On Sun, Apr 19, 2026 at 08:42:48AM +0200, Alejandro Colomar via Mutt-dev wrote: > > > I think C strings should be fine, because MD5 hashes should not > > > contain embedded NUL bytes (AFAIK); otherwise, they couldn't be > > > stored in /etc/shadow at all.
Incorrect on every level. 1. Yes, MD5 hashes can contain zero bytes. 2. The raw bytes are not stored. 3. No even vaguely modern system still uses MD5 in /etc/shadow anyway. Historically MD5 hashes are encoded as the ascii-hexified values of the bytes (e.g. a value of 255 will be represented by the string "ff"). However on modern systems, MD5 is no longer used at all in /etc/shadow. The modern format actually allows for multiple different hashes to be used simultaneously, and which hash is used is encoded in the password field itself. Typically this is now SHA2-256 or SHA2-512, though I believe the latest (non-LTS) versions use something called yescrypt, which FWIW I have never seen used in any other context. The actual hash portion is base64-encoded. However, a better question is, should Mutt support CRAM-MD5 *at all*? MD5 is broken and hence no longer used for authentication on any modern system. Unless IMAP4/SASL can't work without it (which I don't know, but that would surprise me) then probably what should actually happen here is that CRAM-MD5 support should be compiled out entirely by default, and only compiled in if the user configures it expressly, with ample documentation in the configure script help that you really shouldn't be using that... It's probably somewhat likely that the reason this hasn't come up before is because no one is using it anyway. Users who for some reason must use SASL are probably using something like SCRAM-SHA-256 or Kerberos, and everyone else is using TLS. -- Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02 -=-=-=-=- This message is posted from an invalid address. Replying to it will result in undeliverable mail due to spam prevention. Sorry for the inconvenience.
