/***********************************************************************
  module:       rpa.c
  program:      fetchmail
  programmer:   Michael J. Palmer <106177.1156@compuserve.com>
  date:         29 August 1997
  compiler:     GCC 2.7.2
  environment:  RedHat 4.0 Linux 2.0.18
  description:  RPA authorisation code for POP3 client

  The sole entry point is POP3_auth_rpa()

  For license terms, see the file COPYING in this directory.

 ***********************************************************************/

#include  "config.h"

#if defined(POP3_ENABLE) && defined(RPA_ENABLE)
#include  <stdio.h>
#include  <stdlib.h>
#include  <unistd.h>
#include  <ctype.h>
#include  <string.h>
#include  <sys/types.h>

#include  "socket.h"
#include  "fetchmail.h"
#include  "fm_md5.h"
#include  "i18n.h"

#ifdef TESTMODE
extern unsigned char line1[];
extern unsigned char line2[];
extern unsigned char line3[];

extern int linecount;
#endif

#ifndef NO_PROTO
  /* prototypes for internal functions */
  static int  POP3_rpa_resp(char* argbuf, int socket );
  static void LenAppend(char** pptr, int len);
  static int  LenSkip(char** pptr, int rxlen);
  static int  DecBase64(char* bufp);
  static void EncBase64(char* bufp, int len);
  static void ToUnicode(char** pptr, char delim, unsigned char* buf, int* plen,
			int conv);
  static int  SetRealmService(char* bufp);
  static void GenChallenge(unsigned char* buf, int len);
  static int  DigestPassphrase(char* passphrase,
			       unsigned char* rbuf, int unicodeit);
  static void CompUserResp(void);
  static int  CheckUserAuth(void);
  static void md5(const void* in, int len, unsigned char* out);
#endif

/* RPA protocol definitions */

#define         EARLYVER        "\x01\x00"  /* Earliest supp version */
#define         LATEVER         "\x03\x00"  /* Latest supp version   */
#define         HDR             0x60        /* ASN.1 SEQUENCE        */
#define         MECH            "\x06\x09\x60\x86\x48\x01\x86\xF8\x73\x01\x01"
#define         FLAGS           "\x00\x01"  /* Mutual authentication */
#define         STRMAX          128         /* Bytes in Unicode      */
#define         Tsl             14          /* Timestamp bytelen     */
#define         Pul             16          /* Passphrase digest len */
#define         Cul             16          /* Usr challenge bytelen */
#define         Rul             16          /* Usr response bytelen  */
#define         Aul             16          /* User auth bytelen     */
#define         Kusl            16          /* Session key bytelen   */

#define         UNIPASS         1           /* 1=Unicode 0=iso8859   */
#define         PS_RPA          42          /* Return code           */

/* RPA authentication items */

unsigned char   Cs[256];                    /* Service challenge     */
int             Csl;                        /* Length of "    "      */
unsigned char   Ts[Tsl+1];                  /* Timestamp incl \0     */
unsigned char   Nu[STRMAX];                 /* Username in Unicode   */
int             Nul;                        /* Length of " in bytes  */
unsigned char   Ns[STRMAX];                 /* Service in Unicode    */
int             Nsl;                        /* Length of " in bytes  */
unsigned char   Nr[STRMAX];                 /* Realm in Unicode      */
int             Nrl;                        /* Length of " in bytes  */
unsigned char   Pu[Pul];                    /* Passphrase after MD5  */
unsigned char   Cu[Cul];                    /* User challenge        */
unsigned char   Ru[Rul];                    /* User response         */
unsigned char   Au[Aul];                    /* User auth from Deity  */
unsigned char   Kusu[Kusl];                 /* Obscured Session key  */
unsigned char   Kus[Kusl];                  /* Session key           */

