ruby-net-ldap icon indicating copy to clipboard operation
ruby-net-ldap copied to clipboard
verified publisher icon ruby-ldap

Add SHA2, :smd5, :sha1 & :ssha1 password generation support

Open ojab opened this issue 10 years ago • 3 comments

Haven't tested this PR on rubies < 2.2 yet, please consider it RFC.

With this patch net/ldap will support md5, sha, sha1, sha256, sha384, sha512 password schemes (and salted variants).

Given that comment says "I vote no because then should you also provide ssha1 for symmetry?" -- should I remove :sha1/:ssha1 support?

Is the code overall looks ok for you or something should be changed?

ojab avatar May 19 '15 11:05 ojab

@jch @mtodd is there anything holding this back? It'd be useful to have it merged!

mattcg avatar Jan 24 '17 12:01 mattcg

Note that in this pull request, if the password contains accented characters, the following error will be thrown:

Encoding::CompatibilityError (incompatible character encodings: UTF-8 and ASCII-8BIT)

There's the option of forcing the encoding of the password to ASCII, but I think the more elegant solution is to use digest.update:

    algo = Digest.module_eval(digest.upcase).new
    algo.update(str)
    algo.update(salt)
   "{#{type.upcase}}#{Base64.encode64(algo.digest + salt).chomp}"

mattcg avatar Jan 24 '17 13:01 mattcg

@ojab @mattcg I think the idea is good, but I would prefer the changes to be more explicit and to have less metaprogramming. Comments inline.

jch avatar Jan 25 '17 17:01 jch