diff options
| author | varac <varacanero@zeromail.org> | 2013-04-24 16:49:56 +0200 |
|---|---|---|
| committer | varac <varacanero@zeromail.org> | 2013-04-24 16:49:56 +0200 |
| commit | 7b6c9a29b1333ce733dd5d7c0dadd7f90513b261 (patch) | |
| tree | 836d3b8819217c10d4afdfbf5b76444980abb3dd | |
| parent | ec9d3c4629586caa910323c7cd5ffe769843ad42 (diff) | |
Use pre-salted+hashed admin pw for couchdb (Feature #1941)
| -rw-r--r-- | manifests/base.pp | 17 | ||||
| -rw-r--r-- | manifests/init.pp | 2 |
2 files changed, 14 insertions, 5 deletions
diff --git a/manifests/base.pp b/manifests/base.pp index 5b70546..fb87ae9 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -56,10 +56,19 @@ class couchdb::base { require => Package['couchdb']; } - # salt and encrypt admin pw - $sha1_and_salt = str2sha1_and_salt($::couchdb::admin_pw) - $sha1 = $sha1_and_salt[0] - $salt = $sha1_and_salt[1] + if $::couchdb::admin_salt == '' { + # unhashed, plaintext pw, no salt. For couchdb >= 1.2 + $sha1_and_salt = str2sha1_and_salt($::couchdb::admin_pw) + $sha1 = $sha1_and_salt[0] + $salt = $sha1_and_salt[1] + } else { + # prehashed pw with salt, for couchdb < 1.2 + # salt and encrypt pw + # str_and_salt2sha1 is a function from leap's stdlib module + $salt = $::couchdb::admin_salt + $pw_and_salt = [ $::couchdb::admin_pw, $salt ] + $sha1 = str_and_salt2sha1($pw_and_salt) + } file { '/etc/couchdb/local.d/admin.ini': content => "[admins] diff --git a/manifests/init.pp b/manifests/init.pp index f8639f1..5c03342 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,4 +1,4 @@ -class couchdb ( $admin_pw = '', $bigcouch = false, $bigcouch_cookie = '', $ednp_port = '9001' ) +class couchdb ( $admin_pw = '', $admin_salt = '', $bigcouch = false, $bigcouch_cookie = '', $ednp_port = '9001' ) { if $admin_pw == '' { |