email: Added support for cancelling DIGEST-MD5 authentication

1 files changed, 23 insertions, 9 deletions

diff --git a/lib/imap.c b/lib/imap.c
index a4e61622f..9fa737b39 100644
--- a/lib/imap.c
+++ b/lib/imap.c
@@ -1160,6 +1160,10 @@ static CURLcode imap_state_auth_digest_resp(struct connectdata *conn,
   char *rplyb64 = NULL;
   size_t len = 0;
 
+  char nonce[64];
+  char realm[128];
+  char algorithm[64];
+
   (void)instate; /* no use for this yet */
 
   if(imapcode != '+') {
@@ -1170,23 +1174,33 @@ static CURLcode imap_state_auth_digest_resp(struct connectdata *conn,
   /* Get the challenge message */
   imap_get_message(data->state.buffer, &chlg64);
 
-  /* Create the response message */
-  result = Curl_sasl_create_digest_md5_message(data, chlg64, conn->user,
-                                               conn->passwd, "imap",
-                                               &rplyb64, &len);
+  /* Decode the challange message */
+  result = Curl_sasl_decode_digest_md5_message(chlg64, nonce, sizeof(nonce),
+                                               realm, sizeof(realm),
+                                               algorithm, sizeof(algorithm));
+  if(result || strcmp(algorithm, "md5-sess") != 0) {
+    /* Send the cancellation */
+    result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", "*");
 
-  /* Send the response */
-  if(!result) {
-    if(rplyb64) {
+    if(!result)
+      state(conn, IMAP_AUTHENTICATE_CANCEL);
+  }
+  else {
+    /* Create the response message */
+    result = Curl_sasl_create_digest_md5_message(data, nonce, realm,
+                                                 conn->user, conn->passwd,
+                                                 "imap", &rplyb64, &len);
+    if(!result && rplyb64) {
+      /* Send the response */
       result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", rplyb64);
 
       if(!result)
         state(conn, IMAP_AUTHENTICATE_DIGESTMD5_RESP);
     }
-
-    Curl_safefree(rplyb64);
   }
 
+  Curl_safefree(rplyb64);
+
   return result;
 }