From 6f2d527c24e121a09f38abfa620895cb3d9f32db Mon Sep 17 00:00:00 2001
From: blackhedd <blackhedd@005445c4-6811-0410-8301-cae4f0071d1d>
Date: Mon, 24 Apr 2006 21:58:14 +0000
Subject: [PATCH] Added a password-hash generator.

---
 lib/net/ldap.rb     |  1 +
 lib/net/ldap/psw.rb | 62 +++++++++++++++++++++++++++++++++++++++++++++
 tests/testem.rb     |  1 +
 tests/testpsw.rb    | 28 ++++++++++++++++++++
 4 files changed, 92 insertions(+)
 create mode 100644 lib/net/ldap/psw.rb
 create mode 100644 tests/testpsw.rb

diff --git a/lib/net/ldap.rb b/lib/net/ldap.rb
index 0e32998..feaf205 100644
--- a/lib/net/ldap.rb
+++ b/lib/net/ldap.rb
@@ -22,6 +22,7 @@ require 'net/ber'
 require 'net/ldap/pdu'
 require 'net/ldap/filter'
 require 'net/ldap/dataset'
+require 'net/ldap/psw'
 
 
 module Net
diff --git a/lib/net/ldap/psw.rb b/lib/net/ldap/psw.rb
new file mode 100644
index 0000000..dd7d917
--- /dev/null
+++ b/lib/net/ldap/psw.rb
@@ -0,0 +1,62 @@
+# $Id$
+#
+#
+#----------------------------------------------------------------------------
+#
+# Copyright (C) 2006 by Francis Cianfrocca. All Rights Reserved.
+#
+# Gmail: garbagecat10
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#
+#---------------------------------------------------------------------------
+#
+#
+
+
+module Net
+class LDAP
+
+
+class Password
+  class << self
+
+  # Generate a password-hash suitable for inclusion in an LDAP attribute.
+  # STUB: This is here to fulfill the requirements of an RFC, which one?
+  # TODO, gotta do salted-sha and (maybe) salted-md5.
+  # Should we provide sha1 as a synonym for sha1? I vote no because then
+  # should you also provide ssha1 for symmetry?
+  def generate( type, str )
+    case type
+    when :md5
+      require 'md5'
+      "{MD5}#{ [MD5.new( str.to_s ).digest].pack("m").chomp }"
+    when :sha
+      require 'sha1'
+      "{SHA}#{ [SHA1.new( str.to_s ).digest].pack("m").chomp }"
+    # when ssha
+    else
+      raise Net::LDAP::LdapError.new( "unsupported password-hash type (#{type})" )
+    end
+  end
+
+  end
+end
+
+
+end # class LDAP
+end # module Net
+
+
diff --git a/tests/testem.rb b/tests/testem.rb
index a78f24a..64d8613 100644
--- a/tests/testem.rb
+++ b/tests/testem.rb
@@ -6,5 +6,6 @@ require 'test/unit'
 require 'tests/testber'
 require 'tests/testldif'
 require 'tests/testldap'
+require 'tests/testpsw'
 
 
diff --git a/tests/testpsw.rb b/tests/testpsw.rb
new file mode 100644
index 0000000..e816450
--- /dev/null
+++ b/tests/testpsw.rb
@@ -0,0 +1,28 @@
+# $Id$
+#
+#
+
+
+$:.unshift "lib"
+
+require 'net/ldap'
+require 'stringio'
+
+
+class TestPassword < Test::Unit::TestCase
+
+  def setup
+  end
+
+
+  def test_psw
+    assert_equal( "{MD5}xq8jwrcfibi0sZdZYNkSng==", Net::LDAP::Password.generate( :md5, "cashflow" ))
+    assert_equal( "{SHA}YE4eGkN4BvwNN1f5R7CZz0kFn14=", Net::LDAP::Password.generate( :sha, "cashflow" ))
+  end
+
+
+
+
+end
+
+