httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Patrick Welche <pr...@newn.cam.ac.uk>
Subject Re: mod_authn_dbd and apr_password_validate
Date Mon, 08 Jan 2007 16:08:51 GMT
On Sat, Jan 06, 2007 at 02:59:47PM -0500, Brian J. France wrote:
> That mod_authn_dbd is assuming your database password is not plain  
> text, but smashed (crypt, md5, sh1).  I ran into the same issue and  
> created this:
> 
>   http://www.brianfrance.com/software/apache/mod_authn_dbd.c.diff
> 
> Apply the patch and add this to your config:
> 
>   AuthDBDPlainTextPasswords on
> 
> and you should be set.

First an apology for posting to dev: I thought there was at least a
documentation issue, but no:

AuthDBDUserPWQuery Directive
...
   SQL varchar) argument (username), and return a single value (encrypted
   password).                                                   ^^^^^^^^^

I am still searching for a way to get an encrypted password to be accepted..
With

AuthDBDUserPWQuery "select md5(prefname) from person where userid=%s"

I get

[Mon Jan 08 16:04:41 2007] [error] [client ::1] (-1)Unknown error: 4294967295: Comparing "Patrick"
with "f87567f2159b425795ebb7ba9bc406ec"
[Mon Jan 08 16:04:41 2007] [error] [client ::1] user prlw1: authentication failure for "/webfolder":
Password Mismatch

and with

AuthDBDUserPWQuery "select encode(digest(prefname,'sha1'),'hex') from person where userid=%s"

I get

[Mon Jan 08 16:03:15 2007] [error] [client ::1] (-1)Unknown error: 4294967295: Comparing "Patrick"
with "57ad79649b677cf8f889ba6dc5fb4f98ada2767e"
[Mon Jan 08 16:03:15 2007] [error] [client ::1] user prlw1: authentication failure for "/webfolder":
Password Mismatch

and just to check:

% echo -n Patrick | md5
f87567f2159b425795ebb7ba9bc406ec
% echo -n Patrick | sha1
57ad79649b677cf8f889ba6dc5fb4f98ada2767e

so what sort of password does apr_password_validate accept?

Thankfully your patch gets me out of trouble allowing plaintext passwords.

Thank you,

Patrick

Mime
View raw message