ansible-collections/community.mysql
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.mysql.git synced 2025-08-21 05:21:46 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

fix tests

Browse source
This commit is contained in:
Matthieu Bourgain 2024-04-19 15:47:12 +02:00
commit 07ffdeb9d9
No known key found for this signature in database
GPG key ID: 33BA95C808890C39
3 changed files with 18 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

3
plugins/module_utils/implementations/mysql/hash.py
View file

@ -106,7 +106,8 @@ def _sha256_digest(key, salt, loops):
def mysql_sha256_password_hash_hex(password, salt):
"""Return a MySQL compatible caching_sha2_password hash in hex format."""
assert len(salt) == 20, "Salt must be 20 characters long."
if len(salt) != 20:
raise ValueError("Salt must be 20 characters long.")
count = 5
iteration = 1000 * count

4
plugins/module_utils/user.py
View file

@ -191,7 +191,7 @@ def user_add(cursor, user, host, host_all, password, encrypted,
generated_hash_string = mysql_sha256_password_hash_hex(password=plugin_auth_string, salt=salt)
else:
module.fail_json(msg="salt not handled for %s authentication plugin" % plugin)
query_with_args = "CREATE USER %s@%s IDENTIFIED WITH %s AS %s", (user, host, plugin, generated_hash_string)
query_with_args = "CREATE USER %s@%s IDENTIFIED WITH %s AS 0x%s", (user, host, plugin, generated_hash_string)
else:
query_with_args = "CREATE USER %s@%s IDENTIFIED WITH %s BY %s", (user, host, plugin, plugin_auth_string)
elif plugin:
@ -372,7 +372,7 @@ def user_mod(cursor, user, host, host_all, password, encrypted,
generated_hash_string = mysql_sha256_password_hash_hex(password=plugin_auth_string, salt=salt)
else:
module.fail_json(msg="salt not handled for %s authentication plugin" % plugin)
query_with_args = "ALTER USER %s@%s IDENTIFIED WITH %s AS %s", (user, host, plugin, generated_hash_string)
query_with_args = "ALTER USER %s@%s IDENTIFIED WITH %s AS 0x%s", (user, host, plugin, generated_hash_string)
else:
query_with_args = "ALTER USER %s@%s IDENTIFIED WITH %s BY %s", (user, host, plugin, plugin_auth_string)
else:

18
plugins/modules/mysql_user.py
View file

@ -144,9 +144,9 @@ options:
version_added: '0.1.0'
salt:
description:
- Salt used to generate password hash.
- Salt used to generate password hash from I(plugin_auth_string).
- Salt length must be 20 characters.
- I(plugin) must be equal to ``caching_sha2_password`` or ``sha256_password`` and I(plugin_auth_string) defined.
- Salt only support ``caching_sha2_password`` or ``sha256_password`` authentication I(plugin).
type: str
version_added: '3.10.0'
resource_limits:
@ -377,6 +377,13 @@ EXAMPLES = r'''
priv: '*.*:ALL'
state: present
- name: Create user 'bob' authenticated with plugin 'caching_sha2_password' and static salt
community.mysql.mysql_user:
name: bob
plugin: caching_sha2_password
plugin_auth_string: password
salt: 1234567890abcdefghij
- name: Limit bob's resources to 10 queries per hour and 5 connections per hour
community.mysql.mysql_user:
name: bob
@ -509,8 +516,11 @@ def main():
module.fail_json(msg="password_expire_interval value \
should be positive number")
if salt and plugin not in ['caching_sha2_password', 'sha256_password']:
module.fail_json(msg="salt requires caching_sha2_password or sha256_password plugin")
if salt:
if len(salt) != 20:
module.fail_json(msg="Salt must be 20 characters long")
if plugin not in ['caching_sha2_password', 'sha256_password']:
module.fail_json(msg="salt requires caching_sha2_password or sha256_password plugin")
cursor = None
try: