httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jeff Trawick" <>
Subject Re: svn commit: r392948 - /httpd/httpd/branches/2.2.x/STATUS
Date Mon, 10 Apr 2006 23:09:28 GMT
On 4/10/06, William A. Rowe, Jr. <> wrote:
> Nick Kew wrote:
> >
> > Whilst this is clearly an edge-case, is it necessarily true that any
> > platform with APR_HAVE_CRYPT won't support plaintext passwords?
> AIUI - apache has always been an either or - it's either plaintext on
> platforms without crypt, or crypt on platforms with such support.

Right; quite bogusly, the file format is even busted...  There is a
decoration for md5 hash and a decoration for sha1 has, but no
decoration means:

a) platform-has-crypt - treat the undecorated password hash as
crypt-ed; no provision for plaintext

b) platform-does-not-have-crypt - treat the undecorated password
"hash" as plaintext

View raw message