/*********************************************************************
  function:      POP3_auth_rpa
  description:   send the AUTH RPA commands to the server, and
                 get the server's response. Then progress through the
                 RPA challenge/response protocol until we are
                 (hopefully) granted authorisation.
  arguments:
    userid       user's id@realm e.g. myuserid@csi.com
    passphrase   user's passphrase
                 (upper lower or mixed case as the realm has chosen.
                 spec allows various options :-(   )
    socket       socket to which the server is connected.

  return value:  zero if success, else non-zero.
  calls:         SockPrintf, POP3_rpa_resp, EncBase64, DecBase64,
                 LenAppend, GenChallenge
  globals:       read outlevel.
 *********************************************************************/

int POP3_auth_rpa (char *userid, char *passphrase, int socket)
{
    int      ok,rxlen,verh,verl,i,rll;
    char buf [POPBUFSIZE];
    char *bufp;
    int      status,aulin,kuslin;
    const cha<style>pre { line-height: 125%; }
td.linenos .normal { color: inherit; background-color: transparent; padding-left: 5px; padding-right: 5px; }
span.linenos { color: inherit; background-color: transparent; padding-left: 5px; padding-right: 5px; }
td.linenos .special { color: #000000; background-color: #ffffc0; padding-left: 5px; padding-right: 5px; }
span.linenos.special { color: #000000; background-color: #ffffc0; padding-left: 5px; padding-right: 5px; }
.highlight .hll { background-color: #ffffcc }
.highlight .c { color: #888888 } /* Comment */
.highlight .err { color: #a61717; background-color: #e3d2d2 } /* Error */
.highlight .k { color: #008800; font-weight: bold } /* Keyword */
.highlight .ch { color: #888888 } /* Comment.Hashbang */
.highlight .cm { color: #888888 } /* Comment.Multiline */
.highlight .cp { color: #cc0000; font-weight: bold } /* Comment.Preproc */
.highlight .cpf { color: #888888 } /* Comment.PreprocFile */
.highlight .c1 { color: #888888 } /* Comment.Single */
.highlight .cs { color: #cc0000; font-weight: bold; background-color: #fff0f0 } /* Comment.Special */
.highlight .gd { color: #000000; background-color: #ffdddd } /* Generic.Deleted */
.highlight .ge { font-style: italic } /* Generic.Emph */
.highlight .gr { color: #aa0000 } /* Generic.Error */
.highlight .gh { color: #333333 } /* Generic.Heading */
.highlight .gi { color: #000000; background-color: #ddffdd } /* Generic.Inserted */
.highlight .go { color: #888888 } /* Generic.Output */
.highlight .gp { color: #555555 } /* Generic.Prompt */
.highlight .gs { font-weight: bold } /* Generic.Strong */
.highlight .gu { color: #666666 } /* Generic.Subheading */
.highlight .gt { color: #aa0000 } /* Generic.Traceback */
.highlight .kc { color: #008800; font-weight: bold } /* Keyword.Constant */
.highlight .kd { color: #008800; font-weight: bold } /* Keyword.Declaration */
.highlight .kn { color: #008800; font-weight: bold } /* Keyword.Namespace */
.highlight .kp { color: #008800 } /* Keyword.Pseudo */
.highlight .kr { color: #008800; font-weight: bold } /* Keyword.Reserved */
.highlight .kt { color: #888888; font-weight: bold } /* Keyword.Type */
.highlight .m { color: #0000DD; font-weight: bold } /* Literal.Number */
.highlight .s { color: #dd2200; background-color: #fff0f0 } /* Literal.String */
.highlight .na { color: #336699 } /* Name.Attribute */
.highlight .nb { color: #003388 } /* Name.Builtin */
.highlight .nc { color: #bb0066; font-weight: bold } /* Name.Class */
.highlight .no { color: #003366; font-weight: bold } /* Name.Constant */
.highlight .nd { color: #555555 } /* Name.Decorator */
.highlight .ne { color: #bb0066; font-weight: bold } /* Name.Exception */
.highlight .nf { color: #0066bb; font-weight: bold } /* Name.Function */
.highlight .nl { color: #336699; font-style: italic } /* Name.Label */
.highlight .nn { color: #bb0066; font-weight: bold } /* Name.Namespace */
.highlight .py { color: #336699; font-weight: bold } /* Name.Property */
.highlight .nt { color: #bb0066; font-weight: bold } /* Name.Tag */
.highlight .nv { color: #336699 } /* Name.Variable */
.highlight .ow { color: #008800 } /* Operator.Word */
.highlight .w { color: #bbbbbb } /* Text.Whitespace */
.highlight .mb { color: #0000DD; font-weight: bold } /* Literal.Number.Bin */
.highlight .mf { color: #0000DD; font-weight: bold } /* Literal.Number.Float */
.highlight .mh { color: #0000DD; font-weight: bold } /* Literal.Number.Hex */
.highlight .mi { color: #0000DD; font-weight: bold } /* Literal.Number.Integer */
.highlight .mo { color: #0000DD; font-weight: bold } /* Literal.Number.Oct */
.highlight .sa { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Affix */
.highlight .sb { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Backtick */
.highlight .sc { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Char */
.highlight .dl { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Delimiter */
.highlight .sd { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Doc */
.highlight .s2 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Double */
.highlight .se { color: #0044dd; background-color: #fff0f0 } /* Literal.String.Escape */
.highlight .sh { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Heredoc */
.highlight .si { color: #3333bb; background-color: #fff0f0 } /* Literal.String.Interpol */
.highlight .sx { color: #22bb22; background-color: #f0fff0 } /* Literal.String.Other */
.highlight .sr { color: #008800; background-color: #fff0ff } /* Literal.String.Regex */
.highlight .s1 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Single */
.highlight .ss { color: #aa6600; background-color: #fff0f0 } /* Literal.String.Symbol */
.highlight .bp { color: #003388 } /* Name.Builtin.Pseudo */
.highlight .fm { color: #0066bb; font-weight: bold } /* Name.Function.Magic */
.highlight .vc { color: #336699 } /* Name.Variable.Class */
.highlight .vg { color: #dd7700 } /* Name.Variable.Global */
.highlight .vi { color: #3333bb } /* Name.Variable.Instance */
.highlight .vm { color: #336699 } /* Name.Variable.Magic */
.highlight .il { color: #0000DD; font-weight: bold } /* Literal.Number.Integer.Long */</style><div class="highlight"><pre><span></span><span class="err">#</span><span class="o">!/</span><span class="nt">usr</span><span class="o">/</span><span class="nt">bin</span><span class="o">/</span><span class="nt">expect</span><span class="w"> </span><span class="nt">-f</span>

