Modify

Opened 7 years ago

Closed 6 years ago

#7395 closed enhancement (duplicate)

[patch] Allow md5 hashed passwords for htpasswd file

Reported by: Peter Palfrader Owned by: Steffen Hoffmann
Priority: normal Component: AccountManagerPlugin
Severity: normal Keywords: htpasswd file
Cc: Peter Palfrader Trac Release: 0.11

Description

Hi,

setting password_store to HtPasswdStore will cause the plugin to store passwords using the standard DES crypt which is kinda weak and only supports passwords of up to 8 characters.

All the infrastructure needed to support stronger hashes is already there, but I did not see any (obvious) way to actually enable it.

So here's a tiny patch that creates a HtPasswdStoreMD5 password store. This is against the .11, but I hope it'll also apply against trunk.

Attachments (1)

0002-Add-a-HtPasswdStoreMD5.patch (1.4 KB) - added by Peter Palfrader 7 years ago.

Download all attachments as: .zip

Change History (4)

Changed 7 years ago by Peter Palfrader

comment:1 Changed 7 years ago by Peter Palfrader

Cc: Peter Palfrader added; anonymous removed

comment:2 Changed 6 years ago by Steffen Hoffmann

Keywords: htpasswd file added
Owner: changed from Matt Good to Steffen Hoffmann
Summary: md5 hashed passwords for htpasswdAllow md5 hashed passwords for htpasswd file

Sorry for spotting it that late. This has been fixed recently in changeset [9274], actually allowing even more flexibility. Anyway, thanks for taking your time and preparing the suggested patch.

I'd be happy, if you could review current trunk regarding this issue, as I'm preparing a release for 0.11 branch, where this certainly should go in.

comment:3 Changed 6 years ago by Steffen Hoffmann

Resolution: duplicate
Status: newclosed
Summary: Allow md5 hashed passwords for htpasswd file[patch] Allow md5 hashed passwords for htpasswd file

Just flag patch availability here. I'll put down a note regarding it in #2282 as well.

Modify Ticket

Action
as closed The owner will remain Steffen Hoffmann.
The resolution will be deleted. Next status will be 'reopened'.

Add Comment


E-mail address and name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.