a

�)g)�
@s�
dd
lm
Z
mZmZ
eZddlZddlZddlZddl	Z	ddl
Z
ddlmZ
ddl
mZ
ddlmZmZ
ddlmZ
ddlmZmZ
ddlmZ
dZZd	ZZzXddlZddlZdd
l m!Z!m"Z"
zddl#m$Z$
Wne%y�


ddl&m$Z$
Yn0dZWn*e'�
y"
Z(
ze(ZWYdZ([(n
dZ([(00zddl)Z)dZWn*e'�
y^
Z(
ze(ZWYdZ([(n
dZ([(00e�Z*d
g
Z+e�,�Z-dZ.e.ej/dfdd�
Z0ddd�
Z1Gdd�de2�Z3Gdd�de3�Z4Gdd�de3�Z5ddd�
Z6ddd
�
Z7dS) �)�absolute_import�division�print_functionN)
�
namedtuple)
�	constants)�AnsibleError�AnsibleAssertionError)
�	text_type)�to_text�to_bytes)
�DisplayF)�
HasRawSalt�
PrefixWrapper)
�bcrypt64T�
do_encrypt�csXt�t
�std
�t��
f�
�
|dur0t���
n
t�|�
�
d���
fdd�t|�
D�
�
S)a
Return a random password string of length containing only chars

    :kwarg length: The number of characters in the new password.  Defaults to 20.
    :kwarg chars: The characters to choose from.  The default is all ascii
        letters, ascii digits, and these symbols ``.,:-_``
    z%s (%s) is not a text_typeN�c
3s|]}
�
���
V
qdS�
N)
�choice)�.0Zdummy��charsZrandom_generator��9/usr/lib/python3.9/site-packages/ansible/utils/encrypt.py�	<genexpr>A�z"random_password.<locals>.<genexpr>)	�
isinstancer	r�type�randomZSystemRandomZRandom�join�range)�lengthrZseedrrr�random_password3s





r"�c
Cstj
tjd
}
t||
d�S)zhReturn a text string suitable for use as a salt for the hash functions we use to encrypt passwords.
    z./)r!r)�string�
ascii_letters�digitsr")r!Z
salt_charsrrr�random_saltDs
r'c
@sheZ
dZed
gd�
�Zedddddd�eddd	d
dd�eddd
ddd�edddddd�d�Zdd�ZdS)�BaseHash�algo)�crypt_id�	salt_size�implicit_rounds�
salt_exact�implicit_ident�
1r#NFZ2b��T�
5�i�)�
6i�
)Z	md5_crypt�bcryptZsha256_cryptZsha512_cryptcCs
|
|_dSr)
�	algorithm��selfr6rrr�__init__Vs
zBaseHash.__init__)�__name__�
__module__�__qualname__rr)�
algorithmsr9rrrrr(Ms



�r(csFeZ
dZ�f
d
d�Zddd�
Zdd�Zdd	�Zd
d�Zdd
�Z�Z	S)�	CryptHashcsjtt
|��|
�

ts td
td��
tj�d�
r4td�
�
|
|j	v
rLtd|j
�
�
tjddd�
|j	|
|_
dS)	NzYcrypt.crypt cannot be used as the 'crypt' python library is not installed or is unusable.�
�orig_exc�darwinzKcrypt.crypt not supported on Mac OS X/Darwin, install passlib python module�+crypt.crypt does not support '%s' algorithmz�Encryption using the Python crypt module is deprecated. The Python crypt module is deprecated and will be removed from Python 3.13. Install the passlib library for continued encryption functionality.g\��(\
@)
�version)�superr>r9�	HAS_CRYPTr�CRYPT_E�sys�platform�
startswithr=r6�displayZ
deprecated�	algo_datar7�
�	__class__rrr9[s





