similar to: [PATCH] NTLM fixes

Hello everyone and Timo in particular, about a year ago I implemented a SHA-1 variant of the HMAC(-MD5) present in Dovecot. I had always disliked this a bit, because it replicates a lot of code. This patch generalizes the HMAC function to take a hash_method struct as parameter, and changes existing code which uses the "old" HMAC function to use this new one. I'm not really sure

samples % lib function 4 0.0525 libdovecot.so.0.0.0 sha1_result_libmysqlcli(..) 7 0.0919 libdovecot.so.0.0.0 io_loop_handler_run 36 0.4729 libdovecot.so.0.0.0 imap_parser_reset 227 2.9817 libdovecot.so.0.0.0 pool_alloconly_unref 7339 96.4009 libdovecot.so.0.0.0 pool_alloconly_clear 7710 3.2463

Hello, attached is an hg export on top of the current dovecot-2.2 branch, which adds support for a SCRAM-SHA-1 password scheme. Ideally I'd want doveadm pw's rounds flag to apply to this, but that's currently specific to the crypt password scheme, so I left it out for now. Regards, Florian Zeitz -------------- next part -------------- # HG changeset patch # User Florian Zeitz

Hello all, attached patch implements Compuserve RPA athentication mechanism. Tested with: - Eudora 6 (uses Compuserve "Virtual Key" RPA software); - TheBat! 2.11 (uses it's own RPA implementation). I hope it can be useful for someone. Best regards. -- Andrey Panin | Linux and UNIX system administrator pazke at donpac.ru | PGP key: wwwkeys.pgp.net -------------- next part

Hi, This is the updated version of the SHA256 password hashing patch I submitted earlier to this list. I changed it, based on the suggestions by Andrey Panin (AP). Also some other parts have been changed, summary as follows: [sha2.h] - typedef of context dropped for consistency (AP) - removed ifndef SHA2_TYPES part (AP) - removed sha256() prototype [sha2.c] - added lib.h and safe_memset.h

I did Dovecot profiling on huge e-mail system, and p_strdup was very high on list. I do minor change: p_strdup: /* for (len = 0; (str)[len] != '\0'; ) len++; len++; */ len = strlen(str) + 1; p_strndup: /* len = 0; while (len < max_chars && ((const char *) str)[len] != '\0') len++; */ len = strnlen(str, max_chars); And after changes strdup drop down on the

Hello all, as I promised some days ago here is NTLM (aka SPA, aka MSN) authentication support patchset. It contains common code in src/lib-ntlm directory, Samba compatible NTLM password scheme and authentication mechanism itself. All patches are against 1.0-test30. Please take a look. Best regards. -- Andrey Panin | Linux and UNIX system administrator pazke at donpac.ru | PGP key:

I did some more optimisation. Most performance hit in Dovecot do "for loop" in string operations. In one case (in message-parser.c) "for loop" has another "for" inside with the same variable used as iterator. This case is very hard to optimise by compiler. I do changes only in top functions listed in oprofile. Maybe I do more in future. Code was analysed and

Hello. I tried installing dovecot on a server that relies on vpopmail authentication using $1$ MD5 algorithm and it didn't work. Please fix this for the next release. Attached is a patch, please be carefull with the line wrapping. Radu --- passdb-vpopmail.c.old Thu Feb 20 00:46:51 2003 +++ passdb-vpopmail.c Thu Sep 30 18:58:56 2004 @@ -1,4 +1,4 @@ -/* Copyright (C) 2002-2003 Timo

Hello, attached patch (1.0-test29) adds LOGIN authentication mechanism. Tested with KMail and seems working. Please consider applying. Best regards. P.S. I also have NTLM authentication working and plan to submit it RSN. -- Andrey Panin | Linux and UNIX system administrator pazke at donpac.ru | PGP key: wwwkeys.pgp.net -------------- next part -------------- diff -urpNX /usr/share/dontdiff

Hi, I made a patch against branch-1.0 for SHA256 password hashing support for Dovecot. Courier Authlib supports this hashing scheme and in order to migrate from Courier to Dovecot, I've added SHA256 support to Dovecot. The attached patch is based on BSD licensed code from Olivier Gay (http://www.ouah.org/ogay/sha2/). Changes made by me in Olivier's sha2{.h,.c} code: - Prototype for

Hello, as pointed by Andrew Bartlett NTLM2 authentication support is missing in dovecot. Attached patch adds it. Tested and works for me. Please consider applying. Best regards. -- Andrey Panin | Linux and UNIX system administrator pazke at donpac.ru | PGP key: wwwkeys.pgp.net -------------- next part -------------- diff -urpNX /usr/share/dontdiff

Hello all, this patch add APOP authentication mechanism to dovecot 1.0-test23. Please take a look. Best regards. -- Andrey Panin | Linux and UNIX system administrator pazke at donpac.ru | PGP key: wwwkeys.pgp.net -------------- next part -------------- diff -udrpN -X /usr/share/dontdiff -x Makefile dovecot-1.0-test23.vanilla/src/auth/Makefile.am dovecot-1.0-test23/src/auth/Makefile.am ---

Trying to build Dovecot 2.2.34 on OpenBSD fails. This seems to have been introduced by this commit.. https://github.com/dovecot/core/commit/4a9020ed888caf03fd3132a30a7818b01daa4b9d Fairly -current.. /usr/bin/libtool --tag=CC --mode=link cc -std=gnu99 -O2 -pipe -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast

Hello, attached patch allows LM authentication for older (Win9x) clients which do not pass NTLM response in type 3 message. It also fixes crash in dovecot-auth (empty credentials could be passed to hex_to_binary function if NTLM2 was negotiated). Please consider applying. Best regards. -- Andrey Panin | Linux and UNIX system administrator pazke at donpac.ru | PGP key: wwwkeys.pgp.net

Hello Dovecot community, Below please find a patch that adds support to dovecot-1.2.11 for: - RFC 4467 - IMAP URLAUTH Extension - RFC 4468 - Submission BURL - RFC 4469 - IMAP CATENATE Extension URLAUTH URLAUTH is added as a plugin so it can be disabled to satisfy site security requirements. Each user's URLAUTH keys for all mailboxes are stored in a file named