[passwordstore] Use builtin _random_password function instead of pwgen (#25843)

* [password] _random_password -> random_password and moved to util/encrypt.py * [passwordstore] Use built-in random_password instead of pwgen utility * [passwordstore] Add integration tests
2025-07-22 12:50:22 -07:00 · 2017-08-15 00:19:40 +02:00 · 2017-08-15 00:19:40 +02:00 · 554496c404
commit 554496c404
parent f345ba5c38
21 changed files with 217 additions and 49 deletions
--- a/lib/ansible/utils/encrypt.py
+++ b/lib/ansible/utils/encrypt.py
@ -23,11 +23,14 @@ import stat
 import tempfile
 import time
 import warnings
+import random

 from ansible import constants as C
 from ansible.errors import AnsibleError
+from ansible.module_utils.six import text_type
 from ansible.module_utils._text import to_text, to_bytes

+
 PASSLIB_AVAILABLE = False
 try:
    import passlib.hash
@ -162,3 +165,19 @@ def keyczar_decrypt(key, msg):
        return key.Decrypt(msg)
    except key_errors.InvalidSignatureError:
        raise AnsibleError("decryption failed")
+
+
+DEFAULT_PASSWORD_LENGTH = 20
+
+
+def random_password(length=DEFAULT_PASSWORD_LENGTH, chars=C.DEFAULT_PASSWORD_CHARS):
+    '''Return a random password string of length containing only chars
+
+    :kwarg length: The number of characters in the new password.  Defaults to 20.
+    :kwarg chars: The characters to choose from.  The default is all ascii
+        letters, ascii digits, and these symbols ``.,:-_``
+    '''
+    assert isinstance(chars, text_type), '%s (%s) is not a text_type' % (chars, type(chars))
+
+    random_generator = random.SystemRandom()
+    return u''.join(random_generator.choice(chars) for dummy in range(length))