Bug 47162 - [PATCH] crypto: read/write support for SSHA-1 (salted SHA-1)
[PATCH] crypto: read/write support for SSHA-1 (salted SHA-1)
Status: NEW
Product: APR
Classification: Unclassified
Component: APR-util
HEAD
All All
: P2 enhancement (vote)
: ---
Assigned To: Apache Portable Runtime bugs mailinglist
:
Depends on:
Blocks:
  Show dependency tree
 
Reported: 2009-05-06 15:23 UTC by Ben Noordhuis
Modified: 2012-09-07 19:41 UTC (History)
0 users



Attachments
SSHA-1 read support. (7.64 KB, patch)
2009-05-06 15:23 UTC, Ben Noordhuis
Details | Diff
SSHA-1 write support. (4.04 KB, patch)
2009-05-06 15:24 UTC, Ben Noordhuis
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Ben Noordhuis 2009-05-06 15:23:04 UTC
Section 14.4.1 of the OpenLDAP admin guide:

"This is the salted version of the SHA scheme. It is believed to be the most secure password storage scheme supported by slapd."

http://www.openldap.org/doc/admin24/security.html#SSHA%20password%20storage%20scheme

Attached are two patches that add read and write support for SSHA-1. We've been running this code in production for nine months now and with no hiccups, on a platform with ~120,000 customers.

I imagine the write support belongs further upstream as it patches support/ht{passwd,dbm}.c, but since it relies on a patched apr-util, I'll post it here instead.

Why, apart from security, is this useful? I can present at least one use case (ours): when migrating from LDAP-based authentication to .htaccess authentication.
Comment 1 Ben Noordhuis 2009-05-06 15:23:56 UTC
Created attachment 23621 [details]
SSHA-1 read support.
Comment 2 Ben Noordhuis 2009-05-06 15:24:29 UTC
Created attachment 23622 [details]
SSHA-1 write support.
Comment 3 Stefan Fritsch 2012-09-07 19:41:39 UTC
(In reply to comment #0)
> Why, apart from security, is this useful? I can present at least one use
> case (ours): when migrating from LDAP-based authentication to .htaccess
> authentication.

AFAICS, SSHA-1 uses only one round of SHA-1, so it's rather insecure. I don't want to add more insecure hash algorithms to htpasswd. But I would accept the use case of moving from LDAP-based authentication to file based authentication. But for that, only the verify ("read") support would be needed. Do you agree that verify support alone would be useful?