On Tue, Sep 10, 2002 at 11:57:08AM -0400, [EMAIL PROTECTED] wrote: > I agree with Bill. Please revert this commit. The problem is that
And, I think there is power in giving the user the choice to have correct MD5 hashes produced. Not every use of htpasswd is going to be fed into apr_password_validate(). If I were to write a new auth scheme or a CGI script where the client sends a correct MD5 hash of their password and I needed to verify that hash, this option would be essential. It isn't the default (heck, we could remove the option from the help or rot13 the option description), but even if it produces something not portable with apr_password_validate() but is a correct MD5 hash, I think we should allow users to produce it. -- justin