d9898ee8 |
1 | #! @PERL@ -w |
2 | use MIME::Base64; |
3 | use Digest::MD5 qw(md5 md5_hex); |
4 | |
5 | # Test CRAM-MD5 (RFC 2195) authentication. See also RFC 1734 for POP3 AUTH. |
6 | |
7 | # To duplicate the example in RFC 2195: |
8 | # $ perl testcrammd5.pl |
9 | # Username? tim |
10 | # Password? tanstaaftanstaaf |
11 | # Challenge? PDE4OTYuNjk3MTcwOTUyQHBvc3RvZmZpY2UucmVzdG9uLm1jaS5uZXQ+ |
12 | # Response: |
13 | # dGltIGI5MTNhNjAyYzdlZGE3YTQ5NWI0ZTZlNzMzNGQzODkw |
14 | |
15 | # To use with courier-imap: |
16 | # telnet localhost 110 |
17 | # capa |
18 | # << check for SASL CRAM-MD5 in response |
19 | # auth cram-md5 |
20 | # << note the challenge, paste it into this program |
21 | # << paste back the response |
22 | # |
23 | # or: |
24 | # telnet localhost 143 |
25 | # << check for [CAPABILITY ... AUTH=CRAM-MD5 ...] in response |
26 | # a authenticate cram-md5 |
27 | # << note the challenge, paste it into this program |
28 | # << paste back the response |
29 | |
30 | # Remember: to get CRAM-MD5 authentication working in Courier-IMAP you |
31 | # need to set several things: |
32 | # - settings POP3AUTH in pop3d and/or IMAP_CAPABILITY in imapd |
33 | # - in userdb set attribute hmac-md5pw (or pop3-hmac-md5pw etc) |
34 | # userdbpw -hmac-md5 | userdb fred@flintstone.org set hmac-md5pw |
35 | # Password: |
36 | # Reenter password: |
37 | # makeuserdb |
38 | # - in mysql/pgsql/ldap set cleartext password |
39 | |
40 | print "Username? "; |
41 | $username = <STDIN>; |
42 | chomp($username); |
43 | print "Password? "; |
44 | $password = <STDIN>; |
45 | chomp($password); |
46 | |
47 | print "Send: AUTH CRAM-MD5 (or for imap, A AUTHENTICATE CRAM-MD5)\n"; |
48 | print "Paste the challenge here:\n+ "; |
49 | $challenge = <STDIN>; |
50 | chomp($challenge); |
51 | $challenge =~ s/^\+?\ *//; |
52 | $challenge = decode_base64($challenge); |
53 | |
54 | if (length($password) > 64) { |
55 | $password = md5($password); |
56 | } |
57 | while (length($password) < 64) { |
58 | $password = $password . "\0"; |
59 | } |
60 | |
61 | $digest = md5_hex(($password ^ "\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\") . |
62 | md5(($password ^ "6666666666666666666666666666666666666666666666666666666666666666") . $challenge)); |
63 | $resp = encode_base64("$username $digest"); |
64 | print "Send this response:\n$resp\n"; |