Re: [Exim] CRAM-MD5 fudging

Página Inicial
Delete this message
Reply to this message
Autor: John Jetmore
Data:  
Para: Tamas TEVESZ
CC: exim-users
Assunto: Re: [Exim] CRAM-MD5 fudging
On Wed, 12 Mar 2003, Tamas TEVESZ wrote:

> On Wed, 12 Mar 2003, John Jetmore wrote:
>
> > > CHALLENGE = $tod_epoch@$primary_hostname
> >
> > hmmm. that's a cool idea. The only real problem I see is that the
> > challenge is supposed to change. still, that's a cool idea for a work
> > around.
>
> it *does*. remember, the conffile is re-read every time a new child is
> spanned. and for every connection there is a new child. presto ;)


it looks like exim changes the challenge every time you re-attempt
authentication. I don't see this as a big deal in the real world because
the user either has the right password in one connection or they don't,
but to replicate exim's behaviour (and I'm not saying that exim's way is
the only way) the string has to be able to change more often than once per
child.

rizzo 1 /home/jetmore> telnet bunsen 25
<snip>
AUTH CRAM-MD5
334 PDY5OTEuMTA0NzUwMjUzN0BidW5zZW4uY2luZXJneWNvbS5uZXQ+
asdfasdfasdfasdfasdf
535 Incorrect authentication data
AUTH CRAM-MD5
334 PDY5OTEuMTA0NzUwMjU1NkBidW5zZW4uY2luZXJneWNvbS5uZXQ+

The first string is
<6991.1047502537@???> and the second is
<6991.1047502556@???>

I only point this out because it bit me firmly in the ass last week =).

--john