Logo Search packages:      
Sourcecode: cyrus-sasl2 version File versions  Download package

digestmd5.c

/* DIGEST-MD5 SASL plugin
 * Ken Murchison
 * Rob Siemborski
 * Tim Martin
 * Alexey Melnikov 
 * $Id: digestmd5.c,v 1.172 2004/07/06 14:03:49 rjs3 Exp $
 */
/* 
 * Copyright (c) 1998-2003 Carnegie Mellon University.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer. 
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. The name "Carnegie Mellon University" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For permission or any other legal
 *    details, please contact  
 *      Office of Technology Transfer
 *      Carnegie Mellon University
 *      5000 Forbes Avenue
 *      Pittsburgh, PA  15213-3890
 *      (412) 268-4387, fax: (412) 268-7395
 *      tech-transfer@andrew.cmu.edu
 *
 * 4. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by Computing Services
 *     at Carnegie Mellon University (http://www.cmu.edu/computing/)."
 *
 * CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO
 * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
 * AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE
 * FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
 * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */

#include <config.h>

#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#ifndef macintosh
#include <sys/types.h>
#include <sys/stat.h>
#endif
#include <fcntl.h>
#include <ctype.h>

/* DES support */
#ifdef WITH_DES
# ifdef WITH_SSL_DES
#  include <openssl/des.h>
#  include <openssl/opensslv.h>
#  if (OPENSSL_VERSION_NUMBER >= 0x0090700f) && \
      !defined(OPENSSL_ENABLE_OLD_DES_SUPPORT)
#   define des_cblock DES_cblock
#   define des_key_schedule DES_key_schedule
#   define des_key_sched(k,ks) \
           DES_key_sched((k),&(ks))
#   define des_cbc_encrypt(i,o,l,k,iv,e) \
           DES_cbc_encrypt((i),(o),(l),&(k),(iv),(e))
#   define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
           DES_ede2_cbc_encrypt((i),(o),(l),&(k1),&(k2),(iv),(e))
#  endif /* OpenSSL 0.9.7+ w/o old DES support */
# else /* system DES library */
#  include <des.h>
# endif
#endif /* WITH_DES */

#ifdef WIN32
# include <winsock2.h>
#else /* Unix */
# include <netinet/in.h>
#endif /* WIN32 */

#include <sasl.h>
#include <saslplug.h>

#include "plugin_common.h"

#ifndef WIN32
extern int strcasecmp(const char *s1, const char *s2);
#endif /* end WIN32 */

#ifdef macintosh
#include <sasl_md5_plugin_decl.h>
#endif

/* external definitions */

#ifdef sun
/* gotta define gethostname ourselves on suns */
extern int      gethostname(char *, int);
#endif

#define bool int

#ifndef TRUE
#define TRUE  (1)
#define FALSE (0)
#endif

/* MAX_UIN32_DIV_10 * 10 + MAX_UIN32_MOD_10 == 2^32-1 == 4294967295 */
#define MAX_UIN32_DIV_10    429496729
#define MAX_UIN32_MOD_10    5

#define DEFAULT_BUFSIZE     0xFFFF
#define MAX_SASL_BUFSIZE    0xFFFFFF

/*****************************  Common Section  *****************************/

static const char plugin_id[] = "$Id: digestmd5.c,v 1.172 2004/07/06 14:03:49 rjs3 Exp $";

/* Definitions */
#define NONCE_SIZE (32)       /* arbitrary */

/* Layer Flags */
#define DIGEST_NOLAYER    (1)
#define DIGEST_INTEGRITY  (2)
#define DIGEST_PRIVACY    (4)

/* defines */
#define HASHLEN 16
typedef unsigned char HASH[HASHLEN + 1];
#define HASHHEXLEN 32
typedef unsigned char HASHHEX[HASHHEXLEN + 1];

#define MAC_SIZE 10
#define MAC_OFFS 2

const char *SEALING_CLIENT_SERVER="Digest H(A1) to client-to-server sealing key magic constant";
const char *SEALING_SERVER_CLIENT="Digest H(A1) to server-to-client sealing key magic constant";

const char *SIGNING_CLIENT_SERVER="Digest session key to client-to-server signing key magic constant";
const char *SIGNING_SERVER_CLIENT="Digest session key to server-to-client signing key magic constant";

#define HT  (9)
#define CR  (13)
#define LF  (10)
#define SP  (32)
#define DEL (127)

#define NEED_ESCAPING   "\"\\"

static char *quote (char *str);

struct context;

/* function definitions for cipher encode/decode */
typedef int cipher_function_t(struct context *,
                        const char *,
                        unsigned,
                        unsigned char[],
                        char *,
                        unsigned *);

typedef int cipher_init_t(struct context *, unsigned char [16], 
                                            unsigned char [16]);
typedef void cipher_free_t(struct context *);

enum Context_type { SERVER = 0, CLIENT = 1 };

typedef struct cipher_context cipher_context_t;

/* cached auth info used for fast reauth */
typedef struct reauth_entry {
    char *authid;
    char *realm;
    unsigned char *nonce;
    unsigned int nonce_count;
    unsigned char *cnonce;

    union {
      struct {
          time_t timestamp;
      } s; /* server stuff */

      struct {
          char *serverFQDN;
          int protection;
          struct digest_cipher *cipher;
          unsigned long server_maxbuf;
      } c; /* client stuff */
    } u;
} reauth_entry_t;

typedef struct reauth_cache {
    /* static stuff */
    enum Context_type i_am;   /* are we the client or server? */
    time_t timeout;
    void *mutex;
    size_t size;

    reauth_entry_t *e;        /* fixed-size hash table of entries */
} reauth_cache_t;

/* global context for reauth use */
typedef struct digest_glob_context { 
   reauth_cache_t *reauth; 
} digest_glob_context_t;

/* context that stores info */
typedef struct context {
    int state;                /* state in the authentication we are in */
    enum Context_type i_am;   /* are we the client or server? */
    
    reauth_cache_t *reauth;

    char *authid;
    char *realm;
    unsigned char *nonce;
    unsigned int nonce_count;
    unsigned char *cnonce;

    char *response_value;
    
    unsigned int seqnum;
    unsigned int rec_seqnum;  /* for checking integrity */
    
    HASH Ki_send;
    HASH Ki_receive;
    
    HASH HA1;           /* Kcc or Kcs */
    
    /* copy of utils from the params structures */
    const sasl_utils_t *utils;
    
    /* For general use */
    char *out_buf;
    unsigned out_buf_len;
    
    /* for encoding/decoding */
    buffer_info_t *enc_in_buf;
    char *encode_buf, *decode_buf, *decode_packet_buf;
    unsigned encode_buf_len, decode_buf_len, decode_packet_buf_len;

    decode_context_t decode_context;

    /* if privacy mode is used use these functions for encode and decode */
    cipher_function_t *cipher_enc;
    cipher_function_t *cipher_dec;
    cipher_init_t *cipher_init;
    cipher_free_t *cipher_free;
    struct cipher_context *cipher_enc_context;
    struct cipher_context *cipher_dec_context;
} context_t;

struct digest_cipher {
    char *name;
    sasl_ssf_t ssf;
    int n; /* bits to make privacy key */
    int flag; /* a bitmask to make things easier for us */
    
    cipher_function_t *cipher_enc;
    cipher_function_t *cipher_dec;
    cipher_init_t *cipher_init;
    cipher_free_t *cipher_free;
};

static const unsigned char *COLON = ":";

/* Hashes a string to produce an unsigned short */
static unsigned hash(const char *str)
{
    unsigned val = 0;
    int i;

    while (str && *str) {
      i = (int) *str;
      val ^= i;
      val <<= 1;
      str++;
    }

    return val;
}

static void CvtHex(HASH Bin, HASHHEX Hex)
{
    unsigned short  i;
    unsigned char   j;
    
    for (i = 0; i < HASHLEN; i++) {
      j = (Bin[i] >> 4) & 0xf;
      if (j <= 9)
          Hex[i * 2] = (j + '0');
      else
          Hex[i * 2] = (j + 'a' - 10);
      j = Bin[i] & 0xf;
      if (j <= 9)
          Hex[i * 2 + 1] = (j + '0');
      else
          Hex[i * 2 + 1] = (j + 'a' - 10);
    }
    Hex[HASHHEXLEN] = '\0';
}

/*
 * calculate request-digest/response-digest as per HTTP Digest spec
 */
void
DigestCalcResponse(const sasl_utils_t * utils,
               HASHHEX HA1,   /* HEX(H(A1)) */
               unsigned char *pszNonce,   /* nonce from server */
               unsigned int pszNonceCount,      /* 8 hex digits */
               unsigned char *pszCNonce,  /* client nonce */
               unsigned char *pszQop,     /* qop-value: "", "auth",
                                     * "auth-int" */
               unsigned char *pszDigestUri,     /* requested URL */
               unsigned char *pszMethod,
               HASHHEX HEntity,     /* H(entity body) if qop="auth-int" */
               HASHHEX Response     /* request-digest or response-digest */
    )
{
    MD5_CTX         Md5Ctx;
    HASH            HA2;
    HASH            RespHash;
    HASHHEX         HA2Hex;
    char ncvalue[10];
    
    /* calculate H(A2) */
    utils->MD5Init(&Md5Ctx);
    
    if (pszMethod != NULL) {
      utils->MD5Update(&Md5Ctx, pszMethod, strlen((char *) pszMethod));
    }
    utils->MD5Update(&Md5Ctx, (unsigned char *) COLON, 1);
    
    /* utils->MD5Update(&Md5Ctx, (unsigned char *) "AUTHENTICATE:", 13); */
    utils->MD5Update(&Md5Ctx, pszDigestUri, strlen((char *) pszDigestUri));
    if (strcasecmp((char *) pszQop, "auth") != 0) {
      /* append ":00000000000000000000000000000000" */
      utils->MD5Update(&Md5Ctx, COLON, 1);
      utils->MD5Update(&Md5Ctx, HEntity, HASHHEXLEN);
    }
    utils->MD5Final(HA2, &Md5Ctx);
    CvtHex(HA2, HA2Hex);
    
    /* calculate response */
    utils->MD5Init(&Md5Ctx);
    utils->MD5Update(&Md5Ctx, HA1, HASHHEXLEN);
    utils->MD5Update(&Md5Ctx, COLON, 1);
    utils->MD5Update(&Md5Ctx, pszNonce, strlen((char *) pszNonce));
    utils->MD5Update(&Md5Ctx, COLON, 1);
    if (*pszQop) {
      sprintf(ncvalue, "%08x", pszNonceCount);
      utils->MD5Update(&Md5Ctx, ncvalue, strlen(ncvalue));
      utils->MD5Update(&Md5Ctx, COLON, 1);
      utils->MD5Update(&Md5Ctx, pszCNonce, strlen((char *) pszCNonce));
      utils->MD5Update(&Md5Ctx, COLON, 1);
      utils->MD5Update(&Md5Ctx, pszQop, strlen((char *) pszQop));
      utils->MD5Update(&Md5Ctx, COLON, 1);
    }
    utils->MD5Update(&Md5Ctx, HA2Hex, HASHHEXLEN);
    utils->MD5Final(RespHash, &Md5Ctx);
    CvtHex(RespHash, Response);
}

static bool UTF8_In_8859_1(const unsigned char *base, int len)
{
    const unsigned char *scan, *end;
    
    end = base + len;
    for (scan = base; scan < end; ++scan) {
      if (*scan > 0xC3)
          break;              /* abort if outside 8859-1 */
      if (*scan >= 0xC0 && *scan <= 0xC3) {
          if (++scan == end || *scan < 0x80 || *scan > 0xBF)
            break;
      }
    }
    
    /* if scan >= end, then this is a 8859-1 string. */
    return (scan >= end);
}

/*
 * if the string is entirely in the 8859-1 subset of UTF-8, then translate to
 * 8859-1 prior to MD5
 */
static void MD5_UTF8_8859_1(const sasl_utils_t * utils,
                      MD5_CTX * ctx,
                      bool In_ISO_8859_1,
                      const unsigned char *base,
                      int len)
{
    const unsigned char *scan, *end;
    unsigned char   cbuf;
    
    end = base + len;
    
    /* if we found a character outside 8859-1, don't alter string */
    if (!In_ISO_8859_1) {
      utils->MD5Update(ctx, base, len);
      return;
    }
    /* convert to 8859-1 prior to applying hash */
    do {
      for (scan = base; scan < end && *scan < 0xC0; ++scan);
      if (scan != base)
          utils->MD5Update(ctx, base, scan - base);
      if (scan + 1 >= end)
          break;
      cbuf = ((scan[0] & 0x3) << 6) | (scan[1] & 0x3f);
      utils->MD5Update(ctx, &cbuf, 1);
      base = scan + 2;
    }
    while (base < end);
}

static void DigestCalcSecret(const sasl_utils_t * utils,
                       unsigned char *pszUserName,
                       unsigned char *pszRealm,
                       unsigned char *Password,
                       int PasswordLen,
                       HASH HA1)
{
    bool            In_8859_1;
    
    MD5_CTX         Md5Ctx;
    
    /* Chris Newman clarified that the following text in DIGEST-MD5 spec
       is bogus: "if name and password are both in ISO 8859-1 charset"
       We shoud use code example instead */
    
    utils->MD5Init(&Md5Ctx);
    
    /* We have to convert UTF-8 to ISO-8859-1 if possible */
    In_8859_1 = UTF8_In_8859_1(pszUserName, strlen((char *) pszUserName));
    MD5_UTF8_8859_1(utils, &Md5Ctx, In_8859_1,
                pszUserName, strlen((char *) pszUserName));
    
    utils->MD5Update(&Md5Ctx, COLON, 1);
    
    /* a NULL realm is equivalent to the empty string */
    if (pszRealm != NULL && pszRealm[0] != '\0') {
      /* We have to convert UTF-8 to ISO-8859-1 if possible */
      In_8859_1 = UTF8_In_8859_1(pszRealm, strlen((char *) pszRealm));
      MD5_UTF8_8859_1(utils, &Md5Ctx, In_8859_1,
                        pszRealm, strlen((char *) pszRealm));
    }      
    
    utils->MD5Update(&Md5Ctx, COLON, 1);
    
    /* We have to convert UTF-8 to ISO-8859-1 if possible */
    In_8859_1 = UTF8_In_8859_1(Password, PasswordLen);
    MD5_UTF8_8859_1(utils, &Md5Ctx, In_8859_1,
                Password, PasswordLen);
    
    utils->MD5Final(HA1, &Md5Ctx);
}

static unsigned char *create_nonce(const sasl_utils_t * utils)
{
    unsigned char  *base64buf;
    int             base64len;
    
    char           *ret = (char *) utils->malloc(NONCE_SIZE);
    if (ret == NULL)
      return NULL;
    
    utils->rand(utils->rpool, (char *) ret, NONCE_SIZE);
    
    /* base 64 encode it so it has valid chars */
    base64len = (NONCE_SIZE * 4 / 3) + (NONCE_SIZE % 3 ? 4 : 0);
    
    base64buf = (unsigned char *) utils->malloc(base64len + 1);
    if (base64buf == NULL) {
      utils->seterror(utils->conn, 0, "Unable to allocate final buffer");
      return NULL;
    }
    
    /*
     * Returns SASL_OK on success, SASL_BUFOVER if result won't fit
     */
    if (utils->encode64(ret, NONCE_SIZE,
                  (char *) base64buf, base64len, NULL) != SASL_OK) {
      utils->free(ret);
      return NULL;
    }
    utils->free(ret);
    
    return base64buf;
}

static int add_to_challenge(const sasl_utils_t *utils,
                      char **str, unsigned *buflen, unsigned *curlen,
                      char *name,
                      unsigned char *value,
                      bool need_quotes)
{
    int             namesize = strlen(name);
    int             valuesize = strlen((char *) value);
    int             ret;
    
    ret = _plug_buf_alloc(utils, str, buflen,
                    *curlen + 1 + namesize + 2 + valuesize + 2);
    if(ret != SASL_OK) return ret;

    if (*curlen > 0) {
      strcat(*str, ",");
      strcat(*str, name);
    } else {
      strcpy(*str, name);
    }
    
    if (need_quotes) {
      strcat(*str, "=\"");

