Hello, > Stephane do you have any idea how to handle this correctly?
The correct way would be to see where yog checks the passwords and to add a hash there. We can then apply the same hash function to the password data.
I've been looking in YOG's source code, the passwords seem to be already hashed using SHA1, see src/YOGServerPasswordRegistry.cpp:113
Therefore, it is probably safe to transmit password data. What do you think? Stéph -- Dr Stéphane Magnenat http://stephane.magnenat.net _______________________________________________ glob2-devel mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/glob2-devel
