httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Kraemer <martin.krae...@mch.sni.de>
Subject [PATCH] Take 1 (was: Proposal for Win32 crypt() issue)
Date Tue, 29 Sep 1998 21:40:12 GMT
On Tue, Sep 29, 1998 at 03:40:14PM -0400, Jim Jagielski wrote:
> Rodent of Unusual Size wrote:
> > 
> > I'd like to suggest the following workaround/solution to
> > the Win32 crypt() issue:
> > 
> > o Use MD5 on Win32.
> 
> I don't think having non-interoperable .htpasswd files is that big
> of a deal. I think this makes sense, esp for 1.3.3. :)

Here's a first step at an "md5 crypt".

* it takes a password and a "salt" (and uses the salt for permutations)
* as Marc proposed in march, it takes a pool* to return a dynamic copy
  See Message-ID: <Pine.BSF.3.95q.980322142952.24573J-100000@valis.worldgate.com>
* it builds a base64 encoded result string (instead of simple hex),
  giving a fairly similar look (to crypt()'s result), only the string is
  24 bytes long instead of 13.

What's missing:

* optional integration into the various os.h files (right now, switching
  to ap_crypt() instead of crypt() is  done in the central ap_config.h
  file)
* In mod_auth.c, the code must be rewritten to use ap_pcrypt() instead
  of crypt() (as in Marc's version)
* The MSVC project files would have to be updated.
* I'm in a hurry. The #endif comments in the patch are wrong.
  Ignore them for now.
These things are easy to add. Tell me if you want me to add these to the
patch.

    Martin
-- 
| S I E M E N S |  <Martin.Kraemer@mch.sni.de>  |      Siemens Nixdorf
| ------------- |   Voice: +49-89-636-46021     |  Informationssysteme AG
| N I X D O R F |   FAX:   +49-89-636-44994     |   81730 Munich, Germany
~~~~~~~~~~~~~~~~My opinions only, of course; pgp key available on request

Mime
View raw message