Re: [Exim] more about crypteq

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Phil Pennock
Date:  
À: Javier Callico
CC: exim-users
Sujet: Re: [Exim] more about crypteq
On 2002-03-22 at 14:12 -0800, Javier Callico wrote:
> exim -be '${if crypteq
> {test}{\{md5\}CY9rzUYh03PK3k6DJie09g==}{yes}{no}}'
>
> and got a yes. So the problem is not in crypteq
> function.

[ and later ]
> Can anybody tell me what encryption is exim using and


$ perl -MDigest::MD5=md5_base64 -le 'print md5_base64 "test"'
CY9rzUYh03PK3k6DJie09g
$

Base64 encoding. The trailing '=' are padding to bring it up to a
multiple of 24 bits. 22 characters at 8 bits each needs another 16
bits. I don't know why Perl's outputting at 22 characters long.

See the original Base64 definition, RFC 1421, §4.3.2.4. (There's a
later one in RFC 2045, MIME Part 1; it's the same (I think)).

> I'm using a test user with password 123, the hash
> stored in my sql database for this password is
> 202cb962ac59075b964b07152d234b70


That's hex encoding. Witness:

$ perl -MDigest::MD5=md5_hex -le 'print md5_hex "123"'
202cb962ac59075b964b07152d234b70
$

> Can anybody tell me what encryption is exim using and
> how I can make a comparison using crypteq or any other
> function ?


Is it possible to change the format stored in the database? Or to
generate two forms?

Otherwise, you're faced with a choice:

* Migrate to Exim 4, which supports the hex-encoding form of MD5 which
you're using
* Look at the Exim 4 source, see how it handles MD5 hex-encoding for
crypteq, and backport that to your local Exim 3.


Congratulations. It looks as though you've just found a good reason to
migrate to Exim 4. :^)
--
Chaos reigns within.
Reflect, repent, and reboot.
Order shall return.