diff options
| author | Brian Coca <brian.coca+git@gmail.com> | 2016-01-21 10:53:02 -0500 |
|---|---|---|
| committer | Brian Coca <brian.coca+git@gmail.com> | 2016-01-21 10:56:24 -0500 |
| commit | 92579eb48fde58671325247eeb3866bc80f04f81 (patch) | |
| tree | 86de7874236da4bc6b63d6ae392fc1ec2160447d /lib/ansible | |
| parent | d56e2fb80e6414467023fcc45bd31b7beae60652 (diff) | |
| download | ansible-92579eb48fde58671325247eeb3866bc80f04f81.tar.gz | |
avoid shredding empty files, also x/0
also cleaned up unused import and exception var
Diffstat (limited to 'lib/ansible')
| -rw-r--r-- | lib/ansible/parsing/vault/__init__.py | 32 |
1 files changed, 17 insertions, 15 deletions
diff --git a/lib/ansible/parsing/vault/__init__.py b/lib/ansible/parsing/vault/__init__.py index f38525e028..dc30dd0ffb 100644 --- a/lib/ansible/parsing/vault/__init__.py +++ b/lib/ansible/parsing/vault/__init__.py @@ -71,7 +71,7 @@ try: except ImportError: pass -from ansible.compat.six import PY3, byte2int +from ansible.compat.six import PY3 from ansible.utils.unicode import to_unicode, to_bytes HAS_ANY_PBKDF2HMAC = HAS_PBKDF2 or HAS_PBKDF2HMAC @@ -236,22 +236,24 @@ class VaultEditor: """ file_len = os.path.getsize(tmp_path) - max_chunk_len = min(1024*1024*2, file_len) - passes = 3 - with open(tmp_path, "wb") as fh: - for _ in range(passes): - fh.seek(0, 0) - # get a random chunk of data, each pass with other length - chunk_len = random.randint(max_chunk_len//2, max_chunk_len) - data = os.urandom(chunk_len) + if file_len > 0: # avoid work when file was empty + max_chunk_len = min(1024*1024*2, file_len) - for _ in range(0, file_len // chunk_len): - fh.write(data) - fh.write(data[:file_len % chunk_len]) + passes = 3 + with open(tmp_path, "wb") as fh: + for _ in range(passes): + fh.seek(0, 0) + # get a random chunk of data, each pass with other length + chunk_len = random.randint(max_chunk_len//2, max_chunk_len) + data = os.urandom(chunk_len) - assert(fh.tell() == file_len) # FIXME remove this assert once we have unittests to check its accuracy - os.fsync(fh) + for _ in range(0, file_len // chunk_len): + fh.write(data) + fh.write(data[:file_len % chunk_len]) + + assert(fh.tell() == file_len) # FIXME remove this assert once we have unittests to check its accuracy + os.fsync(fh) def _shred_file(self, tmp_path): @@ -273,7 +275,7 @@ class VaultEditor: try: r = call(['shred', tmp_path]) - except OSError as e: + except OSError: # shred is not available on this system, or some other error occured. r = 1 |