diff options
Diffstat (limited to 'lib')
-rw-r--r-- | lib/ansible/parsing/dataloader.py | 4 | ||||
-rw-r--r-- | lib/ansible/parsing/vault/__init__.py | 6 |
2 files changed, 8 insertions, 2 deletions
diff --git a/lib/ansible/parsing/dataloader.py b/lib/ansible/parsing/dataloader.py index 3ab56a935c..ebcfa31d1b 100644 --- a/lib/ansible/parsing/dataloader.py +++ b/lib/ansible/parsing/dataloader.py @@ -331,11 +331,11 @@ class DataLoader(): try: with open(to_bytes(real_path), 'rb') as f: - data = f.read() - if self._vault.is_encrypted(data): + if self._vault.is_encrypted(f): # if the file is encrypted and no password was specified, # the decrypt call would throw an error, but we check first # since the decrypt function doesn't know the file name + data = f.read() if not self._vault_password: raise AnsibleParserError("A vault password must be specified to decrypt %s" % file_path) diff --git a/lib/ansible/parsing/vault/__init__.py b/lib/ansible/parsing/vault/__init__.py index a86907d8e7..e7703b5c1d 100644 --- a/lib/ansible/parsing/vault/__init__.py +++ b/lib/ansible/parsing/vault/__init__.py @@ -115,6 +115,12 @@ class VaultLib: :returns: True if it is recognized. Otherwise, False. """ + if hasattr(data, 'read'): + current_position = data.tell() + header_part = data.read(len(b_HEADER)) + data.seek(current_position) + return self.is_encrypted(header_part) + if to_bytes(data, errors='strict', encoding='utf-8').startswith(b_HEADER): return True return False |