apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <...@rkbloom.net>
Subject Re: apr_password_validate on win32 silently mishandles crypted hashes
Date Wed, 26 May 2004 19:53:50 GMT

Portable doesn't mean what most people think in means in APR.  It means
the code _should_ work on all platforms.  It doesn't mean that the data
will be processed identically on all platforms hwoever.  In this case, you
are asking windows to validate a password that it can't encrypt.  That
isn't going to work.

What we do in this case, is apr_password_validate uses either crypt, md5,
or base64, depending on the input.  There should be a function in APR to
encrypt passwords (not sure if there is, and I can't find one in a quick
search).

But, do not expect that the details will work cross-platform, just the
code.

Ryan

On Wed, 26 May 2004, Stas Bekman wrote:

> I thought that P in APR stands for Portable, but I guess it is not quite true.
>
> I wrote code using apr_password_validate and it works perfectly fine on linux,
> but it doesn't on windows. apr_password_validate can't handle crypted hashes
> on several platforms which don't have this function:
>
> #if defined(WIN32) || defined(BEOS) || defined(NETWARE)
>          apr_cpystrn(sample, passwd, sizeof(sample) - 1);
> #else
>
> Why is this function in the public API then? Granted it's useful for checking
> md5 checksums and base64 encodes, but for crypt inputs it doesn't give users
> any indication whether it does the verification or not. On the listed three
> platforms it silently does nothing.
>
> May be the function should be renamed apr_checksum_validate and do just that?
> If crypt is not supported, the word password is very misleading. Besides the
> documentation must be more specific than just saying:
>
> /**
>   * Validate any password encypted with any algorithm that APR understands
>   * @param passwd The password to validate
>   * @param hash The password to validate against
>   */
>
> APR doesn't commit here to what algorithms it actually understands, leaving
> the user in need to go and read the source code to figure that out. IMHO, it
> should say:
>
> /**
>   * Validate hashes created by APR supported algorithms: md5 and base64.
>   * hashes created by crypt are supported only on platforms that provide
>   * crypt(3), so don't rely on that function unless you know that your
>   * application will be run only on platforms that support it.
>   * @param passwd The password to validate
>   * @param hash The password to validate against
>   */
>
> And the function should assert if crypted hash is attempted to be verified on
> platforms that don't support it.
>
> Steve Hay, who originally reported this problem, suggests that apr may want to
> include the implementation of fcrypt, which is how perl provides the crypt()
> function on win32 starting from 5.9.1.
>
> --
> __________________________________________________________________
> Stas Bekman            JAm_pH ------> Just Another mod_perl Hacker
> http://stason.org/     mod_perl Guide ---> http://perl.apache.org
> mailto:stas@stason.org http://use.perl.org http://apacheweek.com
> http://modperlbook.org http://apache.org   http://ticketmaster.com
>


Mime
View raw message