[ingo] Patch Net_Sieve: SASL Cram-MD5, Digest-MD5

[Joerg Friedrich]

Hi,

quick'n'dirty to get cram-md5 and digest-md5 working

-- 
Jörg Friedrich
-------------- next part --------------
--- Sieve.php.orig	2004-02-16 15:29:27.000000000 +0100
+++ Sieve.php	2004-02-16 16:21:11.000000000 +0100
@@ -276,9 +276,10 @@
     * @param  string $pass      Login password
     * @param  string $logintype Type of login method to use
     * @param  string $euser     Effective UID (perform on behalf of $euser)
+    * @param  string $authzid   Authorization id (username to proxy as) DIGEST-MD5, if needed
     * @return mixed             True on success, PEAR_Error otherwise
     */
-    function _login($user, $pass, $logintype = 'PLAIN', $euser = '')
+    function _login($user, $pass, $logintype = 'PLAIN', $euser = '', $authzid = '')
     {
         if (NET_SIEVE_STATE_AUTHORISATION != $this->_state) {
             return PEAR::raiseError('Not currently in AUTHORISATION state');
@@ -288,7 +289,7 @@
             return PEAR::raiseError(sprintf('Authentication mechanism %s not supported by this server.', $logintype));
         }
 
-        $sasl = &Auth_SASL::factory($logintype);
+        $sasl = &Auth_SASL::factory(str_replace("-","",$logintype));
         if (PEAR::isError($sasl)) {
             return $sasl;
         }
@@ -303,6 +304,26 @@
             $this->_sendCmd('"' . base64_encode($user) . '"');
             $this->_sendCmd('"' . base64_encode($pass) . '"');
             break;
+	case 'DIGEST-MD5':
+	    $this->_sendCmd(sprintf('AUTHENTICATE "DIGEST-MD5"'));
+            if (PEAR::isError($challenge = $this->_getChallenge())) {
+               return $challenge;
+            }
+            if (PEAR::isError($response = $sasl->getResponse($user, $pass, $challenge, $this->_data['host'], 'sieve', $authzid))) {
+               return $response;
+            }
+            $this->_sendCmd('"' . base64_encode($response) . '"');
+	    break;
+	case 'CRAM-MD5':
+	    $this->_sendCmd(sprintf('AUTHENTICATE "CRAM-MD5"'));
+            if (PEAR::isError($challenge = $this->_getChallenge())) {
+               return $challenge;
+            }
+            if (PEAR::isError($response = $sasl->getResponse($user, $pass, $challenge))) {
+               return $response;
+            }
+            $this->_sendCmd('"' . base64_encode($response) . '"');
+	    break;
         default:
             return PEAR::raiseError(sprintf('Authentication mechanism %s not supported by this client.', $logintype));
         }
@@ -556,5 +577,34 @@
             $response .= $line . "\r\n";
         }
     }
+
+    /**
+    * Retrieves the plaintext SASL challenge from the server.
+    *
+    * @access private
+    * @return mixed Reponse string
+    */
+    function _getChallenge()
+    {
+        $challenge = '';
+        $line = $this->_sock->readLine();
+
+        if ('no' == strtolower(substr($line, 0, 2)) or
+            'bye'  == strtolower(substr($line, 0, 3))) {
+            // SASL error
+            preg_match('/.*?\s(.*)/', $line, $matches);
+            return PEAR::raiseError($matches[1]);
+        }
+                                                                                                                                                             
+        // Discard {nnn+} in literal
+        if (preg_match('/^\{\d*\+{0,1}\}\s*$/', $line)) {
+            $line = $this->_sock->readLine();
+        }
+
+        preg_replace('/^\{\d*\+{0,1}\}\s*/', '', $line);
+        return base64_decode($line);
+    }
+
+
 }