httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Justin Erenkrantz <jerenkra...@apache.org>
Subject Re: cvs commit: httpd-2.0/support htpasswd.c
Date Tue, 10 Sep 2002 18:42:41 GMT
On Tue, Sep 10, 2002 at 11:31:20AM -0700, Aaron Bannert wrote:
> Although I like the idea of rethinking these sorts of things, I don't
> think we would do well to break current .htpasswd files or homebrew
> scripts that do the work of htpasswd.

I think we can do it in a way that wouldn't break old htpasswd
files.  If the first character is a {, then we look for a matching },
and everything in between should be a code for the algorithm used.

If the first character isn't a { or we don't have a matching }, then
it isn't a problem.

And, AFAIK, none of the current algorithms allow { or } as valid
characters (which is why LDAP uses it).  So, we really shouldn't see
a { without a matching }.  -- justin

Mime
View raw message