[tpop3d-discuss]auth-flatfile md5 hash incorrect length

Mike Pinkerton pse at mindspring.com
Wed, 11 Aug 2004 17:25:18 -0400 

At 20:38 +0100 2004/08/11, Chris Lightfoot wrote:
>On Wed, Aug 11, 2004 at 02:11:52PM -0400, Mike Pinkerton wrote:
>>
>  > mike@advomation.com:{md5}$1$pigflies$I3P9Sz4rq9LFw3zE/M1nr1:5000:5000:Mike
>
>should be {crypt_md5}. {md5} means a straight MD5 digest
>of the password.


I changed {md5} to {crypt_md5}, but no joy, although tpop3d did not 
complain about the hash length -- see the standard error output below.

I then decided to try plain {md5} and used the following command to 
create an MD5 digest of the password:

echo -n password | openssl dgst -md5

I wrote the following entry into my auth-flatfile password file:

mike@advomation.com:{md5}8fd29255e680b3fe87b201c1fac2bd82:5000:5000:Mike 
Pinkerton:/var/spool/mail/vhosts/advomation.com/mike:/sbin/nologin

Authentication failed again with tpop3d complaining that "password 
type md5, but hash is of incorrect length" -- see the standard error 
output below.

Any other suggestions?


*****  Standard error output for {crypt_md5}  *****


experimental BSD mailbox metadata cache enabled
parse_listeners: listening on address 66.132.146.110:110; TLS mode STLS
parse_listeners: listening on address 66.132.146.110:995; TLS mode immediate
/etc/tpop3d.d/tpop3d.conf: I hope you realise that use of the 
log-bad-passwords option is an invasion of privacy
1 authentication drivers successfully loaded
net_loop: tpop3d version 1.5.3 successfully started
connection_sendresponse: client 
[6]66.245.111.103/postal.advomation.com: sent `+OK 
<757510b7a3060b4ca84b93f9a837702d@postal.advomation.com>'
listeners_post_select: client 
[6]66.245.111.103/postal.advomation.com: connected to local address 
66.132.146.110:995
ioabs_tls_post_select: client 
[6]66.245.111.103/postal.advomation.com: SSL_accept: tlsv1 alert 
unknown ca; closing connection
connections_post_select: client 
[6]66.245.111.103/postal.advomation.com: disconnected; 0/0 bytes 
read/written
connection_sendresponse: client 
[6]66.245.111.103/postal.advomation.com: sent `+OK 
<b6edabb7533edd8c0df3d0ae8db54d54@postal.advomation.com>'
listeners_post_select: client 
[6]66.245.111.103/postal.advomation.com: connected to local address 
66.132.146.110:995
connection_parsecommand: client 
[6]66.245.111.103/postal.advomation.com: received `APOP 
mike@advomation.com 71b127c52996ee7257e839cc06a8e855'
password: attempted APOP login by [mike@advomation.com; 
mike@advomation.com], who does not have a plaintext password
auth_flatfile_new_apop: failed login for [mike@advomation.com; 
mike@advomation.com]
connection_sendresponse: client 
[6]66.245.111.103/postal.advomation.com: sent `-ERR Lies! Try again!'
connection_do: client `[6]66.245.111.103/postal.advomation.com': 
username `mike@advomation.com': 1 authentication failures
connection_parsecommand: client 
[6]66.245.111.103/postal.advomation.com: received `USER 
mike@advomation.com'
connection_sendresponse: client 
[6]66.245.111.103/postal.advomation.com: sent `+OK Tell me your 
password.'
connection_parsecommand: client 
[6]66.245.111.103/postal.advomation.com: received `PASS [...]'
authcache_new_user_pass: no entry for [mike@advomation.com; 
mike@advomation.com]
auth_flatfile_new_user_pass: failed login for [mike@advomation.com; 
mike@advomation.com]
connection_do: client `[6]66.245.111.103/postal.advomation.com': 
username `mike@advomation.com': failing password is `XXXXXXXXX'
connection_sendresponse: client 
[6]66.245.111.103/postal.advomation.com: sent `-ERR Lies! Try again!'
connection_do: client `[6]66.245.111.103/postal.advomation.com': 
username `mike@advomation.com': 2 authentication failures
connection_parsecommand: client 
[6]66.245.111.103/postal.advomation.com: received `QUIT'
connection_sendresponse: client 
[6]66.245.111.103/postal.advomation.com: sent `+OK Fine. Be that way.'
ioabs_tls_shutdown: client [6]66.245.111.103/postal.advomation.com: 
underlying connection closed by peer during shutdown
connections_post_select: client 
[6]66.245.111.103/postal.advomation.com: disconnected; 107/160 bytes 
read/written

