Henrik Nordstrom writes:
>Duane Wessels wrote:
>>
>> I don't understand this section of acl.c:
>>
>> 1161 *passwd &= (~0x80);
>> 1162 #if HAVE_CRYPT
>> 1163 if (strcmp(u->passwd, crypt(passwd, u->passwd))) {
>> 1164 #else
>> 1165 if (strcmp(u->passwd, passwd)) {
>> 1166 #endif
>>
>> I don't understand why crypt() is there. Its the only place in
>> the code where crypt() is used. Something feels wrong, but
>> I can't put my finger on it. Shouldn't there be another call
>> to crypt() somewhere else?
>
>No. The other call to crypt is external and done when building the
>password files. The same relationship as in /bin/passwd and /bin/login
>(squid plays the login role). /bin/login is verifying the encrypted
>password using crypt() and /bin/passwd is encrypts the password using
>crypt().
So htpasswd(1) uses crypt if its available? Squid has to use crypt
if htpasswd does, and not if not?
>:-/
Duane W.
Received on Tue Jul 29 2003 - 13:15:49 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:11:47 MST