Return-Path: Delivered-To: apmail-httpd-dev-archive@www.apache.org Received: (qmail 5096 invoked from network); 16 Mar 2007 16:31:09 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 16 Mar 2007 16:31:09 -0000 Received: (qmail 44960 invoked by uid 500); 16 Mar 2007 16:31:11 -0000 Delivered-To: apmail-httpd-dev-archive@httpd.apache.org Received: (qmail 44917 invoked by uid 500); 16 Mar 2007 16:31:11 -0000 Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list dev@httpd.apache.org Received: (qmail 44901 invoked by uid 99); 16 Mar 2007 16:31:11 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 16 Mar 2007 09:31:11 -0700 X-ASF-Spam-Status: No, hits=2.0 required=10.0 tests=HTML_MESSAGE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (herse.apache.org: domain of oscaremma@gmail.com designates 66.249.82.234 as permitted sender) Received: from [66.249.82.234] (HELO wx-out-0506.google.com) (66.249.82.234) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 16 Mar 2007 09:31:00 -0700 Received: by wx-out-0506.google.com with SMTP id t13so550045wxc for ; Fri, 16 Mar 2007 09:30:39 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type; b=jlx5/zmkmRlMVfKy4RjwJol+JlsoHr34mlpok0dmBfXjD05C68gh3djhvtliCHLsdkY6Tel/mQ2qeklftov1ePMUTgBVmcO3Pj1Lw6DXIW9KRhTEps9Dn3Jwn9CRNaSPIyUv92mBwDqQ/REEaYp557vA4GDhyQAR8370Kc+kzTM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type; b=lo3SZNv8NvskFwZJhVJ/2oynBiPt8Xwyv+PeC5QL3gjzXmUxlmdUnRYvue1cuulIyfhCY6R0BcUkSYWJ+bYREb8mBVOI4/cfe3l+C6fUUjeKjrivwOpMuLYS7VZscVXd7RQa72nHu+GRz5ScNiIsT3H+6CCqhYhk+wXB6RP2wxQ= Received: by 10.90.56.14 with SMTP id e14mr1988464aga.1174062639697; Fri, 16 Mar 2007 09:30:39 -0700 (PDT) Received: by 10.90.114.11 with HTTP; Fri, 16 Mar 2007 09:30:39 -0700 (PDT) Message-ID: <3ce0569d0703160930v2741b5aeveb6d721a91326094@mail.gmail.com> Date: Fri, 16 Mar 2007 12:30:39 -0400 From: "David Jones" To: dev@httpd.apache.org Subject: PATCH: support utilities should enable crypt() , current htdbm checks broken MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_79206_20058439.1174062639661" X-Virus-Checked: Checked by ClamAV on apache.org ------=_Part_79206_20058439.1174062639661 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Support utilities should enable crypt() iff it is available. Using the presence of does not reliably determine if crypt() is available. Specifically z/OS supports crypt, but does not have , so it is broken when checking APR_HAVE_CRYPT_H. Added crypt to AC_CHECK_FUNCS in httpd's configure.in, this creates a HAVE_CRYPT define. Then changed the checks in htpasswd.c and htdbm.c to check HAVE_CRYPT. This will let htdbm.c determine crypt() support accurately (it currently checks APR_HAVE_CRYPT_H) and htpasswd.c use a more concise and consistent check (it currently checks if OS = WIN32 || TPF || NETWARE) Note: This also fixes a TPF bug as they need to switch from crypt to MD5 like the other systems who don't have crypt: Currently the check to automatically switch from using crypt to md5 is: #if !(defined(WIN32) || defined(NETWARE)) All other checks for not supporting crypt in htdbm.c are: #if (!