1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
community.general/plugins/modules/net_tools
David Hummel 7f96b7df60
nmcli: writing secrets to command line is a security hole (#3160)
* nmcli: use `stdin` for setting private `wifi_sec` options

I.E.:
* `802-11-wireless-security.leap-password`
* `802-11-wireless-security.psk`
* `802-11-wireless-security.wep-key0`
* `802-11-wireless-security.wep-key1`
* `802-11-wireless-security.wep-key2`
* `802-11-wireless-security.wep-key3`

* Changelog fragement formatting.

* Update changelogs/fragments/3160-pass-wifi-secrets-via-stdin-to-nmcli-module.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

* Make `wifi_sec_secret_options()` into a constant

* Minor cleanup

`'set ' + key + ' ' + value`
=>
`'set %s %s' % (key, value)`

* Change `casing`

* Change `WIFI_SEC_SECRET_OPTIONS` from `list` to `tuple`

* Update `edit_connection()` to not reset `edit_commands`

It will just re`set` them if `edit_connection()` is called more than 
once.

* Do not call `edit_connection()` if `connection_update(*)` fails

* Fixed `pep8` issue `E713` in tests

`test for membership should be 'not in'`

* Simplify `create_connection()`/`modify_connection()` logic

* `WIFI_SEC_SECRET_OPTIONS`=>`SECRET_OPTIONS`, options are prefixed

* Moved `if key in self.SECRET_OPTIONS` into `if value is not None` check

We don't need to do anything is the value is None

Co-authored-by: Felix Fontein <felix@fontein.de>
2021-08-08 18:35:52 +02:00
..
infinity modules: fix examples to use FQCN (#644) 2020-07-13 21:50:31 +02:00
ldap Replace ansible.module_utils._text by ansible.module_utils.common.text.converters (#2877) 2021-06-26 23:59:11 +02:00
nios mass-added the utf-8 marker (#3163) 2021-08-08 10:40:22 +02:00
pritunl Replace ansible.module_utils._text by ansible.module_utils.common.text.converters (#2877) 2021-06-26 23:59:11 +02:00
cloudflare_dns.py Replace ansible.module_utils._text by ansible.module_utils.common.text.converters (#2877) 2021-06-26 23:59:11 +02:00
dnsimple.py mass-added the utf-8 marker (#3163) 2021-08-08 10:40:22 +02:00
dnsmadeeasy.py Fix a bunch of potential security issues (secret leaking) (#1736) 2021-02-08 16:33:18 +01:00
gandi_livedns.py Add gandi_livedns module (#328) 2021-03-21 11:25:24 +01:00
haproxy.py Replace ansible.module_utils._text by ansible.module_utils.common.text.converters (#2877) 2021-06-26 23:59:11 +02:00
ip_netns.py mass-added the utf-8 marker (#3163) 2021-08-08 10:40:22 +02:00
ipify_facts.py Replace ansible.module_utils._text by ansible.module_utils.common.text.converters (#2877) 2021-06-26 23:59:11 +02:00
ipinfoio_facts.py mass-added the utf-8 marker (#3163) 2021-08-08 10:40:22 +02:00
ipwcli_dns.py mass-added the utf-8 marker (#3163) 2021-08-08 10:40:22 +02:00
lldp.py mass-added the utf-8 marker (#3163) 2021-08-08 10:40:22 +02:00
netcup_dns.py Use str() to get exception message (#2590) 2021-05-25 12:58:20 +02:00
nmcli.py nmcli: writing secrets to command line is a security hole (#3160) 2021-08-08 18:35:52 +02:00
nsupdate.py mass-added the utf-8 marker (#3163) 2021-08-08 10:40:22 +02:00
omapi_host.py Replace ansible.module_utils._text by ansible.module_utils.common.text.converters (#2877) 2021-06-26 23:59:11 +02:00
snmp_facts.py added supports_check_mode=True to info/facts modules (#3084) 2021-07-27 18:24:29 +02:00