Revision 31b7d5de
Added by Dominic Cleal over 11 years ago
- ID 31b7d5de00c21735164fa92940e6be2c08820c37
app/models/host_common.rb | ||
---|---|---|
require 'securerandom'
|
||
|
||
#Common methods between host and hostgroup
|
||
# mostly for template rendering consistency
|
||
module HostCommon
|
||
... | ... | |
# make sure we store an encrypted copy of the password in the database
|
||
# this password can be use as is in a unix system
|
||
def root_pass=(pass)
|
||
p = pass.empty? ? nil : (pass =~ /^\$1\$foreman\$.*/ ? pass : pass.crypt("$1$foreman$"))
|
||
p = pass.empty? ? nil : (pass.starts_with?('$') ? pass : pass.crypt("$1$#{SecureRandom.base64(6)}"))
|
||
write_attribute(:root_pass, p)
|
||
end
|
||
|
Also available in: Unified diff
fixes #2069 - use a random salt when saving the root password
CVE-2013-0173: insecure fixed salt "foreman" for passwords