X-Git-Url: http://pileus.org/git/?a=blobdiff_plain;f=cram.c;h=cf33393ebb9662e6a69ae8eb4352d35ee6c3570e;hb=da989f7b8294e342572ec5f27f1a6f3f2b1fe56f;hp=df7c3d1f0b9d5cc0f07486c5c1803580bb8b0110;hpb=2d69b9b093b7aaf9b2d2b97317fc54d0bd6813b7;p=~andy%2Ffetchmail

diff --git a/cram.c b/cram.c
index df7c3d1f..cf33393e 100644
--- a/cram.c
+++ b/cram.c
@@ -15,11 +15,11 @@
 #include  "socket.h"
 
 #include  "i18n.h"
-#include "md5.h"
+#include "fm_md5.h"
 
-static void hmac_md5 (unsigned char *password,  size_t pass_len,
-                      unsigned char *challenge, size_t chal_len,
-                      unsigned char *response,  size_t resp_len)
+void hmac_md5 (const unsigned char *password,  size_t pass_len,
+               const unsigned char *challenge, size_t chal_len,
+               unsigned char *response,  size_t resp_len)
 {
     int i;
     unsigned char ipad[64];
@@ -60,17 +60,18 @@ static void hmac_md5 (unsigned char *password,  size_t pass_len,
     MD5Final (response, &ctx);
 }
 
-int do_cram_md5 (int sock, struct query *ctl)
+int do_cram_md5 (int sock, const char *command, struct query *ctl, const char *strip)
 /* authenticate as per RFC2195 */
 {
     int result;
     int len;
-    unsigned char buf1[1024];
-    unsigned char msg_id[768];
+    char buf1[1024];
+    char msg_id[768];
     unsigned char response[16];
-    unsigned char reply[1024];
+    char reply[1024];
+    char *respdata;
 
-    gen_send (sock, "AUTHENTICATE CRAM-MD5");
+    gen_send (sock, "%s CRAM-MD5", command);
 
     /* From RFC2195:
      * The data encoded in the first ready response contains an
@@ -84,17 +85,22 @@ int do_cram_md5 (int sock, struct query *ctl)
 	return result;
     }
 
-    len = from64tobits (msg_id, buf1);
+    /* caller may specify a response prefix we should strip if present */
+    respdata = buf1;
+    if (strip && strncmp(buf1, strip, strlen(strip)) == 0)
+	respdata += strlen(strip);
+    len = from64tobits (msg_id, respdata, sizeof(msg_id));
+
     if (len < 0) {
-	report (stderr, _("could not decode BASE64 challenge\n"));
+	report (stderr, GT_("could not decode BASE64 challenge\n"));
 	return PS_AUTHFAIL;
-    } else if (len < sizeof (msg_id)) {
+    } else if ((size_t)len < sizeof (msg_id)) {
         msg_id[len] = 0;
     } else {
         msg_id[sizeof (msg_id)-1] = 0;
     }
     if (outlevel >= O_DEBUG) {
-        report (stdout, _("decoded as %s\n"), msg_id);
+        report (stdout, GT_("decoded as %s\n"), msg_id);
     }
 
     /* The client makes note of the data and then responds with a string
@@ -104,15 +110,11 @@ int do_cram_md5 (int sock, struct query *ctl)
      * (including angle-brackets).
      */
 
-    hmac_md5(ctl->password, strlen(ctl->password),
-              msg_id, strlen (msg_id),
+    hmac_md5((unsigned char *)ctl->password, strlen(ctl->password),
+              (unsigned char *)msg_id, strlen (msg_id),
               response, sizeof (response));
 
-#ifdef HAVE_SNPRINTF
     snprintf (reply, sizeof(reply),
-#else
-    sprintf(reply,
-#endif
               "%s %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", 
               ctl->remotename,
               response[0], response[1], response[2], response[3],
@@ -125,7 +127,7 @@ int do_cram_md5 (int sock, struct query *ctl)
     /* ship the authentication back, accept the server's responses */
     /* PMDF5.2 IMAP has a bug that requires this to be a single write */
     suppress_tags = TRUE;
-    result = gen_transact(sock, buf1, sizeof(buf1));
+    result = gen_transact(sock, "%s", buf1);
     suppress_tags = FALSE;
     if (result)
 	return(result);