#9 add BASE64 encoded SHA1 encryption scheme

[zaarkov]

this patch adds the
AuthMySQLPwEncryption sha1base64
config option that compares the password against a base64 encoded sha1-hash from database.

it can be applied to mod_auth_mysql.c version 3.0.0

[zaarkov]

patch for adding SHA1BASE64 encryption scheme

[Jerry Stuckle]

Logged In: YES
user_id=1049703
Originator: NO

I'm not sure what would be the reason for base64 encoding a password before placing in a database.

[zaarkov]

Logged In: YES
user_id=565190
Originator: YES

It's a common used password hashing scheme.
When you connect many components (e.g. SMTP-server, POP3/IMAP-server) to a MySQL database you have to use the schemes they all support.
Somehow they like the base64 idea, but I don't know their reasons.
However supporting this will let more users authenticate against passwords already stored in a database instead of encoding passwords in a different way and store them twice.

[Nobody/Anonymous]

Hey, when I try to compile the patched module I get the following error:

mod_auth_mysql.c: In function ‘pw_sha1_base64’:
mod_auth_mysql.c:869: error: ‘APR_SHA1PW_IDLEN’ undeclared (first use in this function)
mod_auth_mysql.c:869: error: (Each undeclared identifier is reported only once
mod_auth_mysql.c:869: error: for each function it appears in.)
apxs:Break: Command failed with rc=1

any ideas? (I'm using apache2 on debian etch)

[Jima]

I'm pretty fond of this patch, myself. I think it'd be useful to include.