      /* Check if the value needs quoting */
      if (strpbrk ((char *)value, NEED_ESCAPING) != NULL) {
          char * quoted = quote ((char *) value);
          valuesize = strlen(quoted);
          /* As the quoted string is bigger, make sure we have enough
             space now */
          ret = _plug_buf_alloc(utils, str, buflen,
                    *curlen + 1 + namesize + 2 + valuesize + 2);
          if (ret == SASL_OK) {
            strcat(*str, quoted);
            free (quoted);
          } else {
            free (quoted);
            return ret;
          }
      } else {
          strcat(*str, (char *) value);
      }
      strcat(*str, "\"");
    } else {
      strcat(*str, "=");
      strcat(*str, (char *) value);
    }
    
    *curlen = *curlen + 1 + namesize + 2 + valuesize + 2;
    return SASL_OK;
}

static char *skip_lws (char *s)
{
    if (!s) return NULL;
    
    /* skipping spaces: */
    while (s[0] == ' ' || s[0] == HT || s[0] == CR || s[0] == LF) {
      if (s[0] == '\0') break;
      s++;
    }  
    
    return s;
}

/* Same as skip_lws, but do this right to left */
/* skip LWSP at the end of the value (if any), skip_r_lws returns pointer to
   the first LWSP character, NUL (if there were none) or NULL if the value
   is entirely from LWSP characters */
static char *skip_r_lws (char *s)
{
    char *end;
    size_t len;

    if (!s) return NULL;
    
    len = strlen(s);
    if (len == 0) return NULL;

    /* the last character before terminating NUL */
    end = s + len - 1;

    /* skipping spaces: */
    while (end > s && (end[0] == ' ' || end[0] == HT || end[0] == CR || end[0] == LF)) {
      end--;
    }  

    /* If all string from spaces, return NULL */
    if (end == s && (end[0] == ' ' || end[0] == HT || end[0] == CR || end[0] == LF)) {
      return NULL;
    } else {
      return (end + 1);
    }
}

static char *skip_token (char *s, int caseinsensitive)
{
    if(!s) return NULL;
    
    while (s[0]>SP) {
      if (s[0]==DEL || s[0]=='(' || s[0]==')' || s[0]=='<' || s[0]=='>' ||
          s[0]=='@' || s[0]==',' || s[0]==';' || s[0]==':' || s[0]=='\\' ||
          s[0]=='\'' || s[0]=='/' || s[0]=='[' || s[0]==']' || s[0]== '?' ||
          s[0]=='=' || s[0]== '{' || s[0]== '}') {
          if (caseinsensitive == 1) {
            if (!isupper((unsigned char) s[0]))
                break;
          } else {
            break;
          }
      }
      s++;
    }  
    return s;
}

/* Convert a string to 32 bit unsigned integer.
   Any number of trailing spaces is allowed, but not a string
   entirely comprised of spaces */
static bool str2ul32 (char *str, unsigned long * value)
{
    unsigned int n;
    char c;

    if (str == NULL) {
      return (FALSE);
    }
    
    *value = 0;

    str = skip_lws (str);
    if (str[0] == '\0') {
      return (FALSE);
    }

    n = 0;
    while (str[0] != '\0') {
      c = str[0];
      if (!isdigit((int)c)) {
          return (FALSE);
      }

/* Will overflow after adding additional digit */
      if (n > MAX_UIN32_DIV_10) {
          return (FALSE);
      } else if (n == MAX_UIN32_DIV_10 && ((unsigned) (c - '0') > MAX_UIN32_MOD_10)) {
          return (FALSE);
      }

      n = n * 10 + (unsigned) (c - '0');
      str++;
    }

    *value = n;
    return (TRUE);
}

/* NULL - error (unbalanced quotes), 
   otherwise pointer to the first character after the value.
   The function performs work in place. */
static char *unquote (char *qstr)
{
    char *endvalue;
    int   escaped = 0;
    char *outptr;
    
    if(!qstr) return NULL;
    
    if (qstr[0] == '"') {
      qstr++;
      outptr = qstr;
      
      for (endvalue = qstr; endvalue[0] != '\0'; endvalue++, outptr++) {
          if (escaped) {
            outptr[0] = endvalue[0];
            escaped = 0;
          }
          else if (endvalue[0] == '\\') {
            escaped = 1;
            outptr--; /* Will be incremented at the end of the loop */
          }
          else if (endvalue[0] == '"') {
            break;
          }      
          else {
            outptr[0] = endvalue[0];      
          }
      }
      
      if (endvalue[0] != '"') {
          return NULL;
      }
      
      while (outptr <= endvalue) {
          outptr[0] = '\0';
          outptr++;
      }
      endvalue++;
    }
    else { /* not qouted value (token) */
      /* qstr already contains output */
      endvalue = skip_token(qstr,0);
    };
    
    return endvalue;  
}

/* Unlike unquote, this function returns an allocated quoted copy */
static char *quote (char *str)
{
    char *p;
    char *outp;
    char *result;
    int num_to_escape;        /* How many characters need escaping */
    
    if (!str) return NULL;

    num_to_escape = 0;
    p = strpbrk (str, NEED_ESCAPING);
    while (p != NULL) {
      num_to_escape++;
      p = strpbrk (p + 1, NEED_ESCAPING);
    }

    if (num_to_escape == 0) {
      return (strdup (str));
    }

    result = malloc (strlen(str) + num_to_escape + 1);
    for (p = str, outp = result; *p; p++) {
      if (*p == '"' || *p == '\\') {
          *outp = '\\';
          outp++;
      }
      *outp = *p;
      outp++;
    }

    *outp = '\0';
    
    return (result);
}

static void get_pair(char **in, char **name, char **value)
{
    char  *endpair;
    /* int    inQuotes; */
    char  *curp = *in;
    *name = NULL;
    *value = NULL;
    
    if (curp == NULL) return;
    if (curp[0] == '\0') return;
    
    /* skipping spaces: */
    curp = skip_lws(curp);
    
    *name = curp;
    
    curp = skip_token(curp,1);
    
    /* strip wierd chars */
    if (curp[0] != '=' && curp[0] != '\0') {
      *curp++ = '\0';
    };
    
    curp = skip_lws(curp);
    
    if (curp[0] != '=') { /* No '=' sign */ 
      *name = NULL;
      return;
    }
    
    curp[0] = '\0';
    curp++;
    
    curp = skip_lws(curp);  
    
    *value = (curp[0] == '"') ? curp+1 : curp;
    
    endpair = unquote (curp);
    if (endpair == NULL) { /* Unbalanced quotes */ 
      *name = NULL;
      return;
    }
    if (endpair[0] != ',') {
      if (endpair[0]!='\0') {
          *endpair++ = '\0'; 
      }
    }
    
    endpair = skip_lws(endpair);
    
    /* syntax check: MUST be '\0' or ',' */  
    if (endpair[0] == ',') {
      endpair[0] = '\0';
      endpair++; /* skipping <,> */
    } else if (endpair[0] != '\0') { 
      *name = NULL;
      return;
    }
    
    *in = endpair;
}

#ifdef WITH_DES
struct des_context_s {
    des_key_schedule keysched;  /* key schedule for des initialization */
    des_cblock ivec;            /* initial vector for encoding */
    des_key_schedule keysched2; /* key schedule for 3des initialization */
};

typedef struct des_context_s des_context_t;

/* slide the first 7 bytes of 'inbuf' into the high seven bits of the
   first 8 bytes of 'keybuf'. 'keybuf' better be 8 bytes long or longer. */
static void slidebits(unsigned char *keybuf, unsigned char *inbuf)
{
    keybuf[0] = inbuf[0];
    keybuf[1] = (inbuf[0]<<7) | (inbuf[1]>>1);
    keybuf[2] = (inbuf[1]<<6) | (inbuf[2]>>2);
    keybuf[3] = (inbuf[2]<<5) | (inbuf[3]>>3);
    keybuf[4] = (inbuf[3]<<4) | (inbuf[4]>>4);
    keybuf[5] = (inbuf[4]<<3) | (inbuf[5]>>5);
    keybuf[6] = (inbuf[5]<<2) | (inbuf[6]>>6);
    keybuf[7] = (inbuf[6]<<1);
}

/******************************
 *
 * 3DES functions
 *
 *****************************/

static int dec_3des(context_t *text,
                const char *input,
                unsigned inputlen,
                unsigned char digest[16] __attribute__((unused)),
                char *output,
                unsigned *outputlen)
{
    des_context_t *c = (des_context_t *) text->cipher_dec_context;
    int padding, p;
    
    des_ede2_cbc_encrypt((void *) input,
                   (void *) output,
                   inputlen,
                   c->keysched,
                   c->keysched2,
                   &c->ivec,
                   DES_DECRYPT);
    
    /* now chop off the padding */
    padding = output[inputlen - 11];
    if (padding < 1 || padding > 8) {
      /* invalid padding length */
      return SASL_FAIL;
    }
    /* verify all padding is correct */
    for (p = 1; p <= padding; p++) {
      if (output[inputlen - 10 - p] != padding) {
          return SASL_FAIL;
      }
    }
    
    /* chop off the padding */
    *outputlen = inputlen - padding - 10;

    return SASL_OK;
}

static int enc_3des(context_t *text,
                const char *input,
                unsigned inputlen,
                unsigned char digest[16],
                char *output,
                unsigned *outputlen)
{
    des_context_t *c = (des_context_t *) text->cipher_enc_context;
    int len;
    int paddinglen;
    
    /* determine padding length */
    paddinglen = 8 - ((inputlen + 10) % 8);
    
    /* now construct the full stuff to be ciphered */
    memcpy(output, input, inputlen);                /* text */
    memset(output+inputlen, paddinglen, paddinglen);/* pad  */
    memcpy(output+inputlen+paddinglen, digest, 10); /* hmac */
    
    len=inputlen+paddinglen+10;
    
    des_ede2_cbc_encrypt((void *) output,
                   (void *) output,
                   len,
                   c->keysched,
                   c->keysched2,
                   &c->ivec,
                   DES_ENCRYPT);
    
    *outputlen=len;
    
    return SASL_OK;
}

static int init_3des(context_t *text, 
                 unsigned char enckey[16],
                 unsigned char deckey[16])
{
    des_context_t *c;
    unsigned char keybuf[8];

    /* allocate enc & dec context */
    c = (des_context_t *) text->utils->malloc(2 * sizeof(des_context_t));
    if (c == NULL) return SASL_NOMEM;

    /* setup enc context */
    slidebits(keybuf, enckey);
    if (des_key_sched((des_cblock *) keybuf, c->keysched) < 0)
      return SASL_FAIL;

    slidebits(keybuf, enckey + 7);
    if (des_key_sched((des_cblock *) keybuf, c->keysched2) < 0)
      return SASL_FAIL;
    memcpy(c->ivec, ((char *) enckey) + 8, 8);

    text->cipher_enc_context = (cipher_context_t *) c;

    /* setup dec context */
    c++;
    slidebits(keybuf, deckey);
    if (des_key_sched((des_cblock *) keybuf, c->keysched) < 0)
      return SASL_FAIL;
    
    slidebits(keybuf, deckey + 7);
    if (des_key_sched((des_cblock *) keybuf, c->keysched2) < 0)
      return SASL_FAIL;
    
    memcpy(c->ivec, ((char *) deckey) + 8, 8);

    text->cipher_dec_context = (cipher_context_t *) c;
    
    return SASL_OK;
}


/******************************
 *
 * DES functions
 *
 *****************************/

static int dec_des(context_t *text, 
               const char *input,
               unsigned inputlen,
               unsigned char digest[16] __attribute__((unused)),
               char *output,
               unsigned *outputlen)
{
    des_context_t *c = (des_context_t *) text->cipher_dec_context;
    int p, padding = 0;
    
    des_cbc_encrypt((void *) input,
                (void *) output,
                inputlen,
                c->keysched,
                &c->ivec,
                DES_DECRYPT);

    /* Update the ivec (des_cbc_encrypt implementations tend to be broken in
       this way) */
    memcpy(c->ivec, input + (inputlen - 8), 8);
    
    /* now chop off the padding */
    padding = output[inputlen - 11];
    if (padding < 1 || padding > 8) {
      /* invalid padding length */
      return SASL_FAIL;
    }
    /* verify all padding is correct */
    for (p = 1; p <= padding; p++) {
      if (output[inputlen - 10 - p] != padding) {
          return SASL_FAIL;
      }
    }
    
    /* chop off the padding */
    *outputlen = inputlen - padding - 10;

    return SASL_OK;
}

static int enc_des(context_t *text,
               const char *input,
               unsigned inputlen,
               unsigned char digest[16],
               char *output,
               unsigned *outputlen)
{
    des_context_t *c = (des_context_t *) text->cipher_enc_context;
    int len;
    int paddinglen;
  
    /* determine padding length */
    paddinglen = 8 - ((inputlen+10) % 8);

    /* now construct the full stuff to be ciphered */
    memcpy(output, input, inputlen);                /* text */
    memset(output+inputlen, paddinglen, paddinglen);/* pad  */
    memcpy(output+inputlen+paddinglen, digest, 10); /* hmac */
    
    len = inputlen + paddinglen + 10;
    
    des_cbc_encrypt((void *) output,
                    (void *) output,
                    len,
                    c->keysched,
                    &c->ivec,
                    DES_ENCRYPT);
    
    /* Update the ivec (des_cbc_encrypt implementations tend to be broken in
       this way) */
    memcpy(c->ivec, output + (len - 8), 8);
    
    *outputlen = len;
    
    return SASL_OK;
}

static int init_des(context_t *text,
                unsigned char enckey[16],
                unsigned char deckey[16])
{
    des_context_t *c;
    unsigned char keybuf[8];

    /* allocate enc context */
    c = (des_context_t *) text->utils->malloc(2 * sizeof(des_context_t));
    if (c == NULL) return SASL_NOMEM;
    
    /* setup enc context */
    slidebits(keybuf, enckey);
    des_key_sched((des_cblock *) keybuf, c->keysched);

    memcpy(c->ivec, ((char *) enckey) + 8, 8);
    
    text->cipher_enc_context = (cipher_context_t *) c;

    /* setup dec context */
    c++;
    slidebits(keybuf, deckey);
    des_key_sched((des_cblock *) keybuf, c->keysched);

    memcpy(c->ivec, ((char *) deckey) + 8, 8);
    
    text->cipher_dec_context = (cipher_context_t *) c;

    return SASL_OK;
}

static void free_des(context_t *text)
{
    /* free des contextss. only cipher_enc_context needs to be free'd,
       since cipher_dec_context was allocated at the same time. */
    if (text->cipher_enc_context) text->utils->free(text->cipher_enc_context);
}

#endif /* WITH_DES */

#ifdef WITH_RC4
/* quick generic implementation of RC4 */
struct rc4_context_s {
    unsigned char sbox[256];
    int i, j;
};

typedef struct rc4_context_s rc4_context_t;

static void rc4_init(rc4_context_t *text,
                 const unsigned char *key,
                 unsigned keylen)
{
    int i, j;
    
    /* fill in linearly s0=0 s1=1... */
    for (i=0;i<256;i++)
      text->sbox[i]=i;
    
    j=0;
    for (i = 0; i < 256; i++) {
      unsigned char tmp;
      /* j = (j + Si + Ki) mod 256 */
      j = (j + text->sbox[i] + key[i % keylen]) % 256;
      
      /* swap Si and Sj */
      tmp = text->sbox[i];
      text->sbox[i] = text->sbox[j];
      text->sbox[j] = tmp;
    }
    
    /* counters initialized to 0 */
    text->i = 0;
    text->j = 0;
}

static void rc4_encrypt(rc4_context_t *text,
                  const char *input,
                  char *output,
                  unsigned len)
{
    int tmp;
    int i = text->i;
    int j = text->j;
    int t;
    int K;
    const char *input_end = input + len;
    
    while (input < input_end) {
      i = (i + 1) % 256;
      
      j = (j + text->sbox[i]) % 256;
      
