Re: [Exim] SQL-based SMTP AUTH.

Top Page
Delete this message
Reply to this message
Author: Tamas TEVESZ
Date:  
To: Steve Haslam
CC: exim-users
Subject: Re: [Exim] SQL-based SMTP AUTH.
On Thu, 24 Oct 2002, Steve Haslam wrote:

> No, we couldn't get the result from perl to match the digest even when exim
> and the client agreed on it :(


oic.

to the best of my knowledge, that hmac module should be fine, but just
in case, could you try this snippet:

string cm5(string challenge, string pass)
{
    string ipad = pass;
    for(int i=strlen(ipad); i<64; i++) {
        ipad += "\0";
    }
    string opad = ipad;
    for(int i=0; i<64; i++) {
        ipad[i] ^= 0x36;
        opad[i] ^= 0x5c;
    }
    string inner = Crypto.md5()->update(ipad)->update(challenge)->digest();
    string outer = Crypto.string_to_hex(Crypto.md5()->update(opad)->update(inner)->digest());
    return outer;
}


int main(int argc, array(string) argv)
{
    write(cm5(argv[1], argv[2]) + "\n");
}


its pike, (apt-get install pike7 [or any >0.6 one for that matter],
`pike foo.pike challenge password'.

this is _guaranteed_ to produce the correct hash. i'm curious what
this gives... (mh, just noticed a flaw: don't have passwords >64
char.. i forgot to handle this case ;)


--
(void)