class Net::IMAP::CramMD5Authenticator
Authenticator for the “CRAM-MD5
” SASL mechanism, specified in RFC2195. See Net::IMAP#authenticate
.
Deprecated¶ ↑
CRAM-MD5
is obsolete and insecure. It is included for compatibility with existing servers. draft-ietf-sasl-crammd5-to-historic recommends using SCRAM-*
or PLAIN
protected by TLS instead.
Additionally, RFC8314 discourage the use of cleartext and recommends TLS version 1.2 or greater be used for all traffic. With TLS CRAM-MD5
is okay, but so is PLAIN
Public Class Methods
new(user, password, warn_deprecation: true, **_ignored)
click to toggle source
# File net-imap-0.3.4/lib/net/imap/authenticators/cram_md5.rb, line 24 def initialize(user, password, warn_deprecation: true, **_ignored) if warn_deprecation warn "WARNING: CRAM-MD5 mechanism is deprecated." # TODO: recommend SCRAM end require "digest/md5" @user = user @password = password end
Public Instance Methods
process(challenge)
click to toggle source
# File net-imap-0.3.4/lib/net/imap/authenticators/cram_md5.rb, line 17 def process(challenge) digest = hmac_md5(challenge, @password) return @user + " " + digest end