#9 add BASE64 encoded SHA1 encryption scheme


this patch adds the
AuthMySQLPwEncryption sha1base64
config option that compares the password against a base64 encoded sha1-hash from database.

it can be applied to mod_auth_mysql.c version 3.0.0


  • Jerry Stuckle

    Jerry Stuckle - 2007-10-11

    Logged In: YES
    Originator: NO

    I'm not sure what would be the reason for base64 encoding a password before placing in a database.

  • zaarkov

    zaarkov - 2007-10-12

    Logged In: YES
    Originator: YES

    It's a common used password hashing scheme.
    When you connect many components (e.g. SMTP-server, POP3/IMAP-server) to a MySQL database you have to use the schemes they all support.
    Somehow they like the base64 idea, but I don't know their reasons.
    However supporting this will let more users authenticate against passwords already stored in a database instead of encoding passwords in a different way and store them twice.

  • Nobody/Anonymous

    Hey, when I try to compile the patched module I get the following error:

    mod_auth_mysql.c: In function ‘pw_sha1_base64’:
    mod_auth_mysql.c:869: error: ‘APR_SHA1PW_IDLEN’ undeclared (first use in this function)
    mod_auth_mysql.c:869: error: (Each undeclared identifier is reported only once
    mod_auth_mysql.c:869: error: for each function it appears in.)
    apxs:Break: Command failed with rc=1

    any ideas? (I'm using apache2 on debian etch)

  • Jima

    Jima - 2009-02-05

    I'm pretty fond of this patch, myself. I think it'd be useful to include.


Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.

No, thanks