Project

General

Profile

Actions

Bug #73

closed

httpassword, textdrive and blowfish

Added by Anonymous over 16 years ago. Updated over 14 years ago.

Status:
Fixed
Priority:
Normal
Category:
mod_auth
Target version:
-
ASK QUESTIONS IN Forums:

Description

trying to get htpasswd basic auth going on TextDrive webhost, who uses blowfish for crypt(), which borks lighttpd's checking of the passwords. not sure if that means lighttpd has to be updated or not, but posting here all the same. here's my original forum thread for the issue at TxD:

http://textdrive.com/forum/viewtopic.php?id=2723

-- scott.maclure


Files

lighttpd-1.4.3-md5_crypt.diff (1.06 KB) lighttpd-1.4.3-md5_crypt.diff -- tribunal Anonymous, 2005-09-15 19:14
Actions #1

Updated by Anonymous about 16 years ago

I'm having the same problem. My FreeBSD server is configured to used Blowfish encryption for password... So the Crypt function generates blf passwords.

-- crousseau

Actions #2

Updated by Anonymous about 16 years ago

Same problem here, however I'm using md5 for crypt() .

-- tribunal

Actions #3

Updated by Anonymous about 16 years ago

Looking threw src/http_auth.c , it looks like crypt is only using a 2 character salt. For md5 at least to work in crypt , we need at least a 12 character salt. For blowfish it is 16 characters.

-- tribunal

Actions #4

Updated by Anonymous about 16 years ago

Attached is patch which makes md5 for crypt work , however standard des stops working afterwards.

There is probally some better way of doing this?? However this patch works for me.

-- tribunal

Actions #5

Updated by Anonymous about 16 years ago

Jan,

Algorithm Salt
CRYPT_STD_DES 2-character (Default)
CRYPT_EXT_DES 9-character
CRYPT_MD5 12-character beginning with $1$
CRYPT_BLOWFISH 16-character beginning with $2$

-- tribunal

Actions #6

Updated by Anonymous about 16 years ago

Jan,

Algorithm Salt
CRYPT_STD_DES 2-character (Default)
CRYPT_EXT_DES 9-character
CRYPT_MD5 12-character beginning with $1$
CRYPT_BLOWFISH 16-character beginning with $2$

-- tribunal

Actions #7

Updated by jan about 16 years ago

  • Status changed from New to Fixed
  • Resolution set to fixed

fixed in r710

Actions

Also available in: Atom