This repository has been archived by the owner on Jun 11, 2019. It is now read-only.
Issue with htpasswd manifest #86
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
If I understand things correctly, this commit (22304f7) may have broken the htpasswd manifest. From what I can see the -p switch to htpasswd means do not encrypt the password, i.e. pass whatever is given to the command as the password straight through to the .htpasswd file. Thus if the crypt_password paramater is set this should have the -p flag set to avoid encrypting the already encrypted password before adding it to the .htpasswd file. The clear_password is actually the plaintext password which should not have the -p flag set so that it is encrypted before it is added to the .htpasswd file.
If the intention behind the commit is to allow saving of plaintext passwords to the .htpasswd file then surely that should be dealt with a separate flag. Although I'm not sure that it's even possible or desirable to have the .htpasswd file contain plaintext passwords!
But please correct me if I'm wrong!
The text was updated successfully, but these errors were encountered: