Anope IRC Services
Anope Support => 2.0.x/1.9.x Support => Topic started by: Kaj on August 17, 2020, 11:54:50 AM
-
Hi all,
In the past I've created an application where users were able to log in using their registered nickname (registered with NickServ). This was done by reading the anope database, and is dependent on using the md5 hashing algorithm to compare if the provided password was correct.
As md5 is (very) outdated, I'd like to update this application to support the enc_sha256. However, to be able to hash the password that a user provides in the external application and compare it with the record in the anope database, I suppose that I would need to use the same salt as anope is using. How/where would I be able to find this?
Or is there another recommended approach to integrate an external application with Anope?
Kind regards,
Kaj
-
Well, I use md5 in anope, but I think it's the same with sha256 : no salt.
In NickCore, the pass contains (for me): CONCAT('md5:', MD5('password')).
-
Hey, thanks for the reply. Until this moment I did it as well with md5, that's indeed without any kind of salt - but I'm trying to do it with sha256 and when I hash the password using sha256 without a salt, I end up with a totally different hash than the one in the anope database. So I suppose that there is a salt used for that one.