(defined(WIN32) || defined(TPF) || defined(NETWARE))) From the man page for htpasswd: -d Use crypt() encryption for passwords. The default on all plat- forms but Windows, Netware and TPF. Though possibly supported by htpasswd on all platforms, it is not supported by the httpd server on Windows, Netware and TPF Index: configure.in =================================================================== --- configure.in (revision 518254) +++ configure.in (working copy) @@ -389,6 +389,7 @@ dnl ## Check for library functions AC_SEARCH_LIBS(sqrt, m) +AC_SEARCH_LIBS(crypt, crypt ufc) dnl See Comment #Spoon @@ -399,6 +400,7 @@ bindprocessor \ prctl \ timegm \ +crypt ) dnl confirm that a void pointer is large enough to store a long integer Index: support/htdbm.c =================================================================== --- support/htdbm.c (revision 494665) +++ support/htdbm.c (working copy) @@ -29,6 +29,7 @@ #include "apr_file_info.h" #include "apr_pools.h" #include "apr_signal.h" +#include "ap_config.h" #include "apr_md5.h" #include "apr_sha1.h" #include "apr_dbm.h" @@ -69,7 +70,7 @@ #define ALG_APMD5 1 #define ALG_APSHA 2 -#if APR_HAVE_CRYPT_H +#ifdef HAVE_CRYPT #define ALG_CRYPT 3 #endif @@ -311,12 +312,12 @@ case ALG_PLAIN: /* XXX this len limitation is not in sync with any HTTPd len. */ apr_cpystrn(cpw,htdbm->userpass,sizeof(cpw)); -#if APR_HAVE_CRYPT_H +#ifdef HAVE_CRYPT fprintf(stderr, "Warning: Plain text passwords aren't supported by the " "server on this platform!\n"); #endif break; -#if APR_HAVE_CRYPT_H +#ifdef HAVE_CRYPT case ALG_CRYPT: (void) srand((int) time((time_t *) NULL)); to64(&salt[0], rand(), 8); @@ -347,7 +348,7 @@ static void htdbm_usage(void) { -#if APR_HAVE_CRYPT_H +#ifdef HAVE_CRYPT #define CRYPT_OPTION "d" #else #define CRYPT_OPTION "" @@ -367,7 +368,7 @@ fprintf(stderr, " -c Create a new database.\n"); fprintf(stderr, " -n Don't update database; display results on stdout.\n"); fprintf(stderr, " -m Force MD5 encryption of the password (default).\n"); -#if APR_HAVE_CRYPT_H +#ifdef HAVE_CRYPT fprintf(stderr, " -d Force CRYPT encryption of the password (now deprecated).\n"); #endif fprintf(stderr, " -p Do not encrypt the password (plaintext).\n"); @@ -474,7 +475,7 @@ case 's': h->alg = ALG_APSHA; break; -#if APR_HAVE_CRYPT_H +#ifdef HAVE_CRYPT case 'd': h->alg = ALG_CRYPT; break; Index: support/htpasswd.c =================================================================== --- support/htpasswd.c (revision 494665) +++ support/htpasswd.c (working copy) @@ -45,6 +45,7 @@ #include "apr_file_io.h" #include "apr_general.h" #include "apr_signal.h" +#include "ap_config.h" #if APR_HAVE_STDIO_H #include @@ -175,7 +176,7 @@ apr_cpystrn(cpw,pw,sizeof(cpw)); break; -#if !(defined(WIN32) || defined(NETWARE)) +#ifdef HAVE_CRYPT case ALG_CRYPT: default: (void) srand((int) time((time_t *) NULL)); @@ -215,12 +216,12 @@ apr_file_printf(errfile, " -n Don't update file; display results on " "stdout." NL); apr_file_printf(errfile, " -m Force MD5 encryption of the password" -#if defined(WIN32) || defined(TPF) || defined(NETWARE) +#ifndef HAVE_CRYPT " (default)" #endif "." NL); apr_file_printf(errfile, " -d Force CRYPT encryption of the password" -#if (!(defined(WIN32) || defined(TPF) || defined(NETWARE))) +#ifdef HAVE_CRYPT " (default)" #endif "." NL); @@ -435,14 +436,14 @@ check_args(pool, argc, argv, &alg, &mask, &user, &pwfilename, &password); -#if defined(WIN32) || defined(NETWARE) +#ifndef HAVE_CRYPT if (alg == ALG_CRYPT) { alg = ALG_APMD5; apr_file_printf(errfile, "Automatically using MD5 format." NL); } #endif -#if (!(defined(WIN32) || defined(TPF) || defined(NETWARE))) +#ifdef HAVE_CRYPT if (alg == ALG_PLAIN) { apr_file_printf(errfile,"Warning: storing passwords as plain text " "might just not work on this platform." NL); ------=_Part_79206_20058439.1174062639661 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Support utilities should enable crypt() iff it is available.
Using the presence of <crypt.h> does not reliably determine if crypt() is available.
Specifically z/OS supports crypt, but does not have <crypt.h >, so it is broken when checking APR_HAVE_CRYPT_H.

