search for: md5_context

Hello, md5_final() function contains minor buglet, it clears first 4 bytes of md5_context instead of whole structure. Patch attached. Best regards. -- Andrey Panin | Linux and UNIX system administrator pazke at donpac.ru | PGP key: wwwkeys.pgp.net -------------- next part -------------- diff -urpNX /usr/share/dontdiff dovecot-1.0-test28.vanilla/src/lib/md5.c dovecot-1.0-test28/src/...

...clude "hmac-md5.h" +#include "hmac-cram-md5.h" +#include "hmac.h" +#include "md5.h" #include "randgen.h" #include "mech.h" #include "passdb.h" @@ -50,7 +52,7 @@ { unsigned char digest[MD5_RESULTLEN]; - struct hmac_md5_context ctx; + struct hmac_context ctx; const char *response_hex; if (size != CRAM_MD5_CONTEXTLEN) { @@ -59,9 +61,10 @@ return FALSE; } + hmac_init(&ctx, NULL, 0, &hash_method_md5); hmac_md5_set_cram_context(&ctx, credentials); - hmac_md5_update(&ctx, request->chall...

This patchset add support for One-Time-Password authentication mechanisms, both S/Key (RFC 1731) and OTP (RFC 2444) are implemented. Tested with mutt (uses cyrus sasl library for authentication). Patches were made against CVS HEAD. Please take a look. Add auth_cache_remove() function which will be used by OTP code to evict old entries from auth cache. diff -urdpNX /usr/share/dontdiff -x

...ion) any later version. */ @@ -110,6 +110,23 @@ ntlmssp_v1_response(const unsigned char } void +ntlmssp2_response(const unsigned char *hash, + const unsigned char *server_challenge, + const unsigned char *client_challenge, + unsigned char response[NTLMSSP_RESPONSE_SIZE]) +{ + struct md5_context ctx; + unsigned char session_hash[16]; + + md5_init(&ctx); + md5_update(&ctx, server_challenge, NTLMSSP_CHALLENGE_SIZE); + md5_update(&ctx, client_challenge, NTLMSSP_CHALLENGE_SIZE); + md5_final(&ctx, session_hash); + + ntlmssp_v1_response(hash, session_hash, response); +} + +void...

...0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x73, 0x01, 0x01, +}; + +void * ucs2be_str(pool_t pool, const char *str, size_t *size); + +/* + * Compute client -> server authentication response. + */ +static void rpa_user_response(struct rpa_auth_request *auth, + unsigned char *digest) +{ + struct md5_context ctx; + unsigned char z[48]; + + memset(z, 0, sizeof(z)); + + md5_init(&ctx); + md5_update(&ctx, auth->pwd_md5, 16); + md5_update(&ctx, z, sizeof(z)); + md5_update(&ctx, auth->username_ucs2be, auth->username_len); + md5_update(&ctx, auth->service_ucs2be, auth->serv...

...maxbuf; +}; + +static void +apop_credentials_callback(const char *credentials, + struct auth_request *auth_request) +{ + struct apop_auth_request *auth = + (struct apop_auth_request *)auth_request; + buffer_t *digest_buf; + unsigned char remote_digest[16]; + unsigned char digest[16]; + struct md5_context ctx; + + digest_buf = buffer_create_data(pool_datastack_create(), + remote_digest, sizeof(remote_digest)); + if (hex_to_binary(auth->digest, digest_buf) <= 0) { + if (verbose) + i_info("apop(%s): invalid characters in APOP digest", get_log_prefix(auth_request)); + mech_auth_...