[PR #778] [MERGED] server: Add a check for a changing private key #946

New issue

Closed

opened 2026-02-27 09:10:20 +03:00 by kerem · 0 comments

kerem commented

2026-02-27 09:10:20 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/lldap/lldap/pull/778
Author: @nitnelave
Created: 12/29/2023
Status: ✅ Merged
Merged: 12/29/2023
Merged by: @nitnelave

Base: main ← Head: key_hash

📝 Commits (1)

e10b389 server: Add a check for a changing private key

📊 Changes

7 files changed (+524 additions, -33 deletions)

View changed files

📝 Cargo.lock (+3 -0)
📝 server/Cargo.toml (+5 -0)
📝 server/src/domain/sql_migrations.rs (+27 -1)
📝 server/src/domain/sql_tables.rs (+103 -3)
📝 server/src/infra/cli.rs (+5 -1)
📝 server/src/infra/configuration.rs (+354 -27)
📝 server/src/main.rs (+27 -1)

📄 Description

This checks that the private key used to encode the passwords has not changed since last successful startup, leading to a corruption of all the passwords. Lots of common scenario are covered, with various combinations of key in a file or from a seed, set in the config file or in an env variable or through CLI, and so on.

Fixes #747

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/lldap/lldap/pull/778 **Author:** [@nitnelave](https://github.com/nitnelave) **Created:** 12/29/2023 **Status:** ✅ Merged **Merged:** 12/29/2023 **Merged by:** [@nitnelave](https://github.com/nitnelave) **Base:** `main` ← **Head:** `key_hash` --- ### 📝 Commits (1) - [`e10b389`](https://github.com/lldap/lldap/commit/e10b389fd03a6cce03b0ad347414c2c626d68e54) server: Add a check for a changing private key ### 📊 Changes **7 files changed** (+524 additions, -33 deletions) <details> <summary>View changed files</summary> 📝 `Cargo.lock` (+3 -0) 📝 `server/Cargo.toml` (+5 -0) 📝 `server/src/domain/sql_migrations.rs` (+27 -1) 📝 `server/src/domain/sql_tables.rs` (+103 -3) 📝 `server/src/infra/cli.rs` (+5 -1) 📝 `server/src/infra/configuration.rs` (+354 -27) 📝 `server/src/main.rs` (+27 -1) </details> ### 📄 Description This checks that the private key used to encode the passwords has not changed since last successful startup, leading to a corruption of all the passwords. Lots of common scenario are covered, with various combinations of key in a file or from a seed, set in the config file or in an env variable or through CLI, and so on. Fixes #747 --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>