Revision 31b7d5de
Added by Dominic Cleal over 11 years ago
- ID 31b7d5de00c21735164fa92940e6be2c08820c37
| app/models/host_common.rb | ||
|---|---|---|
|
require 'securerandom'
|
||
|
|
||
|
#Common methods between host and hostgroup
|
||
|
# mostly for template rendering consistency
|
||
|
module HostCommon
|
||
| ... | ... | |
|
# make sure we store an encrypted copy of the password in the database
|
||
|
# this password can be use as is in a unix system
|
||
|
def root_pass=(pass)
|
||
|
p = pass.empty? ? nil : (pass =~ /^\$1\$foreman\$.*/ ? pass : pass.crypt("$1$foreman$"))
|
||
|
p = pass.empty? ? nil : (pass.starts_with?('$') ? pass : pass.crypt("$1$#{SecureRandom.base64(6)}"))
|
||
|
write_attribute(:root_pass, p)
|
||
|
end
|
||
|
|
||
Also available in: Unified diff
fixes #2069 - use a random salt when saving the root password
CVE-2013-0173: insecure fixed salt "foreman" for passwords