Added crypt to AC_CHECK_FUNCS in httpd's configure.in , this creates a HAVE_CRYPT define. Then changed the checks in htpasswd.c and htdbm.c to check HAVE_CRYPT.

This will let htdbm.c determine crypt() support accurately (it currently checks APR_HAVE_CRYPT_H) and htpasswd.c use a more concise and consistent check (it currently checks if OS = WIN32 || TPF || NETWARE)


Note: This also fixes a TPF bug as they need to switch from crypt to MD5 like the other systems who don't have crypt:
   Currently the check to automatically switch from using crypt to md5 is:
             #if !(defined(WIN32) || defined(NETWARE))
   All other checks for not supporting crypt in htdbm.c are:
             #if (!(defined(WIN32) || defined(TPF) || defined(NETWARE)))
   From the man page for htpasswd:
           -d     Use crypt() encryption for passwords. The default on  all  plat-
                  forms but Windows, Netware and TPF. Though possibly supported by
                  htpasswd on all platforms, it is  not  supported  by  the  httpd
                  server on Windows, Netware and TPF



Index: configure.in
===================================================================
--- configure.in        (revision 518254)
+++ configure.in        (working copy)
@@ -389,6 +389,7 @@

 dnl ## Check for library functions
 AC_SEARCH_LIBS(sqrt, m)
+AC_SEARCH_LIBS(crypt, crypt ufc)

 dnl See Comment #Spoon

@@ -399,6 +400,7 @@
 bindprocessor \
 prctl \
 timegm \
+crypt
 )

 dnl confirm that a void pointer is large enough to store a long integer

Index: support/htdbm.c
===================================================================
--- support/htdbm.c    (revision 494665)
+++ support/htdbm.c    (working copy)
@@ -29,6 +29,7 @@
 #include "apr_file_info.h"
 #include "apr_pools.h"
 #include "apr_signal.h"
+#include "ap_config.h"
 #include "apr_md5.h"
 #include "apr_sha1.h"
 #include "apr_dbm.h"
@@ -69,7 +70,7 @@
 #define ALG_APMD5 1
 #define ALG_APSHA 2
 
-#if APR_HAVE_CRYPT_H
+#ifdef HAVE_CRYPT
 #define ALG_CRYPT 3
 #endif
 
@@ -311,12 +312,12 @@
         case ALG_PLAIN:
             /* XXX this len limitation is not in sync with any HTTPd len. */
             apr_cpystrn(cpw,htdbm->userpass,sizeof(cpw));
-#if APR_HAVE_CRYPT_H
+#ifdef HAVE_CRYPT
             fprintf(stderr, "Warning: Plain text passwords aren't supported by the "
                     "server on this platform!\n");
 #endif
         break;
-#if APR_HAVE_CRYPT_H
+#ifdef HAVE_CRYPT
         case ALG_CRYPT:
             (void) srand((int) time((time_t *) NULL));
             to64(&salt[0], rand(), 8);
@@ -347,7 +348,7 @@
 static void htdbm_usage(void)
 {
 
-#if APR_HAVE_CRYPT_H
+#ifdef HAVE_CRYPT
 #define CRYPT_OPTION "d"
 #else
 #define CRYPT_OPTION ""
@@ -367,7 +368,7 @@
     fprintf(stderr, "   -c   Create a new database.\n");
     fprintf(stderr, "   -n   Don't update database; display results on stdout.\n");
     fprintf(stderr, "   -m   Force MD5 encryption of the password (default).\n");
-#if APR_HAVE_CRYPT_H
+#ifdef HAVE_CRYPT
     fprintf(stderr, "   -d   Force CRYPT encryption of the password (now deprecated).\n");
 #endif
     fprintf(stderr, "   -p   Do not encrypt the password (plaintext).\n");
@@ -474,7 +475,7 @@
             case 's':
                 h->alg = ALG_APSHA;
                 break;
-#if APR_HAVE_CRYPT_H
+#ifdef HAVE_CRYPT
             case 'd':
                 h->alg = ALG_CRYPT;
                 break;

Index: support/htpasswd.c
===================================================================
--- support/htpasswd.c    (revision 494665)
+++ support/htpasswd.c    (working copy)
@@ -45,6 +45,7 @@
 #include "apr_file_io.h"
 #include "apr_general.h"
 #include "apr_signal.h"
+#include "ap_config.h"
 
 #if APR_HAVE_STDIO_H
 #include < stdio.h>
@@ -175,7 +176,7 @@
         apr_cpystrn(cpw,pw,sizeof(cpw));
         break;
 
-#if !(defined(WIN32) || defined(NETWARE))
+#ifdef HAVE_CRYPT
     case ALG_CRYPT:
     default:
         (void) srand((int) time((time_t *) NULL));
@@ -215,12 +216,12 @@
     apr_file_printf(errfile, " -n  Don't update file; display results on "
                     "stdout." NL);
     apr_file_printf(errfile, " -m  Force MD5 encryption of the password"
-#if defined(WIN32) || defined(TPF) || defined(NETWARE)
+#ifndef HAVE_CRYPT
         " (default)"
 #endif
         "." NL);
     apr_file_printf(errfile, " -d  Force CRYPT encryption of the password"
-#if (!(defined(WIN32) || defined(TPF) || defined(NETWARE)))
+#ifdef HAVE_CRYPT
             " (default)"
 #endif
             "." NL);
@@ -435,14 +436,14 @@
     check_args(pool, argc, argv, &alg, &mask, &user, &pwfilename, &password);
 
 
-#if defined(WIN32) || defined(NETWARE)
+#ifndef HAVE_CRYPT
     if (alg == ALG_CRYPT) {
         alg = ALG_APMD5;
         apr_file_printf(errfile, "Automatically using MD5 format." NL);
     }
 #endif
 
-#if (!(defined(WIN32) || defined(TPF) || defined(NETWARE)))
+#ifdef HAVE_CRYPT
     if (alg == ALG_PLAIN) {
         apr_file_printf(errfile,"Warning: storing passwords as plain text "
                         "might just not work on this platform." NL);

------=_Part_79206_20058439.1174062639661--