[Devel] [ openser-Patches-1671713 ] openserctl setting to hide
plaintext passwords
SourceForge.net
noreply at sourceforge.net
Fri Mar 2 18:42:25 CET 2007
Patches item #1671713, was opened at 2007-03-01 15:56
Message generated for change (Comment added) made by bogdan_iancu
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=743022&aid=1671713&group_id=139143
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: tools
Group: ver devel
>Status: Closed
>Resolution: Accepted
Priority: 5
Private: No
Submitted By: Hans Hoppe (hopha)
>Assigned to: Bogdan (bogdan_iancu)
Summary: openserctl setting to hide plaintext passwords
Initial Comment:
The auth_db module provides the choice to use either precalculated HA1 strings stored in the database, or to generate them on the fly using plaintext passwords stored in the database.
The openserctl "add" and "passwd" commands calculate the HA1 strings and store both the HA1 strings and the plaintext password in the database. In case site policy disallows plaintext passwords stored in the database, these must be removed after using "openserctl add" or "openserctl passwd".
I've added a switch to openserctl / openserctlrc / openserctl.sqlbase to allow plaintext passwords to be omitted from the database.
(Patch against 20070224 cvs snapshot)
----------------------------------------------------------------------
>Comment By: Bogdan (bogdan_iancu)
Date: 2007-03-02 19:42
Message:
Logged In: YES
user_id=1275325
Originator: NO
Hi Hans,
thanks for the patch - really usefull! I applied it on SVN trunk and it
will be part of 1.2 release.
regards,
bogdan
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=743022&aid=1671713&group_id=139143
More information about the Devel
mailing list