Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Backport/2.8/57135 #57137

Merged
merged 2 commits into from
May 29, 2019
Merged

Backport/2.8/57135 #57137

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
7860ec3
Fix netapp_e_iscsi_target chap secret size and clearing functionality.
swartzn May 29, 2019
d0fc276
Add changelogs fragment for PR #57135
swartzn May 29, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
2 changes: 2 additions & 0 deletions changelogs/fragments/57135-netapp_e_iscsi_target-fix-chap-secret-size-and-clearing.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
bugfixes:
- netapp_e_iscsi_target - fix netapp_e_iscsi_target chap secret size and clearing functionality
11 changes: 6 additions & 5 deletions lib/ansible/modules/storage/netapp/netapp_e_iscsi_target.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,8 @@
- When this value is specified, we will always trigger an update (changed=True). We have no way of verifying
whether or not the password has changed.
- The chap secret may only use ascii characters with values between 32 and 126 decimal.
- The chap secret must be no less than 12 characters, but no more than 16 characters in length.
- The chap secret must be no less than 12 characters, but no greater than 57 characters in length.
- The chap secret is cleared when not specified or an empty string.
aliases:
- chap
- password
Expand Down Expand Up @@ -158,9 +159,9 @@ def __init__(self):
if not self.url.endswith('/'):
self.url += '/'

if self.chap_secret is not None:
if len(self.chap_secret) < 12 or len(self.chap_secret) > 16:
self.module.fail_json(msg="The provided CHAP secret is not valid, it must be between 12 and 16"
if self.chap_secret:
if len(self.chap_secret) < 12 or len(self.chap_secret) > 57:
self.module.fail_json(msg="The provided CHAP secret is not valid, it must be between 12 and 57"
" characters in length.")

for c in self.chap_secret:
Expand Down Expand Up @@ -226,7 +227,7 @@ def apply_iscsi_settings(self):
body['alias'] = self.name

# If the CHAP secret was provided, we trigger an update.
if self.chap_secret is not None:
if self.chap_secret:
update = True
body.update(dict(enableChapAuthentication=True,
chapSecret=self.chap_secret))
Expand Down
4 changes: 2 additions & 2 deletions test/units/modules/storage/netapp/test_netapp_e_iscsi_target.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,13 +35,13 @@ def _set_args(self, args=None):

def test_validate_params(self):
"""Ensure we can pass valid parameters to the module"""
for i in range(12, 16):
for i in range(12, 57):
secret = 'a' * i
self._set_args(dict(chap=secret))
tgt = IscsiTarget()

def test_invalid_chap_secret(self):
for secret in [11 * 'a', 17 * 'a', u'©' * 12]:
for secret in [11 * 'a', 58 * 'a']:
with self.assertRaisesRegexp(AnsibleFailJson, r'.*?CHAP secret is not valid.*') as result:
self._set_args(dict(chap=secret))
tgt = IscsiTarget()
Expand Down