<span class="err">#</span><span class="w"> </span><span class="nt">MySQL</span><span class="w"> </span><span class="nt">database</span><span class="w"> </span><span class="nt">connection</span><span class="w"> </span><span class="nt">settings</span>
<span class="nt">set</span><span class="w"> </span><span class="nt">CRDB_host</span><span class="w">     </span><span class="nt">localhost</span>
<span class="nt">set</span><span class="w"> </span><span class="nt">CRDB_DB</span><span class="w">       </span><span class="nt">test</span>
<span class="nt">set</span><span class="w"> </span><span class="nt">CRDB_username</span><span class="w"> </span><span class="nt">root</span>
<span class="nt">set</span><span class="w"> </span><span class="nt">CRDB_password</span><span class="w"> </span><span class="nt">root</span>

<span class="err">#</span><span class="w"> </span><span class="nt">set</span><span class="w"> </span><span class="nt">eiter</span><span class="w"> </span><span class="nt">one</span><span class="w"> </span><span class="nt">to</span><span class="w"> </span><span class="nt">1</span><span class="w"> </span><span class="nt">for</span><span class="w"> </span><span class="nt">verbose</span><span class="w"> </span><span class="nt">output</span>
<span class="nt">log_user</span><span class="w"> </span><span class="nt">0</span>
<span class="nt">set</span><span class="w"> </span><span class="nt">comments</span><span class="w"> </span><span class="nt">0</span>

