apr-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 45679] SHA1 passwords starting with {SHA} don't work and cause a minor buffer overrun
Date Mon, 25 Aug 2008 09:54:32 GMT

--- Comment #2 from Ben Noordhuis <bnoordhuis@gmail.com>  2008-08-25 02:54:31 PST ---
> Does the above work for you?

Yes and no. It fixes the out-of-bounds reads but passwords starting with
'{SHA}' still don't work. I do believe the pointer bump needs to go - it is not
the .htpasswd hash you are chopping bits off, it is the plain-text password the
user entered.

Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail: bugs-unsubscribe@apr.apache.org
For additional commands, e-mail: bugs-help@apr.apache.org

View raw message