httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Trawick <>
Subject Re: location of md5, sha1, base64, and validate_password
Date Mon, 08 May 2000 02:10:43 GMT
> Date: Sun, 7 May 2000 18:52:15 -0700
> From: "Life is hard, and then you die" <>
> Currently we have md5 and validate_password in apr, and sha1 and
> base64 in ap. To bring validate_password up to date it needs
> access to both sha1 and base64 (this is for Netscape's algorithm).
> Apart from that, having md5 and sha1 in different parts is just
> stupid.
> Also note that nothing in apr depends on md5 on validate_password.
> And now that we have the ap_xlate stuff none of the involved
> functions have any system specific code in them (unless
> ap_MD5InitEBCDIC is meant to be called by something in apr).

FYI... ap_MD5InitEBCDIC() is meant to be called by something outside
of APR (e.g., Apache).

> So, we need a resolution: either we move md5 and validate_password
> back to ap, or we move sha1 and base64 to apr.
> Votes?

no strong opinion from me...

The problem is limited to the placement of the password-specific


The placement of 


is not a problem, right?

If so, you might consider moving just the password-specific stuff.

Jeff Trawick | | PGP public key at web site:
          Born in Roswell... married an alien...

View raw message