From addb3fe058149430dc8df1743e2381b6dc30e832 Mon Sep 17 00:00:00 2001 From: Roland Gruber Date: Sat, 10 Jan 2004 10:08:48 +0000 Subject: [PATCH] Mcrypt is now optional, added Blowfish --- lam-0.4/HISTORY | 6 ++++++ lam-0.4/INSTALL | 2 +- lam-0.4/README | 5 +++-- lam-0.4/TODO | 2 -- 4 files changed, 10 insertions(+), 5 deletions(-) diff --git a/lam-0.4/HISTORY b/lam-0.4/HISTORY index 1d426fc3..29fa94c0 100644 --- a/lam-0.4/HISTORY +++ b/lam-0.4/HISTORY @@ -1,3 +1,9 @@ +??? 0.4.2 + - added config wizard + - MHash is only needed for PHP < 4.3 + - use Blowfish for encryption instead of MCrypt + + 29.12.2003 0.4.1 - better error handling at login diff --git a/lam-0.4/INSTALL b/lam-0.4/INSTALL index c1492116..6b315eca 100644 --- a/lam-0.4/INSTALL +++ b/lam-0.4/INSTALL @@ -6,7 +6,7 @@ Installation Instructions for LAM 1. Requirements - Apache webserver (SSL optional) with installed PHP-Module (PHP-Module with - ldap, gettext, mcrypt, mhash) + ldap, gettext, mcrypt+mhash optional) - Perl - Openldap (>2.0) - A web browser :-) diff --git a/lam-0.4/README b/lam-0.4/README index 1f1846b0..bbafafea 100644 --- a/lam-0.4/README +++ b/lam-0.4/README @@ -80,8 +80,9 @@ LAM - Readme LAM needs to store your LDAP username + password in the session. The session files are saved in sess/ and are accessible only by the web server. To increase - security username and password are encrypted with AES (256 bit). The key and iv - are generated at random when you log in. They are stored in two cookies. + security username and password are encrypted with MCrypt/AES or Blowfish. + The key and iv are generated at random when you log in. They are stored in two + cookies. Have fun! diff --git a/lam-0.4/TODO b/lam-0.4/TODO index dc536405..a5ba1f9c 100644 --- a/lam-0.4/TODO +++ b/lam-0.4/TODO @@ -9,5 +9,3 @@ stable 0.4.2 -- add install wizard -- remove MCrypt functions (use Blowfish)