apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stas Bekman <s...@stason.org>
Subject Re: apr_password_validate is not testing md5/sha1 in the apr test suite
Date Thu, 27 May 2004 01:58:29 GMT
rbb@rkbloom.net wrote:
> On Wed, 26 May 2004, Stas Bekman wrote:
>>So I'm trying to drop crypt and trying to write tests for the md5 and sha1
>>parts of the apr_password_validate. I fail to come up with any test input that
>>will pass the test. I try various md5 and sha1 functions, and none of them
>>matches. Is it supposed to work only with hash values generated by apr's own
>>md5 and sha1 functions? I suppose I miss something, since for example digest
>>auth hash is generated by the client, and certainly can't know about apr's
>>I hoped to find the tests in apr-util/test/testpass.c, but alas neither md5
>>nor sha1 hashes are tested at all. Only crypt which is not available
> Use htpasswd to generate some passwords. That should give you some data
> to test with.

Thanks for the suggestion, Ryan. It worked fine. I wasn't aware it was doing 
md5 and sha1 too.

 > Also it will show you how to generate the data for yourself.

Unfortunately at the moment I have no time to figure it out. Though it worries 
me that I couldn't get non-apr md5/sha1 generators' output pass password_validate.

> The APR-util test suite is taking a back-seat to the APR test
> suite currently.



Stas Bekman            JAm_pH ------> Just Another mod_perl Hacker
http://stason.org/     mod_perl Guide ---> http://perl.apache.org
mailto:stas@stason.org http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com

View raw message