New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
states.user.present: Make usage of hash_password
idempotent
#47147
states.user.present: Make usage of hash_password
idempotent
#47147
Conversation
Those failures aren't related to this PR: |
I totally see the case for this but would love to have some tests written around this behavior. Any chance you'd be willing to write some? |
@eliasp Did you see my comment above regarding tests? |
Sorry, I initially planned on adding some tests, but won't have time right now to complete this.
|
# hash to change each time and thereby making the | ||
# user.present state non-idempotent. | ||
algorithms = { | ||
'1': 'md5', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
But this is insecure. I think we should either kill this option or at least scream all around the place in logs if anyone will use this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I do agree that "screaming all around the place in logs" is the most reasonable reaction here…
Added a corresponding warning.
What does this PR do?
It fixes the non-idempotent behavior of
states.user.present
whenhash_password: True
described in #45939It targets
2018.3
, but due to it's trivial nature, it should be easily cherry-picked for backports to older releases.What issues does this PR fix or reference?
#45939
Previous Behavior
Every time
states.user.present
withhash_password: True
was used, a new shadow hash was generated based on a new randomly generated salt value for hashing which made this state's behavior idempotent.New Behavior
Before hashing a password, it checks now whether an existing salt can be retrieved.
If yes, it will be re-used for generating the hash.
If not, it defaults to using a new randomly generated salt.
Tests written?
No
Commits signed with GPG?
Yes