On Wed, 2003-02-05 at 17:51, Sean Burford wrote:
> Hi,
>
> The patch I mentioned in my previous message is attached.
>
> I have also attached a patch I made to implement HHA1 password storage
> for digest authentication. The old behaviour is to require plain text
> passwords for digest users. With the HHA1 patch, the HHA1 hash can be
> stored in place of the plain text password. Password file format is:
>
> userone:password
> usertwo:{HHA1}ac9e06235a3f403fe5aa6098a39a671f
>
> I'll send a HHA1 hash generator later. For now, look in cache.log for
> the string "digest_pw_auth:" followed by the username and hash after
> applying the patch and logging in using the plain text password.Hi Sean. I'd rather have the digest authenticator run exclusively plaintext, or exclusively HHA1 - not autodetection. I won't be applying the helper patch therefore, but a variation that takes a command line parameter to change the behaviour will be accepted. I'm reviewing the digest auth core changes at the moment, more on that soon. Rob -- GPG key available at: <http://users.bigpond.net.au/robertc/keys.txt>.
signature.asc
Description: This is a digitally signed message part