      /* swap Si and Sj */
      tmp = text->sbox[i];
      text->sbox[i] = text->sbox[j];
      text->sbox[j] = tmp;
      
      t = (text->sbox[i] + text->sbox[j]) % 256;
      
      K = text->sbox[t];
      
      /* byte K is Xor'ed with plaintext */
      *output++ = *input++ ^ K;
    }
    
    text->i = i;
    text->j = j;
}

static void rc4_decrypt(rc4_context_t *text,
                  const char *input,
                  char *output,
                  unsigned len)
{
    int tmp;
    int i = text->i;
    int j = text->j;
    int t;
    int K;
    const char *input_end = input + len;
    
    while (input < input_end) {
      i = (i + 1) % 256;
      
      j = (j + text->sbox[i]) % 256;
      
      /* swap Si and Sj */
      tmp = text->sbox[i];
      text->sbox[i] = text->sbox[j];
      text->sbox[j] = tmp;
      
      t = (text->sbox[i] + text->sbox[j]) % 256;
      
      K = text->sbox[t];
      
      /* byte K is Xor'ed with plaintext */
      *output++ = *input++ ^ K;
    }
    
    text->i = i;
    text->j = j;
}

static void free_rc4(context_t *text)
{
    /* free rc4 context structures */

    if(text->cipher_enc_context) text->utils->free(text->cipher_enc_context);
    if(text->cipher_dec_context) text->utils->free(text->cipher_dec_context);
}

static int init_rc4(context_t *text, 
                unsigned char enckey[16],
                unsigned char deckey[16])
{
    /* allocate rc4 context structures */
    text->cipher_enc_context=
      (cipher_context_t *) text->utils->malloc(sizeof(rc4_context_t));
    if (text->cipher_enc_context == NULL) return SASL_NOMEM;
    
    text->cipher_dec_context=
      (cipher_context_t *) text->utils->malloc(sizeof(rc4_context_t));
    if (text->cipher_dec_context == NULL) return SASL_NOMEM;
    
    /* initialize them */
    rc4_init((rc4_context_t *) text->cipher_enc_context,
             (const unsigned char *) enckey, 16);
    rc4_init((rc4_context_t *) text->cipher_dec_context,
             (const unsigned char *) deckey, 16);
    
    return SASL_OK;
}

static int dec_rc4(context_t *text,
               const char *input,
               unsigned inputlen,
               unsigned char digest[16] __attribute__((unused)),
               char *output,
               unsigned *outputlen)
{
    /* decrypt the text part & HMAC */
    rc4_decrypt((rc4_context_t *) text->cipher_dec_context, 
                input, output, inputlen);

    /* no padding so we just subtract the HMAC to get the text length */
    *outputlen = inputlen - 10;
    
    return SASL_OK;
}

static int enc_rc4(context_t *text,
               const char *input,
               unsigned inputlen,
               unsigned char digest[16],
               char *output,
               unsigned *outputlen)
{
    /* pad is zero */
    *outputlen = inputlen+10;
    
    /* encrypt the text part */
    rc4_encrypt((rc4_context_t *) text->cipher_enc_context,
                input,
                output,
                inputlen);
    
    /* encrypt the HMAC part */
    rc4_encrypt((rc4_context_t *) text->cipher_enc_context, 
                (const char *) digest, 
            (output)+inputlen, 10);
    
    return SASL_OK;
}

#endif /* WITH_RC4 */

struct digest_cipher available_ciphers[] =
{
#ifdef WITH_RC4
    { "rc4-40", 40, 5, 0x01, &enc_rc4, &dec_rc4, &init_rc4, &free_rc4 },
    { "rc4-56", 56, 7, 0x02, &enc_rc4, &dec_rc4, &init_rc4, &free_rc4 },
    { "rc4", 128, 16, 0x04, &enc_rc4, &dec_rc4, &init_rc4, &free_rc4 },
#endif
#ifdef WITH_DES
    { "des", 55, 16, 0x08, &enc_des, &dec_des, &init_des, &free_des },
    { "3des", 112, 16, 0x10, &enc_3des, &dec_3des, &init_3des, &free_des },
#endif
    { NULL, 0, 0, 0, NULL, NULL, NULL, NULL }
};

static int create_layer_keys(context_t *text,
                       const sasl_utils_t *utils,
                       HASH key, int keylen,
                       char enckey[16], char deckey[16])
{
    MD5_CTX Md5Ctx;
    
    utils->MD5Init(&Md5Ctx);
    utils->MD5Update(&Md5Ctx, key, keylen);
    if (text->i_am == SERVER) {
      utils->MD5Update(&Md5Ctx, (const unsigned char *) SEALING_SERVER_CLIENT, 
                   strlen(SEALING_SERVER_CLIENT));
    } else {
      utils->MD5Update(&Md5Ctx, (const unsigned char *) SEALING_CLIENT_SERVER,
                   strlen(SEALING_CLIENT_SERVER));
    }
    utils->MD5Final((unsigned char *) enckey, &Md5Ctx);
    
    utils->MD5Init(&Md5Ctx);
    utils->MD5Update(&Md5Ctx, key, keylen);
    if (text->i_am != SERVER) {
      utils->MD5Update(&Md5Ctx, (const unsigned char *)SEALING_SERVER_CLIENT, 
                   strlen(SEALING_SERVER_CLIENT));
    } else {
      utils->MD5Update(&Md5Ctx, (const unsigned char *)SEALING_CLIENT_SERVER,
                   strlen(SEALING_CLIENT_SERVER));
    }
    utils->MD5Final((unsigned char *) deckey, &Md5Ctx);
    
    /* create integrity keys */
    /* sending */
    utils->MD5Init(&Md5Ctx);
    utils->MD5Update(&Md5Ctx, text->HA1, HASHLEN);
    if (text->i_am == SERVER) {
      utils->MD5Update(&Md5Ctx, (const unsigned char *)SIGNING_SERVER_CLIENT, 
                   strlen(SIGNING_SERVER_CLIENT));
    } else {
      utils->MD5Update(&Md5Ctx, (const unsigned char *)SIGNING_CLIENT_SERVER,
                   strlen(SIGNING_CLIENT_SERVER));
    }
    utils->MD5Final(text->Ki_send, &Md5Ctx);
    
    /* receiving */
    utils->MD5Init(&Md5Ctx);
    utils->MD5Update(&Md5Ctx, text->HA1, HASHLEN);
    if (text->i_am != SERVER) {
      utils->MD5Update(&Md5Ctx, (const unsigned char *)SIGNING_SERVER_CLIENT, 
                   strlen(SIGNING_SERVER_CLIENT));
    } else {
      utils->MD5Update(&Md5Ctx, (const unsigned char *)SIGNING_CLIENT_SERVER,
                   strlen(SIGNING_CLIENT_SERVER));
    }
    utils->MD5Final(text->Ki_receive, &Md5Ctx);
    
    return SASL_OK;
}

static const unsigned short version = 1;

/*
 * privacy:
 * len, CIPHER(Kc, {msg, pag, HMAC(ki, {SeqNum, msg})[0..9]}), x0001, SeqNum
 *
 * integrity:
 * len, HMAC(ki, {SeqNum, msg})[0..9], x0001, SeqNum
 */
static int digestmd5_encode(void *context,
                      const struct iovec *invec,
                      unsigned numiov,
                      const char **output,
                      unsigned *outputlen)
{
    context_t *text = (context_t *) context;
    int tmp;
    unsigned int tmpnum;
    unsigned short int tmpshort;
    int ret;
    char *out;
    struct buffer_info *inblob, bufinfo;
    
    if(!context || !invec || !numiov || !output || !outputlen) {
      PARAMERROR(text->utils);
      return SASL_BADPARAM;
    }
    
    if (numiov > 1) {
      ret = _plug_iovec_to_buf(text->utils, invec, numiov, &text->enc_in_buf);
      if (ret != SASL_OK) return ret;
      inblob = text->enc_in_buf;
    } else {
      /* avoid the data copy */
      bufinfo.data = invec[0].iov_base;
      bufinfo.curlen = invec[0].iov_len;
      inblob = &bufinfo;
    }
    
    /* make sure the output buffer is big enough for this blob */
    ret = _plug_buf_alloc(text->utils, &(text->encode_buf),
                    &(text->encode_buf_len),
                    (4 +                  /* for length */
                     inblob->curlen +     /* for content */
                     10 +                 /* for MAC */
                     8 +                  /* maximum pad */
                     6));                 /* for ver and seqnum */
    if(ret != SASL_OK) return ret;
    
    /* skip by the length for now */
    out = (text->encode_buf)+4;
    
    /* construct (seqnum, msg)
     *
     * Use the output buffer so that the message text is already in place
     * for an integrity-only layer.
     */
    tmpnum = htonl(text->seqnum);
    memcpy(text->encode_buf, &tmpnum, 4);
    memcpy(text->encode_buf + 4, inblob->data, inblob->curlen);
    
    if (text->cipher_enc) {
      unsigned char digest[16];

      /* HMAC(ki, (seqnum, msg) ) */
      text->utils->hmac_md5((const unsigned char *) text->encode_buf,
                        inblob->curlen + 4, 
                        text->Ki_send, HASHLEN, digest);

      /* calculate the encrypted part */
      text->cipher_enc(text, inblob->data, inblob->curlen,
                   digest, out, outputlen);
      out+=(*outputlen);
    }
    else {
      /* HMAC(ki, (seqnum, msg) ) -- put directly into output buffer */
      text->utils->hmac_md5((const unsigned char *) text->encode_buf,
                        inblob->curlen + 4, 
                        text->Ki_send, HASHLEN,
                        text->encode_buf + inblob->curlen + 4);

      *outputlen = inblob->curlen + 10; /* for message + CMAC */
      out+=inblob->curlen + 10;
    }
    
    /* copy in version */
    tmpshort = htons(version);
    memcpy(out, &tmpshort, 2);      /* 2 bytes = version */
    
    out+=2;
    (*outputlen)+=2; /* for version */
    
    /* put in seqnum */
    tmpnum = htonl(text->seqnum);
    memcpy(out, &tmpnum, 4);  /* 4 bytes = seq # */  
    
    (*outputlen)+=4; /* for seqnum */
    
    /* put the 1st 4 bytes in */
    tmp=htonl(*outputlen);  
    memcpy(text->encode_buf, &tmp, 4);
    
    (*outputlen)+=4;
    
    *output = text->encode_buf;
    text->seqnum++;
    
    return SASL_OK;
}

static int digestmd5_decode_packet(void *context,
                                 const char *input,
                                 unsigned inputlen,
                                 char **output,
                                 unsigned *outputlen)
{
    context_t *text = (context_t *) context;
    int result;
    unsigned char *digest;
    int tmpnum;
    int lup;
    unsigned short ver;
    unsigned int seqnum;
    unsigned char checkdigest[16];
      
    /* check the version number */
    memcpy(&ver, input+inputlen-6, 2);
    ver = ntohs(ver);
    if (ver != version) {
      text->utils->seterror(text->utils->conn, 0, "Wrong Version");
      return SASL_FAIL;
    }
      
    /* check the sequence number */
    memcpy(&seqnum, input+inputlen-4, 4);
    seqnum = ntohl(seqnum);
      
    if (seqnum != text->rec_seqnum) {
      text->utils->seterror(text->utils->conn, 0,
                        "Incorrect Sequence Number");
      return SASL_FAIL;
    }

    /* allocate a buffer large enough for the output */
    result = _plug_buf_alloc(text->utils, &text->decode_packet_buf,
                       &text->decode_packet_buf_len,
                       inputlen     /* length of message */
                       - 6    /* skip ver and seqnum */
                       + 4);  /* prepend seqnum */
    if (result != SASL_OK) return result;
      
    /* construct (seqnum, msg) */
    tmpnum = htonl(text->rec_seqnum);
    memcpy(text->decode_packet_buf, &tmpnum, 4);

    text->rec_seqnum++; /* now increment it */

    *output = text->decode_packet_buf + 4; /* skip seqnum */

    if (text->cipher_dec) {
      /* decrypt message & HMAC into output buffer */
      result = text->cipher_dec(text, input, inputlen-6, NULL,
                          *output, outputlen);
      if (result != SASL_OK) return result;
    }
    else {
      /* copy message & HMAC into output buffer */
      memcpy(*output, input, inputlen - 6);
      *outputlen = inputlen - 16; /* -16 to skip HMAC, ver and seqnum */
    }
    digest = *output + inputlen - 16;

    /* check the CMAC */

    /* HMAC(ki, (seqnum, msg) ) */
    text->utils->hmac_md5((const unsigned char *) text->decode_packet_buf,
                    (*outputlen) + 4, 
                    text->Ki_receive, HASHLEN, checkdigest);
      
    /* now check it */
    for (lup = 0; lup < 10; lup++)
      if (checkdigest[lup] != digest[lup]) {
          text->utils->seterror(text->utils->conn, 0,
                          "CMAC doesn't match at byte %d!", lup);
          return SASL_FAIL;
      }
      
    return SASL_OK;
}

static int digestmd5_decode(void *context,
                            const char *input, unsigned inputlen,
                            const char **output, unsigned *outputlen)
{
    context_t *text = (context_t *) context;
    int ret;
    
    ret = _plug_decode(&text->decode_context, input, inputlen,
                   &text->decode_buf, &text->decode_buf_len, outputlen,
                   digestmd5_decode_packet, text);
    
    *output = text->decode_buf;
    
    return ret;
}

static void digestmd5_common_mech_dispose(void *conn_context,
                                const sasl_utils_t *utils)
{
    context_t *text = (context_t *) conn_context;
    
    if (!text || !utils) return;
    
    if (text->authid) utils->free(text->authid);
    if (text->realm) utils->free(text->realm);
    if (text->nonce) utils->free(text->nonce);
    if (text->cnonce) utils->free(text->cnonce);

    if (text->cipher_free) text->cipher_free(text);
    
    /* free the stuff in the context */
    if (text->response_value) utils->free(text->response_value);
    
    _plug_decode_free(&text->decode_context);
    if (text->encode_buf) utils->free(text->encode_buf);
    if (text->decode_buf) utils->free(text->decode_buf);
    if (text->decode_packet_buf) utils->free(text->decode_packet_buf);
    if (text->out_buf) utils->free(text->out_buf);
    
    if (text->enc_in_buf) {
      if (text->enc_in_buf->data) utils->free(text->enc_in_buf->data);
      utils->free(text->enc_in_buf);
    }
    
    utils->free(conn_context);
}

static void clear_reauth_entry(reauth_entry_t *reauth, enum Context_type type,
                         const sasl_utils_t *utils)
{
    if (!reauth) return;

    if (reauth->authid) utils->free(reauth->authid);
    if (reauth->realm) utils->free(reauth->realm);
    if (reauth->nonce) utils->free(reauth->nonce);
    if (reauth->cnonce) utils->free(reauth->cnonce);

    if (type == CLIENT) {
      if (reauth->u.c.serverFQDN) utils->free(reauth->u.c.serverFQDN);
    }

    memset(reauth, 0, sizeof(reauth_entry_t));
}

static void digestmd5_common_mech_free(void *glob_context,
                               const sasl_utils_t *utils)
{
    digest_glob_context_t *my_glob_context =
      (digest_glob_context_t *) glob_context;
    reauth_cache_t *reauth_cache = my_glob_context->reauth;
    size_t n;
    
    if (!reauth_cache) return;

    for (n = 0; n < reauth_cache->size; n++)
      clear_reauth_entry(&reauth_cache->e[n], reauth_cache->i_am, utils);
    if (reauth_cache->e) utils->free(reauth_cache->e);

    if (reauth_cache->mutex) utils->mutex_free(reauth_cache->mutex);

    utils->free(reauth_cache);
    my_glob_context->reauth = NULL;
}

/*****************************  Server Section  *****************************/

typedef struct server_context {
    context_t common;

    time_t timestamp;
    int stale;                      /* last nonce is stale */
    sasl_ssf_t limitssf, requiressf;      /* application defined bounds */
} server_context_t;

static digest_glob_context_t server_glob_context;

static void DigestCalcHA1FromSecret(context_t * text,
                            const sasl_utils_t * utils,
                            HASH HA1,
                            unsigned char *authorization_id,
                            unsigned char *pszNonce,
                            unsigned char *pszCNonce,
                            HASHHEX SessionKey)
{
    MD5_CTX Md5Ctx;
    
