https://bz.apache.org/bugzilla/show_bug.cgi?id=62149
Bug ID: 62149
Summary: Passwords hashed with SHA-512 are not cached
Product: Apache httpd-2
Version: 2.4.6
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P2
Component: mod_authn_socache
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
Passwords hashed with SHA-512 are more than 100 bytes long, including the crypt
header and salt, e.g.
$6$3OGMZTLTfPf8nUS$sh4NpsJ4BnL8P6dBVlpWDhZYNJX0xPJ8VsELF1VuTLENykLJ7SvDEWRneAednI2FdCyejCq5gIyfEAFJvXCdI0
This leads to problems when using mod_authn_socache in combination with
socache_shmcb (and probably also others) because MAX_VAL_LEN, which is the
maximum amount of data when an entry is retrieved from the cache, is too small.
Increasing it from 100 to 128 solved the problem.
I consider this a major problem because it renders some of our services
unusable when the passwords are stored in an SQL database.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
