httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Life is hard, and then you die" <ron...@innovation.ch>
Subject Re: location of md5, sha1, base64, and validate_password
Date Mon, 08 May 2000 02:29:51 GMT
On Sun, May 07, 2000 at 10:10:43PM -0400, Jeff Trawick wrote:
> > Date: Sun, 7 May 2000 18:52:15 -0700
> > From: "Life is hard, and then you die" <ronald@innovation.ch>
> ...
> > Also note that nothing in apr depends on md5 on validate_password.
> > And now that we have the ap_xlate stuff none of the involved
> > functions have any system specific code in them (unless
> > ap_MD5InitEBCDIC is meant to be called by something in apr).
> 
> FYI... ap_MD5InitEBCDIC() is meant to be called by something outside
> of APR (e.g., Apache).

Thanks.

> The problem is limited to the placement of the password-specific
> stuff:
> 
>   ap_validate_password()
>   ap_MD5Encode()+ap_MD5InitEBCDIC()
> 
> The placement of 
> 
>   ap_MD5Init()+ap_MD5SetXlate()+ap_MD5Update()+ap_MD5Final()
> 
> is not a problem, right?

ap_validate_password needs to be moved out of the md5 code and into a
separate file (just as it is currently in the 1.3 tree). However, both
are subject to being moved to ap because md5 doesn't contain any system
specific stuff.

> If so, you might consider moving just the password-specific stuff.

Yes, that is a third option: put md5 and sha1 (and base64?) into apr,
and ap_validate_password into ap.


  Cheers,

  Ronald


Mime
View raw message