    /* calculate session key */
    utils->MD5Init(&Md5Ctx);
    utils->MD5Update(&Md5Ctx, HA1, HASHLEN);
    utils->MD5Update(&Md5Ctx, COLON, 1);
    utils->MD5Update(&Md5Ctx, pszNonce, strlen((char *) pszNonce));
    utils->MD5Update(&Md5Ctx, COLON, 1);
    utils->MD5Update(&Md5Ctx, pszCNonce, strlen((char *) pszCNonce));
    if (authorization_id != NULL) {
      utils->MD5Update(&Md5Ctx, COLON, 1);
      utils->MD5Update(&Md5Ctx, authorization_id, strlen((char *) authorization_id));
    }
    utils->MD5Final(HA1, &Md5Ctx);
    
    CvtHex(HA1, SessionKey);
    
    
    /* save HA1 because we need it to make the privacy and integrity keys */
    memcpy(text->HA1, HA1, sizeof(HASH));
}

static char *create_response(context_t * text,
                       const sasl_utils_t * utils,
                       unsigned char *nonce,
                       unsigned int ncvalue,
                       unsigned char *cnonce,
                       char *qop,
                       char *digesturi,
                       HASH Secret,
                       char *authorization_id,
                       char **response_value)
{
    HASHHEX         SessionKey;
    HASHHEX         HEntity = "00000000000000000000000000000000";
    HASHHEX         Response;
    char           *result;
    
    if (qop == NULL)
      qop = "auth";
    
    DigestCalcHA1FromSecret(text,
                      utils,
                      Secret,
                      (unsigned char *) authorization_id,
                      nonce,
                      cnonce,
                      SessionKey);
    
    DigestCalcResponse(utils,
                   SessionKey,/* HEX(H(A1)) */
                   nonce,     /* nonce from server */
                   ncvalue,   /* 8 hex digits */
                   cnonce,    /* client nonce */
                   (unsigned char *) qop, /* qop-value: "", "auth",
                                     * "auth-int" */
                   (unsigned char *) digesturi, /* requested URL */
                   (unsigned char *) "AUTHENTICATE",
                   HEntity,   /* H(entity body) if qop="auth-int" */
                   Response   /* request-digest or response-digest */
      );
    
    result = utils->malloc(HASHHEXLEN + 1);
    memcpy(result, Response, HASHHEXLEN);
    result[HASHHEXLEN] = 0;
    
    /* response_value (used for reauth i think */
    if (response_value != NULL) {
      DigestCalcResponse(utils,
                     SessionKey,    /* HEX(H(A1)) */
                     nonce,   /* nonce from server */
                     ncvalue, /* 8 hex digits */
                     cnonce,  /* client nonce */
                     (unsigned char *) qop,     /* qop-value: "", "auth",
                                           * "auth-int" */
                     (unsigned char *) digesturi,     /* requested URL */
                     NULL,
                     HEntity, /* H(entity body) if qop="auth-int" */
                     Response /* request-digest or response-digest */
          );
      
      *response_value = utils->malloc(HASHHEXLEN + 1);
      if (*response_value == NULL)
          return NULL;
      memcpy(*response_value, Response, HASHHEXLEN);
      (*response_value)[HASHHEXLEN] = 0;
    }
    return result;
}

static int get_server_realm(sasl_server_params_t * params, char **realm)
{
    /* look at user realm first */
    if (params->user_realm != NULL) {
      if(params->user_realm[0] != '\0') {
          *realm = (char *) params->user_realm;
      } else {
          /* Catch improperly converted apps */
          params->utils->seterror(params->utils->conn, 0,
                            "user_realm is an empty string!");
          return SASL_BADPARAM;
      }
    } else if (params->serverFQDN != NULL) {
      *realm = (char *) params->serverFQDN;
    } else {
      params->utils->seterror(params->utils->conn, 0,
                        "no way to obtain domain");
      return SASL_FAIL;
    }
    
    return SASL_OK;
}

/*
 * Convert hex string to int
 */
static int htoi(unsigned char *hexin, unsigned int *res)
{
    int             lup, inlen;
    inlen = strlen((char *) hexin);
    
    *res = 0;
    for (lup = 0; lup < inlen; lup++) {
      switch (hexin[lup]) {
      case '0':
      case '1':
      case '2':
      case '3':
      case '4':
      case '5':
      case '6':
      case '7':
      case '8':
      case '9':
          *res = (*res << 4) + (hexin[lup] - '0');
          break;
          
      case 'a':
      case 'b':
      case 'c':
      case 'd':
      case 'e':
      case 'f':
          *res = (*res << 4) + (hexin[lup] - 'a' + 10);
          break;
          
      case 'A':
      case 'B':
      case 'C':
      case 'D':
      case 'E':
      case 'F':
          *res = (*res << 4) + (hexin[lup] - 'A' + 10);
          break;
          
      default:
          return SASL_BADPARAM;
      }
      
    }
    
    return SASL_OK;
}

static int digestmd5_server_mech_new(void *glob_context,
                             sasl_server_params_t * sparams,
                             const char *challenge __attribute__((unused)),
                             unsigned challen __attribute__((unused)),
                             void **conn_context)
{
    context_t *text;
    
    /* holds state are in -- allocate server size */
    text = sparams->utils->malloc(sizeof(server_context_t));
    if (text == NULL)
      return SASL_NOMEM;
    memset(text, 0, sizeof(server_context_t));
    
    text->state = 1;
    text->i_am = SERVER;
    text->reauth = ((digest_glob_context_t *) glob_context)->reauth;
    
    *conn_context = text;
    return SASL_OK;
}

static int
digestmd5_server_mech_step1(server_context_t *stext,
                      sasl_server_params_t *sparams,
                      const char *clientin __attribute__((unused)),
                      unsigned clientinlen __attribute__((unused)),
                      const char **serverout,
                      unsigned *serveroutlen,
                      sasl_out_params_t * oparams __attribute__((unused)))
{
    context_t *text = (context_t *) stext;
    int             result;
    char           *realm;
    unsigned char  *nonce;
    char           *charset = "utf-8";
    char qop[1024], cipheropts[1024];
    struct digest_cipher *cipher;
    unsigned       resplen;
    int added_conf = 0;
    char maxbufstr[64];
    
    sparams->utils->log(sparams->utils->conn, SASL_LOG_DEBUG,
                  "DIGEST-MD5 server step 1");

    /* get realm */
    result = get_server_realm(sparams, &realm);
    if(result != SASL_OK) return result;
    
    /* what options should we offer the client? */
    qop[0] = '\0';
    cipheropts[0] = '\0';
    if (stext->requiressf == 0) {
      if (*qop) strcat(qop, ",");
      strcat(qop, "auth");
    }
    if (stext->requiressf <= 1 && stext->limitssf >= 1) {
      if (*qop) strcat(qop, ",");
      strcat(qop, "auth-int");
    }
    
    cipher = available_ciphers;
    while (cipher->name) {
      /* do we allow this particular cipher? */
      if (stext->requiressf <= cipher->ssf &&
          stext->limitssf >= cipher->ssf) {
          if (!added_conf) {
            if (*qop) strcat(qop, ",");
            strcat(qop, "auth-conf");
            added_conf = 1;
          }
          if (*cipheropts) strcat(cipheropts, ",");
          strcat(cipheropts, cipher->name);
      }
      cipher++;
    }
    
    if (*qop == '\0') {
      /* we didn't allow anything?!? we'll return SASL_TOOWEAK, since
         that's close enough */
      return SASL_TOOWEAK;
    }
    
    /*
     * digest-challenge  = 1#( realm | nonce | qop-options | stale | maxbuf |
     * charset | cipher-opts | auth-param )
     */
    
    /* FIXME: get nonce XXX have to clean up after self if fail */
    nonce = create_nonce(sparams->utils);
    if (nonce == NULL) {
      SETERROR(sparams->utils, "internal erorr: failed creating a nonce");
      return SASL_FAIL;
    }
    
    resplen = 0;
    text->out_buf = NULL;
    text->out_buf_len = 0;
    if (add_to_challenge(sparams->utils,
                          &text->out_buf, &text->out_buf_len, &resplen,
                          "nonce", (unsigned char *) nonce,
                          TRUE) != SASL_OK) {
      SETERROR(sparams->utils, "internal error: add_to_challenge failed");
      return SASL_FAIL;
    }

    /* add to challenge; if we chose not to specify a realm, we won't
     * send one to the client */
    if (realm && add_to_challenge(sparams->utils,
                          &text->out_buf, &text->out_buf_len, &resplen,
                          "realm", (unsigned char *) realm,
                          TRUE) != SASL_OK) {
      SETERROR(sparams->utils, "internal error: add_to_challenge failed");
      return SASL_FAIL;
    }
    /*
     * qop-options A quoted string of one or more tokens indicating the
     * "quality of protection" values supported by the server.  The value
     * "auth" indicates authentication; the value "auth-int" indicates
     * authentication with integrity protection; the value "auth-conf"
     * indicates authentication with integrity protection and encryption.
     */
    
    /* add qop to challenge */
    if (add_to_challenge(sparams->utils,
                   &text->out_buf, &text->out_buf_len, &resplen,
                   "qop", 
                   (unsigned char *) qop, TRUE) != SASL_OK) {
      SETERROR(sparams->utils, "internal error: add_to_challenge 3 failed");
      return SASL_FAIL;
    }
    
    /*
     *  Cipheropts - list of ciphers server supports
     */
    /* add cipher-opts to challenge; only add if there are some */
    if (strcmp(cipheropts,"")!=0)
      {
          if (add_to_challenge(sparams->utils,
                         &text->out_buf, &text->out_buf_len, &resplen,
                         "cipher", (unsigned char *) cipheropts, 
                         TRUE) != SASL_OK) {
            SETERROR(sparams->utils,
                   "internal error: add_to_challenge 4 failed");
            return SASL_FAIL;
          }
      }
    
    /* "stale" is true if a reauth failed because of a nonce timeout */
    if (stext->stale &&
      add_to_challenge(sparams->utils,
                   &text->out_buf, &text->out_buf_len, &resplen,
                   "stale", "true", FALSE) != SASL_OK) {
      SETERROR(sparams->utils, "internal error: add_to_challenge failed");
      return SASL_FAIL;
    }
    
    /*
     * maxbuf A number indicating the size of the largest buffer the server
     * is able to receive when using "auth-int". If this directive is
     * missing, the default value is 65536. This directive may appear at most
     * once; if multiple instances are present, the client should abort the
     * authentication exchange.
     */
    if(sparams->props.maxbufsize) {
      snprintf(maxbufstr, sizeof(maxbufstr), "%u",
             sparams->props.maxbufsize);
      if (add_to_challenge(sparams->utils,
                       &text->out_buf, &text->out_buf_len, &resplen,
                       "maxbuf", 
                       (unsigned char *) maxbufstr, FALSE) != SASL_OK) {
          SETERROR(sparams->utils,
                 "internal error: add_to_challenge 5 failed");
          return SASL_FAIL;
      }
    }
    

    if (add_to_challenge(sparams->utils,
                   &text->out_buf, &text->out_buf_len, &resplen,
                   "charset", 
                   (unsigned char *) charset, FALSE) != SASL_OK) {
      SETERROR(sparams->utils, "internal error: add_to_challenge 6 failed");
      return SASL_FAIL;
    }
    
    
    /*
     * algorithm 
     *  This directive is required for backwards compatibility with HTTP 
     *  Digest., which supports other algorithms. . This directive is 
     *  required and MUST appear exactly once; if not present, or if multiple 
     *  instances are present, the client should abort the authentication 
     *  exchange. 
     *
     * algorithm         = "algorithm" "=" "md5-sess" 
     */
    
    if (add_to_challenge(sparams->utils,
                   &text->out_buf, &text->out_buf_len, &resplen,
                   "algorithm",
                   (unsigned char *) "md5-sess", FALSE)!=SASL_OK) {
      SETERROR(sparams->utils, "internal error: add_to_challenge 7 failed");
      return SASL_FAIL;
    }
    
    /*
     * The size of a digest-challenge MUST be less than 2048 bytes!!!
     */
    if (*serveroutlen > 2048) {
      SETERROR(sparams->utils,
             "internal error: challenge larger than 2048 bytes");
      return SASL_FAIL;
    }

    text->authid = NULL;
    _plug_strdup(sparams->utils, realm, &text->realm, NULL);
    text->nonce = nonce;
    text->nonce_count = 1;
    text->cnonce = NULL;
    stext->timestamp = time(0);
    
    *serveroutlen = strlen(text->out_buf);
    *serverout = text->out_buf;
    
    text->state = 2;
    
    return SASL_CONTINUE;
}

static int digestmd5_server_mech_step2(server_context_t *stext,
                               sasl_server_params_t *sparams,
                               const char *clientin,
                               unsigned clientinlen,
                               const char **serverout,
                               unsigned *serveroutlen,
                               sasl_out_params_t * oparams)
{
    context_t *text = (context_t *) stext;
    /* verify digest */
    sasl_secret_t  *sec = NULL;
    int             result;
    char           *serverresponse = NULL;
    char           *username = NULL;
    char           *authorization_id = NULL;
    char           *realm = NULL;
    unsigned char  *nonce = NULL, *cnonce = NULL;
    unsigned int   noncecount = 0;
    char           *qop = NULL;
    char           *digesturi = NULL;
    char           *response = NULL;
    
    /* setting the default value (65536) */
    unsigned long  client_maxbuf = 65536;
    int            maxbuf_count = 0;  /* How many maxbuf instaces was found */
    
    char           *charset = NULL;
    char           *cipher = NULL;
    unsigned int   n=0;
    
    HASH            Secret;
    
    /* password prop_request */
    const char *password_request[] = { SASL_AUX_PASSWORD,
                               "*cmusaslsecretDIGEST-MD5",
                               NULL };
    unsigned len;
    struct propval auxprop_values[2];
    
    /* can we mess with clientin? copy it to be safe */
    char           *in_start = NULL;
    char           *in = NULL; 
    
    sparams->utils->log(sparams->utils->conn, SASL_LOG_DEBUG,
                  "DIGEST-MD5 server step 2");

    in = sparams->utils->malloc(clientinlen + 1);
    
    memcpy(in, clientin, clientinlen);
    in[clientinlen] = 0;
    
    in_start = in;
    
    
    /* parse what we got */
    while (in[0] != '\0') {
      char           *name = NULL, *value = NULL;
      get_pair(&in, &name, &value);
      
      if (name == NULL)
          break;
      
      /* Extracting parameters */
      
      /*
       * digest-response  = 1#( username | realm | nonce | cnonce |
       * nonce-count | qop | digest-uri | response | maxbuf | charset |
       * cipher | auth-param )
       */
      
      if (strcasecmp(name, "username") == 0) {
          _plug_strdup(sparams->utils, value, &username, NULL);
      } else if (strcasecmp(name, "authzid") == 0) {
          _plug_strdup(sparams->utils, value, &authorization_id, NULL);
      } else if (strcasecmp(name, "cnonce") == 0) {
          _plug_strdup(sparams->utils, value, (char **) &cnonce, NULL);
      } else if (strcasecmp(name, "nc") == 0) {
          if (htoi((unsigned char *) value, &noncecount) != SASL_OK) {
            SETERROR(sparams->utils,
                   "error converting hex to int");
            result = SASL_BADAUTH;
            goto FreeAllMem;
          }
      } else if (strcasecmp(name, "realm") == 0) {
          if (realm) {
            SETERROR(sparams->utils,
                   "duplicate realm: authentication aborted");
            result = SASL_FAIL;
            goto FreeAllMem;
          }
          _plug_strdup(sparams->utils, value, &realm, NULL);
      } else if (strcasecmp(name, "nonce") == 0) {
          _plug_strdup(sparams->utils, value, (char **) &nonce, NULL);
      } else if (strcasecmp(name, "qop") == 0) {
          _plug_strdup(sparams->utils, value, &qop, NULL);
      } else if (strcasecmp(name, "digest-uri") == 0) {
            size_t service_len;

          if (digesturi) {
            SETERROR(sparams->utils,
                   "duplicate digest-uri: authentication aborted");
            result = SASL_FAIL;
            goto FreeAllMem;
          }

