Update auth_cram for new MD5 code (untested).

diff --git a/ChangeLog b/ChangeLog
index 5b095089b10e6f941dd7a4579c3756b7eda7cad5..63a8d72594be9ec9ca3c1c19008fb119e185f377 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,42 @@
+2007-08-27 10:13 -0700  Brendan Cully  <brendan@kublai.com>  (4ade2517703a)
+
+       * Makefile.am, configure.ac, hcache.c, md5.c, md5.h, md5c.c,
+       pgppubring.c, pop_auth.c: Replace RFC md5 implementation with GPL
+       version from coreutils
+
+2007-08-16 09:32 -0700  Brendan Cully  <brendan@kublai.com>  (d096219907e7)
+
+       * curs_lib.c: Check for lost tty if getch returns error (closes #1220)
+       Great thanks to Vincent Lefevre for tracking this one down.
+
+2007-08-15 20:09 -0700  Michael Vrable  <mvrable@cs.ucsd.edu>  (acd71f2f2555)
+
+       * rfc3676.c: Fix RFC 3676 (format=flowed text) handling.
+
+       The old code would consider a line containing "> " to be flowed, but
+       since this is a quoted and space-stuffed line containing no
+       additional text, by my reading of RFC 3676 it should be fixed.
+
+       Clean up the handling of format=flowed text. Fix the test to
+       determine whether a line is fixed--if a line ends in a space only
+       because the last character is a space from space-stuffing, consider
+       the line to be a fixed line. This makes the test for ((buf_len -
+       buf_off) <= 0) later no longer necessary.
+
+       Also simplify the code by removing checks for curline being non-
+       null; it is allocated at the start of the function and never
+       reallocated to size zero, so it should never be a null pointer.
+
+2007-08-08 10:49 -0700  Kyle Wheeler  (6d3e90261321)
+
+       * makedoc.c: Trim whitespace in definition lists for man pages (closes
+       #2941).
+
+2007-08-02 22:30 -0700  Brendan Cully  <brendan@kublai.com>  (aefdab8fad80)
+
+       * init.h: Clarify the documentation for $use_envelope_from
+       (closes #2936). Thanks to Vincent Lefevre for the suggestions.
+
 2007-07-25 11:16 -0700  Vincent Lefevre  <vincent@vinc17.org>  (6bc60516fffa)
 
        * po/fr.po: Updated French translation.

diff --git a/imap/auth_cram.c b/imap/auth_cram.c
index a8741f39ca9c813d515aa3d1429760d2cd6c7067..e7e9ea4a4f352a43b6d8601cc9de81261550725b 100644 (file)
--- a/imap/auth_cram.c
+++ b/imap/auth_cram.c
@@ -134,7 +134,7 @@ imap_auth_res_t imap_auth_cram_md5 (IMAP_DATA* idata, const char* method)
 static void hmac_md5 (const char* password, char* challenge,
   unsigned char* response)
 {
-  MD5_CTX ctx;
+  struct md5_ctx ctx;
   unsigned char ipad[MD5_BLOCK_LEN], opad[MD5_BLOCK_LEN];
   unsigned char secret[MD5_BLOCK_LEN+1];
   unsigned char hash_passwd[MD5_DIGEST_LEN];
@@ -148,9 +148,7 @@ static void hmac_md5 (const char* password, char* challenge,
    * digests */
   if (secret_len > MD5_BLOCK_LEN)
   {
-    MD5Init (&ctx);
-    MD5Update (&ctx, (unsigned char*) password, secret_len);
-    MD5Final (hash_passwd, &ctx);
+    md5_buffer (password, secret_len, hash_passwd);
     strfcpy ((char*) secret, (char*) hash_passwd, MD5_DIGEST_LEN);
     secret_len = MD5_DIGEST_LEN;
   }
@@ -169,14 +167,14 @@ static void hmac_md5 (const char* password, char* challenge,
   }
 
   /* inner hash: challenge and ipadded secret */
-  MD5Init (&ctx);
-  MD5Update (&ctx, ipad, MD5_BLOCK_LEN);
-  MD5Update (&ctx, (unsigned char*) challenge, chal_len);
-  MD5Final (response, &ctx);
+  md5_init_ctx (&ctx);
+  md5_process_bytes (ipad, MD5_BLOCK_LEN, &ctx);
+  md5_process_bytes (challenge, chal_len, &ctx);
+  md5_finish_ctx (&ctx, response);
 
   /* outer hash: inner hash and opadded secret */
-  MD5Init (&ctx);
-  MD5Update (&ctx, opad, MD5_BLOCK_LEN);
-  MD5Update (&ctx, response, MD5_DIGEST_LEN);
-  MD5Final (response, &ctx);
+  md5_init_ctx (&ctx);
+  md5_process_bytes (opad, MD5_BLOCK_LEN, &ctx);
+  md5_process_bytes (response, MD5_DIGEST_LEN, &ctx);
+  md5_finish_ctx (&ctx, response);
 }