Defect #33978
open
Redmine saves LDAP bind password on the table auth_sources with encryption by AES-256-CBC. Redmine itself is aware of the encryption and read out it with decryption.
On the other hand, Redmine.pm is reading the relational database directly without decryption and fails to bind LDAP and finally fails to authenticate Subversion access.
There is no way to read out cipher_key setting from config/configuration.yml from perl and then it is difficult to integrate Redmine.pm to Redmine.
- Tracker changed from Feature to Defect
- Category changed from Accounts / authentication to SCM extra
- Status changed from New to Confirmed
- Affected version set to 1.2.0
- Related to Feature #7411: Option to cipher LDAP ans SCM passwords stored in the database added
徹 原口 wrote:
There is no way to read out cipher_key setting from config/configuration.yml from perl and then it is difficult to integrate Redmine.pm to Redmine.
Maybe Redmine.pm should support a new directive such as RedmineDbCiperKey.
Since our company changed LDAP service to require bind and the old one will be ceased at 9/30, some work around is needed.
Will somebody insist a best ciphering lib for perl?
As an workaround, I will make the password constant in Redmine.pm so far. Please resolve this contradiction in near future.
Also available in: Atom
PDF
Updated by