[AOLSERVER] Unicode, I18N, 3.4.2 / 4.0

[Bernd Eidenschink]

Hi,

I don't know how to set up a combination of the latest AOLserver,
using the nsd8x Interpreter, and a Postgres 7.2 database, that allows
me to safely work with a charset of iso8859-1. Please don't throw
stones, I know this has been discussed very often ;-)

How to do it?

The problems I run into during my own tests and the problems that
other people have (I read through some threads on various boards) are:

A.
Using the latest server out of the box, working with most European
characters will almost always fail using the typical string and regexp
functions that internally use utf-8 ... _IF_ you are returning (in http-
header or meta-tags) a charset of e.g. iso8859-1 (you have to
know what comes from forms/submits; you try to return umlauts
or any language depending chars and tell the browser of it).

B.
I got the tip of using an undocumented parameter in the config
file, that maps the iso8859-1 charset to .adp files (last year on this
list).
But this does not guarantee that all characters that _leave_ an
adp will be in iso8859-1 encoding (e.g. if I use combinations of
ns_adp_parse -file (where strings from the DB are regexped and
stringed and whatever) and return the string with ns_return).
At least if all what comes in goes iso-ed to the DB, you could do
a workaround and translate all outgoing chars to #123 html code.
(There was an example of a ns_adp_puts function that does this
given by Harray Moreau on the list)... If you escape all the characters
that way, I assume, you would not no longer have to return a
charset header or charset-meta-tag.

C.
The uncool way: Using charset=utf-8 outgoing, then also
expecting it incoming. A special character should come in as unicode
and tcl should treat it this way. The database must be installed with
unicode-encoding. You will run into performace problems and/or, maybe,
some unresolved topics of Postgres unicode-implementation as well.
I have not tried this yet, I merely assume this would work. What's
your opinion on that?

D.
Using an AD-patched version of AOLserver. The Problem: It's an
older version of the server, will it be kept up to date in the future?
(Of course, there's a large user base running it)

E.
I did not try --enable-recode and setting up a charset table for
utf8 - latin1 and latin1 - utf8 for Postgres. Maybe this would
work if you can guarantee all charsets coming from AOLserver
are coming as utf8 or iso8859x. Maybe, don't know.
I tried putting SET ENCODING TO 'UNICODE' resp. LATIN1 in front
of every SQL statement in my test api (and took into account that it may
make a
difference if you are SELECTing or INSERTing) for telling the Postgres
server that the client uses unicode or latin with and without the
undocumented feature of (B). This only lead to error messages
noticing me of failed encoding translations. Every insert _always_
was logged with german special characters (umlauts) and never
as unicode characters (don't know if this is correct).

Will AOLserver 4 come with I18N support that solves all the problems
and what to do if you need a solution here and now?
Solution B? C?


Thanks for reading through this one...

Bernd.

[AOLSERVER] nssha1 and SSHA

[Sean Redmond]

There is a module to do SHA1 encryption (nssha1) from Ars Digita, but I
need a way to do SSHA encryption Any implementations/ideas?

Thanks,
Sean Redmond


Sean Redmond
Brooklyn Museum of Art

Re: [AOLSERVER] nssha1 and SSHA

[Scott Goodwin]

I should be more specific -- SHA1 is a hashing algorithm What exactly are
you trying to do with it?

/s

 Sean,

 do you mean you need to do SHA1 encryption over the net? AFAIK, the nssha
 module encrypts data but not for SSL Is it the SSL capability you're
 looking for?

 /s

  There is a module to do SHA1 encryption (nssha1) from Ars Digita, but I
  need a way to do SSHA encryption Any implementations/ideas?
 
  Thanks,
  Sean Redmond
 
 
  Sean Redmond
  Brooklyn Museum of Art
 
 
 

Re: [AOLSERVER] nssha1 and SSHA

[Peter M. Jansson]

On 2/28/02 11:55 AM, Sean Redmond [EMAIL PROTECTED] wrote:

 There is a module to do SHA1 encryption (nssha1) from Ars Digita, but I
 need a way to do SSHA encryption. Any implementations/ideas?

From the description on this page:

  http://www.openldap.org/faq/data/cache/347.html

It looks like you generate an SSHA hash by appending the seed to the
cleartext before generating the hash.  Since I haven't used nssha1, I don't
know that I can be more helpful.

(SHA1 and SSHA are hashing algorithms, rather than encryption algorithms.)

Re: [AOLSERVER] nssha1 and SSHA

[Steve Miskovitz]

According to
http://developer.netscape.com/docs/technote/ldap/pass_sha.html and
various other web forums, SSHA is just Seeded SHA1.  It is computed as
follows :

 In Netscape Directory Server version 4 or later, a userPassword attribute
 value may consist of {SSHA}, followed by the base64 encoding of:

 1) the SHA-1 digest of:
   1) a password, followed by
   2) a sequence of salt bytes, whose values were chosen at random;
 2) followed by the same salt bytes.

Although I have not used the nssha1 library you talked about (nor being
an experienced aolserver developer), it seems you can just take the
password (a), generate a salt (b), feed the concatenation (a+b) to nssha1
(c), and then use (c)(b) as the result of SSHA encryption with the salt
(b).

Hope this helps...

Thanks,
Steve Miskovitz
[EMAIL PROTECTED]
Internet Developer, CollegePublisher.com

On Thu, 28 Feb 2002, Sean Redmond wrote:

 At 12:03 PM 2/28/2002 -0500, you wrote:
 I should be more specific -- SHA1 is a hashing algorithm. What exactly are
 you trying to do with it?
 
 /s.

 I'm trying to hash passwords to compare them to passwords stored in an LDAP
 directory (and retrieved with ns_ldap). By default (at least, I guess, for
 OpenLDAP) they seem to be stored in SSHA.

 Sean


 Sean Redmond
 Brooklyn Museum of Art