Feature #11365
closed
Change Webrick to support SHA htpasswd files
Description
This changes Webrick to default to creating SHA htpasswd files.
It also changes Webrick to support reading SHA htpasswd files,
in addition to supporting the previous crypt password files.
Among other things, this allows Webrick's htpasswd support to
work on OpenBSD, which does not support insecure DES-based
passwords in crypt(3).
Files
Updated by hsbt (Hiroshi SHIBATA) over 6 years ago
- Status changed from Open to Assigned
- Assignee set to normalperson (Eric Wong)
Updated by normalperson (Eric Wong) over 6 years ago
hsbt@ruby-lang.org wrote:
Issue #11365 has been updated by hsbt (Hiroshi SHIBATA).
Status changed from Open to Assigned
Assignee set to normalperson (Eric Wong)
Feature #11365: Change Webrick to support SHA htpasswd files
https://bugs.ruby-lang.org/issues/11365#change-66759
This changes Webrick to default to creating SHA htpasswd files.
It also changes Webrick to support reading SHA htpasswd files,
in addition to supporting the previous crypt password files.
We must keep tests for crypt htpasswd files to ensure existing
files continue working.
Among other things, this allows Webrick's htpasswd support to
work on OpenBSD, which does not support insecure DES-based
passwords in crypt(3).
This is an old issue; and nowadays SHA-1 is on it's way out...
Should we be looking at SHA-256 or something? (not a crypto expert)
Thanks.
Btw, (anybody) feel free to re-ping me (+Cc) in case I forget
about this after a few days. I didn't notice this until just
now, I'm a new WEBrick maintainer, and sometimes Subject lines
are too long for my tiny attention span :x
Updated by jeremyevans0 (Jeremy Evans) over 6 years ago
- Status changed from Assigned to Closed
normalperson (Eric Wong) wrote:
This is an old issue; and nowadays SHA-1 is on it's way out...
Should we be looking at SHA-256 or something? (not a crypto expert)
I didn't think SHA-256 was supported in .htpasswd files. I suppose we could roll our own, but I figured the only reason crypt(3) was used was for compatibility with Apache .htpasswd files. According to the Apache documentation, there are 5 options for password formats (see https://httpd.apache.org/docs/2.4/misc/password_encryptions.html):
- bcrypt
- custom MD5
- SHA1
- crypt(3)
- plaintext
I don't believe ruby supports bcrypt in the stdlib. I would be 100% for adding bcrypt support to the stdlib and using it in Webrick, but that's a larger change.
The custom MD5 solution was Apache specific and fairly complex, and I didn't want to implement it.
Apache labels the SHA1 support "insecure". It's unsalted, so weak passwords would fall quickly to a rainbow table attack. While the first SHA1 collision attack was reported earlier this year, I don't believe anyone has shown an SHA1 preimage attack (where you can find a matching password given the hash), so it isn't truly insecure for very strong passwords (say 12 random characters).
Anyway, things have changed since I first put together this patch. I no longer think it makes sense to add support to Webrick for anything besides bcrypt. Because bcrypt isn't currently in the stdlib, I think this can be closed.
Updated by normalperson (Eric Wong) over 6 years ago
merch-redmine@jeremyevans.net wrote:
Apache labels the SHA1 support "insecure". It's unsalted, so
weak passwords would fall quickly to a rainbow table attack.
While the first SHA1 collision attack was reported earlier
this year, I don't believe anyone has shown an SHA1 preimage
attack (where you can find a matching password given the
hash), so it isn't truly insecure for very strong passwords
(say 12 random characters).
If there are real users of SHA1, there could still be a case for
adding support for it in WEBrick for Apache compatibility; but
maybe there aren't any users... We can do it if people ask
for it...
Anyway, things have changed since I first put together this
patch. I no longer think it makes sense to add support to
Webrick for anything besides bcrypt. Because bcrypt isn't
currently in the stdlib, I think this can be closed.
Maybe we can support bcrypt as an optional dependency and issue
a warning when trying to read an htpasswd file w/o bcrypt
available.
Thanks.