diff --git a/changelog/62670.fixed b/changelog/62670.fixed new file mode 100644 index 00000000000..2fdcb6b8b84 --- /dev/null +++ b/changelog/62670.fixed @@ -0,0 +1 @@ +Fixed pdbedit.create trying to use a bytes-like hash as string. diff --git a/salt/modules/pdbedit.py b/salt/modules/pdbedit.py index b3fb15f8275..e35283eb08e 100644 --- a/salt/modules/pdbedit.py +++ b/salt/modules/pdbedit.py @@ -203,7 +203,7 @@ def create(login, password, password_hashed=False, machine_account=False): password_hash = password.upper() password = "" # wipe password else: - password_hash = generate_nt_hash(password) + password_hash = generate_nt_hash(password).decode("ascii") # create user if login not in list_users(False): diff --git a/tests/pytests/unit/modules/test_pdbedit.py b/tests/pytests/unit/modules/test_pdbedit.py index a132a4b5128..9f6d77462f0 100644 --- a/tests/pytests/unit/modules/test_pdbedit.py +++ b/tests/pytests/unit/modules/test_pdbedit.py @@ -1,3 +1,4 @@ +import hashlib from textwrap import dedent import pytest @@ -5,6 +6,12 @@ import pytest import salt.modules.pdbedit as pdbedit from tests.support.mock import MagicMock, patch +try: + hashlib.new("md4", "".encode("utf-16le")) + MD4_SUPPORTED = True +except ValueError: + MD4_SUPPORTED = False + @pytest.fixture def configure_loader_modules(): @@ -134,3 +141,17 @@ def test_when_verbose_and_multiple_records_present_data_should_be_correctly_pars ): actual_data = pdbedit.list_users(verbose=True) assert actual_data == expected_data + + +@pytest.mark.skipif(not MD4_SUPPORTED, reason="Requires md4") +def test_create_with_existing_user_updates_password(): + with patch( + "salt.modules.pdbedit.list_users", MagicMock(return_value=["Foo"]) + ), patch( + "salt.modules.pdbedit.get_user", + MagicMock(return_value={"nt hash": "old value"}), + ), patch.dict( + pdbedit.__salt__, {"cmd.run_all": MagicMock(return_value={"retcode": 0})} + ): + ret = pdbedit.create("Foo", "secret") + assert {"Foo": "updated"} == ret