          _plug_strdup(sparams->utils, value, &digesturi, NULL);

          /* Verify digest-uri format:
           *
           * digest-uri-value  = serv-type "/" host [ "/" serv-name ]
           */

            /* make sure it's the service that we're expecting */
            service_len = strlen(sparams->service);
            if (strncasecmp(digesturi, sparams->service, service_len) ||
                digesturi[service_len] != '/') {
                result = SASL_BADAUTH;
                SETERROR(sparams->utils, 
                         "bad digest-uri: doesn't match service");
                goto FreeAllMem;
            }

            /* xxx we don't verify the hostname component */
            
      } else if (strcasecmp(name, "response") == 0) {
          _plug_strdup(sparams->utils, value, &response, NULL);
      } else if (strcasecmp(name, "cipher") == 0) {
          _plug_strdup(sparams->utils, value, &cipher, NULL);
      } else if (strcasecmp(name, "maxbuf") == 0) {
          maxbuf_count++;
          if (maxbuf_count != 1) {
            result = SASL_BADAUTH;
            SETERROR(sparams->utils,
                   "duplicate maxbuf: authentication aborted");
            goto FreeAllMem;
          } else if (str2ul32 (value, &client_maxbuf) == FALSE) {
            result = SASL_BADAUTH;
            SETERROR(sparams->utils, "invalid maxbuf parameter");
            goto FreeAllMem;
          } else {
            if (client_maxbuf <= 16) {
                result = SASL_BADAUTH;
                SETERROR(sparams->utils,
                       "maxbuf parameter too small");
                goto FreeAllMem;
            }

            if (client_maxbuf > MAX_SASL_BUFSIZE) {
                result = SASL_BADAUTH;
                SETERROR(sparams->utils,
                       "maxbuf parameter too big");
                goto FreeAllMem;
            }
          }
      } else if (strcasecmp(name, "charset") == 0) {
          if (strcasecmp(value, "utf-8") != 0) {
            SETERROR(sparams->utils, "client doesn't support UTF-8");
            result = SASL_FAIL;
            goto FreeAllMem;
          }
          _plug_strdup(sparams->utils, value, &charset, NULL);
      } else {
          sparams->utils->log(sparams->utils->conn, SASL_LOG_DEBUG,
                        "DIGEST-MD5 unrecognized pair %s/%s: ignoring",
                        name, value);
      }
    }
    
    /*
     * username         = "username" "=" <"> username-value <">
     * username-value   = qdstr-val
     * cnonce           = "cnonce" "=" <"> cnonce-value <"> 
     * cnonce-value     = qdstr-val
     * nonce-count      = "nc" "=" nc-value
     * nc-value         = 8LHEX
     * qop              = "qop" "=" qop-value
     * digest-uri       = "digest-uri" "=" digest-uri-value
     * digest-uri-value = serv-type "/" host [ "/" serv-name ]
     * serv-type        = 1*ALPHA
     * host             = 1*( ALPHA | DIGIT | "-" | "." )
     * service          = host
     * response         = "response" "=" <"> response-value <">
     * response-value   = 32LHEX
     * LHEX             = "0" | "1" | "2" | "3" | "4" | "5" |
     * "6" | "7" | "8" | "9" | "a" | "b" | "c" | "d" | "e" | "f"
     * cipher           = "cipher" "=" cipher-value
     */
    /* Verifing that all parameters was defined */
    if ((username == NULL) ||
      (nonce == NULL) ||
      (noncecount == 0) ||
      (cnonce == NULL) ||
      (digesturi == NULL) ||
      (response == NULL)) {
      SETERROR(sparams->utils, "required parameters missing");
      result = SASL_BADAUTH;
      goto FreeAllMem;
    }

    if (text->state == 1) {
      unsigned val = hash(username) % text->reauth->size;

      /* reauth attempt, see if we have any info for this user */
      if (sparams->utils->mutex_lock(text->reauth->mutex) == SASL_OK) { /* LOCK */
          if (text->reauth->e[val].authid &&
            !strcmp(username, text->reauth->e[val].authid)) {

            _plug_strdup(sparams->utils, text->reauth->e[val].realm,
                       &text->realm, NULL);
            _plug_strdup(sparams->utils, text->reauth->e[val].nonce,
                       (char **) &text->nonce, NULL);
            text->nonce_count = ++text->reauth->e[val].nonce_count;
            _plug_strdup(sparams->utils, text->reauth->e[val].cnonce,
                       (char **) &text->cnonce, NULL);
            stext->timestamp = text->reauth->e[val].u.s.timestamp;
          }
          sparams->utils->mutex_unlock(text->reauth->mutex); /* UNLOCK */
      }

      if (!text->nonce) {
          /* we don't have any reauth info, so bail */
          result = SASL_FAIL;
          goto FreeAllMem;
      }
    }

    /* Sanity check the parameters */
    if (strcmp(realm, text->realm) != 0) {
      SETERROR(sparams->utils,
             "realm changed: authentication aborted");
      result = SASL_BADAUTH;
      goto FreeAllMem;
    }
    if (strcmp(nonce, (char *) text->nonce) != 0) {
      SETERROR(sparams->utils,
             "nonce changed: authentication aborted");
      result = SASL_BADAUTH;
      goto FreeAllMem;
    }
    if (noncecount != text->nonce_count) {
      SETERROR(sparams->utils,
             "incorrect nonce-count: authentication aborted");
      result = SASL_BADAUTH;
      goto FreeAllMem;
    }
    if (text->cnonce && strcmp(cnonce, text->cnonce) != 0) {
      SETERROR(sparams->utils,
             "cnonce changed: authentication aborted");
      result = SASL_BADAUTH;
      goto FreeAllMem;
    }
          
    result = sparams->utils->prop_request(sparams->propctx, password_request);
    if(result != SASL_OK) {
      SETERROR(sparams->utils, "unable to obtain user password");
      goto FreeAllMem;
    }
    
    /* this will trigger the getting of the aux properties */
    /* Note that if we don't have an authorization id, we don't use it... */
    result = sparams->canon_user(sparams->utils->conn,
                         username, 0, SASL_CU_AUTHID, oparams);
    if (result != SASL_OK) {
      SETERROR(sparams->utils, "unable canonify user and get auxprops");
      goto FreeAllMem;
    }
    
    if (!authorization_id || !*authorization_id) {
      result = sparams->canon_user(sparams->utils->conn,
                             username, 0, SASL_CU_AUTHZID, oparams);
    } else {
      result = sparams->canon_user(sparams->utils->conn,
                             authorization_id, 0, SASL_CU_AUTHZID,
                             oparams);
    }
    
    if (result != SASL_OK) {
      SETERROR(sparams->utils, "unable authorization ID");
      goto FreeAllMem;
    }
    
    result = sparams->utils->prop_getnames(sparams->propctx, password_request,
                                 auxprop_values);
    if (result < 0 ||
       ((!auxprop_values[0].name || !auxprop_values[0].values) &&
      (!auxprop_values[1].name || !auxprop_values[1].values))) {
      /* We didn't find this username */
      sparams->utils->seterror(sparams->utils->conn, 0,
                         "no secret in database");
      result = sparams->transition ? SASL_TRANS : SASL_NOUSER;
      goto FreeAllMem;
    }
    
    if (auxprop_values[0].name && auxprop_values[0].values) {
      len = strlen(auxprop_values[0].values[0]);
      if (len == 0) {
          sparams->utils->seterror(sparams->utils->conn,0,
                             "empty secret");
          result = SASL_FAIL;
          goto FreeAllMem;
      }
      
      sec = sparams->utils->malloc(sizeof(sasl_secret_t) + len);
      if (!sec) {
          SETERROR(sparams->utils, "unable to allocate secret");
          result = SASL_FAIL;
          goto FreeAllMem;
      }
      
      sec->len = len;
      strncpy(sec->data, auxprop_values[0].values[0], len + 1); 
      
      /*
       * Verifying response obtained from client
       * 
       * H_URP = H({ username-value,":",realm-value,":",passwd}) sec->data
       * contains H_URP
       */
      
      /* Calculate the secret from the plaintext password */
      {
          /*
           * Secret = { H( { username-value, ":", realm-value, ":", passwd } ) }
           *
           * (used to build A1)
           */
          
          DigestCalcSecret(sparams->utils, username,
                       text->realm, sec->data, sec->len, Secret);
          Secret[HASHLEN] = '\0';
      }
      
      /* We're done with sec now. Let's get rid of it */
      _plug_free_secret(sparams->utils, &sec);
    } else if (auxprop_values[1].name && auxprop_values[1].values) {
      memcpy(Secret, auxprop_values[1].values[0], HASHLEN);
      Secret[HASHLEN] = '\0';
    } else {
      sparams->utils->seterror(sparams->utils->conn, 0,
                         "Have neither type of secret");
      return SASL_FAIL;
    } 
    
    /* erase the plaintext password */
    sparams->utils->prop_erase(sparams->propctx, password_request[0]);

    /* defaulting qop to "auth" if not specified */
    if (qop == NULL) {
      _plug_strdup(sparams->utils, "auth", &qop, NULL);      
    }
    
    /* check which layer/cipher to use */
    if ((!strcasecmp(qop, "auth-conf")) && (cipher != NULL)) {
      /* see what cipher was requested */
      struct digest_cipher *cptr;
      
      cptr = available_ciphers;
      while (cptr->name) {
          /* find the cipher requested & make sure it's one we're happy
             with by policy */
          if (!strcasecmp(cipher, cptr->name) && 
            stext->requiressf <= cptr->ssf &&
            stext->limitssf >= cptr->ssf) {
            /* found it! */
            break;
          }
          cptr++;
      }
      
      if (cptr->name) {
          text->cipher_enc = cptr->cipher_enc;
          text->cipher_dec = cptr->cipher_dec;
          text->cipher_init = cptr->cipher_init;
          text->cipher_free = cptr->cipher_free;
          oparams->mech_ssf = cptr->ssf;
          n = cptr->n;
      } else {
          /* erg? client requested something we didn't advertise! */
          sparams->utils->log(sparams->utils->conn, SASL_LOG_WARN,
                        "protocol violation: client requested invalid cipher");
          SETERROR(sparams->utils, "client requested invalid cipher");
          /* Mark that we attempted security layer negotiation */
          oparams->mech_ssf = 2;
          result = SASL_FAIL;
          goto FreeAllMem;
      }
      
      oparams->encode=&digestmd5_encode;
      oparams->decode=&digestmd5_decode;
    } else if (!strcasecmp(qop, "auth-int") &&
             stext->requiressf <= 1 && stext->limitssf >= 1) {
      oparams->encode = &digestmd5_encode;
      oparams->decode = &digestmd5_decode;
      oparams->mech_ssf = 1;
    } else if (!strcasecmp(qop, "auth") && stext->requiressf == 0) {
      oparams->encode = NULL;
      oparams->decode = NULL;
      oparams->mech_ssf = 0;
    } else {
      SETERROR(sparams->utils,
             "protocol violation: client requested invalid qop");
      result = SASL_FAIL;
      goto FreeAllMem;
    }
    
    serverresponse = create_response(text,
                             sparams->utils,
                             text->nonce,
                             text->nonce_count,
                             cnonce,
                             qop,
                             digesturi,
                             Secret,
                             authorization_id,
                             &text->response_value);
    
    if (serverresponse == NULL) {
      SETERROR(sparams->utils, "internal error: unable to create response");
      result = SASL_NOMEM;
      goto FreeAllMem;
    }
    
    /* if ok verified */
    if (strcmp(serverresponse, response) != 0) {
      SETERROR(sparams->utils,
             "client response doesn't match what we generated");
      result = SASL_BADAUTH;
      
      goto FreeAllMem;
    }

    /* see if our nonce expired */
    if (text->reauth->timeout &&
      time(0) - stext->timestamp > text->reauth->timeout) {
      SETERROR(sparams->utils, "server nonce expired");
      stext->stale = 1;
      result = SASL_BADAUTH;

      goto FreeAllMem;
     }

    /*
     * nothing more to do; authenticated set oparams information
     */
    oparams->doneflag = 1;
    oparams->maxoutbuf = client_maxbuf - 4;
    if (oparams->mech_ssf > 1) {
      /* MAC block (privacy) */
      oparams->maxoutbuf -= 25;
    } else if(oparams->mech_ssf == 1) {
      /* MAC block (integrity) */
      oparams->maxoutbuf -= 16;
    }
    
    oparams->param_version = 0;
    
    text->seqnum = 0;         /* for integrity/privacy */
    text->rec_seqnum = 0;     /* for integrity/privacy */
    text->utils = sparams->utils;

    /* used by layers */
    _plug_decode_init(&text->decode_context, text->utils,
                  sparams->props.maxbufsize ? sparams->props.maxbufsize :
                  DEFAULT_BUFSIZE);

    if (oparams->mech_ssf > 0) {
      char enckey[16];
      char deckey[16];
      
      create_layer_keys(text, sparams->utils,text->HA1,n,enckey,deckey);
      
      /* initialize cipher if need be */
      if (text->cipher_init)
          if (text->cipher_init(text, enckey, deckey) != SASL_OK) {
            sparams->utils->seterror(sparams->utils->conn, 0,
                               "couldn't init cipher");
          }
    }
    
    /*
     * The server receives and validates the "digest-response". The server
     * checks that the nonce-count is "00000001". If it supports subsequent
     * authentication, it saves the value of the nonce and the nonce-count.
     */
    
    /*
     * The "username-value", "realm-value" and "passwd" are encoded according
     * to the value of the "charset" directive. If "charset=UTF-8" is
     * present, and all the characters of either "username-value" or "passwd"
     * are in the ISO 8859-1 character set, then it must be converted to
     * UTF-8 before being hashed. A sample implementation of this conversion
     * is in section 8.
     */
    
    /* add to challenge */
    {
      unsigned resplen =
          strlen(text->response_value) + strlen("rspauth") + 3;
      
      result = _plug_buf_alloc(sparams->utils, &(text->out_buf),
                         &(text->out_buf_len), resplen);
      if(result != SASL_OK) {
          goto FreeAllMem;
      }
      
      sprintf(text->out_buf, "rspauth=%s", text->response_value);
      
      /* self check */
      if (strlen(text->out_buf) > 2048) {
          result = SASL_FAIL;
          goto FreeAllMem;
      }
    }
    
    *serveroutlen = strlen(text->out_buf);
    *serverout = text->out_buf;
      
    result = SASL_OK;

  FreeAllMem:
    if (text->reauth->timeout &&
      sparams->utils->mutex_lock(text->reauth->mutex) == SASL_OK) { /* LOCK */
      unsigned val = hash(username) % text->reauth->size;

      switch (result) {
      case SASL_OK:
          /* successful auth, setup for future reauth */
          if (text->nonce_count == 1) {
            /* successful initial auth, create new entry */
            clear_reauth_entry(&text->reauth->e[val], SERVER, sparams->utils);
            text->reauth->e[val].authid = username; username = NULL;
            text->reauth->e[val].realm = text->realm; text->realm = NULL;
            text->reauth->e[val].nonce = text->nonce; text->nonce = NULL;
            text->reauth->e[val].cnonce = cnonce; cnonce = NULL;
          }
          if (text->nonce_count <= text->reauth->e[val].nonce_count) {
            /* paranoia.  prevent replay attacks */
            clear_reauth_entry(&text->reauth->e[val], SERVER, sparams->utils);
          }
          else {
            text->reauth->e[val].nonce_count = text->nonce_count;
            text->reauth->e[val].u.s.timestamp = time(0);
          }
          break;
      default:
          if (text->nonce_count > 1) {
            /* failed reauth, clear entry */
            clear_reauth_entry(&text->reauth->e[val], SERVER, sparams->utils);
          }
          else {
            /* failed initial auth, leave existing cache */
          }
      }
      sparams->utils->mutex_unlock(text->reauth->mutex); /* UNLOCK */
    }

