On Wed, 2003-02-05 at 17:51, Sean Burford wrote:
> Hi,
>
> The patch I mentioned in my previous message is attached.
>
> I have also attached a patch I made to implement HHA1 password storage
> for digest authentication. The old behaviour is to require plain text
> passwords for digest users. With the HHA1 patch, the HHA1 hash can be
> stored in place of the plain text password. Password file format is:
>
> userone:password
> usertwo:{HHA1}ac9e06235a3f403fe5aa6098a39a671f
>
> I'll send a HHA1 hash generator later. For now, look in cache.log for
> the string "digest_pw_auth:" followed by the username and hash after
> applying the patch and logging in using the plain text password.
Hi Sean. I'd rather have the digest authenticator run exclusively
plaintext, or exclusively HHA1 - not autodetection. I won't be applying
the helper patch therefore, but a variation that takes a command line
parameter to change the behaviour will be accepted.
I'm reviewing the digest auth core changes at the moment, more on that
soon.
Rob
-- GPG key available at: <http://users.bigpond.net.au/robertc/keys.txt>.
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:19:13 MST