On Thu, 24 Oct 2002, Eric Renfro wrote:
> I'm trying to solve this, but I have no more options left to test it, at the
> moment.
I can't do anything, because I don't have the secret passwords that were
used in your test. If you can set up another test that uses a password
that you are then prepared to tell me, I can attempt to test whether the
digest that Exim computed for you is in fact the correct one or not.
You could perhaps do some of this (tediously) yourself by building the
input string in a file - tedious because of having to do the exclusive
ORing, and then using Exim's -be option and the ${md5: operator to
calculate the hash.
What I can do is to poke inside the actual cram_md5 authenticator and
test what it is doing.
Philip
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
