similar to: [PATCH] SCRAM-SHA-1 authentication

Hello, attached is an hg export on top of the current dovecot-2.2 branch, which adds support for a SCRAM-SHA-1 password scheme. Ideally I'd want doveadm pw's rounds flag to apply to this, but that's currently specific to the crypt password scheme, so I left it out for now. Regards, Florian Zeitz -------------- next part -------------- # HG changeset patch # User Florian Zeitz

Hello everyone and Timo in particular, about a year ago I implemented a SHA-1 variant of the HMAC(-MD5) present in Dovecot. I had always disliked this a bit, because it replicates a lot of code. This patch generalizes the HMAC function to take a hash_method struct as parameter, and changes existing code which uses the "old" HMAC function to use this new one. I'm not really sure

Dear all, I send you a new email to know what is the progress of SCRAM-SHA-***(-PLUS) supports? Currently there is only SCRAM-SHA-1: https://doc.dovecot.org/configuration_manual/authentication/password_schemes/. - RFC6331: Moving DIGEST-MD5 to Historic: https://tools.ietf.org/html/rfc6331 - RFC5802: Salted Challenge Response Authentication Mechanism (SCRAM) SASL and GSS-API Mechanisms:

Hello Stephan, Thanks for the link about SCRAM-SHA-256, good news for this point, hope a merge soon :) I am from this page: https://wiki.dovecot.org/Authentication/PasswordSchemes ^^ The -PLUS variant for all SCRAM is not possible too for have (with other SCRAM): SCRAM-SHA-1(-PLUS), SCRAM-SHA-224(-PLUS), SCRAM-SHA-256(-PLUS), SCRAM-SHA-384(-PLUS), SCRAM-SHA-512(-PLUS) Some softwares use

Hello all, I would like to know if it is possible to add SCRAM-SHA-256 and SCRAM-SHA-512 supports? RFC7677: SCRAM-SHA-256 and SCRAM-SHA-256-PLUS: Simple Authentication and Security Layer (SASL) Mechanisms https://tools.ietf.org/html/rfc7677 Thanks in advance. Regards, Neustradamus -------------- next part -------------- An HTML attachment was scrubbed... URL:

Op 20/01/2019 om 00:45 schreef - Neustradamus -: > Hello all, > > I would like to know if it is possible to add SCRAM-SHA-256 and > SCRAM-SHA-512 supports? > > RFC7677: SCRAM-SHA-256 and SCRAM-SHA-256-PLUS: Simple Authentication > and Security Layer (SASL) Mechanisms > https://tools.ietf.org/html/rfc7677 > > Thanks in advance.

> On 16 December 2018 at 10:27 Tributh via dovecot <dovecot at dovecot.org> wrote: > > > Hi, > is that here the right place to make feature requests? > > dovecot supports as authentication mechanism > SCRAM-SHA-1 from RFC 5802 > which was updated to > SCRAM-SHA-256 in RFC 7677 > > Can SCRAM-SHA-256 be added to the authentication mechanisms? > >

Hi, is that here the right place to make feature requests? dovecot supports as authentication mechanism SCRAM-SHA-1 from RFC 5802 which was updated to SCRAM-SHA-256 in RFC 7677 Can SCRAM-SHA-256 be added to the authentication mechanisms? I would not like to request, that SCRAM-SHA-1 will be exchanged by SCRAM-SHA-256, since several applications only support SCRAM-SHA-1 Regards Torsten

> On 16 December 2018 at 11:06 Tributh <dovecot-user at tributh.net> wrote: > > > > > Am 16.12.18 um 09:42 schrieb Aki Tuomi: > > > >> On 16 December 2018 at 10:27 Tributh via dovecot <dovecot at dovecot.org> wrote: > >> > >> > >> Hi, > >> is that here the right place to make feature requests? > >> >

Dear all, I use Dovecot SASL (2.1.15) on Ubuntu 12.04 for IMAP authentication and Postfix SASL authentication. I tried to setup SCRAM-SHA-1 as SASL mechanism. This works well on Dovecot's client side towards my OpenLDAP server (with libsasl-2), but fails on the server side (IMAP and SMTP). In the following, there's an extract from Dovecot's log, when using mutt as SMTP client:

Op 16/12/2018 om 10:06 schreef Tributh via dovecot: > > Am 16.12.18 um 09:42 schrieb Aki Tuomi: >>> On 16 December 2018 at 10:27 Tributh via dovecot <dovecot at dovecot.org> wrote: >>> >>> >>> Hi, >>> is that here the right place to make feature requests? >>> >>> dovecot supports as authentication mechanism >>>

Hi running dovecot as IMAP/POP3-proxy with auth_mechanisms = CRAM-MD5 DIGEST-MD5 SCRAM-SHA-1 APOP LOGIN PLAIN which client supports currently "SCRAM-SHA-1" to test it? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL:

Hi, Op 13/01/2019 om 17:48 schreef Tributh via dovecot: > Hi, > sorry for my late reply. Was too busy during the week. > Thank you for your patches. I hope I will be able with them to get now > some client support for SCRAM-SHA-256. Will report how I succeed in the > future. I managed to test it successfully using MailKit: https://github.com/jstedfast/MailKit I used the IMAP

I try to create a patch to allow (proxy-)dict to use tcp connections instead of a unix domain socket. I'm replacing connection_init_client_unix with connection_init_client_ip: --- ./src/lib-dict/dict-client.c.orig +++ ./src/lib-dict/dict-client.c @@ -721,6 +721,10 @@ client_dict_init(struct dict *driver, const char *uri, struct ioloop *old_ioloop = current_ioloop; struct

http://dovecot.org/releases/2.1/rc/dovecot-2.1.rc1.tar.gz http://dovecot.org/releases/2.1/rc/dovecot-2.1.rc1.tar.gz.sig I'll probably release v2.1.0 pretty soon, unless people report some new bugs. I know v2.1 is already being used to serve mails to tens (or hundreds?) of thousands of users, so it should be pretty stable. Most of the changes since v2.1.beta1 have been for rather small

http://dovecot.org/releases/2.1/rc/dovecot-2.1.rc1.tar.gz http://dovecot.org/releases/2.1/rc/dovecot-2.1.rc1.tar.gz.sig I'll probably release v2.1.0 pretty soon, unless people report some new bugs. I know v2.1 is already being used to serve mails to tens (or hundreds?) of thousands of users, so it should be pretty stable. Most of the changes since v2.1.beta1 have been for rather small

http://dovecot.org/releases/2.1/dovecot-2.1.0.tar.gz http://dovecot.org/releases/2.1/dovecot-2.1.0.tar.gz.sig Here's finally the the stable v2.1 release. I expect this release to be quite stable, since it's already being used in several large installations. Changes since rc7: FS layout related crashfix, two man pages added. The biggest changes since v2.0: * Plugins now use UTF-8

http://dovecot.org/releases/2.1/dovecot-2.1.0.tar.gz http://dovecot.org/releases/2.1/dovecot-2.1.0.tar.gz.sig Here's finally the the stable v2.1 release. I expect this release to be quite stable, since it's already being used in several large installations. Changes since rc7: FS layout related crashfix, two man pages added. The biggest changes since v2.0: * Plugins now use UTF-8

Hi Emanuel, I understand what you said. Users have access to SSL and TLS so it's fine, it's their options to use or not. Thanks for the help from all, -----Original Message----- From: dovecot <dovecot-bounces at dovecot.org> On Behalf Of FUSTE Emmanuel via dovecot Sent: Thursday, June 20, 2019 9:53 To: dovecot at dovecot.org Subject: Re: Help on CRAM-MD5 Hello, The world is not

On 21 Feb 2023, at 10:12 pm, James Brown <jlbrown at bordo.com.au> wrote: > > The new one has Dovecot compiled with same configure options, same configuration files, but fails to authenticate: > > Feb 21 21:51:03 master: Info: Dovecot v2.3.20 (80a5ac675d) starting up for imap, pop3 (core dumps disabled) > Feb 21 21:51:33 auth-worker(11701): Error: conn unix:auth-worker