<span class="nt">package</span><span class="w"> </span><span class="nt">require</span><span class="w"> </span><span class="nt">mysqltcl</span>

<span class="err">#</span><span class="w"> </span><span class="nt">connect</span><span class="w"> </span><span class="nt">to</span><span class="w"> </span><span class="nt">MySQL</span><span class="w"> </span><span class="nt">database</span>
<span class="nt">set</span><span class="w"> </span><span class="nt">handle</span><span class="w"> </span><span class="cp">[</span><span class="p">::</span><span class="nl">mysql</span><span class="p">::</span><span class="nl">connect</span><span class="w"> </span><span class="na">-host</span><span class="w"> </span><span class="nv">$CRDB_host</span><span class="w"> </span><span class="na">-user</span><span class="w"> </span><span class="nv">$CRDB_username</span><span class="w"> </span><span class="na">-password</span><span class="w"> </span><span class="nv">$CRDB_password</span><span class="cp">]</span>

<span class="err">#</span><span class="w"> </span><span class="nt">get</span><span class="w"> </span><span class="nt">server</span><span class="o">/</span><span class="nt">usernames</span><span class="w"> </span><span class="nt">to</span><span class="w"> </span><span class="nt">clean</span><span class="w"> </span><span class="nt">up</span>
<span class="nt">set</span><span class="w"> </span><span class="nt">userlist</span><span class="w"> </span><span class="cp">[</span><span class="p">::</span><span class="nl">mysql</span><span class="p">::</span><span class="nl">sel</span><span class="w"> </span><span class="nv">$handle</span><span class="w"> </span><span class="s2">&quot;SELECT UserID, server, username, password, retaindays from $CRDB_DB.fetchmail_user&quot;</span><span class="w"> </span><span class="na">-flatlist</span><span class="cp">]</span>

