Well, one final bootnote is that it is actually possible to do something like that with the existing CRAM-hash method. And, in fact, the authuserdb module does exactly that.
Without getting into the gory details, the computation of the final CRAM-hash value begins with the cleartext password. It is possible to begin the first step of computing the hash, and save the intermediate hash code. Then finish the computation when the client replies to the challenge.
So CRAM hash methods could be supported with hashed passwords stored in the directory? I would definitely like to submit this as a feature request if it is technically possible.
Well, its technically possible, but this is just a custom implementation hack for userdb. There is no officially defined format for such a partially-computed hash field, in LDAP. You've got {MD5}, you've also got {SHA1}, you've got a few other things as well. You do not have anything that understands what {HALF-BAKED-HMAC-SHA1} is.
------------------------------------------------------- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
