sasl_sspi: Tidy up of the existing digest code

  CURLcode result = CURLE_OK;

  TCHAR *spn = NULL;

  size_t chlglen = 0;

  size_t resp_max = 0;

  unsigned char *chlg = NULL;

  unsigned char *resp = NULL;

  CredHandle handle;

  CtxtHandle ctx;

  size_t token_max = 0;

  unsigned char *input_token = NULL;

  unsigned char *output_token = NULL;

  CredHandle credentials;

  CtxtHandle context;

  PSecPkgInfo SecurityPackage;

  SEC_WINNT_AUTH_IDENTITY identity;

  SEC_WINNT_AUTH_IDENTITY *p_identity;

  /* Decode the base-64 encoded challenge message */

  if(strlen(chlg64) && *chlg64 != '=') {

    result = Curl_base64_decode(chlg64, &chlg, &chlglen);

    result = Curl_base64_decode(chlg64, &input_token, &chlglen);

    if(result)

      return result;

  }

  /* Ensure we have a valid challenge message */

  if(!chlg)

  if(!input_token)

    return CURLE_BAD_CONTENT_ENCODING;

  /* Query the security package for DigestSSP */

  status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT(SP_NAME_DIGEST),

                                              &SecurityPackage);

  if(status != SEC_E_OK) {

    Curl_safefree(chlg);

    Curl_safefree(input_token);

    return CURLE_NOT_BUILT_IN;

  }

  resp_max = SecurityPackage->cbMaxToken;

  token_max = SecurityPackage->cbMaxToken;

  /* Release the package buffer as it is not required anymore */

  s_pSecFn->FreeContextBuffer(SecurityPackage);

  /* Allocate our response buffer */

  resp = malloc(resp_max);

  if(!resp) {

    Curl_safefree(chlg);

  output_token = malloc(token_max);

  if(!output_token) {

    Curl_safefree(input_token);

    return CURLE_OUT_OF_MEMORY;

  }

  /* Generate our SPN */

  spn = Curl_sasl_build_spn(service, data->easy_conn->host.name);

  if(!spn) {

    Curl_safefree(resp);

    Curl_safefree(chlg);

    Curl_safefree(output_token);

    Curl_safefree(input_token);

    return CURLE_OUT_OF_MEMORY;

  }

    result = Curl_create_sspi_identity(userp, passwdp, &identity);

    if(result) {

      Curl_safefree(spn);

      Curl_safefree(resp);

      Curl_safefree(chlg);

      Curl_safefree(output_token);

      Curl_safefree(input_token);

      return result;

    }

                                              (TCHAR *) TEXT(SP_NAME_DIGEST),

                                              SECPKG_CRED_OUTBOUND, NULL,

                                              p_identity, NULL, NULL,

                                              &handle, &expiry);

                                              &credentials, &expiry);

  if(status != SEC_E_OK) {

    Curl_sspi_free_identity(p_identity);

    Curl_safefree(spn);

    Curl_safefree(resp);

    Curl_safefree(chlg);

    Curl_safefree(output_token);

    Curl_safefree(input_token);

    return CURLE_LOGIN_DENIED;

  }

  chlg_desc.cBuffers  = 1;

  chlg_desc.pBuffers  = &chlg_buf;

  chlg_buf.BufferType = SECBUFFER_TOKEN;

  chlg_buf.pvBuffer   = chlg;

  chlg_buf.pvBuffer   = input_token;

  chlg_buf.cbBuffer   = curlx_uztoul(chlglen);

  /* Setup the response "output" security buffer */

  resp_desc.cBuffers  = 1;

  resp_desc.pBuffers  = &resp_buf;

  resp_buf.BufferType = SECBUFFER_TOKEN;

  resp_buf.pvBuffer   = resp;

  resp_buf.cbBuffer   = curlx_uztoul(resp_max);

  resp_buf.pvBuffer   = output_token;

  resp_buf.cbBuffer   = curlx_uztoul(token_max);

  /* Generate our challenge-response message */

  status = s_pSecFn->InitializeSecurityContext(&handle, NULL, spn, 0, 0, 0,

                                               &chlg_desc, 0, &ctx,

                                               &resp_desc, &attrs, &expiry);

  /* Generate our response message */

  status = s_pSecFn->InitializeSecurityContext(&credentials, NULL, spn,

                                               0, 0, 0, &chlg_desc, 0,

                                               &context, &resp_desc, &attrs,

                                               &expiry);

  if(status == SEC_I_COMPLETE_NEEDED ||

     status == SEC_I_COMPLETE_AND_CONTINUE)

    s_pSecFn->CompleteAuthToken(&handle, &resp_desc);

    s_pSecFn->CompleteAuthToken(&credentials, &resp_desc);

  else if(status != SEC_E_OK && status != SEC_I_CONTINUE_NEEDED) {

    s_pSecFn->FreeCredentialsHandle(&handle);

    s_pSecFn->FreeCredentialsHandle(&credentials);

    Curl_sspi_free_identity(p_identity);

    Curl_safefree(spn);

    Curl_safefree(resp);

    Curl_safefree(chlg);

    Curl_safefree(output_token);

    Curl_safefree(input_token);

    return CURLE_RECV_ERROR;

  }

  /* Base64 encode the response */

  result = Curl_base64_encode(data, (char *)resp, resp_buf.cbBuffer, outptr,

                              outlen);

  result = Curl_base64_encode(data, (char *) output_token, resp_buf.cbBuffer,

                              outptr, outlen);

  /* Free our handles */

  s_pSecFn->DeleteSecurityContext(&ctx);

  s_pSecFn->FreeCredentialsHandle(&handle);

  s_pSecFn->DeleteSecurityContext(&context);

  s_pSecFn->FreeCredentialsHandle(&credentials);

  /* Free the identity structure */

  Curl_sspi_free_identity(p_identity);

  Curl_safefree(spn);

  /* Free the response buffer */

  Curl_safefree(resp);

  Curl_safefree(output_token);

  /* Free the decoded challenge message */

  Curl_safefree(chlg);

  Curl_safefree(input_token);

  return result;

}