mysql apache md5
am 06.03.2011 05:34:22 von Edward avanti
--00163630fcffb32a8d049dc8e4b4
Content-Type: text/plain; charset=ISO-8859-1
Hi, I am having all sorts of problem getting apache to accept its MD5
version, this is from a CRM using perl
I've tried concat $apr1$foo$ and md5(bar)
as best I can tell It doesnt like the md5 part
Is there anyway to get this to work? the only thing that does is encrypt,
and thats sad, with only 8 charachters in an age where we encourage long and
complicated pass phrases
Be nice if MySQL planning on making this compatible some time? maybe with
APR(bar) or whatever? because at the moment, LAMP, is not such a marriage
in in such important ways, it amazing.
Ed
--00163630fcffb32a8d049dc8e4b4--
Re: mysql apache md5
am 06.03.2011 12:35:48 von Reindl Harald
--------------enigF690DC499330ADC58051145E
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Sorry but what about are you speaking?
what are you doing?
and what has this to do with mysql?
Am 06.03.2011 05:34, schrieb Edward avanti:
> Hi, I am having all sorts of problem getting apache to accept its MD5
> version, this is from a CRM using perl
> I've tried concat $apr1$foo$ and md5(bar)
> as best I can tell It doesnt like the md5 part
>=20
> Is there anyway to get this to work? the only thing that does is encryp=
t,
> and thats sad, with only 8 charachters in an age where we encourage lon=
g and
> complicated pass phrases
>=20
> Be nice if MySQL planning on making this compatible some time? maybe wi=
th
> APR(bar) or whatever? because at the moment, LAMP, is not such a marri=
age
> in in such important ways, it amazing.
--------------enigF690DC499330ADC58051145E
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk1zcZUACgkQhmBjz394Anm1rQCfUetCARBd9FlXuhTyM3e5 xpAd
qyQAn2/DJ8Y49k2mIpKlh9gh/v3j3vae
=QPM8
-----END PGP SIGNATURE-----
--------------enigF690DC499330ADC58051145E--
Re: mysql apache md5
am 07.03.2011 05:54:02 von Edward avanti
--0016361e8462d68165049ddd4819
Content-Type: text/plain; charset=ISO-8859-1
On Sun, Mar 6, 2011 at 9:35 PM, Reindl Harald wrote:
> Sorry but what about are you speaking?
> what are you doing?
> and what has this to do with mysql?
>
>
everything to do with mysql
I try make it clearer, sorry for not so in first post
customer relationship manager add users into mysql
we want not to use apache auth of encrypt, but use md5 for longer password
apache use variant of md5, called md5 -apr, but mysql md5 only uses the -1
type
so, when CRM add userlike
INSERT INTO users (..other....`appass`) values (...other... 'MD5('$PASS')
....
the md5 -1 that mysql uses is not compatible so apache auth fail. the
variant is apaprently add
$apr1$$md5passwordhere,
making allabove line the salted md5.
I try to get mysql and apache to play nice, but thy do not because mysql and
apache not use same method, hence my attempt to work around, even SHA same
affect, i am try use anything but DES encrypt('$PASS')
sadly that only thing that work happily witrh each other.
openssl have ability to do this so not sure why mysql not have option
Sure someone had same problem and simple work around to have mysql use
correct md5, but no google fu work
> Am 06.03.2011 05:34, schrieb Edward avanti:
> > Hi, I am having all sorts of problem getting apache to accept its MD5
> > version, this is from a CRM using perl
> > I've tried concat $apr1$foo$ and md5(bar)
> > as best I can tell It doesnt like the md5 part
> >
> > Is there anyway to get this to work? the only thing that does is encrypt,
> > and thats sad, with only 8 charachters in an age where we encourage long
> and
> > complicated pass phrases
> >
> > Be nice if MySQL planning on making this compatible some time? maybe with
> > APR(bar) or whatever? because at the moment, LAMP, is not such a
> marriage
> > in in such important ways, it amazing.
>
>
--0016361e8462d68165049ddd4819--
Re: mysql apache md5
am 07.03.2011 13:51:54 von Johan De Meersman
Umm... I'm no crypto guru, but I've never heard of MD5 having variants, let alone a salt. MD5 is MD5 is MD5. APR, incidentally, is the Apache Runtime, afaik - part of the build kit for apache modules.
I strongly suspect your problem is on another level.
