Adding upstream version 2.4.58.upstream/2.4.58

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

4 files changed, 111 insertions, 0 deletions

diff --git a/support/SHA1/README.sha1 b/support/SHA1/README.sha1
new file mode 100644
index 0000000..3998e1f
--- /dev/null
+++ b/support/SHA1/README.sha1
@@ -0,0 +1,34 @@
+This directory includes some utilities to allow Apache 1.3.6 to 
+recognize passwords in SHA1 format, as used by Netscape web servers.  
+
+From Netscape's admin interface, export the password database to an 
+ldif file and then use convert.pl in this distribution to generate 
+apache style password files.  
+
+Note: SHA1 support is useful for migration purposes, but is less
+      secure than Apache's password format, since Apache's (MD5)
+      password format uses a random eight character salt to generate
+      one of many possible hashes for the same password.  Netscape
+      uses plain SHA1 without a salt, so the same password
+      will always generate the same hash, making it easier
+      to break since the search space is smaller.
+
+This code was contributed by Clinton Wong <clintdw@netcom.com>.
+
+README.sha1 
+	this file
+
+convert-sha1.pl 
+	takes an ldif dump from Netscape's web server on
+        standard in, outputs apache htpasswd format on standard out.
+
+        Usage: convert.pl < ldif > passwords
+
+htpasswd-sha1.pl
+	perl script to generate entries in apache htpasswd format.
+
+       	Usage: htpasswd-sha1.pl some_user some_password
+
+ldif-sha1.example
+	sample ldif dump with one sha1 password and one crypt password.
+
diff --git a/support/SHA1/convert-sha1.pl b/support/SHA1/convert-sha1.pl
new file mode 100644
index 0000000..3522802
--- /dev/null
+++ b/support/SHA1/convert-sha1.pl
@@ -0,0 +1,36 @@
+#!/usr/bin/perl -w
+use strict;
+
+# This is public domain code.  Do whatever you want with it.
+# It was originally included in Clinton Wong's Apache 1.3.6 SHA1/ldif
+# patch distribution as sample code for converting accounts from
+# ldif format (as used by Netscape web servers) to Apache password format.
+
+my $uid='';
+my $passwd='';
+
+while (my $line = <>) {
+  chomp $line;
+  if ( $line =~ /uid:\s*(.+)/) { $uid = $1 }
+  if ( $line =~ /userpassword:\s*(\{\w+\}.+)/) {
+    $passwd = $1;
+    $passwd =~ s/^\{crypt\}//i;  # Apache stores crypt without a magic string
+  }
+
+  if (length($line)==0) {
+
+    if (length $uid and length $passwd) {
+      print $uid, ':', $passwd, "\n";
+    } # output if we have something to print
+
+    $uid = '';
+    $passwd = '';
+
+  } # if newline
+} # while something to read
+
+# handle last entry if there isn't a newline before EOF
+    if (length $uid and length $passwd) {
+  print $uid, ':', $passwd, "\n";
+}
+
diff --git a/support/SHA1/htpasswd-sha1.pl b/support/SHA1/htpasswd-sha1.pl
new file mode 100644
index 0000000..a9dad11
--- /dev/null
+++ b/support/SHA1/htpasswd-sha1.pl
@@ -0,0 +1,22 @@
+#!/usr/bin/perl -w
+use strict;
+#
+# Utility which takes a username and password
+# on the command line and generates a username
+# sha1-encrytped password on the stdout.
+# 
+# Typical usage:
+# 	./htpasswd-sha1.pl dirkx MySecret >> sha1-passwd
+#
+# This is public domain code.  Do whatever you want with it.
+# It was originally included in Clinton Wong's Apache 1.3.6 SHA1/ldif
+# patch distribution as sample code for generating entries for
+# Apache password files using SHA1.
+
+use MIME::Base64;  # http://www.cpan.org/modules/by-module/MIME/
+use Digest::SHA1;  # http://www.cpan.org/modules/by-module/MD5/
+
+if ($#ARGV!=1) { die "Usage $0: user password\n" }
+
+print $ARGV[0], ':{SHA}', encode_base64( Digest::SHA1::sha1($ARGV[1]) );
+
diff --git a/support/SHA1/ldif-sha1.example b/support/SHA1/ldif-sha1.example
new file mode 100644
index 0000000..b8fe917
--- /dev/null
+++ b/support/SHA1/ldif-sha1.example
@@ -0,0 +1,19 @@
+dn: cn=someuser
+cn: someuser
+sn: someuser
+objectclass: top
+objectclass: person
+objectclass: organizationalPerson
+objectclass: inetOrgPerson
+uid: someuser
+userpassword: {SHA}GvF+c3IdvgxAARuC7Uuxp9vjzik=
+
+dn: cn=anotheruser
+cn: anotheruser
+sn: anotheruser
+objectclass: top
+objectclass: person
+objectclass: organizationalPerson
+objectclass: inetOrgPerson
+uid: anotheruser
+userpassword: {crypt}eFnp.4sz5XnH6