diff options
Diffstat (limited to 'lib/puppet/parser/functions')
| -rw-r--r-- | lib/puppet/parser/functions/obfuscate_email.rb | 16 | ||||
| -rw-r--r-- | lib/puppet/parser/functions/str2saltedsha1.rb | 32 | ||||
| -rw-r--r-- | lib/puppet/parser/functions/str2sha1_and_salt.rb | 36 | ||||
| -rw-r--r-- | lib/puppet/parser/functions/str_and_salt2sha1.rb | 32 |
4 files changed, 116 insertions, 0 deletions
diff --git a/lib/puppet/parser/functions/obfuscate_email.rb b/lib/puppet/parser/functions/obfuscate_email.rb new file mode 100644 index 0000000..4e4cb82 --- /dev/null +++ b/lib/puppet/parser/functions/obfuscate_email.rb @@ -0,0 +1,16 @@ +module Puppet::Parser::Functions + newfunction(:obfuscate_email, :type => :rvalue, :doc => <<-EOS +Given: + a comma seperated email string in form of 'john@doe.com, doe@john.com' + +This function will return all emails obfuscated in form of 'john {at} doe {dot} com, doe {at} john {dot} com' +Works with multiple email adresses as well as with a single email adress. + + EOS + ) do |args| + args[0].gsub('@', ' {at} ').gsub('.', ' {dot} ') + end +end + +# vim: set ts=2 sw=2 et : +# encoding: utf-8 diff --git a/lib/puppet/parser/functions/str2saltedsha1.rb b/lib/puppet/parser/functions/str2saltedsha1.rb new file mode 100644 index 0000000..e51a861 --- /dev/null +++ b/lib/puppet/parser/functions/str2saltedsha1.rb @@ -0,0 +1,32 @@ +# +# str2saltedsha1.rb +# + +module Puppet::Parser::Functions + newfunction(:str2saltedsha1, :type => :rvalue, :doc => <<-EOS +This converts a string to a salted-SHA1 password hash (which is used for +OS X versions >= 10.7). Given any simple string, you will get a hex version +of a salted-SHA1 password hash that can be inserted into your Puppet +manifests as a valid password attribute. + EOS + ) do |arguments| + require 'digest/sha2' + + raise(Puppet::ParseError, "str2saltedsha1(): Wrong number of arguments " + + "passed (#{arguments.size} but we require 1)") if arguments.size != 1 + + password = arguments[0] + + unless password.is_a?(String) + raise(Puppet::ParseError, 'str2saltedsha1(): Requires a ' + + "String argument, you passed: #{password.class}") + end + + seedint = rand(2**31 - 1) + seedstring = Array(seedint).pack("L") + saltedpass = Digest::SHA1.digest(seedstring + password) + (seedstring + saltedpass).unpack('H*')[0] + end +end + +# vim: set ts=2 sw=2 et : diff --git a/lib/puppet/parser/functions/str2sha1_and_salt.rb b/lib/puppet/parser/functions/str2sha1_and_salt.rb new file mode 100644 index 0000000..9ec382d --- /dev/null +++ b/lib/puppet/parser/functions/str2sha1_and_salt.rb @@ -0,0 +1,36 @@ +# +# str2saltedsha1.rb +# + +module Puppet::Parser::Functions + newfunction(:str2sha1_and_salt, :type => :rvalue, :doc => <<-EOS +This converts a string to an array containing the salted SHA1 password hash in +the first field, and the salt itself in second field of the returned array. +This combination is used i.e. for couchdb passwords. + EOS + ) do |arguments| + require 'digest/sha1' + + raise(Puppet::ParseError, "str2saltedsha1(): Wrong number of arguments " + + "passed (#{arguments.size} but we require 1)") if arguments.size != 1 + + password = arguments[0] + + unless password.is_a?(String) + raise(Puppet::ParseError, 'str2saltedsha1(): Requires a ' + + "String argument, you passed: #{password.class}") + end + + seedint = rand(2**31 - 1) + seedstring = Array(seedint).pack("L") + salt = Digest::MD5.hexdigest(seedstring) + saltedpass = Digest::SHA1.hexdigest(password + salt) + + array = Array.new + array << saltedpass + array << salt + return array + end +end + +# vim: set ts=2 sw=2 et : diff --git a/lib/puppet/parser/functions/str_and_salt2sha1.rb b/lib/puppet/parser/functions/str_and_salt2sha1.rb new file mode 100644 index 0000000..71d69cf --- /dev/null +++ b/lib/puppet/parser/functions/str_and_salt2sha1.rb @@ -0,0 +1,32 @@ +# +# str_and_salt2sha1.rb +# + +module Puppet::Parser::Functions + newfunction(:str_and_salt2sha1, :type => :rvalue, :doc => <<-EOS +This converts a string to an array containing the salted SHA1 password hash in +the first field, and the salt itself in second field of the returned array. +This combination is used i.e. for couchdb passwords. + EOS + ) do |arguments| + require 'digest/sha1' + + raise(Puppet::ParseError, "str_and_salt2sha1(): Wrong number of arguments " + + "passed (#{arguments.size} but we require 1)") if arguments.size != 1 + + str_and_salt = arguments[0] + + unless str_and_salt.is_a?(Array) + raise(Puppet::ParseError, 'str_and_salt2sha1(): Requires a ' + + "Array argument, you passed: #{password.class}") + end + + str = str_and_salt[0] + salt = str_and_salt[1] + sha1 = Digest::SHA1.hexdigest(str+ salt) + + return sha1 + end +end + +# vim: set ts=2 sw=2 et : |