> Well, maybe I explained it bad, so I'll try again:
ok :)
>
> In 2.1, the AAA was totally restructured, to separate the algorithm
> (BASIC or DIGEST or whatever) from the storage (FILE or DBM or a
> database), and to open the full matrix of options to users.
>
> However, even if it was done in the server (which I didn't check),
it was.
> there
> is no way to use it,
please don't spread FUD like that. of course you can use it, and I'm sure
many people have and will continue to do so.
> because the supporting programs have never fixed or
> changed to support it: Nothing was added to dbmmanage or to htdbm or to
> htpasswd to support different algorithms, or at least DIGEST. Moreover,
> the only program which still supports DIGEST - htdigest - does almost
> nothing - no DBM, no database support, and even the minimal features -
> such as non-interactive mode ("-b") so other programs or CGIs can call
> it - are not supported.
ok, I wasn't aware that the majority of people were using these tools
interactively to manage users like that. at least not on a large scale. at
least not those that really, really wanted to move to digest :)
but ok, if that's true then sure - we ought to support digest from these
tools... or come up with a better way.
so, to that end, to the rest of the developers here's my offer:
I'll write an htpasswd replacement that will
- allow for management of users using Basic or Digest algorithms
- allow for varying data stores
- allow for varying user algorithms (mixing of Basic and Digest in the
same store, for example)
- support (as best I can) existing options from existing support files
- whatever else it ought to do
it will, of course, be in perl - if people are really just shell'ing out to
a binary from a CGI then there's no real reason it _needs_ to be in C. at
least that I can see :)
anyway, that's the offer. if others like it and can see integrating it then
I'll do it. if not, I won't, and no harm done.
--Geoff
