wbrawner/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

avoid shredding empty files, also x/0

Browse source 
also cleaned up unused import and exception var
This commit is contained in:
Brian Coca 2016-01-21 10:53:02 -05:00
parent 627dec716b
commit f26adcc7da
1 changed files with 17 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
lib/ansible/parsing/vault/__init__.py
View file

@ -71,7 +71,7 @@ try:
except ImportError: except ImportError:
pass pass
from ansible.compat.six import PY3, byte2int from ansible.compat.six import PY3
from ansible.utils.unicode import to_unicode, to_bytes from ansible.utils.unicode import to_unicode, to_bytes
HAS_ANY_PBKDF2HMAC = HAS_PBKDF2 or HAS_PBKDF2HMAC HAS_ANY_PBKDF2HMAC = HAS_PBKDF2 or HAS_PBKDF2HMAC
@ -236,22 +236,24 @@ class VaultEditor:
""" """
file_len = os.path.getsize(tmp_path) file_len = os.path.getsize(tmp_path)
max_chunk_len = min(1024*1024*2, file_len)
passes = 3 if file_len > 0: # avoid work when file was empty
with open(tmp_path, "wb") as fh: max_chunk_len = min(1024*1024*2, file_len)
for _ in range(passes):
fh.seek(0, 0)
# get a random chunk of data, each pass with other length
chunk_len = random.randint(max_chunk_len//2, max_chunk_len)
data = os.urandom(chunk_len)
for _ in range(0, file_len // chunk_len): passes = 3
fh.write(data) with open(tmp_path, "wb") as fh:
fh.write(data[:file_len % chunk_len]) for _ in range(passes):
fh.seek(0, 0)
# get a random chunk of data, each pass with other length
chunk_len = random.randint(max_chunk_len//2, max_chunk_len)
data = os.urandom(chunk_len)
assert(fh.tell() == file_len) # FIXME remove this assert once we have unittests to check its accuracy for _ in range(0, file_len // chunk_len):
os.fsync(fh) fh.write(data)
fh.write(data[:file_len % chunk_len])
assert(fh.tell() == file_len) # FIXME remove this assert once we have unittests to check its accuracy
os.fsync(fh)
def _shred_file(self, tmp_path): def _shred_file(self, tmp_path):
@ -273,7 +275,7 @@ class VaultEditor:
try: try:
r = call(['shred', tmp_path]) r = call(['shred', tmp_path])
except OSError as e: except OSError:
# shred is not available on this system, or some other error occured. # shred is not available on this system, or some other error occured.
r = 1 r = 1