Defect #33978

Redmine.pm shall decrypt LDAP bind password

Added by Anonymous about 2 years ago. Updated about 2 years ago.

Status:ConfirmedStart date:
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:SCM extra
Target version:-
Resolution: Affected version:1.2.0

Related issues

Related to Redmine - Feature #7411: Option to cipher LDAP ans SCM passwords stored in the dat... Closed 2011-01-22

History

#1 Updated by Anonymous about 2 years ago

Redmine saves LDAP bind password on the table auth_sources with encryption by AES-256-CBC. Redmine itself is aware of the encryption and read out it with decryption.

On the other hand, Redmine.pm is reading the relational database directly without decryption and fails to bind LDAP and finally fails to authenticate Subversion access.

#2 Updated by Anonymous about 2 years ago

There is no way to read out cipher_key setting from config/configuration.yml from perl and then it is difficult to integrate Redmine.pm to Redmine.

#3 Updated by Go MAEDA about 2 years ago

  • Tracker changed from Feature to Defect
  • Category changed from Accounts / authentication to SCM extra
  • Status changed from New to Confirmed
  • Affected version set to 1.2.0

#4 Updated by Go MAEDA about 2 years ago

  • Related to Feature #7411: Option to cipher LDAP ans SCM passwords stored in the database added

#5 Updated by Go MAEDA about 2 years ago

徹 原口 wrote:

There is no way to read out cipher_key setting from config/configuration.yml from perl and then it is difficult to integrate Redmine.pm to Redmine.

Maybe Redmine.pm should support a new directive such as RedmineDbCiperKey.

#6 Updated by Anonymous about 2 years ago

Since our company changed LDAP service to require bind and the old one will be ceased at 9/30, some work around is needed.

#7 Updated by Anonymous about 2 years ago

Will somebody insist a best ciphering lib for perl?

#8 Updated by Anonymous about 2 years ago

#9 Updated by Anonymous about 2 years ago

As an workaround, I will make the password constant in Redmine.pm so far. Please resolve this contradiction in near future.

Also available in: Atom PDF