Password may not be obscured by inspect if it contains meta-characters

[sebbASF]

The LDAP::inspect method uses gsub to obscure the password:

ruby-net-ldap/lib/net/ldap.rb

Line 1290 in 7f060e1

inspected.gsub! @auth[:password], "*******" if @auth[:password]

This works in most cases; however if the password contains certain meta-characters, replacement can fail. For example, using

password = "abcd\efgh"

will cause the replacement to fail. I think this is because the inspect output for such passwords is different from the original.

The following code works better, though it does also replace the enclosing double-quotes:

inspected.gsub! @auth[:password].inspect, "*******" if @auth[:password]

There is a further issue: if the password should happen to match another part of the inspect output, that will also be replaced. This is not particularly likely, however it would be good to fix it.

Maybe consider cloning the instance and zapping the password before passing it to inspect.
That would keep the enclosing quotes.

[sebbASF]

If an empty password is set using ldap.auth, the inspect output is currently unreadable, as gsub matches most of the inspected output