Return-Path: <new-httpd-owner-new-httpd-archive=hyperreal.org@apache.org>
Delivered-To: new-httpd-archive@hyperreal.org
Received: (qmail 8012 invoked by uid 6000); 8 Aug 1999 21:10:57 -0000
Received: (qmail 8006 invoked from network); 8 Aug 1999 21:10:55 -0000
Received: from ns.skylink.it (root@194.177.113.1)
  by taz.hyperreal.org with SMTP; 8 Aug 1999 21:10:55 -0000
Received: from kim.ispra.webweaving.org (va-157.skylink.it [194.185.55.157])
	by ns.skylink.it (8.9.1/8.8.8) with ESMTP id XAA08148
	for <new-httpd@apache.org>; Sun, 8 Aug 1999 23:09:54 +0200
Received: from kim.ispra.webweaving.org (kim.ispra.webweaving.org [10.0.0.2])
	by kim.ispra.webweaving.org (8.8.8/8.8.5) with ESMTP id VAA03641
	for <new-httpd@apache.org>; Sun, 8 Aug 1999 21:10:08 GMT
X-Passed: MX on Ispra.WebWeaving.org Sun, 8 Aug 1999 21:10:08 GMT and masked
X-No-Spam: Neither the receipients nor the senders email address(s) are
	to be used for Unsolicited (Commercial) Email without the
	explicit written consent of either party; as a per-message
	fee is incurred for inbound and outbound traffic to the originator.
Posted-Date: Sun, 8 Aug 1999 21:10:08 GMT
Date: Sun, 8 Aug 1999 23:10:08 +0200 (CEST)
From: Dirk-Willem van Gulik <dirkx@webweaving.org>
X-Sender: dirkx@kim.ispra.webweaving.org
To: new-httpd@apache.org
Subject: patching the sha1/md5/base64 things into 2.0
Message-ID: <Pine.BSF.4.05.9908082301140.1440-100000@kim.ispra.webweaving.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: new-httpd-owner@apache.org
Precedence: bulk
Reply-To: new-httpd@apache.org
Status: O


Just to rationalize/clean whilst having a chance; whilst patching in the
base64 and sha1 things into 2.0 I'd like to do replace the current base64
to64() encoding in ap_mda5.c (used only for our private 'hack' of the
password when crypt() is not there)

"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";

by the more standard/mime-ish

"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";

Which is used in various other places for the uudecoding of passwd
strings, sha1, MD5's etc. And which is now in ap_base64.c

Would anyone object, or did I miss something crucial ?

Secondly; as this will break things anyway; would anyone be offended
if we made our own MD5 style passwd the default, even if crypt() is
on the platform (we still would accept crypt(), like in the last re-
hack I did on ap_checkpass.c based on non-prefix).

This would make us 'more' compatible between unix/us, windows and some of
the cripled unix-es you find in europe (e.g. my SunOs machine here ;-).

Please shout ?! I know these are small changes, but there are so many
things I'd like to rationalize before 2.0 starts to be carved in stone
and becomes a 'beta'.

Dw