<div dir="ltr"><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small"><span style="font-family:arial,sans-serif">On 12 March 2015 at 16:04, Vladislav Kurz </span><span dir="ltr" style="font-family:arial,sans-serif"><<a href="mailto:vladislav.kurz@webstep.net" target="_blank">vladislav.kurz@webstep.net</a>></span><span style="font-family:arial,sans-serif"> wrote:</span><br></div><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><u></u>
<div style="font-family:'DejaVu Sans Mono';font-size:10pt;font-weight:400;font-style:normal"><span>
<p style="margin:0px;text-indent:0px">On Thursday 12 of March 2015 Ram <<a href="mailto:ram@netcore.co.in" target="_blank">ram@netcore.co.in</a>> wrote:</p>
<p style="margin:0px;text-indent:0px"> </p>
</span><span><p style="margin:0px;text-indent:0px">> > You need access to plaintext passwords for CRAM/DIGEST-MD5.</p>
<p style="margin:0px;text-indent:0px">> > </p>
<p style="margin:0px;text-indent:0px">> > LDAP and saslauthd do not provide that.</p>
<p style="margin:0px;text-indent:0px">> </p>
<p style="margin:0px;text-indent:0px">> How can I use CRAM-MD5 with passwords stored in LDAP (in MD5 format )</p>
<p style="margin:0px;text-indent:0px">> then ?</p>
<p style="margin:0px;text-indent:0px">> </p>
<p style="margin:0px;text-indent:0px">> I need to disable plain & login methods and cannot store passwords in</p>
<p style="margin:0px;text-indent:0px">> plain text too.</p>
<p style="margin:0px;text-indent:0px"> </p>
</span><p style="margin:0px;text-indent:0px">I'm afraid you are trying to do impossible things. Read more about how cram-md5 works. You can eforce ssl/tls encryption and use plain/login auth.</p></div></blockquote><div> </div><div><span style="font-family:verdana,sans-serif">The definition of "plain text" doesn't mean that it cannot be stored in a retrievable form. You could make a fairly simple patch to retrieve the ciphertext from a ROT13 store, as an extreme example :)</span></div><div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;display:inline"></div></div><div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;display:inline">G</div></div></div></div></div>