Date: Tue, 19 Dec 1995 12:31:24 +0100 (MET) From: Luigi Rizzo <luigi@labinfo.iet.unipi.it> To: wald@tin.mikom.csir.co.za (B.H. Waldeck) Cc: questions@FreeBSD.org Subject: Re: CERN httpd 3.0 & passwords Message-ID: <199512191131.MAA04425@labinfo.iet.unipi.it> In-Reply-To: <199512191219.MAA10669@tin.mikom.csir.co.za> from "B.H. Waldeck" at Dec 19, 95 12:19:34 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> I am trying to set up User/Password access using CERN httpd 3.0.
> My big problem is that the passwords are not correctly recognized.
> Correct passwords (from master.passwd or pwds just created with htadm)
> do not check correctly. Is there a known bug with this kind of error?
> Am I reading the wrong version of the FAQ? Any help will be appreciated!
If you use MD5 passwords, you can use the following patch to
/usr/ports/net/cern_httpd/work/WWW/Daemon/Implementation/HTPasswd.c
prova# diff -c HTPasswd.c HTPasswd.c.orig
*** HTPasswd.c Wed Dec 13 19:20:07 1995
--- HTPasswd.c.orig Sun Sep 25 14:52:56 1994
***************
*** 143,149 ****
if (!password || !encrypted)
return NO;
- #ifdef DES_PASSWD
len = 13*(((int)strlen(password)+7)/8);
if (len < (int)strlen(encrypted))
return NO;
--- 143,148 ----
***************
*** 181,190 ****
(status==0 ? "-OK-" : "-INCORRECT-"));
free(result);
! #else /* MD5 passwd */
! result=crypt(password, encrypted);
! status = strcmp(result, encrypted);
! #endif
if (status==0)
return YES;
--------------
Luigi
====================================================================
Luigi Rizzo Dip. di Ingegneria dell'Informazione
email: luigi@iet.unipi.it Universita' di Pisa
tel: +39-50-568533 via Diotisalvi 2, 56126 PISA (Italy)
fax: +39-50-568522 http://www.iet.unipi.it/~luigi/
====================================================================
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199512191131.MAA04425>