apr-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 47162] New: [PATCH] crypto: read/write support for SSHA-1 (salted SHA-1)
Date Wed, 06 May 2009 22:23:05 GMT

           Summary: [PATCH] crypto: read/write support for SSHA-1 (salted
           Product: APR
           Version: HEAD
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: APR-util
        AssignedTo: bugs@apr.apache.org
        ReportedBy: bnoordhuis@gmail.com

Section 14.4.1 of the OpenLDAP admin guide:

"This is the salted version of the SHA scheme. It is believed to be the most
secure password storage scheme supported by slapd."


Attached are two patches that add read and write support for SSHA-1. We've been
running this code in production for nine months now and with no hiccups, on a
platform with ~120,000 customers.

I imagine the write support belongs further upstream as it patches
support/ht{passwd,dbm}.c, but since it relies on a patched apr-util, I'll post
it here instead.

Why, apart from security, is this useful? I can present at least one use case
(ours): when migrating from LDAP-based authentication to .htaccess

Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail: bugs-unsubscribe@apr.apache.org
For additional commands, e-mail: bugs-help@apr.apache.org

View raw message