----- Original Message -----
> From: "Edward avanti"
> To: mysql@lists.mysql.com
> Sent: Monday, 7 March, 2011 5:54:02 AM
> Subject: Re: mysql apache md5
>
> everything to do with mysql
> I try make it clearer, sorry for not so in first post
>
> customer relationship manager add users into mysql
> we want not to use apache auth of encrypt, but use md5 for longer
> password
> apache use variant of md5, called md5 -apr, but mysql md5 only uses
> the -1
> type
> so, when CRM add userlike
> INSERT INTO users (..other....`appass`) values (...other...
> 'MD5('$PASS')
> ....
> the md5 -1 that mysql uses is not compatible so apache auth fail. the
> variant is apaprently add
> $apr1$$md5passwordhere,
> making allabove line the salted md5.
> I try to get mysql and apache to play nice, but thy do not because
> mysql and
> apache not use same method, hence my attempt to work around, even SHA
> same
> affect, i am try use anything but DES encrypt('$PASS')
> sadly that only thing that work happily witrh each other.
> openssl have ability to do this so not sure why mysql not have option
>
> Sure someone had same problem and simple work around to have mysql
> use
> correct md5, but no google fu work
>
--
Bier met grenadyn
Is als mosterd by den wyn
Sy die't drinkt, is eene kwezel
Hy die't drinkt, is ras een ezel
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/mysql?unsub=gcdmg-mysql-2@m.gmane.org
Re: mysql apache md5
am 08.03.2011 00:31:55 von Noel Butler
--=-k8lzx/H2nD8n+gbIDTI7
Content-Type: multipart/alternative; boundary="=-k2aY0twerjZY56I9+1ya"
--=-k2aY0twerjZY56I9+1ya
Content-Type: text/plain; charset="ISO-8859-15"
Content-Transfer-Encoding: quoted-printable
On Mon, 2011-03-07 at 13:51 +0100, Johan De Meersman wrote:
> Umm... I'm no crypto guru, but I've never heard of MD5 having variants, l=
et alone a salt. MD5 is MD5 is MD5. APR, incidentally, is the Apache Runtim=
e, afaik - part of the build kit for apache modules.
>=20
> I strongly suspect your problem is on another level.
>=20
>=20
Actually, he is correct. Though, the Apache variant of md5 is a chosen
improved security method, it really shouldn't be called MD5 since it is
not compatible with, well, base MD5 :)
http://httpd.apache.org/docs/2.2/misc/password_encryptions.h tml
MD5
"$apr1$" + the result of an Apache-specific algorithm using an
iterated (1,000 times) MD5 digest of various combinations of a
random 32-bit salt and the password. See the APR source file
apr_md5.c for the details of the algorithm.
=20
MD5
$ openssl passwd -apr1 myPassword
$apr1$qHDFfhPC$nITSVHgYbDAK1Y0acGRnY0=20
I agree Apache should probably not be calling it MD5. Perhaps it needs
renaming and MD5 as we all know it, be, MD5.
and for this reason I will xpost to devs list for some clear (maybe)
explanation as to why it was called this.
I don't think Edward's questioning is unreasonable, given the popularity
of LAMP combination, they are touted to work hand in hand, but as he
pointed out, they are not, even exampled by openssl wanting -apr1 not
-md5 to be compatible, so I can see how
this would be a problem with MySQL insert of md5(foo) not be recognised
by an Apache md5 wanting.
Noel
> ----- Original Message -----
> > From: "Edward avanti"
> > To: mysql@lists.mysql.com
> > Sent: Monday, 7 March, 2011 5:54:02 AM
> > Subject: Re: mysql apache md5
> >=20
> > everything to do with mysql
> > I try make it clearer, sorry for not so in first post
> >=20
> > customer relationship manager add users into mysql
> > we want not to use apache auth of encrypt, but use md5 for longer
> > password
> > apache use variant of md5, called md5 -apr, but mysql md5 only uses
> > the -1
> > type
> > so, when CRM add userlike
> > INSERT INTO users (..other....`appass`) values (...other...
> > 'MD5('$PASS')
> > ....
> > the md5 -1 that mysql uses is not compatible so apache auth fail. the
> > variant is apaprently add
> > $apr1$$md5passwordhere,
> > making allabove line the salted md5.
> > I try to get mysql and apache to play nice, but thy do not because
> > mysql and
> > apache not use same method, hence my attempt to work around, even SHA
> > same
> > affect, i am try use anything but DES encrypt('$PASS')
> > sadly that only thing that work happily witrh each other.
