[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [glob2-devel] YOG hosting/diagnosis
|
From: |
Stéphane Magnenat |
|
Subject: |
Re: [glob2-devel] YOG hosting/diagnosis |
|
Date: |
Sat, 16 Jul 2011 11:01:39 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.17) Gecko/20110516 Lightning/1.0b2 Thunderbird/3.1.10 |
Hello,
> Stephane do you have any idea how to handle this correctly?
The correct way would be to see where yog checks the passwords and to
add a hash there. We can then apply the same hash function to the
password data.
I've been looking in YOG's source code, the passwords seem to be already
hashed using SHA1, see src/YOGServerPasswordRegistry.cpp:113
Therefore, it is probably safe to transmit password data. What do you think?
Stéph
--
Dr Stéphane Magnenat
http://stephane.magnenat.net
- [glob2-devel] YOG hosting/diagnosis, Othniel Graichen, 2011/07/15
- Re: [glob2-devel] YOG hosting/diagnosis, Leo Wandersleb, 2011/07/15
- Re: [glob2-devel] YOG hosting/diagnosis,
Stéphane Magnenat <=
- Re: [glob2-devel] YOG hosting/diagnosis, Jannis Froese, 2011/07/16
- Re: [glob2-devel] YOG hosting/diagnosis, Austin H, 2011/07/16
- Re: [glob2-devel] YOG hosting/diagnosis, Baptiste, 2011/07/16
- Re: [glob2-devel] YOG hosting/diagnosis, Othniel Graichen, 2011/07/16
- Re: [glob2-devel] YOG hosting/diagnosis, Lukasz Dobrogowski, 2011/07/17
- Re: [glob2-devel] YOG hosting/diagnosis, Leo Wandersleb, 2011/07/16