Displaying 2 results from an estimated 2 matches for "md5_gener".
2004 Jul 23
1
weakness in hash salt generation
Dovecot has routines for password hashing; two of these, crypt_generate
and md5_generate, both use sizeof(salt_chars) when reducing a random
string to salt.
I became suspicious when I noted that all salts generated are composed
only of "./01".
Unfortunately salt_char is declared static const char * rather than
static const char [], and so sizeof(salt_chars) is the size...
2004 Aug 09
1
[PATCH] RPA authentication mechanism
...;
+}
+
+static const char *rpa_generate(const char *plaintext,
+ const char *user __attr_unused__)
+{
+ return password_generate_rpa(plaintext);
+}
+
static const struct password_scheme default_schemes[] = {
{ "CRYPT", crypt_verify, crypt_generate },
{ "MD5", md5_verify, md5_generate },
@@ -439,6 +451,7 @@ static const struct password_scheme defa
{ "LDAP-MD5", ldap_md5_verify, ldap_md5_generate },
{ "LANMAN", lm_verify, lm_generate },
{ "NTLM", ntlm_verify, ntlm_generate },
+ { "RPA", rpa_verify, rpa_generate },
{ NULL, NULL, N...