search for: md5_final

Hello, md5_final() function contains minor buglet, it clears first 4 bytes of md5_context instead of whole structure. Patch attached. Best regards. -- Andrey Panin | Linux and UNIX system administrator pazke at donpac.ru | PGP key: wwwkeys.pgp.net -------------- next part -------------- diff -urpNX /usr/share/...

This patchset add support for One-Time-Password authentication mechanisms, both S/Key (RFC 1731) and OTP (RFC 2444) are implemented. Tested with mutt (uses cyrus sasl library for authentication). Patches were made against CVS HEAD. Please take a look. Add auth_cache_remove() function which will be used by OTP code to evict old entries from auth cache. diff -urdpNX /usr/share/dontdiff -x

...m_ucs2be, auth->realm_len); + md5_update(&ctx, auth->user_challenge, auth->user_challenge_len); + md5_update(&ctx, auth->service_challenge, RPA_SCHALLENGE_LEN); + md5_update(&ctx, auth->service_timestamp, RPA_TIMESTAMP_LEN); + md5_update(&ctx, auth->pwd_md5, 16); + md5_final(&ctx, digest); +} + +/* + * Compute server -> client authentication response. + */ +static void rpa_server_response(struct rpa_auth_request *auth, + unsigned char *digest) +{ + struct md5_context ctx; + unsigned char tmp[16]; + unsigned char z[48]; + int i; + + memset(z, 0, sizeof(z)); +...

Hello, I am interested in an ssh that is not interactive in requesting the password, i.e, whereas I can specify the password in the command line when calling SSH. I have wondered how such a feature has not been included in such a good client, as it seems there are many (and I have searched for this) people require this capability for their scripts/automation. I understand the possibility of

Hello openssh@ I thought about sftp's reget/reput commands. Several days ago, Damien Miller write to tech at openbsd.org (it was reply for my letter): > Herein lies a problem which is not easy to detect or solve. For > performance reasons, the sftp client does pipelined reads/writes when > transferring files. The protocol spec allows for a server to process > these requests out

...es[6] = '\0'; + j -= 6; + if( j > 0){ + i = (j+7)& 0xf8; + des_cbc_encrypt((des_cblock *)&data[16], + (des_cblock *)&res[6], i*1l, + keysched, &iv, DES_DECRYPT); + MD5_Update(&ctx, (unsigned char *)&res[6], j); + } + res[6+j] = '\0'; + + MD5_Final(digest, &ctx); + for(i=0; i < 8; i++){ + if( digest[i] != (kbuf[i]&0xff)) + return 1; + } + }else{ + strncpy(res, pass, reslen); + } + return 0; +} + + + +int put_snk_pass(char *pass, char *res, int reslen, char *data) { + des_cblock kblock; + des_key_schedule keysched; + char...

...st char *response_hex; if (size != CRAM_MD5_CONTEXTLEN) { @@ -59,9 +61,10 @@ return FALSE; } + hmac_init(&ctx, NULL, 0, &hash_method_md5); hmac_md5_set_cram_context(&ctx, credentials); - hmac_md5_update(&ctx, request->challenge, strlen(request->challenge)); - hmac_md5_final(&ctx, digest); + hmac_update(&ctx, request->challenge, strlen(request->challenge)); + hmac_final(&ctx, digest); response_hex = binary_to_hex(digest, sizeof(digest)); diff --git a/src/auth/mech-scram-sha1.c b/src/auth/mech-scram-sha1.c --- a/src/auth/mech-scram-sha1.c +++ b/s...

...ed char *client_challenge, + unsigned char response[NTLMSSP_RESPONSE_SIZE]) +{ + struct md5_context ctx; + unsigned char session_hash[16]; + + md5_init(&ctx); + md5_update(&ctx, server_challenge, NTLMSSP_CHALLENGE_SIZE); + md5_update(&ctx, client_challenge, NTLMSSP_CHALLENGE_SIZE); + md5_final(&ctx, session_hash); + + ntlmssp_v1_response(hash, session_hash, response); +} + +void ntlmssp_v2_response(const char *user, const char *target, const unsigned char *hash_v1, const unsigned char *challenge, diff -urpNX /usr/share/dontdiff dovecot-1.0-test46.vanilla/src/lib-ntlm/n...

...to `i2d_X509_NAME' /usr/local/ssl/lib/libssl.so: undefined reference to `RSA_public_encrypt' /usr/local/ssl/lib/libssl.so: undefined reference to `i2d_X509' /usr/local/ssl/lib/libssl.so: undefined reference to `PEM_read_bio_X509' /usr/local/ssl/lib/libssl.so: undefined reference to `MD5_Final' /usr/local/ssl/lib/libssl.so: undefined reference to `ERR_clear_error' /usr/local/ssl/lib/libssl.so: undefined reference to `EVP_DigestUpdate' /usr/local/ssl/lib/libssl.so: undefined reference to `OBJ_obj2nid' /usr/local/ssl/lib/libssl.so: undefined reference to `OBJ_bsearch' /...

...(%s): invalid characters in APOP digest", get_log_prefix(auth_request)); + mech_auth_finish(auth_request, NULL, 0, FALSE); + return; + } + + md5_init(&ctx); + md5_update(&ctx, auth->challenge, strlen(auth->challenge)); + md5_update(&ctx, credentials, strlen(credentials)); + md5_final(&ctx, digest); + + safe_memset((void *) credentials, 0, strlen(credentials)); + + mech_auth_finish(auth_request, NULL, 0, + memcmp(digest, remote_digest, 16) ? FALSE : TRUE); +} + +static int +mech_apop_auth_initial(struct auth_request *auth_request, + struct auth_client_request_new *reque...

...+ * #define HASH_LONG MD5_LONG + * #define HASH_CTX MD5_CTX + * #define HASH_CBLOCK MD5_CBLOCK + * #define HASH_UPDATE MD5_Update + * #define HASH_TRANSFORM MD5_Transform + * #define HASH_FINAL MD5_Final + * #define HASH_BLOCK_DATA_ORDER md5_block_data_order + */ + +#include <openssl/crypto.h> + +#if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN) +# error "DATA_ORDER must be defined!" +#endif + +#ifndef HASH_CBLOCK +# error "HASH_CBLO...

...hrase)); + SHA1_Final(digest, &sha); + + cipher_init(cc, cipher, digest, 20, NULL, 0, do_encrypt); + + memset(digest, 0, sizeof(digest)); + memset(&sha, 0, sizeof(sha)); + return; + } +#endif MD5_Init(&md); MD5_Update(&md, (const u_char *)passphrase, strlen(passphrase)); MD5_Final(digest, &md); --- openssh-4.7p1/configure.ac Mon Dec 17 20:25:49 2007 +++ openssh-4.7p1/configure.ac Mon Dec 17 20:29:36 2007 @@ -438,6 +438,7 @@ if test -z "$GCC"; then CFLAGS="$CFLAGS -Ae" fi + HPUX=1 ;; *-*-hpux11*) AC_DEFINE(PAM_SUN_CODEBASE, 1, @@ -44...