From e8ec7aa8e38a93f5b034ac74cebce5de23710317 Mon Sep 17 00:00:00 2001 From: hongbotian Date: Mon, 30 Nov 2015 01:45:08 -0500 Subject: upload http JIRA: BOTTLENECK-10 Change-Id: I7598427ff904df438ce77c2819ee48ac75ffa8da Signed-off-by: hongbotian --- rubbos/app/httpd-2.0.64/support/SHA1/README.sha1 | 34 ++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 rubbos/app/httpd-2.0.64/support/SHA1/README.sha1 (limited to 'rubbos/app/httpd-2.0.64/support/SHA1/README.sha1') diff --git a/rubbos/app/httpd-2.0.64/support/SHA1/README.sha1 b/rubbos/app/httpd-2.0.64/support/SHA1/README.sha1 new file mode 100644 index 00000000..3998e1fd --- /dev/null +++ b/rubbos/app/httpd-2.0.64/support/SHA1/README.sha1 @@ -0,0 +1,34 @@ +This directory includes some utilities to allow Apache 1.3.6 to +recognize passwords in SHA1 format, as used by Netscape web servers. + +From Netscape's admin interface, export the password database to an +ldif file and then use convert.pl in this distribution to generate +apache style password files. + +Note: SHA1 support is useful for migration purposes, but is less + secure than Apache's password format, since Apache's (MD5) + password format uses a random eight character salt to generate + one of many possible hashes for the same password. Netscape + uses plain SHA1 without a salt, so the same password + will always generate the same hash, making it easier + to break since the search space is smaller. + +This code was contributed by Clinton Wong . + +README.sha1 + this file + +convert-sha1.pl + takes an ldif dump from Netscape's web server on + standard in, outputs apache htpasswd format on standard out. + + Usage: convert.pl < ldif > passwords + +htpasswd-sha1.pl + perl script to generate entries in apache htpasswd format. + + Usage: htpasswd-sha1.pl some_user some_password + +ldif-sha1.example + sample ldif dump with one sha1 password and one crypt password. + -- cgit 1.2.3-korg