openstack/ironic-python-agent
Code Issues Proposed changes

Merge "Replace crypt module"

Browse Source
This commit is contained in:
Zuul
2025-01-29 03:00:25 +00:00
committed by Gerrit Code Review
parent 018a5f6253 eda6c81cbf
commit 3ed0126a8f
3 changed files with 11 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
ironic_python_agent/extensions/rescue.py
View File

@@ -10,9 +10,8 @@
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
import crypt
from oslo_log import log from oslo_log import log
from oslo_utils import secretutils
from ironic_python_agent.extensions import base from ironic_python_agent.extensions import base
@@ -43,7 +42,8 @@ class RescueExtension(base.BaseAgentExtension):
if hashed: if hashed:
hashed_password = password hashed_password = password
else: else:
hashed_password = crypt.crypt(rescue_password) hashed_password = secretutils.crypt_password(
rescue_password, secretutils.crypt_mksalt('SHA-256'))
try: try:
with open(PASSWORD_FILE, 'w') as f: with open(PASSWORD_FILE, 'w') as f:
f.write(hashed_password) f.write(hashed_password)

11
ironic_python_agent/tests/unit/extensions/test_rescue.py
View File

@@ -25,7 +25,8 @@ class TestRescueExtension(test_base.BaseTestCase):
self.agent_extension = rescue.RescueExtension() self.agent_extension = rescue.RescueExtension()
self.agent_extension.agent = FakeAgent() self.agent_extension.agent = FakeAgent()
@mock.patch('ironic_python_agent.extensions.rescue.crypt.crypt', @mock.patch('ironic_python_agent.extensions.rescue.secretutils.'
'crypt_password',
autospec=True) autospec=True)
def test_write_rescue_password(self, mock_crypt): def test_write_rescue_password(self, mock_crypt):
mock_crypt.return_value = '12deadbeef' mock_crypt.return_value = '12deadbeef'
@@ -34,13 +35,14 @@ class TestRescueExtension(test_base.BaseTestCase):
mock_open): mock_open):
self.agent_extension.write_rescue_password('password') self.agent_extension.write_rescue_password('password')
mock_crypt.assert_called_once_with('password') mock_crypt.assert_called_once_with('password', mock.ANY)
mock_open.assert_called_once_with( mock_open.assert_called_once_with(
'/etc/ipa-rescue-config/ipa-rescue-password', 'w') '/etc/ipa-rescue-config/ipa-rescue-password', 'w')
file_handle = mock_open() file_handle = mock_open()
file_handle.write.assert_called_once_with('12deadbeef') file_handle.write.assert_called_once_with('12deadbeef')
@mock.patch('ironic_python_agent.extensions.rescue.crypt.crypt', @mock.patch('ironic_python_agent.extensions.rescue.secretutils.'
'crypt_password',
autospec=True) autospec=True)
def test_write_rescue_password_ioerror(self, mock_crypt): def test_write_rescue_password_ioerror(self, mock_crypt):
mock_crypt.return_value = '12deadbeef' mock_crypt.return_value = '12deadbeef'
@@ -53,7 +55,8 @@ class TestRescueExtension(test_base.BaseTestCase):
IOError, self.agent_extension.write_rescue_password, IOError, self.agent_extension.write_rescue_password,
'password') 'password')
@mock.patch('ironic_python_agent.extensions.rescue.crypt.crypt', @mock.patch('ironic_python_agent.extensions.rescue.secretutils.'
'crypt_password',
autospec=True) autospec=True)
def _write_password_hashed_test(self, password, mock_crypt): def _write_password_hashed_test(self, password, mock_crypt):
mock_open = mock.mock_open() mock_open = mock.mock_open()

2
requirements.txt
View File

@@ -4,7 +4,7 @@ oslo.config>=5.2.0 # Apache-2.0
oslo.concurrency>=3.26.0 # Apache-2.0 oslo.concurrency>=3.26.0 # Apache-2.0
oslo.log>=4.6.1 # Apache-2.0 oslo.log>=4.6.1 # Apache-2.0
oslo.service>=1.24.0 # Apache-2.0 oslo.service>=1.24.0 # Apache-2.0
oslo.utils>=7.3.0 # Apache-2.0 oslo.utils>=8.0.0 # Apache-2.0
Pint>=0.5 # BSD Pint>=0.5 # BSD
psutil>=3.2.2 # BSD psutil>=3.2.2 # BSD
pyudev>=0.18 # LGPLv2.1+ pyudev>=0.18 # LGPLv2.1+