You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Marc Slemko <ma...@worldgate.com> on 1998/01/12 07:45:23 UTC

just use md5 for win32?

Should we just use md5 for win32 and skip crypt?

It means that htpasswd files can't be transferred from unix.  Do other NT
servers use htpasswd files?  What do they use?  Is it worth taking extra
effort to make existing crypt()ed files (at least from some platforms)
transferrable?

It means we don't need to worry about DES export restrictions (although
Walnut Creek's lawyers said no problems so FreeBSD is doing it I _think_,
probably should look into it).

It means we don't have to add crypt.

I have a test setup working here using md5 on win32 and it works fine.  It
is, however, a royal pain to make htpasswd compile to use the md5 stuff.
And I mean a _pain_.  Part of that is probably just me not expected such
braindead compilation systems though.

Re: just use md5 for win32?

Posted by Marc Slemko <ma...@worldgate.com>.

On Mon, 12 Jan 1998, Ben Laurie wrote:

> Marc Slemko wrote:
> > 
> > Should we just use md5 for win32 and skip crypt?
> > 
> > It means that htpasswd files can't be transferred from unix.  Do other NT
> > servers use htpasswd files?  What do they use?  Is it worth taking extra
> > effort to make existing crypt()ed files (at least from some platforms)
> > transferrable?
> 
> It isn't a requirement that they should be transportable, is it? I'm not
> at all convinced that all Unixes have identical crypt()'s anyway (e.g.
> FreeBSD passwd files certainly don't look like anyone else's).

That's 'cause they use md5 by default.  <g>

If you use DES, they do.

Re: just use md5 for win32?

Posted by Ben Laurie <be...@algroup.co.uk>.

Marc Slemko wrote:
> 
> Should we just use md5 for win32 and skip crypt?
> 
> It means that htpasswd files can't be transferred from unix.  Do other NT
> servers use htpasswd files?  What do they use?  Is it worth taking extra
> effort to make existing crypt()ed files (at least from some platforms)
> transferrable?

It isn't a requirement that they should be transportable, is it? I'm not
at all convinced that all Unixes have identical crypt()'s anyway (e.g.
FreeBSD passwd files certainly don't look like anyone else's).

In other words, yes, use MD5 - it's what I'd vaguely planned to do when
I got around to it...

Cheers,

Ben.

-- 
Ben Laurie            |Phone: +44 (181) 735 0686|Apache Group member
Freelance Consultant  |Fax:   +44 (181) 735 0689|http://www.apache.org
and Technical Director|Email: ben@algroup.co.uk |Apache-SSL author
A.L. Digital Ltd,     |http://www.algroup.co.uk/Apache-SSL
London, England.      |"Apache: TDG" http://www.ora.com/catalog/apache

Re: just use md5 for win32?

Posted by Manoj Kasichainula <ma...@io.com>.

This is getting off-topic, you might want to send replies in private
e-mail.

On Mon, Jan 12, 1998 at 09:56:48AM +0000, Paul Sutton wrote:
> On Mon, 12 Jan 1998, Manoj Kasichainula wrote:
> > But, the new release of Samba (now tested to be faster than NT)
> > comes with it; they've written their code such that it can only be
> > used for authentication, so it's okay to distribute.
> 
> I don't know, but maybe it is because Samba comes from Australia? If
> Apache wasn't partially developed by US citizens and wasn't on a US server
> it could have crypt and SSL in it as well. 

Actually, the issue isn't who develops it. AFAIK (and according to the
1.9.18p1 release notes), even if it was developed outside the U.S., it
can't be exported off of U.S. mirror sites, which is why they had to
use the restricted version of DES.

-- 
Manoj Kasichainula - manojk at io dot com - http://www.io.com/~manojk/
"Would you die for The One?"
"I wouldn't get pizza for the one. That ain't my job." - J.M. Straczynski

Re: just use md5 for win32?

Posted by Paul Sutton <pa...@eu.c2.net>.

On Mon, 12 Jan 1998, Manoj Kasichainula wrote:
> Hmmm, during my couple of months of fooling around with FreeBSD, ISTR
> the DES code still being restricted. But, the new release of Samba
> (now tested to be faster than NT) comes with it; they've written their
> code such that it can only be used for authentication, so it's okay to
> distribute.

I don't know, but maybe it is because Samba comes from Australia? If
Apache wasn't partially developed by US citizens and wasn't on a US server
it could have crypt and SSL in it as well. 

//pcs

Re: just use md5 for win32?

Posted by Manoj Kasichainula <ma...@io.com>.

On Sun, Jan 11, 1998 at 11:45:23PM -0700, Marc Slemko wrote:
> Should we just use md5 for win32 and skip crypt?
 [snip]
> It means we don't need to worry about DES export restrictions (although
> Walnut Creek's lawyers said no problems so FreeBSD is doing it I _think_,
> probably should look into it).

Hmmm, during my couple of months of fooling around with FreeBSD, ISTR
the DES code still being restricted. But, the new release of Samba
(now tested to be faster than NT) comes with it; they've written their
code such that it can only be used for authentication, so it's okay to
distribute.

-- 
Manoj Kasichainula - manojk at io dot com - http://www.io.com/~manojk/
"When you say `I wrote a program that crashed Windows', people just stare at
you blankly and say `Hey, I got those with the system, *for free*'"
  -- Linus Torvalds