Verificar/actualizar valor para un atributo''' '''Verificar/actualizar valor para un atributo'''
if attribute in self.ATTR_PASSWORD: if attribute in self.ATTR_PASSWORD:
if not isinstance(value, string_types): if not isinstance(value, six.string_types):
value = value[0] value = value[0]
if checkPassword(self.attrs.get(attribute,[None])[0], value): if checkPassword(self.attrs.get(attribute,[None])[0], value):
# si la clave matchea, salir # si la clave matchea, salir
@ -396,7 +397,7 @@ class ActionModule(ActionBase):
value = [makeSecret(value)] value = [makeSecret(value)]
# convertir el valor a una lista # convertir el valor a una lista
if isinstance(value, string_types): if isinstance(value, six.string_types):
value = [value] value = [value]
changed = False changed = False
@ -447,9 +448,11 @@ class ActionModule(ActionBase):
# Asegurar que la importación LDAP no falló, salir con gracia # Asegurar que la importación LDAP no falló, salir con gracia
if not HAS_LDAP: if not HAS_LDAP:
import platform
return merge_hash( self.result, { return merge_hash( self.result, {
'failed': True, 'failed': True,
'msg': "Missing required 'ldap' module (pip install python-ldap). " 'msg': "Missing required 'ldap' module (pip install python-ldap). "
"Python version: {}".format(platform.python_version())
}) })
try: try: