httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Gearls <nickgea...@gmail.com>
Subject Re: FakeBasicAuth changes
Date Fri, 28 Sep 2007 07:53:50 GMT
And I have the same on Linux (2.2.6) :-(

Nick Gearls wrote:
> Additional info: I also tried without FakeBasicAuth, to have the 
> interactive password box, and with another user 'frank' and the password 
> 'sinatra'.
> Depending on my password file, I get the following errors:
>    - frank:mlVo7KaArYZhg
>      -> dialog box -> frank/sinatra
>      -> user frank: authentication failure: Password Mismatch
>    - frank:$apr1$9U1.....$C.5OJhZ4UxxM9SIzv4XAY0
>      -> no dialog box
>      -> configuration error:  couldn't check access.  No groups file?
>    - frank:{SHA}7DUut/wAuxmp4mKiKKNr9eEUeG0=
>      -> no dialog box
>      -> configuration error:  couldn't check access.  No groups file?
> So, MD5 & SHA-1 are not supported.
> 
> With FakeBasicAuth, I get exactly the same password error:
> user /C=BE/ST=Belgium/...: authentication failure: Password Mismatch
> 
> It seems that the CRYPT algorithm that is used is not compatible with 
> the previous versions !?!
> When I try 'htpasswd.exe -nbd', it responds 'Automatically using MD5 
> format'.
> I use OpenSSL 0.9.8e.
> 
> 
> Nick Gearls wrote:
>> I tried both MD5 and SHA-1 passwords.
>> I'm on Windows XP/2003.
>>
>>>> I always get 'user /...: authentication failure for "/path/":
>>>> Password Mismatch', although my password file looks correct:
>>>>  /C=BE/ST=Belgium/L=Brussels/O=Approach Belgium/OU=Apache test
>>>> certificate/CN=127.0.0.1:xxj31ZMTZzkVA
>>>>
>>>> Does 2.2.6 it use another hash algorithm by default or so ?
>>>
>>> 1. What is your platform?
>>> 2. Have you tried with the md5 password 
>>> ($apr1$nvFsZ/..$kPIYJ444oUVBALuYT2nZJ0)
>>>    or the SHA password ({SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=)?
> 

Mime
View raw message