Apache SHA1 Password bug (AMD64)

To: debian-apache@lists.debian.org
Subject: Apache SHA1 Password bug (AMD64)
From: Kirk Ismay <captain@netidea.com>
Date: Mon, 12 Jan 2009 20:50:19 -0800
Message-id: <[🔎] 496C1D8B.6070203@netidea.com>

I have experienced a bug on AMD64 Apache/1.3.33 & Apache/1.3.34(Debian) . SHA1 encrypted passwords do not seem to work. The issue issimilar to this, but only seems to affect AMD64 on sarge and etch (I'vetried it on several machines):

https://issues.apache.org/bugzilla/show_bug.cgi?id=17343

The following test case works on my i386 machine, but fails on AMD64.The SHA login is guest/guest, crypt is test/test.

Regards,
Kirk Ismay

.htaccess:
AuthName test
Deny from all
AuthType basic
AuthUserFile /var/www/test/.htpasswd
<limit GET POST>
require valid-user
satisfy any
</limit>
## end .htaccess

.htpasswd:
guest:{SHA}NWdeaPS1r3uZXZIFrQ/EOELxZFA=
test:d/kXMZ8tY7geY
## end .htpass

Reply to:

Follow-Ups:
- Re: Apache SHA1 Password bug (AMD64)
  - From: Stefan Fritsch <sf@debian.org>

Prev by Date: Bug#511594: default ports.conf should not contain NameVirtualHost directive
Next by Date: Re: improvement for apache mod_autoindex default configuration
Previous by thread: Bug#511594: default ports.conf should not contain NameVirtualHost directive
Next by thread: Re: Apache SHA1 Password bug (AMD64)
Index(es):
- Date
- Thread