Re: CRAM-MD5 Authentication -- leave the previous mail..
"Hector Santos" <hsantos@santronics.com> Thu, 01 December 2005 14:49 UTC
Received: from above.proper.com (localhost.vpnc.org [127.0.0.1]) by above.proper.com (8.12.11/8.12.9) with ESMTP id jB1EnNN4066604; Thu, 1 Dec 2005 06:49:23 -0800 (PST) (envelope-from owner-ietf-smtp@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.11/8.12.9/Submit) id jB1EnNp5066603; Thu, 1 Dec 2005 06:49:23 -0800 (PST)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-smtp@mail.imc.org using -f
Received: from winserver.com (ftp.catinthebox.net [208.247.131.9]) by above.proper.com (8.12.11/8.12.9) with ESMTP id jB1EnMPD066597 for <ietf-smtp@imc.org>; Thu, 1 Dec 2005 06:49:22 -0800 (PST) (envelope-from hsantos@santronics.com)
Received: by winserver.com (Wildcat! SMTP Router v6.1.451.6) for ietf-smtp@imc.org; Thu, 01 Dec 2005 09:53:16 -0500
Received: from ([72.144.172.116]) EHLO=hdev1 by winserver.com (Wildcat! SMTP v6.1.451.6) with SMTP id 2602260609; Thu, 01 Dec 2005 09:53:15 -0500
Message-ID: <009701c5f686$5fcb0b80$6401a8c0@hdev1>
From: Hector Santos <hsantos@santronics.com>
To: Vijayan <vijayan@jataayusoft.com>, ietf-smtp@imc.org
References: <003701c5f670$95fc30f0$d8060ac0@vijayan>
Subject: Re: CRAM-MD5 Authentication -- leave the previous mail..
Date: Thu, 01 Dec 2005 09:49:00 -0500
Organization: Santronics Software, Inc.
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
Sender: owner-ietf-smtp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smtp/mail-archive/>
List-ID: <ietf-smtp.imc.org>
List-Unsubscribe: <mailto:ietf-smtp-request@imc.org?body=unsubscribe>
Vijayan, What server are you using? Based on your input, the logic seems correct. In other words, I was able to duplicate the CRAM-MD5 authentication credential string sent to the server: dmlqYXlhbkB0ZXN0MTIzIDA4ZWZjODQ2MzAzMzU3NDNlYzM1OTY2YzgwYjIzYzVh So this might be a backend issue. here is a C/C++ SMTP client class method for CRAM-MD5 I know works. I think it is self documented. BOOL CSMTPClient::AuthCRAM(const char *szUser, const char *szPass) { ////////////////////////////////////////////// // AUTH CRAM-MD5 LOGIC // see d:\rfc\smtp.auth.rfc2554.txt // d:\rfc\cram-md5.rfc2195.txt // // C: AUTH CRAM-MD5 // S: 334 base64(challengestring) // C: base64(szUser + " "+md5(challengestring,pwd)) // S: 235 Authentication Successful ////////////////////////////////////////////// printf("** Authenticating using AUTH CRAM-MD5\n"); int status; char szResponse[1024]; char szBuffer[1024]; char szChallenge[1024]; char szTemp[256]; status = Sendf("AUTH CRAM-MD5\r\n"); if (status == -1) return FALSE; // expected responses // 504 unrecognized method // 334 base64(wildcat challenge string) // ReadResponse is simply a wrapper around // select() and recv() status = ReadResponse(szResponse, sizeof(szResponse),TRUE); if (status != 334) return FALSE; char *p = strchr(szResponse,' '); if (!p) return FALSE; UnBase64(szChallenge,p+1); char hshbuf[2*MD5_DIGEST_SIZE + 1]; ZeroMemory(&hshbuf,sizeof(hshbuf)); strcpy(szTemp,szPass); strlwr(szTemp); hmac_md5 (szChallenge,strlen(szChallenge), szTemp,strlen(szTemp),hshbuf); strcpy(szTemp,szUser); if (strchr(szTemp,' ')) MakeDotName(szTemp); wsprintf(szBuffer,"%s %s",szTemp,hshbuf); Base64(szResponse,szBuffer,strlen(szBuffer)); status = Sendf("%s\r\n",szResponse); if (status == -1) return FALSE; status = ReadResponse(szResponse, sizeof(szResponse)); // expected responses // 235 Authentication successful if (status != 235) { return FALSE; } return TRUE; } -- Hector Santos, Santronics Software, Inc. http://www.santronics.com ----- Original Message ----- From: "Vijayan" <vijayan@jataayusoft.com> To: <ietf-smtp@imc.org> Cc: "Robert A. Rosenberg" <hal9001@panix.com>; <Valdis.Kletnieks@vt.edu>; "Paul Smith" <paul@pscs.co.uk>; "Tony Finch" <dot@dotat.at>; "Frank Ellermann" <nobody@xyzzy.claranet.de> Sent: Thursday, December 01, 2005 7:13 AM Subject: CRAM-MD5 Authentication -- leave the previous mail.. Hi Friends.. (sorry for the spam) Now i somehow managed to build my CRAM-MD5 algorithm.. but still am getting failure notice in authentication from the server Please do spare some minutes for me and consider this sample case: Username : vijayan@test123 Password : vijayan123 Server's Response for AUTH CRAM-MD5 : "PDEzMTcwMTY1MjguOTM2MzU4OEB0ZXN0MTIzPg==" (greeting or secret) then I made Base64 decode string (Challenge): <1317016528.9363588@test123> (last time i sent the wrong buffer)... then the md5 algorithm formed the digest on this buffer which is digest = "08efc84630335743ec35966c80b23c5a" so the full base64 decoded string is : "vijayan@test123 08efc84630335743ec35966c80b23c5a" now i made the base64 encode on this string, which returns "dmlqYXlhbkB0ZXN0MTIzIDA4ZWZjODQ2MzAzMzU3NDNlYzM1OTY2YzgwYjIzYzVh" this buffer i sent to server. But the server return "535 authentication failed (#5.7.0) pls check these sequences and letme know where the error occured.. is my algorithm is correct..?? if any error where it might be..? pls help in this.. hope to get a reply from anyof u regarding this issue.. thanks in advance, Vijayan
- Re: CRAM-MD5 Authentication -- leave the previous… Frank Ellermann
- Re: CRAM-MD5 Authentication -- leave the previous… Hector Santos
- CRAM-MD5 Authentication -- leave the previous mai… Vijayan