httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Life is hard, and then you die" <ron...@innovation.ch>
Subject Re: Encoding code in APR
Date Mon, 10 Jul 2000 04:51:53 GMT
On Sun, Jul 09, 2000 at 07:38:57PM -0700, rbb@covalent.net wrote:
> On Sun, 9 Jul 2000, Greg Stein wrote:
> > On Sun, Jul 09, 2000 at 04:09:46PM -0700, Life is hard, and then you die wrote:
> > > On Sun, Jul 09, 2000 at 07:29:37AM -0700, rbb@covalent.net wrote:
> > >...
> > > > But apr_validate_password is a VERY useful function.  I would personally
> > > > rather move ap_validate_password out of apr_md5, and put it in it's own
> > > > file.  If it requires base64, then base64 goes into the crypt directory
> > > > too.
> > 
> > Hmm. base64 isn't crypto :-)  If/when base64 goes into APR, that is where
> > your "encode" directory would pop up. Or:
> > 
> > encoder
> > encoding
> > encode
> > 
> > Dunno. The problem is how to properly classify base64 because we don't have
> > any siblings for it (yet).
> 
> Am I the only person who doesn't understand this.  MD5 is used to encode
> passwords in our scheme, so is SHA1.  The algorithms themselves, may not
> be meant for this, but this is what Apache uses these algorithms
> for.

No. As Greg already said, encodings/encoders are usually understood to
be reversible processes; hashes/digests are not reversible. So no,
Apache does not encode passwords, it hashes them - the password is lost
after the process. But this is nit-picking.

> Yes, we also take MD5 checksums at times.  But, the reason APR needs
> MD5 is to encode passwords.  This is also why we need to ap_checkpasswd
> function.
> 
> Why can't we put all of the algorithms in the same directory, along with a
> simple function to check the passwords?  This just makes sense to me, so
> please explain it to me.

Fine with me. But we should call not call it crypto (which none of this stuff
is), or encoders (which only base64 is). misc? utils? security? (though
base64 would be stretching that last term a bit).


  Cheers,

  Ronald


Mime
View raw message