�zCryptHash.__init__NcCs0|�||�}|�
|�
}|�|�
}|�|
|||�Sr)�_salt�_rounds�_ident�_hash�r8�secret�saltr+�rounds�identrrr�hashqs





zCryptHash.hashcCsr|p
|jj
}|
pt|�
}t�d
|�r,td�
�
|jjrNt|�
|jj
krNtd�
�
n |jjsnt|�
|jj
krntd�
�
|S)Nz[^./0-9A-Za-z]zinvalid characters in saltzinvalid salt size)rKr+r'�re�searchrr-�len)r8rTr+�retrrrrNws









zCryptHash._saltcCs|
|jj
krdS|
SdSr)rKr,)r8rUrrrrO�s
zCryptHash._roundscCs|
s|jj
S|jd
kr|
SdS�Nr5)rKr*r6)r8rVrrrrP�s






zCryptHash._identc	
Cs�d
}|rd|}|r |d|7}|d|7}zt�|
|�}d}Wn,t
yl
}
zd}|}WYd}~n
d}~00|s�td|j|d��
|S)Nrz$%sz
$rounds=%drBr?)�crypt�OSErrorrr6)	r8rSrTrUrVZ
saltstring�resultr@�
errrrQ�s$











�zCryptHash._hash)NNNN)
r:r;r<r9rWrNrOrPrQ�
__classcell__rrrLrr>Zs

r>csFeZ
dZ�f
d
d�Zddd�
Zdd�Zdd	�Zd
d�Zdd
�Z�Z	S)�PasslibHashcsZtt
|��|
�

ts$td
|
td��
zttj|
�|_	Wnt
yT


td|
�
�
Yn0dS)Nz6passlib must be installed and usable to hash with '%s'r?z'passlib does not support '%s' algorithm)rDrbr9�PASSLIB_AVAILABLEr�	PASSLIB_E�getattr�passlibrW�
crypt_algo�	Exceptionr7rLrrr9�s




zPasslibHash.__init__NcCs2|�|�
}|�
|�
}|�|�
}|j|
||||d
�S)N�rTr+rUrV)�_clean_salt�
_clean_rounds�_clean_identrQrRrrrrW�s






zPasslibHash.hashcCs:d}|
s(|j|j
vr$|j
�|j�
jS|S|jd
kr6|
S|Sr\)r6r=�getr.)r8rVr[rrrrl�s








zPasslibHash._clean_identcCs^|
sdStt
|jt�r|jjn|jt�r8t|
d
dd�}nt|
d
dd�}|jdkrZt	�
|�
}|S)N�ascii�strict)�encoding�errorsr5)�
issubclassrrgr�wrappedr
rr
r6rZ
repair_unused)r8rTr[rrrrj�s


 



zPasslibHash._clean_saltcCs.|j�
|j�
}|
r|
S|r&|jr&|jSdSdSr)r=rmr6r,)r8rUrKrrrrk�s




zPasslibHash._clean_roundsc	
Cs�i}|r||d
<|r||d<|r(||d<|r4||d<zZt|j
d�r\|j
jfi|�
�
�|
�
}n0t|j
d�r~|j
j|
f
i|�
�
}ntdtj�
�
Wn0ty�
}
ztd|d	��
WYd}~n
d}~00|s�td
|j	�
�
t
|dd�S)
NrTr+rUrVrW�encryptz*installed passlib version %s not supportedzCould not hash the secret.r?z"failed to hash with algorithm '%s'ro)
rq)�hasattrrgZusingrWrtrrf�__version__�
ValueErrorr6r
)	r8rSrTr+rUrVZsettingsr_r`rrrrQ�s(













"
zPasslibHash._hash)NNNN)
r:r;r<r9rWrlrjrkrQrarrrLrrb�s


rbcCsHtrt
|
�
j|||||d
�Str8t|
�
j|||||d
�Stdtd��
dS)NrizFUnable to encrypt nor hash, either crypt or passlib must be installed.r?)rcrbrWrEr>rrF)rSr6rTr+rUrVrrr�passlib_or_crypt

s





rxcCst||
|||d
�S)N)r+rTrV)
rx)r_rtr+rTrVrrrr
s
)
r#)NNNN)NNN)8Z
__future__rrrrZ
__metaclass__ZmultiprocessingrrXr$rG�collectionsrZansibler�
CZansible.errorsrrZansible.module_utils.sixr	Zansible.module_utils._textr
rZansible.utils.displayrrdrFrErcrfZpasslib.hashZpasslib.utils.handlersr
rZpasslib.utils.binaryr�ImportErrorZ
passlib.utilsrhr`r]rJ�__all__�LockZ_LOCKZDEFAULT_PASSWORD_LENGTHZDEFAULT_PASSWORD_CHARSr"r'�objectr(r>rbrxrrrrr�<module>sR

























	
U[