Re: [PATCH] Re: apr/util failure [was Re: apr/pool makes compat/send_fd & driective/setupenv fail on Win32]

Thu, 27 May 2004 09:54:19 -0700

Steve Hay wrote: 
Stas Bekman wrote:


Steve, please try the current cvs for this test. Win32 is now skipped for crypt, but I added sha1 and md5 sub-tests. Got the hashes from htpasswd. Thanks.


Still not quite right:

t\apr\util....1..4
# Running under perl version 5.008004 for MSWin32
# Current time local: Thu May 27 09:31:31 2004
# Current time GMT:   Thu May 27 08:31:31 2004
# Using Test.pm version 1.24
ok 1
# crypt
# crypt is not supported on MSWin32
ok 2
# sha1
not ok 3
# md5
ok 4
FAILED test 3

This is really weird - it looks like SHA-1 is failing, but running htpasswd on my machine (using the same Apache 2.0.49 as mp2 is using) it seems to be MD5 that disagrees with the values in the test file.

The test file contains this:

    md5   => '$apr1$Kld6H/..$o5OPPPWslI3zB20S54u9s1',
    sha1  => '{SHA}A5NpTRa4TethLkfOYlK9NfDYbAY=',

Running

    C:\apache2\bin>.\htpasswd -nbs user "this is some text"

outputs

    user:{SHA}A5NpTRa4TethLkfOYlK9NfDYbAY=

which looks fine, but changing the -nbs to -nbm disagrees with the test file data, and doesn't even give the same answer every time:

    C:\apache2\bin>.\htpasswd -nbm user "this is some text"
    user:$apr1$/b......$jr0lO2qReuruvVOd4T/eO.
    C:\apache2\bin>.\htpasswd -nbm user "this is some text"
    user:$apr1$6b......$6u//KfKBjzrGboSSY2HiN/
    C:\apache2\bin>.\htpasswd -nbm user "this is some text"
    user:$apr1$Fb......$b1RNgyEDm0TTIswEvh3ZY1

Is this what you'd expect???

I don't expect anything. I just know that neither sha1 nor md5 are tested by apr itself.

I don't know why md5 checksum is getting randomized. I think they are using a seed to make it different every time, like crypt() does.

I will report the SHA1 problem to the apr-dev list.

--
__________________________________________________________________
Stas Bekman            JAm_pH ------> Just Another mod_perl Hacker
http://stason.org/     mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to