[Dovecot] DIGEST-MD5 doesn't always work
Jürgen Herz
jherz at myrealbox.com
Fri Sep 1 16:54:11 EEST 2006
Jürgen Herz wrote:
> > my dovecot installation works since months and clients authenticate
> > using CRAM-MD5. But today I got the first chance to test an client
> > that supports DIGEST-MD5 - and it doesn't work. Because of lack of
> > other supporting clients and servers I'm now at the point I don't
> > know which side is to blame.
> >
> > The error I get after the client answers the servers challenge is
> > "-ERR Authentication failed: Missing nonce parameter".
Ok, now I tested it against fresh compiled dovecot 1.0rc7 and get a
simple "-ERR Authentication failed."
Server Challenge was (decoded)
realm="",nonce="S5hbmt7qeaQYOS/OLKOsYg==",qop="auth",charset="utf-8",
algorithm="md5-sess"
And client response (decoded)
authzid="juergen",charset=utf-8,cnonce="7c1c927e756c9067dbf412c964a823c1",
digest-uri="pop/pico",nc=00000001,nonce="S5hbmt7qeaQYOS/OLKOsYg==",
qop=auth,realm="",response=fed55b47609e097fdf7d145635e845ff,username="juergen"
Full log on request.
Client was again the Perl script using Net::POP3 and Authen::SASL
Modules. I had that SASL-lib yesterday successfully tested in a SMTP
client authenticating for Postfix with DIGEST-MD5.
On the other hand, Dovecots DIGEST-MD5 mechanism works with KMail as I
was able to test today.
Anyone else who has noticed incompatibilites with Dovecots DIGEST-MD5?
Regards,
Jürgen
More information about the dovecot
mailing list