Geoffrey Young wrote: > only? you can certainly add a new user via > > use Digest::MD5; > > my $user = 'user'; > my $realm = 'realm'; > my $pass = 'pass'; > > print "$user:$realm:", Digest::MD5::md5_hex("$user:$realm:$pass"), "\n"; > > once you know the algorithm, parsing the file and changing passwords with > perl is just as simple :)
Well, maybe I explained it bad, so I'll try again: In 2.1, the AAA was totally restructured, to separate the algorithm (BASIC or DIGEST or whatever) from the storage (FILE or DBM or a database), and to open the full matrix of options to users. However, even if it was done in the server (which I didn't check), there is no way to use it, because the supporting programs have never fixed or changed to support it: Nothing was added to dbmmanage or to htdbm or to htpasswd to support different algorithms, or at least DIGEST. Moreover, the only program which still supports DIGEST - htdigest - does almost nothing - no DBM, no database support, and even the minimal features - such as non-interactive mode ("-b") so other programs or CGIs can call it - are not supported. Has anybody here ever user DIGEST not in a FILE but in DBM or a database? How did he do it? Is there any code sample? Why don't we just fix dbmmanage and htdbm? And of course, finally finishing htdigest? Or add DIGEST as an option to htpasswd? (which is better?) If I do any of the above things, will it be committed? (assuming it's written according to the guidelines) Does anybody have existing code or patches to save me time? Will there be anybody else to help me? I know that there are tricks to do everything in Perl, but if this is the way to go - then remove htpasswd/htdigest from the distribution and ask people to write Perl scripts instead... ;-) (I'm not serious, I'm just trying to illustrate why solutions like the responder suggested are not practical; if the supporting programs lack minimal and basic features, we must fix them. If htdigest is useless, either remove it or fix it. And if there is no way to use DIGEST but only BASIC, then return to the old structure of AAA, because there is no need to separate the algorithm - there is only BASIC). Thanks, -- Eli Marmor [EMAIL PROTECTED] Netmask (El-Mar) Internet Technologies Ltd. __________________________________________________________ Tel.: +972-9-766-1020 8 Yad-Harutzim St. Fax.: +972-9-766-1314 P.O.B. 7004 Mobile: +972-50-5237338 Kfar-Saba 44641, Israel