You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Rob Hartill <ha...@hyperreal.com> on 1995/08/09 18:48:37 UTC

feature request (fwd)

Forwarded message:
> From archie@tribe.com  Tue Aug  8 19:19:35 1995
> From: Archie Cobbs <ar...@tribe.com>
> Message-Id: <19...@bubba.tribe.com>
> Subject: feature request
> To: apache-bugs@apache.org
> Date: Tue, 8 Aug 1995 19:18:36 -0700 (PDT)
> X-Mailer: ELM [version 2.4 PL24]
> Content-Type: text
> Content-Length: 717       
> 
> 
> This is a minor nit.
> 
> Since both Apache/htpasswd and login(1) use the same function to
> encrypt passwords, you'd think that you could just say:
> 
>     AuthUserFile    /etc/passwd
> 
> and every user would automatically have a password. However,
> this fails because the apache code does a strcmp() against
> the encrypted password field without checking for the terminating
> colon. Therefore, you have to do something like the following to
> get this idea to work:
> 
>    awk -F: '{ printf "%s:%s\n", $1, $2 }' < /etc/passwd > htpasswd
> 
> (and it does indeed work). So, could apache be modified with the
> following line (or equivalent) before the strcmp()?
> 
>     if ((s = strchr(real_pw, ':')) != NULL)
>         *s = 0;
> 
> Thanks,
> -Archie
> 
>