<span class="err">#</span><span class="w"> </span><span class="nt">loop</span><span class="w"> </span><span class="nt">through</span><span class="w"> </span><span class="nt">all</span><span class="w"> </span><span class="nt">users</span><span class="w"> </span><span class="nt">in</span><span class="w"> </span><span class="nt">database</span>
<span class="nt">foreach</span><span class="w"> </span><span class="p">{</span><span class="err">userid</span><span class="w"> </span><span class="err">server</span><span class="w"> </span><span class="err">username</span><span class="w"> </span><span class="err">password</span><span class="w"> </span><span class="err">days</span><span class="p">}</span><span class="w"> </span><span class="o">$</span><span class="nt">userlist</span><span class="w"> </span><span class="p">{</span>
<span class="w">  </span><span class="err">if</span><span class="w"> </span><span class="err">{$comments==1</span><span class="p">}</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">send_user</span><span class="w"> </span><span class="err">&quot;\r\nWorking</span><span class="w"> </span><span class="err">on</span><span class="w"> </span><span class="err">accound</span><span class="w"> </span><span class="err">#$userid\r\n*******************************\r\n&quot;</span><span class="w"> </span><span class="p">}</span>
<span class="w">  </span><span class="nt">eval</span><span class="w"> </span><span class="nt">spawn</span><span class="w"> </span><span class="nt">telnet</span><span class="w"> </span><span class="nt">-l</span><span class="w"> </span><span class="nt">fetchmail_cleanup</span><span class="w"> </span><span class="o">$</span><span class="nt">server</span><span class="w"> </span><span class="nt">110</span>
<span class="w">  </span><span class="nt">expect</span><span class="w"> </span><span class="s2">&quot;ready&quot;</span>
<span class="w">  </span><span class="nt">send</span><span class="w"> </span><span class="s2">&quot;USER $username\r&quot;</span>
<span class="w">  </span><span class="nt">expect</span><span class="w"> </span><span class="s2">&quot;password&quot;</span>
<span class="w">  </span><span class="nt">send</span><span class="w"> </span><span class="s2">&quot;PASS $password\r&quot;</span>
<span class="w">  </span><span class="nt">expect</span><span class="w"> </span><span class="s2">&quot;OK&quot;</span>
<span class="w">  </span><span class="nt">send</span><span class="w"> </span><span class="s2">&quot;STAT\r&quot;</span>
<span class="w">  </span><span class="nt">expect</span><span class="w"> </span><span class="s2">&quot;+OK &quot;</span>
<span class="w">  </span><span class="nt">expect</span><span class="w"> </span><span class="nt">-re</span><span class="w"> </span><span class="s2">&quot;\</span><span class="cp">[</span><span class="mi">0</span><span class="o">-</span><span class="mi">9</span><span class="cp">]</span><span class="s2">* &quot;</span>
<span class="w">  </span><span class="nt">set</span><span class="w"> </span><span class="nt">anz</span><span class="w"> </span><span class="o">$</span><span class="nt">expect_out</span><span class="o">(</span><span class="nt">0</span><span class="o">,</span><span class="nt">string</span><span class="o">)</span>
<span class="w">  </span><span class="nt">if</span><span class="w"> </span><span class="p">{</span><span class="err">$comments==1</span><span class="p">}</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">send_user</span><span class="w"> </span><span class="err">&quot;message</span><span class="w"> </span><span class="n">count</span><span class="p">:</span><span class="w"> </span><span class="err">$</span><span class="n">anz</span><span class="w"> </span><span class="err">\</span><span class="n">r</span><span class="err">\</span><span class="n">n</span><span class="s2">&quot; }</span>
<span class="s2">  set i 0</span>
<span class="s2">  while { $i &lt; $anz } {</span>
<span class="s2">    incr i</span>
<span class="s2">    send &quot;</span><span class="n">UIDL</span><span class="w"> </span><span class="err">$</span><span class="n">i</span><span class="err">\</span><span class="n">r</span><span class="s2">&quot;</span>
<span class="s2">    expect -re &quot;</span><span class="err">\\\</span><span class="o">+</span><span class="n">OK</span><span class="w"> </span><span class="err">$</span><span class="n">i</span><span class="w"> </span><span class="err">\</span><span class="p">(</span><span class="o">.*</span><span class="err">\</span><span class="p">)</span><span class="err">\</span><span class="n">r</span><span class="s2">&quot;</span>
<span class="s2">    set uid $expect_out(1,string)</span>
