[elbe-devel] [PATCH v1 11/15] xmlpreprocess: legacy support for hashed root passwords
Holger Dengler
holger at hdengler.de
Wed Jun 8 22:39:54 CEST 2022
The removal of the plain-text password changes the behavior, compared to
previous versions of Elbe.
Set attribute "keep_plain" to "true" in all cases, where a legacy XML is
detected and converted to the new schema. This keeps the behavior as
close as possible to previous versions.
Legacy XMLs has a "passwd" element without attributes and no
"passwd_hashed" element.
Signed-off-by: Holger Dengler <holger at hdengler.de>
---
elbepack/xmlpreprocess.py | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/elbepack/xmlpreprocess.py b/elbepack/xmlpreprocess.py
index f11dfe72c..9d6cd1ac6 100644
--- a/elbepack/xmlpreprocess.py
+++ b/elbepack/xmlpreprocess.py
@@ -274,6 +274,13 @@ def preprocess_root_password(xml):
parent.insert(list(parent).index(passwd) + 1,
passwd_hashed)
+ # conversion of a legacy xml file (passwd node without attributes
+ # exists, but no passwd_hashed node): set keep_plain to be
+ # compatible with previous versions.
+ if 'keep_plain' not in passwd.attrib:
+ passwd.attrib['keep_plain'] = 'true'
+ print('[WARN] legacy XML: keep plain-text password is enforced.')
+
# update hashed password node
passwd_hashed.text = '%s' % crypt(passwd.text, METHOD_SHA512)
print('[INFO] update hashed password for root.')
--
2.36.1
More information about the elbe-devel
mailing list