[more of the same snipped]

net_loop: terminating on signal 2



*****  Standard error output for {md5}  *****


experimental BSD mailbox metadata cache enabled
parse_listeners: listening on address 66.132.146.110:110; TLS mode STLS
parse_listeners: listening on address 66.132.146.110:995; TLS mode immediate
/etc/tpop3d.d/tpop3d.conf: I hope you realise that use of the 
log-bad-passwords option is an invasion of privacy
1 authentication drivers successfully loaded
net_loop: tpop3d version 1.5.3 successfully started
connection_sendresponse: client 
[6]66.245.111.103/postal.advomation.com: sent `+OK 
<16a1c6cc077721e5a64c83175eb985dc@postal.advomation.com>'
listeners_post_select: client 
[6]66.245.111.103/postal.advomation.com: connected to local address 
66.132.146.110:995
connection_parsecommand: client 
[6]66.245.111.103/postal.advomation.com: received `APOP 
mike@advomation.com 36fade611271b3906962ce8d4a83fc30'
password: attempted APOP login by [mike@advomation.com; 
mike@advomation.com], who does not have a plaintext password
auth_flatfile_new_apop: failed login for [mike@advomation.com; 
mike@advomation.com]
connection_sendresponse: client 
[6]66.245.111.103/postal.advomation.com: sent `-ERR Lies! Try again!'
connection_do: client `[6]66.245.111.103/postal.advomation.com': 
username `mike@advomation.com': 1 authentication failures
connection_parsecommand: client 
[6]66.245.111.103/postal.advomation.com: received `USER 
mike@advomation.com'
connection_sendresponse: client 
[6]66.245.111.103/postal.advomation.com: sent `+OK Tell me your 
password.'
connection_parsecommand: client 
[6]66.245.111.103/postal.advomation.com: received `PASS [...]'
authcache_new_user_pass: no entry for [mike@advomation.com; 
mike@advomation.com]
password: [mike@advomation.com; mike@advomation.com] has password 
type md5, but hash is of incorrect length
auth_flatfile_new_user_pass: failed login for [mike@advomation.com; 
mike@advomation.com]
connection_do: client `[6]66.245.111.103/postal.advomation.com': 
username `mike@advomation.com': failing password is `XXXXXXXXX'
connection_sendresponse: client 
[6]66.245.111.103/postal.advomation.com: sent `-ERR Lies! Try again!'
connection_do: client `[6]66.245.111.103/postal.advomation.com': 
username `mike@advomation.com': 2 authentication failures
connection_parsecommand: client 
[6]66.245.111.103/postal.advomation.com: received `QUIT'
connection_sendresponse: client 
[6]66.245.111.103/postal.advomation.com: sent `+OK Fine. Be that way.'
ioabs_tls_shutdown: client [6]66.245.111.103/postal.advomation.com: 
underlying connection closed by peer during shutdown
connections_post_select: client 
[6]66.245.111.103/postal.advomation.com: disconnected; 107/160 bytes 
read/written

[more of the same snipped]

net_loop: terminating on signal 2


--
Mike Pinkerton