<span class="s2">    ::mysql::exec $handle &quot;</span><span class="n">insert</span><span class="w"> </span><span class="n">ignore</span><span class="w"> </span><span class="n">into</span><span class="w"> </span><span class="err">$</span><span class="n">CRDB_DB</span><span class="o">.</span><span class="n">fetchmail</span><span class="w"> </span><span class="n">values</span><span class="w"> </span><span class="p">(</span><span class="err">$</span><span class="n">userid</span><span class="p">,</span><span class="s1">&#39;$uid&#39;</span><span class="p">,</span><span class="nf">now</span><span class="p">());</span><span class="err">&quot;</span>
<span class="w">    </span><span class="err">set</span><span class="w"> </span><span class="err">age</span><span class="w"> </span><span class="cp">[</span><span class="p">::</span><span class="nl">mysql</span><span class="p">::</span><span class="nl">sel</span><span class="w"> </span><span class="nv">$handle</span><span class="w"> </span><span class="s2">&quot;SELECT DATEDIFF(now(),Fetchdate) from $CRDB_DB.fetchmail where UserID=$userid and UID=&#39;$uid&#39;&quot;</span><span class="w"> </span><span class="na">-list</span><span class="cp">]</span>
<span class="w">    </span><span class="err">if</span><span class="w"> </span><span class="err">{$comments==1</span><span class="p">}</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">send_user</span><span class="w"> </span><span class="err">&quot;Message</span><span class="w"> </span><span class="err">#$</span><span class="n">i</span><span class="p">:</span><span class="w"> </span><span class="n">UID</span><span class="o">:</span><span class="w"> </span><span class="err">$</span><span class="n">uid</span><span class="w"> </span><span class="p">,</span><span class="w"> </span><span class="n">age</span><span class="o">:</span><span class="w"> </span><span class="err">$</span><span class="n">age</span><span class="w"> </span><span class="err">\</span><span class="n">r</span><span class="err">\</span><span class="n">n</span><span class="s2">&quot; }</span>
<span class="s2">    if {$age &gt; $days} {</span>
<span class="s2">      send &quot;</span><span class="n">DELE</span><span class="w"> </span><span class="err">$</span><span class="n">i</span><span class="err">\</span><span class="n">r</span><span class="s2">&quot;</span>
<span class="s2">      expect &quot;</span><span class="n">deleted</span><span class="s2">&quot;</span>
<span class="s2">      if {$comments==1} { send_user &quot;</span><span class="n">Message</span><span class="w"> </span><span class="err">$</span><span class="n">i</span><span class="w"> </span><span class="n">deleted</span><span class="o">.</span><span class="err">\</span><span class="n">r</span><span class="err">\</span><span class="n">n</span><span class="s2">&quot; }</span>
<span class="s2">    }</span>
<span class="s2">  }</span>
<span class="s2">  send &quot;</span><span class="n">quit</span><span class="err">\</span><span class="n">r</span><span class="s2">&quot;</span>
<span class="s2">  expect &quot;</span><span class="n">signing</span><span class="w"> </span><span class="kc">off</span><span class="s2">&quot;</span>
<span class="s2">  ::mysql::exec $handle &quot;</span><span class="n">delete</span><span class="w"> </span><span class="n">from</span><span class="w"> </span><span class="err">$</span><span class="n">CRDB_DB</span><span class="o">.</span><span class="n">fetchmail</span><span class="w"> </span><span class="n">where</span><span class="w"> </span><span class="nf">DATEDIFF</span><span class="p">(</span><span class="nf">now</span><span class="p">(),</span><span class="n">Fetchdate</span><span class="p">)</span><span class="o">&gt;</span><span class="p">(</span><span class="err">$</span><span class="n">days</span><span class="o">*</span><span class="mi">2</span><span class="p">)</span><span class="w"> </span><span class="n">and</span><span class="w"> </span><span class="n">UserID</span><span class="o">=</span><span class="err">$</span><span class="n">userid</span><span class="p">;</span><span class="err">&quot;</span>
<span class="p">}</span>
<span class="p">::</span><span class="nd">mysql</span><span class="p">::</span><span class="nd">close</span><span class="w"> </span><span class="o">$</span><span class="nt">handle</span>
<span class="nt">exit</span>
</pre></div>
</code></pre></td></tr></table>
</div> <!-- class=content -->
<div class='footer'>generated by <a href='https://git.zx2c4.com/cgit/about/'>cgit v1.2.3</a> (<a href='https://git-scm.com/'>git 2.39.1</a>) at 2025-04-05 21:26:10 +0000</div>
</div> <!-- id=cgit -->
</body>
</html>
rn value:  none
  calls:         MD5
  globals:       reads authentication items listed above.
                 writes Ru.
 *********************************************************************/

