apr-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 45679] SHA1 passwords starting with {SHA} don't work and cause a minor buffer overrun
Date Mon, 25 Aug 2008 11:20:54 GMT

--- Comment #4 from Bojan Smojver <bojan@rexursive.com>  2008-08-25 04:20:54 PST ---
But I also do see your point about "{SHA}" prefix actually being part of the
final hash, not the clear password passed in (this is how OpenLDAP works, for
instance). To be honest, I don't know why the exception to ignore "{SHA}"
prefix in clear password would be made...

Maybe long, long time ago someone wanted to identify SHA1 password hashing by
passing that prefix in front of clear passwords or something. No idea...

Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail: bugs-unsubscribe@apr.apache.org
For additional commands, e-mail: bugs-help@apr.apache.org

View raw message