Closed
Description
Describe the Bug
in stdblib 8.6.0 i could do something like this:
user { 'bcrypt_user':
ensure => present,
password => pw_hash('password', 'bcrypt-a', '10$ABCDE.bcrypt.fixedsalt'),
}
in stdlib 9.3.0 i get this:
Info: Loading facts
Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Evaluation Error: Error while evaluating a Method call, Invalid salt value: $2a$10$ABCDE.bcrypt.fixedsalt (file: /etc/puppetlabs/code/environments/production/manifests/site.pp, line: 28, column: 45) on node puppet.example.com
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
https://github.com/puppetlabs/puppetlabs-stdlib/blob/main/lib/puppet/parser/functions/pw_hash.rb
when i change this block, it works again
9.3.0 not working
# handle weak implementations of String#crypt
# dup the string to get rid of frozen status for testing
if RUBY_PLATFORM == 'java'
# puppetserver bundles Apache Commons Codec
org.apache.commons.codec.digest.Crypt.crypt(password.to_java_bytes, salt)
elsif (+'test').crypt('$1$1') == '$1$1$Bp8CU9Oujr9SSEw53WV6G.'
password.crypt(salt)
else
# JRuby < 1.7.17
# MS Windows and other systems that don't support enhanced salts
raise Puppet::ParseError, 'system does not support enhanced salts'
end8.6.0 working
# handle weak implementations of String#crypt
# dup the string to get rid of frozen status for testing
if ('test'.dup).crypt('$1$1') != '$1$1$Bp8CU9Oujr9SSEw53WV6G.'
# JRuby < 1.7.17
# MS Windows and other systems that don't support enhanced salts
raise Puppet::ParseError, 'system does not support enhanced salts' unless RUBY_PLATFORM == 'java'
# puppetserver bundles Apache Commons Codec
org.apache.commons.codec.digest.Crypt.crypt(password.to_java_bytes, salt)
else
password.crypt(salt)
end