ruby-ntlm
ruby-ntlm copied to clipboard
macks
OpenSSL 3.0 Support
Ok, I found exact issue.
With following patch I have tests passing with ruby 3.2 and openssl gem 3.2 (required to get OpenSSL::Provider, else openssl env config required for legacy ciphers) built against openssl 3.3:
3.2.4 :001 > require 'openssl'
=> true
3.2.4 :002 > OpenSSL::VERSION
=> "3.2.0"
3.2.4 :003 > OpenSSL::OPENSSL_LIBRARY_VERSION
=> "OpenSSL 3.3.0 9 Apr 2024"
3.2.4 :004 > RUBY_VERSION
=> "3.2.4"
diff --git a/lib/ntlm/util.rb b/lib/ntlm/util.rb
index 4eaeac2..77fdc7c 100644
--- a/lib/ntlm/util.rb
+++ b/lib/ntlm/util.rb
@@ -2,6 +2,10 @@
require 'openssl'
+if defined?(OpenSSL::Provider)
+ OpenSSL::Provider.load('legacy')
+end
+
module NTLM
module Util
@@ -54,7 +58,7 @@ module NTLM
keys = create_des_keys(key[0, key_length])
result = ''
- cipher = OpenSSL::Cipher::DES.new
+ cipher = OpenSSL::Cipher::DES.new(:ecb)
keys.each do |k|
cipher.encrypt
cipher.key = k
diff --git a/ruby-ntlm.gemspec b/ruby-ntlm.gemspec
index 4d41fc7..4c2f42d 100644
--- a/ruby-ntlm.gemspec
+++ b/ruby-ntlm.gemspec
@@ -18,7 +18,8 @@ Gem::Specification.new do |spec|
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
spec.require_paths = ["lib"]
- spec.add_development_dependency "bundler", "~> 1.5"
+ spec.add_dependency "openssl", "~> 3.2.0"
+
spec.add_development_dependency "rake"
spec.add_development_dependency "test-unit"
end
bundle exec rake test 1 -I-
Calling `DidYouMean::SPELL_CHECKERS.merge!(error_name => spell_checker)' has been deprecated. Please call `DidYouMean.correct_error(error_name, spell_checker)' instead.
Calling `DidYouMean::SPELL_CHECKERS.merge!(error_name => spell_checker)' has been deprecated. Please call `DidYouMean.correct_error(error_name, spell_checker)' instead.
/Users/bak1an/.rvm/rubies/ruby-3.2.4/bin/ruby -w -I"lib:lib:test" /Users/bak1an/.rvm/gems/ruby-3.2.4@ntlm/gems/rake-13.2.1/lib/rake/rake_test_loader.rb "test/auth_test.rb" "test/function_test.rb"
/Users/bak1an/.rvm/gems/ruby-3.2.4@ntlm/gems/bundler-2.1.4/lib/bundler/vendor/thor/lib/thor/error.rb:105: warning: constant DidYouMean::SPELL_CHECKERS is deprecated
Calling `DidYouMean::SPELL_CHECKERS.merge!(error_name => spell_checker)' has been deprecated. Please call `DidYouMean.correct_error(error_name, spell_checker)' instead.
LOADING LEGECY PROVIDER
Loaded suite /Users/bak1an/.rvm/gems/ruby-3.2.4@ntlm/gems/rake-13.2.1/lib/rake/rake_test_loader
Started
Finished in 0.002056 seconds.
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
6 tests, 9 assertions, 0 failures, 0 errors, 0 pendings, 0 omissions, 0 notifications
100% passed
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
2918.29 tests/s, 4377.43 assertions/s
I do have a branch for this there https://github.com/macks/ruby-ntlm/compare/master...bak1an:ruby-ntlm:openssl3
@macks Would you be interested in a PR to properly release this?
Having openssl 3.2 gem as a dependency will require limiting minimal ruby version to 2.7 (and will ideally mean some code cleanup here) but it seems fine to me. Older ruby version will not be affected by openssl 3 anyway so they can just use older gem version.