diff options
| -rw-r--r-- | filter_plugins/mail.py | 34 | ||||
| -rw-r--r-- | filter_plugins/passwd.py | 32 | ||||
| -rw-r--r-- | filter_plugins/znc.py | 32 |
3 files changed, 32 insertions, 66 deletions
diff --git a/filter_plugins/mail.py b/filter_plugins/mail.py deleted file mode 100644 index 1735e62..0000000 --- a/filter_plugins/mail.py +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright (c) 2018 Aaron LI <aly@aaronly.me> -# MIT License - -""" -Custom Ansible template filters for "mail" role. -""" - -import os -import base64 -import crypt - - -def dovecot_makepass(p): - """ - Generate the salted hashed password for Dovecot using the - SHA512-CRYPT scheme. - - Implement the "doveadm pw -s SHA512-CRYPT" command. - - Dovecot password format: {<scheme>}$<type>$<salt>$<hash> - """ - method, htype = "SHA512", "$6$" - scheme = method + "-CRYPT" - saltlen = 16 - salt = os.urandom(saltlen) - salt = base64.b64encode(salt)[:saltlen] - return "{%s}%s" % (scheme, crypt.crypt(p, htype+salt)) - - -class FilterModule(object): - def filters(self): - return { - "dovecot_makepass": dovecot_makepass, - } diff --git a/filter_plugins/passwd.py b/filter_plugins/passwd.py index 252cd6e..40536f4 100644 --- a/filter_plugins/passwd.py +++ b/filter_plugins/passwd.py @@ -8,6 +8,7 @@ Custom Ansible template filters to crypt/hash passwords. import os import base64 import crypt +import hashlib def cryptpass(p): @@ -22,8 +23,39 @@ def cryptpass(p): return crypt.crypt(p, hashtype+salt) +def dovecot_makepass(p): + """ + Generate the salted hashed password for Dovecot using the + SHA512-CRYPT scheme. + + Implement the "doveadm pw -s SHA512-CRYPT" command. + + Dovecot password format: {<scheme>}$<type>$<salt>$<hash> + """ + scheme = "SHA512-CRYPT" + cp = cryptpass(p) + return "{%s}%s" % (scheme, cp) + + +def znc_makepass(p, method="sha256", saltlen=20): + """ + Generate the salted hashed password for ZNC configuration. + + Implement the "znc --makepass" command. + + ZNC password format: <method>#<hash>#<salt> + """ + salt = os.urandom(saltlen) + salt = base64.b64encode(salt)[:saltlen] + s = p + salt + h = getattr(hashlib, method)(s) + return "%s#%s#%s" % (method, h.hexdigest(), salt) + + class FilterModule(object): def filters(self): return { "cryptpass": cryptpass, + "dovecot_makepass": dovecot_makepass, + "znc_makepass": znc_makepass, } diff --git a/filter_plugins/znc.py b/filter_plugins/znc.py deleted file mode 100644 index 243cdd5..0000000 --- a/filter_plugins/znc.py +++ /dev/null @@ -1,32 +0,0 @@ -# Copyright (c) 2018 Aaron LI <aly@aaronly.me> -# MIT License - -""" -Custom Ansible template filters for "znc" role. -""" - -import os -import base64 -import hashlib - - -def znc_makepass(p, method="sha256", saltlen=20): - """ - Generate the salted hashed password for ZNC configuration. - - Implement the "znc --makepass" command. - - ZNC password format: <method>#<hash>#<salt> - """ - salt = os.urandom(saltlen) - salt = base64.b64encode(salt)[:saltlen] - s = p + salt - h = getattr(hashlib, method)(s) - return "%s#%s#%s" % (method, h.hexdigest(), salt) - - -class FilterModule(object): - def filters(self): - return { - "znc_makepass": znc_makepass, - } |