|
|
@@ -0,0 +1,31 @@
|
|
|
+require 'base64'
|
|
|
+
|
|
|
+Puppet::Functions.create_function(:openldap_password) do
|
|
|
+ dispatch :passwd do
|
|
|
+ param 'String', :secret
|
|
|
+ param 'String', :scheme
|
|
|
+ end
|
|
|
+
|
|
|
+ def passwd(secret, scheme = '{SSHA}')
|
|
|
+ case scheme[%r{([A-Z,0-9]+)}, 1]
|
|
|
+ when 'CRYPT'
|
|
|
+ salt = call_function('fqdn_rand_string', 2)
|
|
|
+ password = '{CRYPT}' + secret.crypt(salt)
|
|
|
+ when 'MD5'
|
|
|
+ password = '{MD5}' + Digest::MD5.hexdigest(secret)
|
|
|
+ when 'SHA'
|
|
|
+ password = '{SHA}' + Digest::SHA1.hexdigest(secret)
|
|
|
+ when 'SMD5'
|
|
|
+ salt = call_function('fqdn_rand_string', 8)
|
|
|
+ salted_hash = "#{Digest::MD5.digest(secret + salt)}#{salt}"
|
|
|
+ password = '{SMD5}' + [salted_hash].pack('m').delete("\n")
|
|
|
+ when 'SSHA'
|
|
|
+ salt = call_function('fqdn_rand_string', 8)
|
|
|
+ password = '{SSHA}' + Base64.encode64("#{Digest::SHA1.digest(secret + salt)}#{salt}").chomp
|
|
|
+ else
|
|
|
+ raise(Puppet::ParseError, "openldap_password(): Unrecognized scheme #{scheme}")
|
|
|
+ end
|
|
|
+
|
|
|
+ password
|
|
|
+ end
|
|
|
+end
|
