Error pages/Web Authentication
tsaavik
nginx-forum at nginx.us
Thu Jul 7 19:14:27 MSD 2011
Maxim Dounin Wrote:
-------------------------------------------------------
> 1. Does Nginx support SHA encryption for the basic web
authentication?
> When I use -s switch with htpasswd command I can't log in...
I ran into this issue just the other day with htpasswd -s. I noticed
that if I modified the output of htpasswd from {SHA} to {SSHA} I was
able to use the generated password with nginx 1.0.4.
I wonder if it is feasible to add the following to ngx_crypt.c to be
more compatible with the output of htpasswd? Please note, I'm no
cryptologist and barely a programmer, but I do sleep in Holiday Inns.
--- ngx_crypt.c.orig 2011-07-07 08:10:36.814068671 -0700
+++ ngx_crypt.c 2011-07-07 08:11:26.670068063 -0700
@@ -42,6 +42,8 @@
#if (NGX_HAVE_SHA1)
} else if (ngx_strncmp(salt, "{SSHA}", sizeof("{SSHA}") - 1) == 0)
{
return ngx_crypt_ssha(pool, key, salt, encrypted);
+ } else if (ngx_strncmp(salt, "{SHA}", sizeof("{SHA}") - 1) == 0) {
+ return ngx_crypt_ssha(pool, key, salt, encrypted);
#endif
}
45,46d44
< } else if (ngx_strncmp(salt, "{SHA}", sizeof("{SHA}") - 1) == 0)
{
< return ngx_crypt_ssha(pool, key, salt, encrypted);
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,205299,212005#msg-212005
More information about the nginx
mailing list