md5 password support

author: tenox7 <as@tenoware.com> 2017-12-17 21:26:31 -0800
committer: tenox7 <as@tenoware.com> 2017-12-17 21:26:31 -0800
commit: fd75a0355058d0baf5367dab08d896429401a383 (patch)
tree: c2654f643965652dc1f8ff468a398d47f89fb05b
parent: 3d2d87e1b47e75778ae9ea168610b4fbfb9c52b6 (diff)
download: wfm-fd75a0355058d0baf5367dab08d896429401a383.tar.gz
2 files changed, 26 insertions, 16 deletions
diff --git a/README.md b/README.md
index f35cda4..72d0676 100644
--- a/README.md
+++ b/README.md
@@ -85,16 +85,21 @@ Below is a simple, self-explanatory configuration file example:
     # external link button without going through cgi routines
     browser-url=http://x.x.x.x/files/
 
-    # access lists - ace type is either access-ip, access-user or access-htauth
-    # mixable, eg access-ip=ro:* with number of access-user=rw
-    # level is ro|rw, one host or username per line * denotes all hosts
-    # user is username:password combination
-    # htauth is for http basic/digest auth username or * any authenticated user
-    # htauth requires externally defined auth database and Require directive
+    # access lists - ace type is either access-ip, access-md5pw or access-htauth
+    # mixable, for example public read only with some read-write users
+    # access-ip=ro:* with number of access-md5=rw:user:md5hash
+    # level is ro|rw, one host or username per line * denotes any ip or user (htauth)
+    # md5 format is username:md5of(username:password) for example:
+    # access-md5=rw:foo:4e99e8c12de7e01535248d2bac85e732
+    # to generate this use echo -n "foo:bar" | md5
+    # htauth is for http basic/digest auth username or * any valid user
+    # htauth requires externally defined auth / require
     access-ip=ro:*
     access-ip=rw:127.0.0.1
-    access-user=ro:guest:secret
-    access-user=rw:admin:password
+    # guest / guest
+    access-md5pw=ro:guest:d3c3b5cb55d3c6d0c6122eedccc3dcf3
+    # admin / password
+    access-md5pw=rw:admin:73eff6386ce2091b5ca702fc007e1da9
     access-htauth=ro:*
     access-htauth=rw:admin
 
diff --git a/wfm.cfg b/wfm.cfg
index 0f32f91..f17a78f 100644
--- a/wfm.cfg
+++ b/wfm.cfg
@@ -22,15 +22,20 @@ edit-any-file=false
 # external link button without going through cgi routines
 browser-url=http://x.x.x.x/files/
 
-# access lists - ace type is either access-ip, access-user or access-htauth
-# mixable, eg access-ip=ro:* with number of access-user=rw
-# level is ro|rw, one host or username per line  * denotes all hosts
-# user is username:password combination
-# htauth is for http basic/digest auth username or * any authenticated user
-# htauth requires externally defined auth database and Require directive
+# access lists - ace type is either access-ip, access-md5pw or access-htauth
+# mixable, for example public read only with some read-write users
+# access-ip=ro:* with number of access-md5=rw:user:md5hash
+# level is ro|rw, one host or username per line * denotes any ip or user (htauth)
+# md5 format is username:md5of(username:password) for example:
+# access-md5=rw:foo:4e99e8c12de7e01535248d2bac85e732
+# to generate this use echo -n "foo:bar" | md5
+# htauth is for http basic/digest auth username or * any valid user
+# htauth requires externally defined auth / require
 access-ip=ro:*
 access-ip=rw:127.0.0.1
-access-user=ro:guest:secret
-access-user=rw:admin:password
+# guest / guest
+access-md5pw=ro:guest:d3c3b5cb55d3c6d0c6122eedccc3dcf3
+# admin / password
+access-md5pw=rw:admin:73eff6386ce2091b5ca702fc007e1da9
 access-htauth=ro:*
 access-htauth=rw:admin
author	tenox7 <as@tenoware.com>	2017-12-17 21:26:31 -0800
committer	tenox7 <as@tenoware.com>	2017-12-17 21:26:31 -0800
commit	fd75a0355058d0baf5367dab08d896429401a383 (patch)
tree	c2654f643965652dc1f8ff468a398d47f89fb05b
parent	3d2d87e1b47e75778ae9ea168610b4fbfb9c52b6 (diff)
download	wfm-fd75a0355058d0baf5367dab08d896429401a383.tar.gz