search for: raw_password

Hello everyone, I'm trying to make dovecot do user authentication against a SQL database. The passwords (managed by Django) are stored as salted SHA1 encoded in hex. I monkey patched Django's password method so that the password hash is made with <password><salt> (Django does <salt><password>, the patched method was verified to return same value as

dovecot 1.1.15 in src/auth/password-scheme.c contains: static bool crypt_verify(const char *plaintext, const char *user ATTR_UNUSED, const unsigned char *raw_password, size_t size) { const char *password; if (size == 0) { /* the default mycrypt() handler would return match */ return FALSE; } password = t_strndup(raw_password, size); return strcmp(mycrypt(plaintext, password), password) ==...

...(&ctx, U, sizeof(U)); + hmac_final(&ctx, U); + for (k = 0; k < SHA1_RESULTLEN; k++) + result[k] ^= U[k]; + } +} + +/* password string format: iter,salt,stored_key,server_key */ + +int scram_sha1_verify(const char *plaintext, const char *user ATTR_UNUSED, + const unsigned char *raw_password, size_t size, + const char **error_r ATTR_UNUSED) +{ + struct hmac_context ctx; + string_t *str; + const char *const *fields; + int iter; + const unsigned char *salt; + size_t salt_len; + unsigned char salted_password[SHA1_RESULTLEN]; + unsigned char client_key[SHA1_RESULTLEN]; + unsigned ch...

Apart from a few warnings (attached), and a bit of patience, the compiler terminates without error. On patience, OBSD has two processes who took almost half the CPU when compiling: reaper and zerothread. Will look into the warnings, and the testing errors (also attached). Let see how it works on this machine. OpenBSD 6.7 (GENERIC.MP) #2: Thu Jun 4 09:55:08 MDT 2020 real mem = 17125511168

...: @fail=; if (target_option=k; case ${target_option-} in ?) ;; *)...) > cd /opt/src/dovecot-2.3.10.1/src/auth > ./test-libpassword password scheme(PLAIN) ............................................... : ok test-libpassword.c:48: Assert failed: password_verify(plaintext, &params, scheme, raw_password, siz, &error) == 1 password scheme(CRYPT) ............................................... : FAILED password scheme(PLAIN-MD4) ........................................... : ok password scheme(MD5) ................................................. : ok password scheme(SHA1) .........................

...target_option-} in? ?) ;;? *)...) > > > cd?/opt/src/dovecot-2.3.10.1/src/auth > > ./test-libpassword > password scheme(PLAIN) ............................................... > : ok > test-libpassword.c:48: Assert failed: password_verify(plaintext, > &params, scheme, raw_password, siz, &error) == 1 > password scheme(CRYPT) ............................................... > : FAILED > password scheme(PLAIN-MD4) ........................................... > : ok > password scheme(MD5) ................................................. > : ok > passwo...

+-Le 12/05/2004 14:20 -0500, oddsock a dit : | Mathieu, | | This is a great idea, and I'm sure many people would like to take | advantage of it. Since the release of 2.0.0, we've added an | "authenticator" framework which allows us to create authentication | modules for handling listener (client-based) authentication. We | currently have one authentication module (htpasswd)