#1586 Make authtoken opaque objects
Closed: Fixed None Opened 6 years ago by simo.

Currently the semantics of the authtoken object are opaque and it is not clear whether it allows embedded nulls, or the size includes the terminating null for a string.

Turn it into an opaque object with a type with getters and setters that enforce rules also by embedding the type we can always use the type on getters so we return errors if the unexpected type is ever passed in.

Right now we always assume it is a null terminated password, we should better not assume if we will ever introduce inary token and instead mark with a type so that if someone tries to get() a password on a binary token it will just fail with an error instead of failing due to unexpected data like embedded nulls or non conformant character encoding errors (we may have to do character conversion even for passwords in some cases, for example if we ever support NTLM auth).


Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.10.0

Fields changed

milestone: SSSD 1.10.0 => SSSD 1.10 beta

Fields changed

rhbz: => 0

Fields changed

design: =>
design_review: => 0
fedora_test_page: =>
selected: => May

Fields changed

owner: somebody => simo
patch: 0 => 1

resolution: => fixed
status: new => closed

Metadata Update from @simo:
- Issue assigned to simo
- Issue set to the milestone: SSSD 1.10 beta

2 years ago

Login to comment on this ticket.

Metadata