Re: CRAM-MD5 Authentication -- leave the previous mail..
"Hector Santos" <hsantos@santronics.com> Thu, 01 December 2005 14:49 UTC
Received: from above.proper.com (localhost.vpnc.org [127.0.0.1]) by above.proper.com (8.12.11/8.12.9) with ESMTP id jB1EnNN4066604; Thu, 1 Dec 2005 06:49:23 -0800 (PST) (envelope-from owner-ietf-smtp@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.11/8.12.9/Submit) id jB1EnNp5066603; Thu, 1 Dec 2005 06:49:23 -0800 (PST)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-smtp@mail.imc.org using -f
Received: from winserver.com (ftp.catinthebox.net [208.247.131.9]) by above.proper.com (8.12.11/8.12.9) with ESMTP id jB1EnMPD066597 for <ietf-smtp@imc.org>; Thu, 1 Dec 2005 06:49:22 -0800 (PST) (envelope-from hsantos@santronics.com)
Received: by winserver.com (Wildcat! SMTP Router v6.1.451.6) for ietf-smtp@imc.org; Thu, 01 Dec 2005 09:53:16 -0500
Received: from ([72.144.172.116]) EHLO=hdev1 by winserver.com (Wildcat! SMTP v6.1.451.6) with SMTP id 2602260609; Thu, 01 Dec 2005 09:53:15 -0500
Message-ID: <009701c5f686$5fcb0b80$6401a8c0@hdev1>
From: Hector Santos <hsantos@santronics.com>
To: Vijayan <vijayan@jataayusoft.com>, ietf-smtp@imc.org
References: <003701c5f670$95fc30f0$d8060ac0@vijayan>
Subject: Re: CRAM-MD5 Authentication -- leave the previous mail..
Date: Thu, 01 Dec 2005 09:49:00 -0500
Organization: Santronics Software, Inc.
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
Sender: owner-ietf-smtp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smtp/mail-archive/>
List-ID: <ietf-smtp.imc.org>
List-Unsubscribe: <mailto:ietf-smtp-request@imc.org?body=unsubscribe>
Vijayan,
What server are you using?
Based on your input, the logic seems correct. In other words, I was
able to duplicate the CRAM-MD5 authentication credential string sent to
the server:
dmlqYXlhbkB0ZXN0MTIzIDA4ZWZjODQ2MzAzMzU3NDNlYzM1OTY2YzgwYjIzYzVh
So this might be a backend issue.
here is a C/C++ SMTP client class method for CRAM-MD5 I know works. I
think it is self documented.
BOOL CSMTPClient::AuthCRAM(const char *szUser, const char *szPass)
{
//////////////////////////////////////////////
// AUTH CRAM-MD5 LOGIC
// see d:\rfc\smtp.auth.rfc2554.txt
// d:\rfc\cram-md5.rfc2195.txt
//
// C: AUTH CRAM-MD5
// S: 334 base64(challengestring)
// C: base64(szUser + " "+md5(challengestring,pwd))
// S: 235 Authentication Successful
//////////////////////////////////////////////
printf("** Authenticating using AUTH CRAM-MD5\n");
int status;
char szResponse[1024];
char szBuffer[1024];
char szChallenge[1024];
char szTemp[256];
status = Sendf("AUTH CRAM-MD5\r\n");
if (status == -1) return FALSE;
// expected responses
// 504 unrecognized method
// 334 base64(wildcat challenge string)
// ReadResponse is simply a wrapper around
// select() and recv()
status = ReadResponse(szResponse, sizeof(szResponse),TRUE);
if (status != 334) return FALSE;
char *p = strchr(szResponse,' ');
if (!p) return FALSE;
UnBase64(szChallenge,p+1);
char hshbuf[2*MD5_DIGEST_SIZE + 1];
ZeroMemory(&hshbuf,sizeof(hshbuf));
strcpy(szTemp,szPass);
strlwr(szTemp);
hmac_md5 (szChallenge,strlen(szChallenge),
szTemp,strlen(szTemp),hshbuf);
strcpy(szTemp,szUser);
if (strchr(szTemp,' ')) MakeDotName(szTemp);
wsprintf(szBuffer,"%s %s",szTemp,hshbuf);
Base64(szResponse,szBuffer,strlen(szBuffer));
status = Sendf("%s\r\n",szResponse);
if (status == -1) return FALSE;
status = ReadResponse(szResponse, sizeof(szResponse));
// expected responses
// 235 Authentication successful
if (status != 235) {
return FALSE;
}
return TRUE;
}
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com
----- Original Message -----
From: "Vijayan" <vijayan@jataayusoft.com>
To: <ietf-smtp@imc.org>
Cc: "Robert A. Rosenberg" <hal9001@panix.com>;
<Valdis.Kletnieks@vt.edu>; "Paul Smith" <paul@pscs.co.uk>; "Tony Finch"
<dot@dotat.at>; "Frank Ellermann" <nobody@xyzzy.claranet.de>
Sent: Thursday, December 01, 2005 7:13 AM
Subject: CRAM-MD5 Authentication -- leave the previous mail..
Hi Friends.. (sorry for the spam)
Now i somehow managed to build my CRAM-MD5 algorithm..
but still am getting failure notice in authentication from the server
Please do spare some minutes for me and consider this sample case:
Username : vijayan@test123
Password : vijayan123
Server's Response for AUTH CRAM-MD5 :
"PDEzMTcwMTY1MjguOTM2MzU4OEB0ZXN0MTIzPg=="
(greeting or secret)
then I made Base64 decode string (Challenge):
<1317016528.9363588@test123> (last time i sent the wrong buffer)...
then the md5 algorithm formed the digest on this buffer which is
digest = "08efc84630335743ec35966c80b23c5a"
so the full base64 decoded string is : "vijayan@test123
08efc84630335743ec35966c80b23c5a"
now i made the base64 encode on this string, which returns
"dmlqYXlhbkB0ZXN0MTIzIDA4ZWZjODQ2MzAzMzU3NDNlYzM1OTY2YzgwYjIzYzVh"
this buffer i sent to server. But the server return "535 authentication
failed (#5.7.0)
pls check these sequences and letme know where the error occured..
is my algorithm is correct..??
if any error where it might be..?
pls help in this..
hope to get a reply from anyof u regarding this issue..
thanks in advance,
Vijayan
- Re: CRAM-MD5 Authentication -- leave the previous… Frank Ellermann
- Re: CRAM-MD5 Authentication -- leave the previous… Hector Santos
- CRAM-MD5 Authentication -- leave the previous mai… Vijayan