states.user.present: Make usage of hash_password idempotent

Fixes #45939

salt/states/user.py

@@ -438,7 +438,24 @@ def present(name,
     # hash_password is True, then hash it.
     if password and hash_password:
         log.debug('Hashing a clear text password')
-        password = __salt__['shadow.gen_password'](password)
+        # in case a password is already set, it will contain a Salt
+        # which should be re-used to generate the new hash, other-
+        # wise the Salt will be generated randomly, causing the
+        # hash to change each time and thereby making the
+        # user.present state non-idempotent.
+        algorithms = {
+            '1':  'md5',
+            '2a': 'blowfish',
+            '5':  'sha256',
+            '6':  'sha512',
+        }
+        try:
+            _, algo, shadow_salt, shadow_hash = __salt__['shadow.info'](name)['passwd'].split('$', 4)
+            log.debug('Re-using existing shadow salt for hashing password using {}'.format(algorithms.get(algo)))
+            password = __salt__['shadow.gen_password'](password, crypt_salt=shadow_salt, algorithm=algorithms.get(algo))
+        except ValueError:
+            log.info('No existing shadow salt found, defaulting to a randomly generated new one')
+            password = __salt__['shadow.gen_password'](password)
 
     if fullname is not None:
         fullname = sdecode(fullname)