On Tue, Sep 10, 2002 at 11:31:20AM -0700, Aaron Bannert wrote:
> Although I like the idea of rethinking these sorts of things, I don't
> think we would do well to break current .htpasswd files or homebrew
> scripts that do the work of htpasswd.
I think we can do it in a way that wouldn't break old htpasswd
files. If the first character is a {, then we look for a matching },
and everything in between should be a code for the algorithm used.
If the first character isn't a { or we don't have a matching }, then
it isn't a problem.
And, AFAIK, none of the current algorithms allow { or } as valid
characters (which is why LDAP uses it). So, we really shouldn't see
a { without a matching }. -- justin
