Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: DBMail: users

Cyrus SASL

 

 

DBMail users RSS feed   Index | Next | Previous | View Threaded


claaskaehler at yfx

May 3, 2012, 7:22 AM

Post #1 of 5 (677 views)
Permalink
Cyrus SASL

Has anybody an idea, to get SASL to work with encrypted passwords in the
database?
I used Cyrus SASL and it seems to be impossible.
--
View this message in context: http://old.nabble.com/Cyrus-SASL-tp33763416p33763416.html
Sent from the dbmail users mailing list archive at Nabble.com.

_______________________________________________
DBmail mailing list
DBmail [at] dbmail
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail


mysql.jorge at decimal

May 3, 2012, 7:24 AM

Post #2 of 5 (653 views)
Permalink
Re: Cyrus SASL [In reply to]

> Has anybody an idea, to get SASL to work with encrypted passwords in
> the database?
> I used Cyrus SASL and it seems to be impossible.

That is SASL related not DBMail, anyway I think not, you must have clear
text passwd's in the DB for that,

_______________________________________________
DBmail mailing list
DBmail [at] dbmail
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail


h.reindl at thelounge

May 3, 2012, 7:24 AM

Post #3 of 5 (656 views)
Permalink
Re: Cyrus SASL [In reply to]

Am 03.05.2012 16:22, schrieb cl445:
> Has anybody an idea, to get SASL to work with encrypted passwords in the
> database?
> I used Cyrus SASL and it seems to be impossible

it is technically not possible doing CRAM-MD5 without
acess to the unencrypted passwords - keep in mind that
the different aut mechs are hashing the password in
different ways on client and server
Attachments: signature.asc (0.26 KB)


claaskaehler at yfx

May 3, 2012, 7:58 AM

Post #4 of 5 (653 views)
Permalink
Re: Cyrus SASL [In reply to]

Okay, so the problem is, that SASL needs to encrypt the password for its
own and because of that i'm forced to store the passwords unencrypted?

Am 03.05.2012 16:24, schrieb Reindl Harald:
>
> Am 03.05.2012 16:22, schrieb cl445:
>> Has anybody an idea, to get SASL to work with encrypted passwords in the
>> database?
>> I used Cyrus SASL and it seems to be impossible
> it is technically not possible doing CRAM-MD5 without
> acess to the unencrypted passwords - keep in mind that
> the different aut mechs are hashing the password in
> different ways on client and server
>
>
>
>
>
>
> _______________________________________________
> DBmail mailing list
> DBmail [at] dbmail
> http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail


h.reindl at thelounge

May 3, 2012, 8:06 AM

Post #5 of 5 (653 views)
Permalink
Re: Cyrus SASL [In reply to]

AFAIK yes

Am 03.05.2012 16:58, schrieb Claas Kähler:
> Okay, so the problem is, that SASL needs to encrypt the password for its own and because of that i'm forced to
> store the passwords unencrypted?
>
> Am 03.05.2012 16:24, schrieb Reindl Harald:
>>
>> Am 03.05.2012 16:22, schrieb cl445:
>>> Has anybody an idea, to get SASL to work with encrypted passwords in the
>>> database?
>>> I used Cyrus SASL and it seems to be impossible
>> it is technically not possible doing CRAM-MD5 without
>> acess to the unencrypted passwords - keep in mind that
>> the different aut mechs are hashing the password in
>> different ways on client and server
Attachments: signature.asc (0.26 KB)

DBMail users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.