similar to: [PATCH] Add SCRAM-SHA-1 password scheme

Hello everyone and Timo in particular, about a year ago I implemented a SHA-1 variant of the HMAC(-MD5) present in Dovecot. I had always disliked this a bit, because it replicates a lot of code. This patch generalizes the HMAC function to take a hash_method struct as parameter, and changes existing code which uses the "old" HMAC function to use this new one. I'm not really sure

Dear OpenSSH developers, I've worked this week on an alternative key exchange mechanism, in reaction to the whole NSA leaks and claims over cryptographic backdoors and/or cracking advances. The key exchange is in my opinion the most critical defense against passive eavesdropping attacks. I believe Curve25519 from DJB can give users a secure alternative to classical Diffie-Hellman (with fixed

On 2016-11-02, Aki Tuomi <aki.tuomi at dovecot.fi> wrote: > If the standard way works, I am happy to include the original patch I > sent, amended so that it checks for presence of LIBRESSL_VERSION_NUMBER. > If they keep this promise, then we should have no worries about things > breaking up. Diff below is what I've added to OpenBSD ports. The libressl API is not cast in

Here are three versions (patch against openbsd cvs) 1) repace nacl w/libsodium, so i could test 2) curve25519-donna 3) Matthew's public domain reference implementation. i'd vote for #3 -------------- next part -------------- Am 30.10.2013 um 07:27 schrieb Damien Miller <djm at mindrot.org>: > On Tue, 24 Sep 2013, Aris Adamantiadis wrote: > >> Dear OpenSSH

Take a look at the sources, hmac.h declares struct hmac_context: struct hmac_context { char ctx[HMAC_MAX_CONTEXT_SIZE]; char ctxo[HMAC_MAX_CONTEXT_SIZE]; const struct hash_method *hash; }; If compiled for a 32 bit virtual address space, this has an alignment requirement of 4 due to the hash pointer. In line 171 of auth-token.c, we have following

I have a wsdl client that will work standalone but as soon as I put identical code into a Rails controller I get an Errno::ECONNREFUSED #(Connection refused -connect(2)...) Any ideas? ======================= ||Standalone: (works) || ======================= require ''soap/wsdlDriver'' require ''http-access2'' user = ''fwkaufm'' wsdl

Im trying to install salted and get errors when running the rake test... /usr/bin/ruby1.8 -Ilib:test "/usr/lib/ruby/gems/1.8/gems/rake-0.7.0/lib/rake/rake_test_loader .rb" "test/unit/localization_test.rb" "test/unit/user_test.rb" Loaded suite /usr/lib/ruby/gems/1.8/gems/rake-0.7.0/lib/rake/rake_test_loader Started ........F....E Finished in 0.108794 seconds. 1)

Hi there, when doing "make check" for a 2.3.0 build on Solaris Sparc I get a bus error due to an alignment issue. It seems the error is only happening during testing, because in the official API it was fixed in https://github.com/dovecot/core/commit/d8361cc8576d9ede93a037f9b96f2a3f9b7e9054#diff-2ff53ae0e00a90ee20d648229ad91d2b But the tests use hand written test vectors, that are

im getting this error when i attemp to create an admin account in the devel. console... first is the script im trying to run and then the error... full output: >> @a = Admin.create :fullname => "Zack", :email => "zack@xxxxxx.com", :capabilities => {"member_info" => "1", "close_xxxxxx"=>"1",

I''m not sure I completely understand the benefits of using ERBSQL or how to use it. Google searches have proved it to be rather undocumented. From what I understand the embedded ruby sql allows you to write sql that''s easier to deploy via the create_db script and also more portable to postgres, myslq, or whatever. But what I can''t find is a resource that

Ok, here we go. 1) I am trying to talk to a soap web service @ the url https://rsvcstage.e2ma.net/emmaTestCalls 2) I can talk to the web service in plain ruby if I: 2.1) disable site ruby (by renaming the site_ruby directory to something else) 2.2) use the WDSLDriverFactory instead of an actionwebservice The working ruby code looks like this:

Hi, Has anyone had any success? After a clean install of OpenBSD, I do the following:- pkg_add ftp://rt.fm/pub/OpenBSD/3.5/packages/i386/gmake-3.80.tgz pkg_add ftp://rt.fm/pub/OpenBSD/3.5/packages/i386/bison-1.35p1.tgz pkg_add ftp://rt.fm/pub/OpenBSD/3.5/packages/i386/ruby-ncurses-0.8.tgz Then, I get (via CVS) the asterisk source.. cd /usr/src/asterisk /usr/local/bin/gmake clean

In my unit tests for my User model, I''m testing some validation cases. What is really strange, and driving me crazy, is that in the unit tests, it seems like the save method is causing my validations to execute twice, and produce duplicate error messages. This is making my tests fail (because I''m checking for the number of errors that I expect). In the web browser, only one error

Hi all, I hope someone can help with what is probably a simple newb installation mistake on my part. I''m having a couple of problems with the salted hash login generator. I installed it following the quickstart guide, and the unit tests work like a charm. There are two errors and a failure on the function tests, though; the verified field seems to be involved in at least one of

Hy, over the last days I have implemented SCRAM-SHA-1 in Dovecot's 2.1 branch. It does not do SCRAM-SHA-1-PLUS, but should be extendable enough to introduce it later. There are some checks for the message format which (assuming the client acts correclty) are not strictly necessary during parsing. This is partially in the hope that it might aid client implementers, partially because it (IMHO)

Hi all, I would like to start a thread on RoR related issues on the new Intel version of Mac OS X. I have been using Apple''s new iMac Core Duo (which comes with Intel version of Mac OS X) for about a week now. Here''s my experience: Ruby 1.8.4: It compiles albeit with many warnings. Most warnings were about "differ in signedness". It seems to work okay

hello, can anyone help me? im gettitng this error when i tried runnin make on solaris 9 rm -f include/asterisk/version.h.tmp make[1]: `ast_expr.a' is up to date. make[1]: Leaving directory `/export/home/fst/chris/cvs/asterisk' gcc -g -o asterisk io.o sched.o logger.o frame.o loader.o config.o channel.o t ranslate.o file.o say.o pbx.o cli.o

Hi. Im new to Ruby and new to Ruby on Rails and have problems realizing a =20= simple many_to_many relationship: My tables: items <-> items_users <-> users ------------------------------------------------------------------------=20= -------------------------------------- id user_id = id name item_id name ... = password = ...... My Code: class

Hi, I followed the docs from the dovecot wiki (http://wiki2.dovecot.org/Authentication/MasterUsers) and still have some problem: 1. uncommented "!include auth-ldap.conf.ext" in 10-auth.conf 2. htpasswd -b -c -s .... to create user/password for a masteruseruser 3. checked auth-master.conf.ext When I try to test the login, I always get an "invalid credentials" in the logs with

I'm trying to replace some sshv1 clients and servers in a modular way, and the "Server Lies" warning (when the server says the key has one more bit than it really has) is causing heartache. Per the FAQ, this is relatively benign. Here's a patch that allows an admin or user to disable the warning. - Morty diff -Nur openssh-3.7.1p2/readconf.c