imap: Added support for sasl digest-md5 authentication

 *

 * RFC2195 CRAM-MD5 authentication

 * RFC2222 Simple Authentication and Security Layer (SASL)

 * RFC2831 DIGEST-MD5 authentication

 * RFC3501 IMAPv4 protocol

 * RFC4616 PLAIN authentication

 * RFC5092 IMAP URL Scheme

    "AUTHENTICATE_LOGIN",

    "AUTHENTICATE_LOGIN_PASSWD",

    "AUTHENTICATE_CRAMMD5",

    "AUTHENTICATE_DIGESTMD5",

    "AUTHENTICATE_DIGESTMD5_RESP",

    "AUTHENTICATE_NTLM",

    "AUTHENTICATE_NTLM_TYPE2MSG",

    "AUTHENTICATE",

  /* Check supported authentication mechanisms by decreasing order of

     security */

#ifndef CURL_DISABLE_CRYPTO_AUTH

  if(imapc->authmechs & SASL_MECH_CRAM_MD5) {

  if(imapc->authmechs & SASL_MECH_DIGEST_MD5) {

    mech = "DIGEST-MD5";

    authstate = IMAP_AUTHENTICATE_DIGESTMD5;

    imapc->authused = SASL_MECH_DIGEST_MD5;

  }

  else if(imapc->authmechs & SASL_MECH_CRAM_MD5) {

    mech = "CRAM-MD5";

    authstate = IMAP_AUTHENTICATE_CRAMMD5;

    imapc->authused = SASL_MECH_CRAM_MD5;

  return result;

}

/* For AUTHENTICATE DIGEST-MD5 challenge responses */

static CURLcode imap_state_auth_digest_resp(struct connectdata *conn,

                                            int imapcode,

                                            imapstate instate)

{

  CURLcode result = CURLE_OK;

  struct SessionHandle *data = conn->data;

  char *chlg64 = data->state.buffer;

  size_t len = 0;

  char *rplyb64 = NULL;

  (void)instate; /* no use for this yet */

  if(imapcode != '+') {

    failf(data, "Access denied: %d", imapcode);

    return CURLE_LOGIN_DENIED;

  }

  /* Get the challenge */

  for(chlg64 += 2; *chlg64 == ' ' || *chlg64 == '\t'; chlg64++)

    ;

  /* Create the response message */

  result = Curl_sasl_create_digest_md5_message(data, chlg64, conn->user,

                                               conn->passwd, "imap",

                                               &rplyb64, &len);

  /* Send the response */

  if(!result) {

    if(rplyb64) {

      result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", rplyb64);

      if(!result)

        state(conn, IMAP_AUTHENTICATE_DIGESTMD5_RESP);

    }

    Curl_safefree(rplyb64);

  }

  return result;

}

/* For AUTHENTICATE DIGEST-MD5 challenge-response responses */

static CURLcode imap_state_auth_digest_resp_resp(struct connectdata *conn,

                                                 int imapcode,

                                                 imapstate instate)

{

  CURLcode result = CURLE_OK;

  struct SessionHandle *data = conn->data;

  (void)instate; /* no use for this yet */

  if(imapcode != '+') {

    failf(data, "Authentication failed: %d", imapcode);

    result = CURLE_LOGIN_DENIED;

  }

  else {

    /* Send an empty response */

    result = Curl_pp_sendf(&conn->proto.imapc.pp, "");

    if(!result)

      state(conn, IMAP_AUTHENTICATE);

  }

  return result;

}

#endif

#ifdef USE_NTLM

    case IMAP_AUTHENTICATE_CRAMMD5:

      result = imap_state_auth_cram_resp(conn, imapcode, imapc->state);

      break;

    case IMAP_AUTHENTICATE_DIGESTMD5:

      result = imap_state_auth_digest_resp(conn, imapcode, imapc->state);

      break;

    case IMAP_AUTHENTICATE_DIGESTMD5_RESP:

      result = imap_state_auth_digest_resp_resp(conn, imapcode, imapc->state);

      break;

#endif

#ifdef USE_NTLM

  IMAP_AUTHENTICATE_LOGIN,

  IMAP_AUTHENTICATE_LOGIN_PASSWD,

  IMAP_AUTHENTICATE_CRAMMD5,

  IMAP_AUTHENTICATE_DIGESTMD5,

  IMAP_AUTHENTICATE_DIGESTMD5_RESP,

  IMAP_AUTHENTICATE_NTLM,

  IMAP_AUTHENTICATE_NTLM_TYPE2MSG,

  IMAP_AUTHENTICATE,