+/**
+ * Parse Digest-MD5 challenge.
+ * This function parses the challenge sent during DIGEST-MD5 authentication and
+ * returns an array. See the RFC for details on what's in the challenge string.
+ *
+ * @param string $challenge Digest-MD5 Challenge
+ * @return array Digest-MD5 challenge decoded data
+ */
+function digest_md5_parse_challenge($challenge) {
+ $challenge=base64_decode($challenge);
+ while (isset($challenge)) {
+ if ($challenge{0} == ',') { // First char is a comma, must not be 1st time through loop
+ $challenge=substr($challenge,1);
+ }
+ $key=explode('=',$challenge,2);
+ $challenge=$key[1];
+ $key=$key[0];
+ if ($challenge{0} == '"') {
+ // We're in a quoted value
+ // Drop the first quote, since we don't care about it
+ $challenge=substr($challenge,1);
+ // Now explode() to the next quote, which is the end of our value
+ $val=explode('"',$challenge,2);
+ $challenge=$val[1]; // The rest of the challenge, work on it in next iteration of loop
+ $value=explode(',',$val[0]);
+ // Now, for those quoted values that are only 1 piece..
+ if (sizeof($value) == 1) {
+ $value=$value[0]; // Convert to non-array
+ }
+ } else {
+ // We're in a "simple" value - explode to next comma
+ $val=explode(',',$challenge,2);
+ if (isset($val[1])) {
+ $challenge=$val[1];
+ } else {
+ unset($challenge);
+ }
+ $value=$val[0];
+ }
+ $parsed["$key"]=$value;
+ } // End of while loop
+ return $parsed;
+}
+
+/**
+ * Creates a HMAC digest that can be used for auth purposes
+ * See RFCs 2104, 2617, 2831
+ * Uses mhash() extension if available
+ *
+ * @param string $data Data to apply hash function to.
+ * @param string $key Optional key, which, if supplied, will be used to
+ * calculate data's HMAC.
+ * @return string HMAC Digest string
+ */
+function hmac_md5($data, $key='') {
+ if (extension_loaded('mhash')) {
+ if ($key== '') {
+ $mhash=mhash(MHASH_MD5,$data);
+ } else {
+ $mhash=mhash(MHASH_MD5,$data,$key);
+ }
+ return $mhash;
+ }
+ if (!$key) {
+ return pack('H*',md5($data));
+ }
+ $key = str_pad($key,64,chr(0x00));
+ if (strlen($key) > 64) {
+ $key = pack("H*",md5($key));
+ }
+ $k_ipad = $key ^ str_repeat(chr(0x36), 64) ;
+ $k_opad = $key ^ str_repeat(chr(0x5c), 64) ;
+ /* Heh, let's get recursive. */
+ $hmac=hmac_md5($k_opad . pack("H*",md5($k_ipad . $data)) );
+ return $hmac;
+}
+
+/**
+ * Fillin user and password based on SMTP auth settings.
+ *
+ * @param string $user Reference to SMTP username
+ * @param string $pass Reference to SMTP password (unencrypted)
+ */
+function get_smtp_user(&$user, &$pass) {
+ global $username, $smtp_auth_mech,
+ $smtp_sitewide_user, $smtp_sitewide_pass;
+
+ if ($smtp_auth_mech == 'none') {
+ $user = '';
+ $pass = '';
+ } elseif ( isset($smtp_sitewide_user) && isset($smtp_sitewide_pass) ) {
+ $user = $smtp_sitewide_user;
+ $pass = $smtp_sitewide_pass;
+ } else {
+ global $key, $onetimepad;
+ $user = $username;
+ $pass = OneTimePadDecrypt($key, $onetimepad);
+ }