httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jerenkra...@apache.org
Subject cvs commit: httpd-2.0/support htpasswd.c
Date Tue, 10 Sep 2002 03:00:51 GMT
jerenkrantz    2002/09/09 20:00:50

  Modified:    .        CHANGES
               support  htpasswd.c
  Log:
  Add ability to htpasswd (via -5) to produce non-obfuscated MD5 hashes.
  
  mod_auth_digest's passwords can not be obfuscated by the APR magic
  sequence (as we don't call apr_password_validate on them), therefore we
  need a tool to produce true MD5 hex hashes.
  
  Revision  Changes    Path
  1.920     +3 -0      httpd-2.0/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/CHANGES,v
  retrieving revision 1.919
  retrieving revision 1.920
  diff -u -u -r1.919 -r1.920
  --- CHANGES	10 Sep 2002 00:15:39 -0000	1.919
  +++ CHANGES	10 Sep 2002 03:00:50 -0000	1.920
  @@ -1,5 +1,8 @@
   Changes with Apache 2.0.41
   
  +  *) Add ability to htpasswd (via -5) to produce non-obfuscated MD5 hashes.
  +     [Justin Erenkrantz]
  +
     *) Rewrite of aaa modules to an authn/authz model.
        [Dirk-Willem van Gulik, Justin Erenkrantz]
     
  
  
  
  1.57      +23 -0     httpd-2.0/support/htpasswd.c
  
  Index: htpasswd.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/support/htpasswd.c,v
  retrieving revision 1.56
  retrieving revision 1.57
  diff -u -u -r1.56 -r1.57
  --- htpasswd.c	19 Aug 2002 07:28:18 -0000	1.56
  +++ htpasswd.c	10 Sep 2002 03:00:50 -0000	1.57
  @@ -126,6 +126,7 @@
   #define ALG_CRYPT 1
   #define ALG_APMD5 2
   #define ALG_APSHA 3 
  +#define ALG_APMD5_TRUE 4
   
   #define ERR_FILEPERM 1
   #define ERR_SYNTAX 2
  @@ -206,6 +207,23 @@
           apr_md5_encode((const char *)pw, (const char *)salt,
                        cpw, sizeof(cpw));
           break;
  +    case ALG_APMD5_TRUE:
  +    {
  +        const char *hex = "0123456789abcdef";
  +        unsigned char hash[MD5_DIGESTSIZE];
  +        char *r;
  +        int i;
  +
  +        /* Take the MD5 hash of the string argument.  */
  +        apr_md5(hash, pw, strlen(pw));
  +
  +        for (i = 0, r = cpw; i < MD5_DIGESTSIZE; i++) {
  +            *r++ = hex[hash[i] >> 4];
  +            *r++ = hex[hash[i] & 0xF];
  +        }
  +        *r = '\0';
  +        break;
  +    }
   
       case ALG_PLAIN:
           /* XXX this len limitation is not in sync with any HTTPd len. */
  @@ -256,6 +274,8 @@
           " (default)"
   #endif
           ".\n");
  +    apr_file_printf(errfile, " -5  Force true MD5 encryption of the "
  +                             "password.\n");
       apr_file_printf(errfile, " -d  Force CRYPT encryption of the password"
   #if (!(defined(WIN32) || defined(TPF) || defined(NETWARE)))
               " (default)"
  @@ -359,6 +379,9 @@
               }
               else if (*arg == 'm') {
                   *alg = ALG_APMD5;
  +            }
  +            else if (*arg == '5') {
  +                *alg = ALG_APMD5_TRUE;
               }
               else if (*arg == 's') {
                   *alg = ALG_APSHA;
  
  
  

Mime
View raw message