Pass encoding to stringutils.to_unicode

2025-04-16 17:50:20 +00:00 · 2019-04-30 16:29:03 -06:00 · 2019-04-30 16:29:03 -06:00 · c7f45c241a
commit c7f45c241a
parent 35094653c9
2 changed files with 7 additions and 7 deletions
--- a/salt/renderers/gpg.py
+++ b/salt/renderers/gpg.py
@ -295,7 +295,7 @@ def _decrypt_ciphertext(cipher):
        return decrypted_data


-def _decrypt_ciphertexts(cipher, translate_newlines=False):
+def _decrypt_ciphertexts(cipher, translate_newlines=False, encoding=None):
    to_bytes = salt.utils.stringutils.to_bytes
    cipher = to_bytes(cipher)
    if translate_newlines:
@ -314,14 +314,14 @@ def _decrypt_ciphertexts(cipher, translate_newlines=False):
        ret = cipher

    try:
-        ret = salt.utils.stringutils.to_unicode(ret)
+        ret = salt.utils.stringutils.to_unicode(ret, encoding=encoding)
    except UnicodeDecodeError:
        # decrypted data contains some sort of binary data - not our problem
        pass
    return ret


-def _decrypt_object(obj, translate_newlines=False):
+def _decrypt_object(obj, translate_newlines=False, encoding=None):
    '''
    Recursively try to decrypt any object. If the object is a six.string_types
    (string or unicode), and it contains a valid GPG header, decrypt it,
@ -330,7 +330,7 @@ def _decrypt_object(obj, translate_newlines=False):
    if salt.utils.stringio.is_readable(obj):
        return _decrypt_object(obj.getvalue(), translate_newlines)
    if isinstance(obj, six.string_types):
-        return _decrypt_ciphertexts(obj, translate_newlines=translate_newlines)
+        return _decrypt_ciphertexts(obj, translate_newlines=translate_newlines, encoding=encoding)
    elif isinstance(obj, dict):
        for key, value in six.iteritems(obj):
            obj[key] = _decrypt_object(value,
@ -355,4 +355,4 @@ def render(gpg_data, saltenv='base', sls='', argline='', **kwargs):
    log.debug('Reading GPG keys from: %s', _get_key_dir())

    translate_newlines = kwargs.get('translate_newlines', False)
-    return _decrypt_object(gpg_data, translate_newlines=translate_newlines)
+    return _decrypt_object(gpg_data, translate_newlines=translate_newlines, encoding=kwargs.get('encoding', None))
--- a/tests/unit/renderers/test_gpg.py
+++ b/tests/unit/renderers/test_gpg.py
@ -143,7 +143,7 @@ class GPGTestCase(TestCase, LoaderModuleMockMixin):
        with patch('salt.renderers.gpg._get_gpg_exec', MagicMock(return_value=True)):
            with patch('salt.renderers.gpg._get_key_dir', MagicMock(return_value=key_dir)):
                with patch('salt.renderers.gpg._decrypt_ciphertext', MagicMock(return_value=secret)):
-                    self.assertEqual(gpg.render(crypted), expected)
+                    self.assertEqual(gpg.render(crypted, encoding='utf-8'), expected)

    def test_render_with_translate_newlines_should_translate_newlines(self):
        key_dir = '/etc/salt/gpgkeys'
@ -165,6 +165,6 @@ class GPGTestCase(TestCase, LoaderModuleMockMixin):
            with patch('salt.renderers.gpg._get_key_dir', MagicMock(return_value=key_dir)):
                with patch('salt.renderers.gpg._decrypt_ciphertext', MagicMock(return_value=secret)):
                    self.assertEqual(
-                        gpg.render(crypted, translate_newlines=True),
+                        gpg.render(crypted, translate_newlines=True, encoding='utf-8'),
                        expected,
                    )