    /* free everything */
    if (in_start) sparams->utils->free (in_start);
    
    if (username != NULL)
      sparams->utils->free (username);
    if (authorization_id != NULL)
      sparams->utils->free (authorization_id);
    if (realm != NULL)
      sparams->utils->free (realm);
    if (nonce != NULL)
      sparams->utils->free (nonce);
    if (cnonce != NULL)
      sparams->utils->free (cnonce);
    if (response != NULL)
      sparams->utils->free (response);
    if (cipher != NULL)
      sparams->utils->free (cipher);
    if (serverresponse != NULL)
      sparams->utils->free(serverresponse);
    if (charset != NULL)
      sparams->utils->free (charset);
    if (digesturi != NULL)
      sparams->utils->free (digesturi);
    if (qop!=NULL)
      sparams->utils->free (qop);  
    if (sec)
      _plug_free_secret(sparams->utils, &sec);
    
    return result;
}

static int digestmd5_server_mech_step(void *conn_context,
                              sasl_server_params_t *sparams,
                              const char *clientin,
                              unsigned clientinlen,
                              const char **serverout,
                              unsigned *serveroutlen,
                              sasl_out_params_t *oparams)
{
    context_t *text = (context_t *) conn_context;
    server_context_t *stext = (server_context_t *) conn_context;
    
    if (clientinlen > 4096) return SASL_BADPROT;
    
    *serverout = NULL;
    *serveroutlen = 0;
    
    switch (text->state) {
      
    case 1:
      /* setup SSF limits */
      if (!sparams->props.maxbufsize) {
          stext->limitssf = 0;
          stext->requiressf = 0;
      } else {
          if (sparams->props.max_ssf < sparams->external_ssf) {
            stext->limitssf = 0;
          } else {
            stext->limitssf =
                sparams->props.max_ssf - sparams->external_ssf;
          }
          if (sparams->props.min_ssf < sparams->external_ssf) {
            stext->requiressf = 0;
          } else {
            stext->requiressf =
                sparams->props.min_ssf - sparams->external_ssf;
          }
      }

        if (clientin && text->reauth->timeout) {
          /* here's where we attempt fast reauth if possible */
          if (digestmd5_server_mech_step2(stext, sparams,
                                  clientin, clientinlen,
                                  serverout, serveroutlen,
                                  oparams) == SASL_OK) {
            return SASL_OK;
          }

          sparams->utils->log(NULL, SASL_LOG_WARN,
                        "DIGEST-MD5 reauth failed\n");

          /* re-initialize everything for a fresh start */
          memset(oparams, 0, sizeof(sasl_out_params_t));

          /* fall through and issue challenge */
      }

      return digestmd5_server_mech_step1(stext, sparams,
                                 clientin, clientinlen,
                                 serverout, serveroutlen, oparams);
      
    case 2:
      return digestmd5_server_mech_step2(stext, sparams,
                                 clientin, clientinlen,
                                 serverout, serveroutlen, oparams);
      
    default:
      sparams->utils->log(NULL, SASL_LOG_ERR,
                      "Invalid DIGEST-MD5 server step %d\n", text->state);
      return SASL_FAIL;
    }
    
    return SASL_FAIL; /* should never get here */
}

static void digestmd5_server_mech_dispose(void *conn_context,
                                const sasl_utils_t *utils)
{
    server_context_t *stext = (server_context_t *) conn_context;
    
    if (!stext || !utils) return;
    
    digestmd5_common_mech_dispose(conn_context, utils);
}

static sasl_server_plug_t digestmd5_server_plugins[] =
{
    {
      "DIGEST-MD5",                 /* mech_name */
#ifdef WITH_RC4
      128,                    /* max_ssf */
#elif WITH_DES
      112,
#else 
      0,
#endif
      SASL_SEC_NOPLAINTEXT
      | SASL_SEC_NOANONYMOUS
      | SASL_SEC_MUTUAL_AUTH,       /* security_flags */
      SASL_FEAT_ALLOWS_PROXY,       /* features */
      &server_glob_context,         /* glob_context */
      &digestmd5_server_mech_new,   /* mech_new */
      &digestmd5_server_mech_step,  /* mech_step */
      &digestmd5_server_mech_dispose,     /* mech_dispose */
      &digestmd5_common_mech_free,  /* mech_free */
      NULL,                   /* setpass */
      NULL,                   /* user_query */
      NULL,                   /* idle */
      NULL,                   /* mech avail */
      NULL                    /* spare */
    }
};

int digestmd5_server_plug_init(sasl_utils_t *utils,
                         int maxversion,
                         int *out_version,
                         sasl_server_plug_t **pluglist,
                         int *plugcount) 
{
    reauth_cache_t *reauth_cache;
    const char *timeout = NULL;
    unsigned int len;

    if (maxversion < SASL_SERVER_PLUG_VERSION)
      return SASL_BADVERS;

    /* reauth cache */
    reauth_cache = utils->malloc(sizeof(reauth_cache_t));
    if (reauth_cache == NULL)
      return SASL_NOMEM;
    memset(reauth_cache, 0, sizeof(reauth_cache_t));
    reauth_cache->i_am = SERVER;

    /* fetch and canonify the reauth_timeout */
    utils->getopt(utils->getopt_context, "DIGEST-MD5", "reauth_timeout",
              &timeout, &len);
    if (timeout)
      reauth_cache->timeout = (time_t) 60 * strtol(timeout, NULL, 10);
    if (reauth_cache->timeout < 0)
      reauth_cache->timeout = 0;

    if (reauth_cache->timeout) {
      /* mutex */
      reauth_cache->mutex = utils->mutex_alloc();
      if (!reauth_cache->mutex)
          return SASL_FAIL;

      /* entries */
      reauth_cache->size = 100;
      reauth_cache->e = utils->malloc(reauth_cache->size *
                              sizeof(reauth_entry_t));
      if (reauth_cache->e == NULL)
          return SASL_NOMEM;
      memset(reauth_cache->e, 0, reauth_cache->size * sizeof(reauth_entry_t));
    }

    ((digest_glob_context_t *) digestmd5_server_plugins[0].glob_context)->reauth = reauth_cache;

    *out_version = SASL_SERVER_PLUG_VERSION;
    *pluglist = digestmd5_server_plugins;
    *plugcount = 1;
    
    return SASL_OK;
}

/*****************************  Client Section  *****************************/

typedef struct client_context {
    context_t common;

    sasl_secret_t *password;  /* user password */
    unsigned int free_password; /* set if we need to free password */

    int protection;
    struct digest_cipher *cipher;
    unsigned long server_maxbuf;
} client_context_t;

static digest_glob_context_t client_glob_context;

/* calculate H(A1) as per spec */
static void DigestCalcHA1(context_t * text,
                    const sasl_utils_t * utils,
                    unsigned char *pszUserName,
                    unsigned char *pszRealm,
                    sasl_secret_t * pszPassword,
                    unsigned char *pszAuthorization_id,
                    unsigned char *pszNonce,
                    unsigned char *pszCNonce,
                    HASHHEX SessionKey)
{
    MD5_CTX         Md5Ctx;
    HASH            HA1;
    
    DigestCalcSecret(utils,
                 pszUserName,
                 pszRealm,
                 (unsigned char *) pszPassword->data,
                 pszPassword->len,
                 HA1);
    
    /* calculate the session key */
    utils->MD5Init(&Md5Ctx);
    utils->MD5Update(&Md5Ctx, HA1, HASHLEN);
    utils->MD5Update(&Md5Ctx, COLON, 1);
    utils->MD5Update(&Md5Ctx, pszNonce, strlen((char *) pszNonce));
    utils->MD5Update(&Md5Ctx, COLON, 1);
    utils->MD5Update(&Md5Ctx, pszCNonce, strlen((char *) pszCNonce));
    if (pszAuthorization_id != NULL) {
      utils->MD5Update(&Md5Ctx, COLON, 1);
      utils->MD5Update(&Md5Ctx, pszAuthorization_id, 
                   strlen((char *) pszAuthorization_id));
    }
    utils->MD5Final(HA1, &Md5Ctx);
    
    CvtHex(HA1, SessionKey);
    
    /* xxx rc-* use different n */
    
    /* save HA1 because we'll need it for the privacy and integrity keys */
    memcpy(text->HA1, HA1, sizeof(HASH));
    
}

static char *calculate_response(context_t * text,
                        const sasl_utils_t * utils,
                        unsigned char *username,
                        unsigned char *realm,
                        unsigned char *nonce,
                        unsigned int ncvalue,
                        unsigned char *cnonce,
                        char *qop,
                        unsigned char *digesturi,
                        sasl_secret_t * passwd,
                        unsigned char *authorization_id,
                        char **response_value)
{
    HASHHEX         SessionKey;
    HASHHEX         HEntity = "00000000000000000000000000000000";
    HASHHEX         Response;
    char           *result;
    
    /* Verifing that all parameters was defined */
    if(!username || !cnonce || !nonce || !ncvalue || !digesturi || !passwd) {
      PARAMERROR( utils );
      return NULL;
    }
    
    if (realm == NULL) {
      /* a NULL realm is equivalent to the empty string */
      realm = (unsigned char *) "";
    }
    
    if (qop == NULL) {
      /* default to a qop of just authentication */
      qop = "auth";
    }
    
    DigestCalcHA1(text,
              utils,
              username,
              realm,
              passwd,
              authorization_id,
              nonce,
              cnonce,
              SessionKey);
    
    DigestCalcResponse(utils,
                   SessionKey,/* HEX(H(A1)) */
                   nonce,     /* nonce from server */
                   ncvalue,   /* 8 hex digits */
                   cnonce,    /* client nonce */
                   (unsigned char *) qop, /* qop-value: "", "auth",
                                     * "auth-int" */
                   digesturi, /* requested URL */
                   (unsigned char *) "AUTHENTICATE",
                   HEntity,   /* H(entity body) if qop="auth-int" */
                   Response   /* request-digest or response-digest */
      );
    
    result = utils->malloc(HASHHEXLEN + 1);
    memcpy(result, Response, HASHHEXLEN);
    result[HASHHEXLEN] = 0;
    
    if (response_value != NULL) {
      DigestCalcResponse(utils,
                     SessionKey,    /* HEX(H(A1)) */
                     nonce,   /* nonce from server */
                     ncvalue, /* 8 hex digits */
                     cnonce,  /* client nonce */
                     (unsigned char *) qop,     /* qop-value: "", "auth",
                                           * "auth-int" */
                     (unsigned char *) digesturi,     /* requested URL */
                     NULL,
                     HEntity, /* H(entity body) if qop="auth-int" */
                     Response /* request-digest or response-digest */
          );
      
      *response_value = utils->malloc(HASHHEXLEN + 1);
      if (*response_value == NULL)
          return NULL;
      
      memcpy(*response_value, Response, HASHHEXLEN);
      (*response_value)[HASHHEXLEN] = 0;
      
    }
    
    return result;
}

static int make_client_response(context_t *text,
                        sasl_client_params_t *params,
                        sasl_out_params_t *oparams)
{
    client_context_t *ctext = (client_context_t *) text;
    char *qop = NULL;
    unsigned nbits = 0;
    unsigned char  *digesturi = NULL;
    bool            IsUTF8 = FALSE;
    char           ncvalue[10];
    char           maxbufstr[64];
    char           *response = NULL;
    unsigned        resplen = 0;
    int result = SASL_OK;

    switch (ctext->protection) {
    case DIGEST_PRIVACY:
      qop = "auth-conf";
      oparams->encode = &digestmd5_encode; 
      oparams->decode = &digestmd5_decode;
      oparams->mech_ssf = ctext->cipher->ssf;

      nbits = ctext->cipher->n;
      text->cipher_enc = ctext->cipher->cipher_enc;
      text->cipher_dec = ctext->cipher->cipher_dec;
      text->cipher_free = ctext->cipher->cipher_free;
      text->cipher_init = ctext->cipher->cipher_init;
      break;
    case DIGEST_INTEGRITY:
      qop = "auth-int";
      oparams->encode = &digestmd5_encode;
      oparams->decode = &digestmd5_decode;
      oparams->mech_ssf = 1;
      break;
    case DIGEST_NOLAYER:
    default:
      qop = "auth";
      oparams->encode = NULL;
      oparams->decode = NULL;
      oparams->mech_ssf = 0;
    }

    digesturi = params->utils->malloc(strlen(params->service) + 1 +
                              strlen(params->serverFQDN) + 1 +
                              1);
    if (digesturi == NULL) {
      result = SASL_NOMEM;
      goto FreeAllocatedMem;
    };
    
    /* allocated exactly this. safe */
    strcpy((char *) digesturi, params->service);
    strcat((char *) digesturi, "/");
    strcat((char *) digesturi, params->serverFQDN);
    /*
     * strcat (digesturi, "/"); strcat (digesturi, params->serverFQDN);
     */

    /* response */
    response =
      calculate_response(text,
                     params->utils,
                     (char *) oparams->authid,
                     (unsigned char *) text->realm,
                     text->nonce,
                     text->nonce_count,
                     text->cnonce,
                     qop,
                     digesturi,
                     ctext->password,
                     strcmp(oparams->user, oparams->authid) ?
                     (char *) oparams->user : NULL,
                     &text->response_value);
    
    
    resplen = 0;
    text->out_buf = NULL;
    text->out_buf_len = 0;
    if (add_to_challenge(params->utils,
                   &text->out_buf, &text->out_buf_len, &resplen,
                   "username", (unsigned char *) oparams->authid,
                   TRUE) != SASL_OK) {
      result = SASL_FAIL;
      goto FreeAllocatedMem;
    }

    if (add_to_challenge(params->utils,
                   &text->out_buf, &text->out_buf_len, &resplen,
                   "realm", (unsigned char *) text->realm,
                   TRUE) != SASL_OK) {
      result = SASL_FAIL;
      goto FreeAllocatedMem;
    }
    if (strcmp(oparams->user, oparams->authid)) {
      if (add_to_challenge(params->utils,
                       &text->out_buf, &text->out_buf_len, &resplen,
                       "authzid", (char *) oparams->user, TRUE) != SASL_OK) {
          result = SASL_FAIL;
          goto FreeAllocatedMem;
      }
    }
    if (add_to_challenge(params->utils,
                   &text->out_buf, &text->out_buf_len, &resplen,
                   "nonce", text->nonce, TRUE) != SASL_OK) {
      result = SASL_FAIL;
      goto FreeAllocatedMem;
    }
    if (add_to_challenge(params->utils,
                   &text->out_buf, &text->out_buf_len, &resplen,
                   "cnonce", text->cnonce, TRUE) != SASL_OK) {
      result = SASL_FAIL;
      goto FreeAllocatedMem;
    }
    snprintf(ncvalue, sizeof(ncvalue), "%08x", text->nonce_count);
    if (add_to_challenge(params->utils,
                   &text->out_buf, &text->out_buf_len, &resplen,
                   "nc", (unsigned char *) ncvalue, FALSE) != SASL_OK) {
      result = SASL_FAIL;
      goto FreeAllocatedMem;
    }
    if (add_to_challenge(params->utils,
                   &text->out_buf, &text->out_buf_len, &resplen,
                   "qop", (unsigned char *) qop, FALSE) != SASL_OK) {
      result = SASL_FAIL;
      goto FreeAllocatedMem;
    }
    if (ctext->cipher != NULL) {
      if (add_to_challenge(params->utils,
                       &text->out_buf, &text->out_buf_len, &resplen,
                       "cipher", 
                       (unsigned char *) ctext->cipher->name,
                       FALSE) != SASL_OK) {
          result = SASL_FAIL;
          goto FreeAllocatedMem;
      }
    }

    if (params->props.maxbufsize) {
      snprintf(maxbufstr, sizeof(maxbufstr), "%d", params->props.maxbufsize);
      if (add_to_challenge(params->utils,
                       &text->out_buf, &text->out_buf_len, &resplen,
                       "maxbuf", (unsigned char *) maxbufstr, 
                       FALSE) != SASL_OK) {
          SETERROR(params->utils,
                 "internal error: add_to_challenge maxbuf failed");
          goto FreeAllocatedMem;
      }
    }
    
    if (IsUTF8) {
      if (add_to_challenge(params->utils,
                       &text->out_buf, &text->out_buf_len, &resplen,
                       "charset", (unsigned char *) "utf-8",
                       FALSE) != SASL_OK) {
          result = SASL_FAIL;
          goto FreeAllocatedMem;
      }
    }
    if (add_to_challenge(params->utils,
                   &text->out_buf, &text->out_buf_len, &resplen,
                   "digest-uri", digesturi, TRUE) != SASL_OK) {
      result = SASL_FAIL;
      goto FreeAllocatedMem;
    }
    if (add_to_challenge(params->utils,
                   &text->out_buf, &text->out_buf_len, &resplen,
                   "response", (unsigned char *) response,
                   FALSE) != SASL_OK) {
      
      result = SASL_FAIL;
      goto FreeAllocatedMem;
    }
    
    /* self check */
    if (strlen(text->out_buf) > 2048) {
      result = SASL_FAIL;
      goto FreeAllocatedMem;
    }

