Cherokee-dev

Popular Threads From Cherokee-dev:

Bug report for Cherokee trunk

Issue 1284 in cherokee: SSL POST REQUESTS break on Chrome 15

Issue 1356 in cherokee: Cherokee website community forum is down

Issue 1309 in cherokee: Having IPv6 enabled breaks SSL/TLS

Issue 1307 in cherokee: timeout setting doesn't work

List Statistics

Total Threads: 257
Total Posts: 731

Phrases Used to Find This Thread

Page 1 of 1

10-06-2011 03:39 AM

Cherokee-dev member admin is online now

User

Status: New
Owner: ----

New issue 1220 by javier.a...@gmail.com: mysql authentication with sha512
passwords
http://code.google.com/p/cherokee/issues/detail?id=1220

Drupal 7 uses sha512 passwords
I'm using Apache, so i tried with mod_auth_mysql, but it does not supports
sha512.

I can switch to any webserver that handles sha512 for auth... so please
implement it on cherokee ?

Thanks!

_______________________________________________
Cherokee-dev mailing list
Cherokee-
http://lists.octality.com/listinfo/cherokee-dev
)

10-06-2011 09:42 AM

Cherokee-dev member admin is online now

User

Updates:
Status: WaitingQA
Owner: alobbs
Labels: Type-Enhancement Priority-Medium OpSys-All Component-Logic

Comment #1 on issue 1220 by alobbs: mysql authentication with sha512
passwords
http://code.google.com/p/cherokee/issues/detail?id=1220

svn.cherokee-project.com/changeset/6752 implemented it.

Please give it a try and let me know how it goes.

_______________________________________________
Cherokee-dev mailing list
Cherokee-
http://lists.octality.com/listinfo/cherokee-dev
)

10-06-2011 09:46 AM

Cherokee-dev member admin is online now

User

Comment #2 on issue 1220 by alobbs: mysql authentication with sha512
passwords
http://code.google.com/p/cherokee/issues/detail?id=1220

svn.cherokee-project.com/changeset/6757 implemented the option in
Cherokee-admin.

_______________________________________________
Cherokee-dev mailing list
Cherokee-
http://lists.octality.com/listinfo/cherokee-dev
)

11-06-2011 09:32 PM

Cherokee-dev member admin is online now

User

Comment #3 on issue 1220 by javier.a...@gmail.com: mysql authentication
with sha512 passwords
http://code.google.com/p/cherokee/issues/detail?id=1220

Hola Alvaro! (soy Argentino, te escribo en ingles para respetar al resto
del mundo que lee esto!)

I've just tested it, and is not working. I enter user & pass, and it tries
again and again.

If there is some way i can help to debug it, please tell me.

_______________________________________________
Cherokee-dev mailing list
Cherokee-
http://lists.octality.com/listinfo/cherokee-dev
)

12-06-2011 08:02 PM

Cherokee-dev member admin is online now

User

Comment #4 on issue 1220 by javier.a...@gmail.com: mysql authentication
with sha512 passwords
http://code.google.com/p/cherokee/issues/detail?id=1220

Maybe the problem is really on how Drupal 7 stores passwords (encoded as
base64) ?
I've tried to create base64 functions on my drupal db
(http://wi-fizzle.com/downloads/base64.sql)

Then using the following query on cherokee mysql auth settings:

SELECT BASE64_DECODE(pass) FROM users WHERE name = '${user}'

But i had no luck.

I dont have the expertise to solve this. Any ideas ?

_______________________________________________
Cherokee-dev mailing list
Cherokee-
http://lists.octality.com/listinfo/cherokee-dev
)

13-06-2011 03:48 AM

Cherokee-dev member admin is online now

User

Comment #5 on issue 1220 by javier.a...@gmail.com: mysql authentication
with sha512 passwords
http://code.google.com/p/cherokee/issues/detail?id=1220

I have been thinking. Would'nt be nice to have the feature/possibility to
authenticate a user with, for example, a given PHP function? That way, i
can code the function to access the MySQL database, and check password
(even using D7 code itself) with any given hash or encoding it has!

I'm trying to get my site working soon, so that is why i'm looking for
possibilities.

_______________________________________________
Cherokee-dev mailing list
Cherokee-
http://lists.octality.com/listinfo/cherokee-dev
)

13-06-2011 10:16 AM

Cherokee-dev member admin is online now

User

Comment #7 on issue 1220 by alobbs: mysql authentication with sha512
passwords
http://code.google.com/p/cherokee/issues/detail?id=1220

Check if the hash prefix has something to do with the problem
("$S$", "$P$", etc)..

_______________________________________________
Cherokee-dev mailing list
Cherokee-
http://lists.octality.com/listinfo/cherokee-dev
)

13-06-2011 12:50 PM

Cherokee-dev member admin is online now

User

Comment #8 on issue 1220 by javier.a...@gmail.com: mysql authentication
with sha512 passwords
http://code.google.com/p/cherokee/issues/detail?id=1220

I`ve tried this:

SELECT BASE64_DECODE(SUBSTRING(pass,4)) FROM users WHERE name = '${user}'

No luck. Maybe i must take time to look at internals of D7 to make it work.
Thanks for your time Alvaro! :)

_______________________________________________
Cherokee-dev mailing list
Cherokee-
http://lists.octality.com/listinfo/cherokee-dev
)

13-06-2011 02:07 PM

Cherokee-dev member admin is online now

User

Comment #9 on issue 1220 by javier.a...@gmail.com: mysql authentication
with sha512 passwords
http://code.google.com/p/cherokee/issues/detail?id=1220

I've looked at D7 code, and it hashes multiple times with a 'salt', so i
think comment 5 is the best approach i can think of. It is possible to
implement that in Cherokee Alvaro?

_______________________________________________
Cherokee-dev mailing list
Cherokee-
http://lists.octality.com/listinfo/cherokee-dev
)

NewsArc Lists | Culture Pages | Computing Archive | Media-Pages

Link to this page on your blog or website by copying the HTML code below and pasting it into your site:

Next Thread »