Re: Encryption of password

["Dirk.vanGulik" <Di...@jrc.it>]

> I have used your authorization module for MSQL and it works fine. But
> I am now switching to Microsoft SQL server. Since you are an expert in
> this area, maybe you can help me with the encryption of password in a
> table. Is there any ready-made program out there which I can use to
> encrypt the column which contains the passwords for authorized users?

Hmm.. using microsoft huh... good choice :-) But I am not aware of
any crypt() like statement on MS I am afraid; though you could try using
the MS version of perl. 

This is what I use, you can do the same in C I suppose, the trouble
is with the crypt() which MUST be the one which apache links in.

You could switch off encryption of course with  

	Auth_MSQL_EncryptedPasswords off

Dw.

#!/usr/local/bin/perl

map { print crypt_passwd($_)."\n"; } @ARGV or die "Syntax: $0 <password> [password...]";
exit;

sub to64 {
        local ($v,$n)=@_; local $s,$a;
        $a="./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
        while (--$n >=0 ) {
                $s.=substr($a,($v % 64),1);
                $v>>=6;
                };
        return $s;
        };
 
sub crypt_passwd {
        local ($passwd,$salt)=@_;
        if (!($salt)) {
                srand(time^($$+($$<<15)));
                $salt=to64(rand(64*64),2);
                };
        return crypt($passwd,$salt);
        };