mirror of
https://github.com/apache/httpd.git
synced 2025-08-13 14:40:20 +00:00
3928bbf8b3
Add support for SHA-2 crypt() algorithm in htpasswd.
* configure.in: Detect SHA-2 support in crypt().
* support/passwd_common.h: Define ALG_CRYPT_SHA256, ALG_CRYPT_SHA512,
include ap_config_auto.h.
* support/htpasswd.c (check_args): Allow -2, -5, -r arguments for
SHA-256, SHA-256 and rounds options respectively.
* support/passwd_common.c
(parse_common_options): Parse -2, -5, -r args.
(mkhash): Generate crypt hash for SHA256/SHA512 algorithms.
Update transform.
* support/htpasswd.c (usage): More usage fixes for SHA-2; describe
as "secure", leave bcrypt only algorithm described as "very secure".
* support/passwd_common.c (mkhash): Fix salt buffer size for SHA2
(caught by gcc 10).
configure: Assume crypt() does not support SHA-2 when cross-compiling.
Can be forced with "./configure ap_cv_crypt_sha2=yes ..." still.
* configure.in:
Give AC_RUN_IFELSE a cross-compiling action, otherwise it fails with:
configure: error: cannot run test program while cross compiling
Submitted by: jorton, ylavic
Reviewed by: minfrin, ylavic, jorton
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1915516 13f79535-47bb-0310-9956-ffa450edef68
Support files:
ab
ABuse your server with this benchmarker. Rudimentary
command line testing tool.
apachectl
Apache run-time Control script. To facilitate the
administrator and/or your rc.d scripts to control the
functioning of the Apache httpd daemon.
apxs
APache eXtenSion tool. Eases building and installing
DSO style modules.
dbmmanage
Create and update user authentication files in the faster
DBM format used by mod_auth_db.
htcacheclean
Keep the size of mod_cache_disk store within a certain limit.
htdigest
Create and update user authentication files used in
DIGEST authentification. See mod_auth_digest.
htpasswd
Create and update user authentication files used in
BASIC authentification. I.e. the htpasswd files.
See mod_auth.
httpd.8
General apache man page.
log_server_status
This script is designed to be run at a frequent interval by something
like cron. It connects to the server and downloads the status
information. It reformats the information to a single line and logs
it to a file.
logresolve
resolve hostnames for IP-adresses in Apache logfiles
phf_abuse_log.cgi
This script can be used to detect people trying to abuse an ancient
and long plugged security hole which existed in a CGI script distributed
with Apache 1.0.3 and earlier versions.
rotatelogs
rotate Apache logs without having to kill the server.
split-logfile
This script will take a combined virtual hosts access
log file and break its contents into separate files.
suexec
Switch User For Exec. Used internally by apache,
see the document `Apache suEXEC Support'
under http://www.apache.org/docs/suexec.html .
SHA1
This directory includes some utilities to allow Apache 1.3.6 to
recognize passwords in SHA1 format, as used by Netscape web
servers. It is not installed by default.