| 12345678910111213141516171819202122232425262728293031 |
- require 'base64'
- Puppet::Functions.create_function(:openldap_password) do
- dispatch :passwd do
- param 'String', :secret
- param 'String', :scheme
- end
- def passwd(secret, scheme = '{SSHA}')
- case scheme[%r{([A-Z,0-9]+)}, 1]
- when 'CRYPT'
- salt = call_function('fqdn_rand_string', 2)
- password = '{CRYPT}' + secret.crypt(salt)
- when 'MD5'
- password = '{MD5}' + Digest::MD5.hexdigest(secret)
- when 'SHA'
- password = '{SHA}' + Digest::SHA1.hexdigest(secret)
- when 'SMD5'
- salt = call_function('fqdn_rand_string', 8)
- salted_hash = "#{Digest::MD5.digest(secret + salt)}#{salt}"
- password = '{SMD5}' + [salted_hash].pack('m').delete("\n")
- when 'SSHA'
- salt = call_function('fqdn_rand_string', 8)
- password = '{SSHA}' + Base64.encode64("#{Digest::SHA1.digest(secret + salt)}#{salt}").chomp
- else
- raise(Puppet::ParseError, "openldap_password(): Unrecognized scheme #{scheme}")
- end
- password
- end
- end
|
