I brought a new server up yesterday using Red Hat 8's httpd-2.0.40-8 and based on the patches and comments I found in the list archive all was eventually well. Today I updated various rpms on the box from the official Red Hat updates and how AuthDBI is no longer working. I stuck various debugging statements in until I drilled down to the point of finding that crypt() seems to be the problem. Running perl from the command line produces correct results: # perl -e 'print crypt("test","0y"),"\n"'; 0y5fZG4UG8Bd.
but when I add the logging statement into AuthDBI $r->log_reason("password='$password' passwd_to_check='$passwd_to_check' salt='$salt' accessing ", $r->uri); between these lines: my $passwd_to_check = $Attr->{encrypted} eq 'on' ? crypt($passwd_sent, $password) : $passwd_sent; # here in other words if ($passwd_to_check eq $password) { the logs show: [Fri Jan 24 16:27:19 2003] [error] password='0y5fZG4UG8Bd.' passwd_to_check='0ypz5H80XtTxw' salt='0y' accessing /cgi/test So why did upgrading httpd break crypt?!? -- </chris> "Never offend people with style when you can offend them with substance." - Sam Brown