Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add check if scram credentials are insync with hash #455

Merged
merged 3 commits into from
Mar 28, 2018
Merged

Add check if scram credentials are insync with hash #455

merged 3 commits into from
Mar 28, 2018

Conversation

ctrox
Copy link
Contributor

@ctrox ctrox commented Mar 28, 2018

Pull Request (PR) description

For mongodb >3 the auth mechanism SCRAM-SHA-1 is the new default.
This adds a util and check if the keys computed by password_hash,
salt and iterationCount matches the keys of the existing user.

How SCRAM-SHA-1 works is described here: https://www.mongodb.com/blog/post/improved-password-based-authentication-mongodb-30-scram-explained-part-1

The test I have added is really basic, please let me know if and how this could be improved. Also the scram_credentials parameter is "read-only" which is just done via validate. Looking at other types in the puppet source this is usually how they are dealt with.

This Pull Request (PR) fixes the following issues

Fixes #425

ctrox added 3 commits March 28, 2018 09:15
@ctrox
Add check if scram credentials are insync with hash
6b7aeaf 
For mongodb >3 the auth mechanism SCRAM-SHA-1 is the new default.
This adds a util and check if the keys computed by password_hash,
salt and iterationCount matches the keys of the existing user.
@ctrox
Some rubocop fixes
f09fe75
@ctrox
Fix user unit test
98e1970
@bastelfreak bastelfreak added enhancement New feature or request bug Something isn't working and removed enhancement New feature or request labels Mar 28, 2018
@bastelfreak
Copy link
Member

Thanks for the PR @ctrox !

@bastelfreak bastelfreak merged commit 5f89261 into voxpupuli:master Mar 28, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Notice on every run for password_hash
2 participants
@ctrox @bastelfreak