    /* set oparams */
    oparams->maxoutbuf = ctext->server_maxbuf;
    if(oparams->mech_ssf > 1) {
      /* MAC block (privacy) */
      oparams->maxoutbuf -= 25;
    } else if(oparams->mech_ssf == 1) {
      /* MAC block (integrity) */
      oparams->maxoutbuf -= 16;
    }
    
    text->seqnum = 0;   /* for integrity/privacy */
    text->rec_seqnum = 0;     /* for integrity/privacy */
    text->utils = params->utils;

    /* used by layers */
    _plug_decode_init(&text->decode_context, text->utils,
                  params->props.maxbufsize ? params->props.maxbufsize :
                  DEFAULT_BUFSIZE);
    
    if (oparams->mech_ssf > 0) {
      char enckey[16];
      char deckey[16];
      
      create_layer_keys(text, params->utils, text->HA1, nbits,
                    enckey, deckey);
      
      /* initialize cipher if need be */
      if (text->cipher_init)
          text->cipher_init(text, enckey, deckey);                 
    }
    
    result = SASL_OK;

  FreeAllocatedMem:
    if (digesturi) params->utils->free(digesturi);
    if (response) params->utils->free(response);

    return result;
}

static int parse_server_challenge(client_context_t *ctext,
                          sasl_client_params_t *params,
                          const char *serverin, unsigned serverinlen,
                          char ***outrealms, int *noutrealm)
{
    context_t *text = (context_t *) ctext;
    int result = SASL_OK;
    char *in_start = NULL;
    char *in = NULL;
    char **realms = NULL;
    int nrealm = 0;
    sasl_ssf_t limit, musthave = 0;
    sasl_ssf_t external;
    int protection = 0;
    int ciphers = 0;
    int maxbuf_count = 0;
    bool IsUTF8 = FALSE;
    int algorithm_count = 0;

    if (!serverin || !serverinlen) {
      params->utils->seterror(params->utils->conn, 0,
                        "no server challenge");
      return SASL_FAIL;
    }

    in_start = in = params->utils->malloc(serverinlen + 1);
    if (in == NULL) return SASL_NOMEM;
    
    memcpy(in, serverin, serverinlen);
    in[serverinlen] = 0;
    
    ctext->server_maxbuf = 65536; /* Default value for maxbuf */

    /* create a new cnonce */
    text->cnonce = create_nonce(params->utils);
    if (text->cnonce == NULL) {
      params->utils->seterror(params->utils->conn, 0,
                        "failed to create cnonce");
      result = SASL_FAIL;
      goto FreeAllocatedMem;
    }

    /* parse the challenge */
    while (in[0] != '\0') {
      char *name, *value;
      
      get_pair(&in, &name, &value);
      
      /* if parse error */
      if (name == NULL) {
          params->utils->seterror(params->utils->conn, 0, "Parse error");
          result = SASL_FAIL;
          goto FreeAllocatedMem;
      }
      
      if (strcasecmp(name, "realm") == 0) {
          nrealm++;
          
          if(!realms)
            realms = params->utils->malloc(sizeof(char *) * (nrealm + 1));
          else
            realms = params->utils->realloc(realms, 
                                    sizeof(char *) * (nrealm + 1));
          
          if (realms == NULL) {
            result = SASL_NOMEM;
            goto FreeAllocatedMem;
          }
          
          _plug_strdup(params->utils, value, &realms[nrealm-1], NULL);
          realms[nrealm] = NULL;
      } else if (strcasecmp(name, "nonce") == 0) {
          _plug_strdup(params->utils, value, (char **) &text->nonce,
                   NULL);
          text->nonce_count = 1;
      } else if (strcasecmp(name, "qop") == 0) {
          while (value && *value) {
            char *comma;
            char *end_val;

SKIP_SPACES_IN_QOP:
            /* skipping spaces: */
            value = skip_lws(value);
            if (*value == '\0') {
                break;
            }

            /* check for an extreme case when there is no data: LWSP ',' */
            if (*value == ',') {
                value++;
                goto SKIP_SPACES_IN_QOP;
            }

            comma = strchr(value, ',');

            if (comma != NULL) {
                *comma++ = '\0';
            }

            /* skip LWSP at the end of the value (if any), skip_r_lws returns pointer to
               the first LWSP character, NUL (if there were none) or NULL if the value
               is entirely from LWSP characters */
            end_val = skip_r_lws (value);
            if (end_val == NULL) {
                value = comma;
                continue;
            } else {
                /* strip LWSP */
                *end_val = '\0';
            }

            if (strcasecmp(value, "auth-conf") == 0) {
                protection |= DIGEST_PRIVACY;
            } else if (strcasecmp(value, "auth-int") == 0) {
                protection |= DIGEST_INTEGRITY;
            } else if (strcasecmp(value, "auth") == 0) {
                protection |= DIGEST_NOLAYER;
            } else {
                params->utils->log(params->utils->conn, SASL_LOG_DEBUG,
                               "Server supports unknown layer: %s\n",
                               value);
            }
            
            value = comma;
          }
          
          if (protection == 0) {
            result = SASL_BADAUTH;
            params->utils->seterror(params->utils->conn, 0,
                              "Server doesn't support any known qop level");
            goto FreeAllocatedMem;
          }
      } else if (strcasecmp(name, "cipher") == 0) {
          while (value && *value) {
            struct digest_cipher *cipher = available_ciphers;
            char *comma;
            char *end_val;

SKIP_SPACES_IN_CIPHER:
            /* skipping spaces: */
            value = skip_lws(value);
            if (*value == '\0') {
                break;
            }

            /* check for an extreme case when there is no data: LWSP ',' */
            if (*value == ',') {
                value++;
                goto SKIP_SPACES_IN_CIPHER;
            }

            comma = strchr(value, ',');

            if (comma != NULL) {
                *comma++ = '\0';
            }

            /* skip LWSP at the end of the value, skip_r_lws returns pointer to
               the first LWSP character or NULL */
            end_val = skip_r_lws (value);
            if (end_val == NULL) {
                value = comma;
                continue;
            } else {
                /* strip LWSP */
                *end_val = '\0';
            }

            /* do we support this cipher? */
            while (cipher->name) {
                if (!strcasecmp(value, cipher->name)) break;
                cipher++;
            }
            if (cipher->name) {
                ciphers |= cipher->flag;
            } else {
                params->utils->log(params->utils->conn, SASL_LOG_DEBUG,
                               "Server supports unknown cipher: %s\n",
                               value);
            }
            
            value = comma;
          }
      } else if (strcasecmp(name, "stale") == 0 && ctext->password) {
          /* clear any cached password */
          if (ctext->free_password)
            _plug_free_secret(params->utils, &ctext->password);
          ctext->password = NULL;
      } else if (strcasecmp(name, "maxbuf") == 0) {
          /* maxbuf A number indicating the size of the largest
           * buffer the server is able to receive when using
           * "auth-int". If this directive is missing, the default
           * value is 65536. This directive may appear at most once;
           * if multiple instances are present, the client should
           * abort the authentication exchange.  
           */
          maxbuf_count++;
          
          if (maxbuf_count != 1) {
            result = SASL_BADAUTH;
            params->utils->seterror(params->utils->conn, 0,
                              "At least two maxbuf directives found. Authentication aborted");
            goto FreeAllocatedMem;
          } 

          if (str2ul32 (value, &ctext->server_maxbuf) == FALSE) {
            result = SASL_BADAUTH;
            params->utils->seterror(params->utils->conn, 0,
                              "Invalid maxbuf parameter received from server (%s)", value);
            goto FreeAllocatedMem;
          }
          
          if (ctext->server_maxbuf <= 16) {
            result = SASL_BADAUTH;
            params->utils->seterror(params->utils->conn, 0,
                              "Invalid maxbuf parameter received from server (too small: %s)", value);
            goto FreeAllocatedMem;
          }

          if (ctext->server_maxbuf > MAX_SASL_BUFSIZE) {
            result = SASL_BADAUTH;
            params->utils->seterror(params->utils->conn, 0,
                              "Invalid maxbuf parameter received from server (too big: %s)", value);
            goto FreeAllocatedMem;
          }
      } else if (strcasecmp(name, "charset") == 0) {
          if (strcasecmp(value, "utf-8") != 0) {
            result = SASL_BADAUTH;
            params->utils->seterror(params->utils->conn, 0,
                              "Charset must be UTF-8");
            goto FreeAllocatedMem;
          } else {
            IsUTF8 = TRUE;
          }
      } else if (strcasecmp(name,"algorithm")==0) {
          if (strcasecmp(value, "md5-sess") != 0)
            {
                params->utils->seterror(params->utils->conn, 0,
                                  "'algorithm' isn't 'md5-sess'");
                result = SASL_FAIL;
                goto FreeAllocatedMem;
            }
          
          algorithm_count++;
          if (algorithm_count > 1)
            {
                params->utils->seterror(params->utils->conn, 0,
                                  "Must see 'algorithm' only once");
                result = SASL_FAIL;
                goto FreeAllocatedMem;
            }
      } else {
          params->utils->log(params->utils->conn, SASL_LOG_DEBUG,
                         "DIGEST-MD5 unrecognized pair %s/%s: ignoring",
                         name, value);
      }
    }
    
    if (algorithm_count != 1) {
      params->utils->seterror(params->utils->conn, 0,
                        "Must see 'algorithm' once. Didn't see at all");
      result = SASL_FAIL;
      goto FreeAllocatedMem;
    }

    /* make sure we have everything we require */
    if (text->nonce == NULL) {
      params->utils->seterror(params->utils->conn, 0,
                        "Don't have nonce.");
      result = SASL_FAIL;
      goto FreeAllocatedMem;
    }

    /* get requested ssf */
    external = params->external_ssf;
    
    /* what do we _need_?  how much is too much? */
    if (params->props.maxbufsize == 0) {
      musthave = 0;
      limit = 0;
    } else {
      if (params->props.max_ssf > external) {
          limit = params->props.max_ssf - external;
      } else {
          limit = 0;
      }
      if (params->props.min_ssf > external) {
          musthave = params->props.min_ssf - external;
      } else {
          musthave = 0;
      }
    }
    
    /* we now go searching for an option that gives us at least "musthave"
       and at most "limit" bits of ssf. */
    if ((limit > 1) && (protection & DIGEST_PRIVACY)) {
      struct digest_cipher *cipher;
      
      /* let's find an encryption scheme that we like */
      cipher = available_ciphers;
      while (cipher->name) {
          /* examine each cipher we support, see if it meets our security
             requirements, and see if the server supports it.
             choose the best one of these */
          if ((limit >= cipher->ssf) && (musthave <= cipher->ssf) &&
            (ciphers & cipher->flag) &&
            (!ctext->cipher || (cipher->ssf > ctext->cipher->ssf))) {
            ctext->cipher = cipher;
          }
          cipher++;
      }
      
      if (ctext->cipher) {
          /* we found a cipher we like */
          ctext->protection = DIGEST_PRIVACY;
      } else {
          /* we didn't find any ciphers we like */
          params->utils->seterror(params->utils->conn, 0,
                            "No good privacy layers");
      }
    }
    
    if (ctext->cipher == NULL) {
      /* we failed to find an encryption layer we liked;
         can we use integrity or nothing? */
      
      if ((limit >= 1) && (musthave <= 1) 
          && (protection & DIGEST_INTEGRITY)) {
          /* integrity */
          ctext->protection = DIGEST_INTEGRITY;
      } else if (musthave <= 0) {
          /* no layer */
          ctext->protection = DIGEST_NOLAYER;

          /* See if server supports not having a layer */
          if ((protection & DIGEST_NOLAYER) != DIGEST_NOLAYER) {
            params->utils->seterror(params->utils->conn, 0, 
                              "Server doesn't support \"no layer\"");
            result = SASL_FAIL;
            goto FreeAllocatedMem;
          }
      } else {
          params->utils->seterror(params->utils->conn, 0,
                            "Can't find an acceptable layer");
          result = SASL_TOOWEAK;
          goto FreeAllocatedMem;
      }
    }

    *outrealms = realms;
    *noutrealm = nrealm;

  FreeAllocatedMem:
    if (in_start) params->utils->free(in_start);

    if (result != SASL_OK && realms) {
      int lup;
      
      /* need to free all the realms */
      for (lup = 0;lup < nrealm; lup++)
          params->utils->free(realms[lup]);
      
      params->utils->free(realms);
    }

    return result;
}

static int ask_user_info(client_context_t *ctext,
                   sasl_client_params_t *params,
                   char **realms, int nrealm,
                   sasl_interact_t **prompt_need,
                   sasl_out_params_t *oparams)
{
    context_t *text = (context_t *) ctext;
    int result = SASL_OK;
    const char *authid = NULL, *userid = NULL, *realm = NULL;
    char *realm_chal = NULL;
    int user_result = SASL_OK;
    int auth_result = SASL_OK;
    int pass_result = SASL_OK;
    int realm_result = SASL_FAIL;

    /* try to get the authid */
    if (oparams->authid == NULL) {
      auth_result = _plug_get_authid(params->utils, &authid, prompt_need);
      
      if ((auth_result != SASL_OK) && (auth_result != SASL_INTERACT)) {
          return auth_result;
      }
    }
    
    /* try to get the userid */
    if (oparams->user == NULL) {
      user_result = _plug_get_userid(params->utils, &userid, prompt_need);
      
      if ((user_result != SASL_OK) && (user_result != SASL_INTERACT)) {
          return user_result;
      }
    }
    
    /* try to get the password */
    if (ctext->password == NULL) {
      pass_result = _plug_get_password(params->utils, &ctext->password,
                               &ctext->free_password, prompt_need);
      if ((pass_result != SASL_OK) && (pass_result != SASL_INTERACT)) {
          return pass_result;
      }
    }

    /* try to get the realm */
    if (text->realm == NULL) {
      if (realms) {
          if(nrealm == 1) {
            /* only one choice */
            realm = realms[0];
            realm_result = SASL_OK;
          } else {
            /* ask the user */
            realm_result = _plug_get_realm(params->utils,
                                     (const char **) realms,
                                     (const char **) &realm,
                                     prompt_need);
          }
      }

      /* fake the realm if we must */
      if ((realm_result != SASL_OK) && (realm_result != SASL_INTERACT)) {
          if (params->serverFQDN) {
            realm = params->serverFQDN;
          } else {
            return realm_result;
          }
      }    
    }
    
    /* free prompts we got */
    if (prompt_need && *prompt_need) {
      params->utils->free(*prompt_need);
      *prompt_need = NULL;
    }
    
