httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Life is hard, and then you die." <>
Subject Re: PATCH: ap_md5c.c understands SHA1 (Netscape web server) passwords
Date Mon, 02 Aug 1999 18:59:16 GMT

> Hmm, this was the patch I had in mind; looking at either implementation I
> do see not that much different. Though anyone is free to take this further
> and really abstract the md5, sha1 and the various encoding formats,
> i.e. base64, mime-like 64 and what else might be in use. 
> What is done here to Clinton's files is the following;
> 	Move ap_validate_passwd() into a new ap_checkpass.c file.
> 	Split up ap_md5c.c into an md5 and an sha1 specific file
> 	Moved Clinton's perl support files to support/SHA1
> 	Entry in CHANGES
> 	Entry in 1.3 feature doc's

All good!

> Any objections to commiting this? I am still testing it, but intend
> to be done with it today.

My specific points, and then I'll shut up:

- making the functions named ap_SHA1Init(), ap_SHA1Encode(), etc to mirror
  the md5 stuff would be nicer; also, the above sha1 is missing the ap_

- sha1_final does not produce an array of char - instead you have to 
  generate that yourself out of the 5 long's.

- the base64 stuff is somewhat redundant - base64 encoding is already in

- the update only works for binary - no EBCDIC conversion.



View raw message