> > openssl have ability to do this so not sure why mysql not have option
> >=20
> > Sure someone had same problem and simple work around to have mysql
> > use
> > correct md5, but no google fu work
> >=20
>=20
> --=20
> Bier met grenadyn
> Is als mosterd by den wyn
> Sy die't drinkt, is eene kwezel
> Hy die't drinkt, is ras een ezel
>=20
--=-k2aY0twerjZY56I9+1ya
Content-Type: text/html; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
On Mon, 2011-03-07 at 13:51 +0100, Johan De Meersman wrote:
Umm... I'm no crypto guru, but I've never heard of MD5 having variants, let=
alone a salt. MD5 is MD5 is MD5. APR, incidentally, is the Apache Runtime,=
afaik - part of the build kit for apache modules.
I strongly suspect your problem is on another level.
Actually, he is correct. Though, the Apache variant of md5 is a chosen impr=
oved security method, it really shouldn't be called MD5 since it is not com=
patible with, well, base MD5 :)
>http://httpd.apache.org/docs/2.2/misc/password_encryptions. html
MD5
"$apr1$" + the result of an Apache-specific algorithm using a=
n iterated (1,000 times) MD5 digest of various combinations of a random 32-=
bit salt and the password. See the APR source file
ache.org/viewvc/apr/apr-util/branches/1.3.x/crypto/apr_md5.c ?view=3Dco">apr=
_md5.c for the details of the algorithm.
MD5
$ openssl passwd -apr1 myPassword
$apr1$qHDFfhPC$nITSVHgYbDAK1Y0acGRnY0
I agree Apache should probably not be calling it MD5. Perhaps it needs rena=
ming and MD5 as we all know it, be, MD5.
and for this reason I will xpost to devs list for some clear (maybe) explan=
ation as to why it was called this.
I don't think Edward's questioning is unreasonable, given the popularity of=
LAMP combination, they are touted to work hand in hand, but as he pointed =
out, they are not, even exampled by openssl wanting -apr1 not -md5 to=
be compatible, so I can see how
this would be a problem with MySQL insert of md5(foo) not be recognis=
ed by an Apache md5 wanting.
Noel
----- Original Message -----
> From: "Edward avanti" <
ail.com">edward.avanti@gmail.com>
> To:
> Sent: Monday, 7 March, 2011 5:54:02 AM
> Subject: Re: mysql apache md5
>=20
> everything to do with mysql
> I try make it clearer, sorry for not so in first post
>=20
> customer relationship manager add users into mysql
> we want not to use apache auth of encrypt, but use md5 for longer
> password
> apache use variant of md5, called md5 -apr, but mysql md5 only uses
> the -1
> type
> so, when CRM add userlike
> INSERT INTO users (..other....`appass`) values (...other...
> 'MD5('$PASS')
> ....
> the md5 -1 that mysql uses is not compatible so apache auth fail. the
> variant is apaprently add
> $apr1$<up to 8 chars>$md5passwordhere,
> making allabove line the salted md5.
> I try to get mysql and apache to play nice, but thy do not because
> mysql and
> apache not use same method, hence my attempt to work around, even SHA
> same
> affect, i am try use anything but DES encrypt('$PASS')
> sadly that only thing that work happily witrh each other.
> openssl have ability to do this so not sure why mysql not have option
>=20
> Sure someone had same problem and simple work around to have mysql
> use
> correct md5, but no google fu work
>=20
--=20
Bier met grenadyn
Is als mosterd by den wyn
Sy die't drinkt, is eene kwezel
Hy die't drinkt, is ras een ezel
--=-k2aY0twerjZY56I9+1ya--
--=-k8lzx/H2nD8n+gbIDTI7
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQEcBAABAgAGBQJNdWrnAAoJECg/hgl/0DbH9VYH/j1J6+HmdmGp9YNI7Lcj Ut7D
zmWdySr9Ui++LZ0gAbPentkjT/jpwO5kX6SAARn22CeQ++yw8BmWpcirVnKd BvgG
SA+ReE0/wQdX5t2hVgAsQgnh7PQTwm8rgLfhH0UZ8YVaHw7G7gvi/Njak4MX khoL
pODc9lrqfH/6Ro3nU+yqy1yCS5K0Ba/IoYXxxSDmtv+2Y9zoYnhmhX44XYtp uYlB
gv/bE74zyIOUZWZtApxGzrL/vptCvMPejspgJgFV7iwJyJJifwaQPtIpDRFR hsrd
PXm8o2ff+HRRpcwPgD4b17Uj4mgy5k95E6kBPYQKIaqLoq1XKkThzSrko7JQ fXU=
=ifEx
-----END PGP SIGNATURE-----
--=-k8lzx/H2nD8n+gbIDTI7--