    /* if there are prompts not filled in */
    if ((user_result == SASL_INTERACT) || (auth_result == SASL_INTERACT) ||
      (pass_result == SASL_INTERACT) || (realm_result == SASL_INTERACT)) {

      /* make our default realm */
      if ((realm_result == SASL_INTERACT) && params->serverFQDN) {
          realm_chal = params->utils->malloc(3+strlen(params->serverFQDN));
          if (realm_chal) {
            sprintf(realm_chal, "{%s}", params->serverFQDN);
          } else {
            return SASL_NOMEM;
          }
      }

      /* make the prompt list */
      result =
          _plug_make_prompts(params->utils, prompt_need,
                         user_result == SASL_INTERACT ?
                         "Please enter your authorization name" : NULL,
                         NULL,
                         auth_result == SASL_INTERACT ?
                         "Please enter your authentication name" : NULL,
                         NULL,
                         pass_result == SASL_INTERACT ?
                         "Please enter your password" : NULL, NULL,
                         NULL, NULL, NULL,
                         realm_chal ? realm_chal : "{}",
                         realm_result == SASL_INTERACT ?
                         "Please enter your realm" : NULL,
                         params->serverFQDN ? params->serverFQDN : NULL);
      
      if (result == SASL_OK) return SASL_INTERACT;

      return result;
    }
    
    if (oparams->authid == NULL) {
      if (!userid || !*userid) {
          result = params->canon_user(params->utils->conn, authid, 0,
                              SASL_CU_AUTHID | SASL_CU_AUTHZID,
                              oparams);
      }
      else {
          result = params->canon_user(params->utils->conn,
                              authid, 0, SASL_CU_AUTHID, oparams);
          if (result != SASL_OK) return result;

          result = params->canon_user(params->utils->conn,
                              userid, 0, SASL_CU_AUTHZID, oparams);
      }
      if (result != SASL_OK) return result;
    }

    /* Get an allocated version of the realm into the structure */
    if (realm && text->realm == NULL) {
      _plug_strdup(params->utils, realm, (char **) &text->realm, NULL);
    }

    return result;
}

static int digestmd5_client_mech_new(void *glob_context,
                             sasl_client_params_t * params,
                             void **conn_context)
{
    context_t *text;
    
    /* holds state are in -- allocate client size */
    text = params->utils->malloc(sizeof(client_context_t));
    if (text == NULL)
      return SASL_NOMEM;
    memset(text, 0, sizeof(client_context_t));
    
    text->state = 1;
    text->i_am = CLIENT;
    text->reauth = ((digest_glob_context_t *) glob_context)->reauth;
    
    *conn_context = text;

    return SASL_OK;
}

static int
digestmd5_client_mech_step1(client_context_t *ctext,
                      sasl_client_params_t *params,
                      const char *serverin __attribute__((unused)), 
                      unsigned serverinlen __attribute__((unused)), 
                      sasl_interact_t **prompt_need,
                      const char **clientout,
                      unsigned *clientoutlen,
                      sasl_out_params_t *oparams)
{
    context_t *text = (context_t *) ctext;
    int result = SASL_FAIL;
    unsigned val;

    params->utils->log(params->utils->conn, SASL_LOG_DEBUG,
                   "DIGEST-MD5 client step 1");

    result = ask_user_info(ctext, params, NULL, 0, prompt_need, oparams);
    if (result != SASL_OK) return result;

    /* check if we have cached info for this user on this server */
    val = hash(params->serverFQDN) % text->reauth->size;
    if (params->utils->mutex_lock(text->reauth->mutex) == SASL_OK) { /* LOCK */
      if (text->reauth->e[val].u.c.serverFQDN &&
          !strcasecmp(text->reauth->e[val].u.c.serverFQDN,
                  params->serverFQDN) &&
          !strcmp(text->reauth->e[val].authid, oparams->authid)) {

          /* we have info, so use it */
          _plug_strdup(params->utils, text->reauth->e[val].realm,
                   &text->realm, NULL);
          _plug_strdup(params->utils, text->reauth->e[val].nonce,
                   (char **) &text->nonce, NULL);
          text->nonce_count = ++text->reauth->e[val].nonce_count;
          _plug_strdup(params->utils, text->reauth->e[val].cnonce,
                   (char **) &text->cnonce, NULL);
          ctext->protection = text->reauth->e[val].u.c.protection;
          ctext->cipher = text->reauth->e[val].u.c.cipher;
          ctext->server_maxbuf = text->reauth->e[val].u.c.server_maxbuf;
      }
      params->utils->mutex_unlock(text->reauth->mutex); /* UNLOCK */
    }

    if (!text->nonce) {
      /* we don't have any reauth info, so just return
       * that there is no initial client send */
      text->state = 2;
      return SASL_CONTINUE;
    }

    /*
     * (username | realm | nonce | cnonce | nonce-count | qop digest-uri |
     * response | maxbuf | charset | auth-param )
     */
    
    result = make_client_response(text, params, oparams);
    if (result != SASL_OK) return result;

    *clientoutlen = strlen(text->out_buf);
    *clientout = text->out_buf;

    text->state = 3;
    return SASL_CONTINUE;
}

static int digestmd5_client_mech_step2(client_context_t *ctext,
                               sasl_client_params_t *params,
                               const char *serverin,
                               unsigned serverinlen,
                               sasl_interact_t **prompt_need,
                               const char **clientout,
                               unsigned *clientoutlen,
                               sasl_out_params_t *oparams)
{
    context_t *text = (context_t *) ctext;
    int result = SASL_FAIL;
    char **realms = NULL;
    int nrealm = 0;

    params->utils->log(params->utils->conn, SASL_LOG_DEBUG,
                   "DIGEST-MD5 client step 2");

    if (params->props.min_ssf > params->props.max_ssf) {
      return SASL_BADPARAM;
    }

    /* don't bother parsing the challenge more than once */
    if (text->nonce == NULL) {
      result = parse_server_challenge(ctext, params, serverin, serverinlen,
                              &realms, &nrealm);
      if (result != SASL_OK) goto FreeAllocatedMem;
    
      if (nrealm == 1) {
          /* only one choice! */
          text->realm = realms[0];

          /* free realms */
          params->utils->free(realms);
          realms = NULL;
      }
    }

    result = ask_user_info(ctext, params, realms, nrealm,
                     prompt_need, oparams);
    if (result != SASL_OK) goto FreeAllocatedMem;

    /*
     * (username | realm | nonce | cnonce | nonce-count | qop | digest-uri |
     *  response | maxbuf | charset | auth-param )
     */
    
    result = make_client_response(text, params, oparams);
    if (result != SASL_OK) goto FreeAllocatedMem;

    *clientoutlen = strlen(text->out_buf);
    *clientout = text->out_buf;

    text->state = 3;
    
    result = SASL_CONTINUE;
    
  FreeAllocatedMem:
    if (realms) {
      int lup;
      
      /* need to free all the realms */
      for (lup = 0;lup < nrealm; lup++)
          params->utils->free(realms[lup]);
      
      params->utils->free(realms);
    }

    return result;
}

static int
digestmd5_client_mech_step3(client_context_t *ctext,
                      sasl_client_params_t *params,
                      const char *serverin,
                      unsigned serverinlen,
                      sasl_interact_t **prompt_need __attribute__((unused)),
                      const char **clientout __attribute__((unused)),
                      unsigned *clientoutlen __attribute__((unused)),
                      sasl_out_params_t *oparams)
{
    context_t *text = (context_t *) ctext;
    char           *in = NULL;
    char           *in_start;
    int result = SASL_FAIL;
    
    params->utils->log(params->utils->conn, SASL_LOG_DEBUG,
                   "DIGEST-MD5 client step 3");

    /* Verify that server is really what he claims to be */
    in_start = in = params->utils->malloc(serverinlen + 1);
    if (in == NULL) return SASL_NOMEM;

    memcpy(in, serverin, serverinlen);
    in[serverinlen] = 0;
    
    /* parse the response */
    while (in[0] != '\0') {
      char *name, *value;
      get_pair(&in, &name, &value);
      
      if (name == NULL) {
          params->utils->seterror(params->utils->conn, 0,
                            "DIGEST-MD5 Received Garbage");
          break;
      }
      
      if (strcasecmp(name, "rspauth") == 0) {
          
          if (strcmp(text->response_value, value) != 0) {
            params->utils->seterror(params->utils->conn, 0,
                              "DIGEST-MD5: This server wants us to believe that he knows shared secret");
            result = SASL_BADSERV;
          } else {
            oparams->doneflag = 1;
            oparams->param_version = 0;
            
            result = SASL_OK;
          }
          break;
      } else {
          params->utils->log(params->utils->conn, SASL_LOG_DEBUG,
                         "DIGEST-MD5 unrecognized pair %s/%s: ignoring",
                         name, value);
      }
    }
    
    params->utils->free(in_start);

    if (params->utils->mutex_lock(text->reauth->mutex) == SASL_OK) { /* LOCK */
      unsigned val = hash(params->serverFQDN) % text->reauth->size;
      switch (result) {
      case SASL_OK:
          if (text->nonce_count == 1) {
            /* successful initial auth, setup for future reauth */
            clear_reauth_entry(&text->reauth->e[val], CLIENT, params->utils);
            _plug_strdup(params->utils, oparams->authid,
                       &text->reauth->e[val].authid, NULL);
            text->reauth->e[val].realm = text->realm; text->realm = NULL;
            text->reauth->e[val].nonce = text->nonce; text->nonce = NULL;
            text->reauth->e[val].nonce_count = text->nonce_count;
            text->reauth->e[val].cnonce = text->cnonce; text->cnonce = NULL;
            _plug_strdup(params->utils, params->serverFQDN,
                       &text->reauth->e[val].u.c.serverFQDN, NULL);
            text->reauth->e[val].u.c.protection = ctext->protection;
            text->reauth->e[val].u.c.cipher = ctext->cipher;
            text->reauth->e[val].u.c.server_maxbuf = ctext->server_maxbuf;
          }
          else {
            /* reauth, we already incremented nonce_count */
          }
          break;
      default:
          if (text->nonce_count > 1) {
            /* failed reauth, clear cache */
            clear_reauth_entry(&text->reauth->e[val], CLIENT, params->utils);
          }
          else {
            /* failed initial auth, leave existing cache */
          }
      }
      params->utils->mutex_unlock(text->reauth->mutex); /* UNLOCK */
    }

    return result;
}

static int digestmd5_client_mech_step(void *conn_context,
                              sasl_client_params_t *params,
                              const char *serverin,
                              unsigned serverinlen,
                              sasl_interact_t **prompt_need,
                              const char **clientout,
                              unsigned *clientoutlen,
                              sasl_out_params_t *oparams)
{
    context_t *text = (context_t *) conn_context;
    client_context_t *ctext = (client_context_t *) conn_context;
    unsigned val = hash(params->serverFQDN) % text->reauth->size;
    
    if (serverinlen > 2048) return SASL_BADPROT;
    
    *clientout = NULL;
    *clientoutlen = 0;

    switch (text->state) {

    case 1:
      if (!serverin) {
          /* here's where we attempt fast reauth if possible */
          int reauth = 0;

          /* check if we have saved info for this server */
          if (params->utils->mutex_lock(text->reauth->mutex) == SASL_OK) { /* LOCK */
            reauth = text->reauth->e[val].u.c.serverFQDN &&
                !strcasecmp(text->reauth->e[val].u.c.serverFQDN,
                        params->serverFQDN);
            params->utils->mutex_unlock(text->reauth->mutex); /* UNLOCK */
          }
          if (reauth) {
            return digestmd5_client_mech_step1(ctext, params,
                                       serverin, serverinlen,
                                       prompt_need,
                                       clientout, clientoutlen,
                                       oparams);
          }
          else {
            /* we don't have any reauth info, so just return
             * that there is no initial client send */
            text->state = 2;
            return SASL_CONTINUE;
          }
      }
      
      /* fall through and respond to challenge */
      
    case 3:
      if (serverin && !strncasecmp(serverin, "rspauth=", 8)) {
          return digestmd5_client_mech_step3(ctext, params,
                                     serverin, serverinlen,
                                     prompt_need,
                                     clientout, clientoutlen,
                                     oparams);
      }

      /* fall through and respond to challenge */
      text->state = 2;

      /* cleanup after a failed reauth attempt */
      if (params->utils->mutex_lock(text->reauth->mutex) == SASL_OK) { /* LOCK */
          clear_reauth_entry(&text->reauth->e[val], CLIENT, params->utils);

          params->utils->mutex_unlock(text->reauth->mutex); /* UNLOCK */
      }

      if (text->realm) params->utils->free(text->realm);
      if (text->nonce) params->utils->free(text->nonce);
      if (text->cnonce) params->utils->free(text->cnonce);
      text->realm = text->nonce = text->cnonce = NULL;
      ctext->cipher = NULL;
    
    case 2:
      return digestmd5_client_mech_step2(ctext, params,
                                 serverin, serverinlen,
                                 prompt_need,
                                 clientout, clientoutlen,
                                 oparams);

    default:
      params->utils->log(NULL, SASL_LOG_ERR,
                     "Invalid DIGEST-MD5 client step %d\n", text->state);
      return SASL_FAIL;
    }
    
    return SASL_FAIL; /* should never get here */
}

static void digestmd5_client_mech_dispose(void *conn_context,
                                const sasl_utils_t *utils)
{
    client_context_t *ctext = (client_context_t *) conn_context;
    
    if (!ctext || !utils) return;
    
    if (ctext->free_password) _plug_free_secret(utils, &ctext->password);

    digestmd5_common_mech_dispose(conn_context, utils);
}

static sasl_client_plug_t digestmd5_client_plugins[] =
{
    {
      "DIGEST-MD5",
#ifdef WITH_RC4                     /* mech_name */
      128,                    /* max ssf */
#elif WITH_DES
      112,
#else
      0,
#endif
      SASL_SEC_NOPLAINTEXT
      | SASL_SEC_NOANONYMOUS
      | SASL_SEC_MUTUAL_AUTH,       /* security_flags */
      SASL_FEAT_NEEDSERVERFQDN
      | SASL_FEAT_ALLOWS_PROXY,     /* features */
      NULL,                   /* required_prompts */
      &client_glob_context,         /* glob_context */
      &digestmd5_client_mech_new,   /* mech_new */
      &digestmd5_client_mech_step,  /* mech_step */
      &digestmd5_client_mech_dispose,     /* mech_dispose */
      &digestmd5_common_mech_free,  /* mech_free */
      NULL,                   /* idle */
      NULL,                   /* spare1 */
      NULL                    /* spare2 */
    }
};

int digestmd5_client_plug_init(sasl_utils_t *utils,
                         int maxversion,
                         int *out_version,
                         sasl_client_plug_t **pluglist,
                         int *plugcount)
{
    reauth_cache_t *reauth_cache;

    if (maxversion < SASL_CLIENT_PLUG_VERSION)
      return SASL_BADVERS;
    
    /* reauth cache */
    reauth_cache = utils->malloc(sizeof(reauth_cache_t));
    if (reauth_cache == NULL)
      return SASL_NOMEM;
    memset(reauth_cache, 0, sizeof(reauth_cache_t));
    reauth_cache->i_am = CLIENT;
    
    /* mutex */
    reauth_cache->mutex = utils->mutex_alloc();
    if (!reauth_cache->mutex)
      return SASL_FAIL;

    /* entries */
    reauth_cache->size = 10;
    reauth_cache->e = utils->malloc(reauth_cache->size *
                            sizeof(reauth_entry_t));
    if (reauth_cache->e == NULL)
      return SASL_NOMEM;
    memset(reauth_cache->e, 0, reauth_cache->size * sizeof(reauth_entry_t));

    ((digest_glob_context_t *) digestmd5_client_plugins[0].glob_context)->reauth = reauth_cache;

    *out_version = SASL_CLIENT_PLUG_VERSION;
    *pluglist = digestmd5_client_plugins;
    *plugcount = 1;
    
    return SASL_OK;
}

Generated by  Doxygen 1.6.0   Back to index