From: Justin Erenkrantz <jerenkrantz@apache.org>
Date: Sun, 13 Nov 2005 05:38:43 +0000 (+0000)
Subject: Update transformations.
X-Git-Tag: 2.3.0~2792
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=515eb1640f37e0f419ba1bb43cdafa2600ede0df;p=thirdparty%2Fapache%2Fhttpd.git

Update transformations.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@332898 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/docs/man/htpasswd.1 b/docs/man/htpasswd.1
index 6ecfb52d6e0..b1f854163a1 100644
--- a/docs/man/htpasswd.1
+++ b/docs/man/htpasswd.1
@@ -19,7 +19,7 @@
 .el .ne 3
 .IP "\\$1" \\$2
 ..
-.TH "HTPASSWD" 1 "2003-11-25" "Apache HTTP Server" "htpasswd"
+.TH "HTPASSWD" 1 "2005-11-13" "Apache HTTP Server" "htpasswd"
 
 .SH NAME
 htpasswd \- Manage user files for basic authentication
@@ -133,6 +133,12 @@ Web password files such as those managed by htpasswd should \fInot\fR be within
 .PP
 The use of the -b option is discouraged, since when it is used the unencrypted password appears on the command line\&.
  
+.PP
+When using the crypt() algorithm, note that only the first 8 characters of the password are used to form the password\&. If the supplied password is longer, the extra characters will be silently discarded\&.
+ 
+.PP
+The SHA encryption format does not use salting: for a given password, there is only one encrypted representation\&. The crypt() and MD5 formats permute the representation by prepending a random salt string, to make dictionary attacks against the passwords more difficult\&.
+ 
 .SH "RESTRICTIONS"
  
 .PP
diff --git a/docs/manual/mod/core.xml.de b/docs/manual/mod/core.xml.de
index 1deefbcc19f..f386cc72d79 100644
--- a/docs/manual/mod/core.xml.de
+++ b/docs/manual/mod/core.xml.de
@@ -1,7 +1,7 @@
 <?xml version="1.0"?>
 <!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
 <?xml-stylesheet type="text/xsl" href="../style/manual.de.xsl"?>
-<!-- English Revision: 167959:327999 (outdated) -->
+<!-- English Revision: 167959:330409 (outdated) -->
 
 <!--
  Copyright 2003-2005 The Apache Software Foundation or its licensors,
diff --git a/docs/manual/mod/core.xml.ja b/docs/manual/mod/core.xml.ja
index b85f201632d..b8260aad0a2 100644
--- a/docs/manual/mod/core.xml.ja
+++ b/docs/manual/mod/core.xml.ja
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="iso-2022-jp"?>
 <!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
 <?xml-stylesheet type="text/xsl" href="../style/manual.ja.xsl"?>
-<!-- English Revision: 190982:327999 (outdated) -->
+<!-- English Revision: 190982:330409 (outdated) -->
 
 <!--
  Copyright 2003-2005 The Apache Software Foundation or its licensors,
diff --git a/docs/manual/mod/mod_authn_dbd.html.en b/docs/manual/mod/mod_authn_dbd.html.en
index 73390616c6b..d422fe12221 100644
--- a/docs/manual/mod/mod_authn_dbd.html.en
+++ b/docs/manual/mod/mod_authn_dbd.html.en
@@ -109,7 +109,7 @@ DBDExptime 60</code>
 <table class="directive">
 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>SQL query to look up a password for a user</td></tr>
 <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthDBDUserPWQuery <var>query</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
 <tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authn_dbd</td></tr>
@@ -131,7 +131,7 @@ DBDExptime 60</code>
 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>SQL query to look up a password hash for a user and realm.
 </td></tr>
 <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthDBDUserRealmQuery <var>query</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
 <tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authn_dbd</td></tr>
diff --git a/docs/manual/mod/quickreference.html.en b/docs/manual/mod/quickreference.html.en
index c64ff10c8ec..014a8f06949 100644
--- a/docs/manual/mod/quickreference.html.en
+++ b/docs/manual/mod/quickreference.html.en
@@ -138,8 +138,8 @@ formatted email address</td></tr>
 lower level modules</td></tr>
 <tr class="odd"><td><a href="mod_auth_basic.html#authbasicprovider">AuthBasicProvider On|Off|<var>provider-name</var>
 [<var>provider-name</var>] ...</a></td><td> On </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the authentication provider(s) for this location</td></tr>
-<tr><td><a href="mod_authn_dbd.html#authdbduserpwquery">AuthDBDUserPWQuery <var>query</var></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">SQL query to look up a password for a user</td></tr>
-<tr class="odd"><td><a href="mod_authn_dbd.html#authdbduserrealmquery">AuthDBDUserRealmQuery <var>query</var></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SQL query to look up a password hash for a user and realm.
+<tr><td><a href="mod_authn_dbd.html#authdbduserpwquery">AuthDBDUserPWQuery <var>query</var></a></td><td></td><td>d</td><td>E</td></tr><tr><td class="descr" colspan="4">SQL query to look up a password for a user</td></tr>
+<tr class="odd"><td><a href="mod_authn_dbd.html#authdbduserrealmquery">AuthDBDUserRealmQuery <var>query</var></a></td><td></td><td>d</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SQL query to look up a password hash for a user and realm.
 </td></tr>
 <tr><td><a href="mod_authz_dbm.html#authdbmgroupfile">AuthDBMGroupFile <var>file-path</var></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets the name of the database file containing the list
 of user groups for authorization</td></tr>
diff --git a/docs/manual/programs/htpasswd.html.en b/docs/manual/programs/htpasswd.html.en
index 5c655b88e7a..c39e689645c 100644
--- a/docs/manual/programs/htpasswd.html.en
+++ b/docs/manual/programs/htpasswd.html.en
@@ -191,6 +191,15 @@ distribution.</li></ul></div>
 
     <p>The use of the <code>-b</code> option is discouraged, since when it is
     used the unencrypted password appears on the command line.</p>
+
+    <p>When using the <code>crypt()</code> algorithm, note that only the first
+    8 characters of the password are used  to form the password. If the supplied
+    password is longer, the extra characters will be silently discarded.</p>
+
+    <p>The SHA encryption format does not use salting: for a given password,
+    there is only one encrypted representation. The <code>crypt()</code> and
+    MD5 formats permute the representation by prepending a random salt string,
+    to make dictionary attacks against the passwords more difficult.</p>
 </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="restrictions" id="restrictions">Restrictions</a></h2>
diff --git a/docs/manual/programs/htpasswd.xml.ko b/docs/manual/programs/htpasswd.xml.ko
index 8ea2ee6428a..ddf1e9bd200 100644
--- a/docs/manual/programs/htpasswd.xml.ko
+++ b/docs/manual/programs/htpasswd.xml.ko
@@ -1,7 +1,7 @@
 <?xml version='1.0' encoding='EUC-KR' ?>
 <!DOCTYPE manualpage SYSTEM "../style/manualpage.dtd">
 <?xml-stylesheet type="text/xsl" href="../style/manual.ko.xsl"?>
-<!-- English Revision: 105989:151408 (outdated) -->
+<!-- English Revision: 105989:329779 (outdated) -->
 
 <!--
  Copyright 2004-2005 The Apache Software Foundation or its licensors,