Sorry, this is slightly off topic.
We use a (homegrown) checkpassword programm (with MySQL support) that
also does APOP authentification for POP3.
I'd like to add SMTP AUTH (based on Eric M. Johnston qmail-smtpd AUTH
patch 20010105).
>From what I've read from the RFCs (I'm not so good with crypto things :(
I am rather sure ;-) that APOP and CRAM-MD5 are not compatible. However
I'd like to - if possible - maintain one codebase for our checkpassword
programm and not have two different versions.
Is there a chance to tell from the digest whether it's a APOP (i.e.
plain MD5) or a CRAM-MD5 digest?
(Otherwise I'd probably try to make a really ugly hack and look at
argv[1] to decide whether it's called in a POP3 sequence or a smtpd
one).
Thanks,
\Maex
--
SpaceNet AG | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development | D-80807 Muenchen | Fax: +49 (89) 32356-299
Stress is when you wake up screaming and you realize you haven't fallen
asleep yet.