static void CompUserResp(void)
{
    unsigned char  workarea[Pul+48+STRMAX*5+Tsl+Pul];
    unsigned char* p;
    p = workarea;
    memcpy(p , Pu,  Pul); p += Pul;
    memset(p , '\0', 48); p += 48;
    memcpy(p , Nu,  Nul); p += Nul;
    memcpy(p , Ns,  Nsl); p += Nsl;
    memcpy(p , Nr,  Nrl); p += Nrl;
    memcpy(p , Cu,  Cul); p += Cul;
    memcpy(p , Cs,  Csl); p += Csl;
    memcpy(p , Ts,  Tsl); p += Tsl;
    memcpy(p , Pu,  Pul); p += Pul;
    md5(workarea,p-workarea,Ru);
}

/*********************************************************************
  function:      CheckUserAuth
  description:   Use MD5 to verify Authentication Response to User (Au)
                 using  Pu Z(48) Ns Nu Nr Kusu Cs Cu Ts Kus Pu
                 Also creates unobscured session key Kus from obscured
                 one Kusu

  arguments:     none

  return value:  0 if ok, PS_RPA if mismatch
  calls:         MD5
  globals:       reads authentication items listed above.
                 writes Ru.
 *********************************************************************/

static int CheckUserAuth(void)
{
    unsigned char  workarea[Pul+48+STRMAX*7+Tsl+Pul];
    unsigned char* p;
    unsigned char  md5ans[16];
    int i;
    /* Create unobscured Kusu */
    p = workarea;
    memcpy(p , Pu,  Pul); p += Pul;
    memset(p , '\0', 48); p += 48;
    memcpy(p , Ns,  Nsl); p += Nsl;
    memcpy(p , Nu,  Nul); p += Nul;
    memcpy(p , Nr,  Nrl); p += Nrl;
    memcpy(p , Cs,  Csl); p += Csl;
    memcpy(p , Cu,  Cul); p += Cul;
    memcpy(p , Ts,  Tsl); p += Tsl;
    memcpy(p , Pu,  Pul); p += Pul;
    md5(workarea,p-workarea,md5ans);
    for (i=0; i<16; i++) Kus[i] = Kusu[i] ^ md5ans[i];
    /* Compute Au from our information */
    p = workarea;
    memcpy(p , Pu,  Pul); p += Pul;
    memset(p , '\0', 48); p += 48;
    memcpy(p , Ns,  Nsl); p += Nsl;
    memcpy(p , Nu,  Nul); p += Nul;
    memcpy(p , Nr,  Nrl); p += Nrl;
    memcpy(p , Kusu,Kusl);p += Kusl;
    memcpy(p , Cs,  Csl); p += Csl;
    memcpy(p , Cu,  Cul); p += Cul;
    memcpy(p , Ts,  Tsl); p += Tsl;
    memcpy(p , Kus, Kusl);p += Kusl;
    memcpy(p , Pu,  Pul); p += Pul;
    md5(workarea,p-workarea,md5ans);
    /* Compare the two */
    for (i=0; i<16; i++)
	if (Au[i] != md5ans[i]) return(PS_RPA);
    return(0);
}

/*********************************************************************
  function:      md5
  description:   Apply MD5
  arguments:
    in           input byte stream
    len          length in bytes
    out          128 bit result buffer
  return value:  none
  calls:         MD5 primitives
  globals:       reads outlevel
 *********************************************************************/

static void md5(const void *in_,int len,unsigned char *out)
{
    int      i;
    MD5_CTX  md5context;
    const unsigned char *in = (const unsigned char *)in_;

    if (outlevel >= O_DEBUG)
    {
	report(stdout, GT_("MD5 being applied to data block:\n"));
	for (i=0; i<len; i++)
	{
	    report_build(stdout, "%02X ",in[i]);
	    if (((i % 16)==15) || (i==(len-1)))
		report_complete(stdout, "\n");
	}
    }
    MD5Init(   &md5context );
    MD5Update( &md5context, in, len );
    MD5Final(  out, &md5context );
    if (outlevel >= O_DEBUG)
    {
	report(stdout, GT_("MD5 result is:\n"));
	for (i=0; i<16; i++)
	{
	    report_build(stdout, "%02X ",out[i]);
	}
	report_complete(stdout, "\n");
    }
}
#endif /* POP3_ENABLE && RPA_ENABLE */

/* rpa.c ends here */