githubFork/roundcubemail.git

			@@ -258,10 +258,12 @@
			}

			// generate hash
			$hash = md5(iil_xor($pass,$opad) . pack("H*",md5(iil_xor($pass, $ipad) . base64_decode($encChallenge))));
			$hash = iil_xor($pass,$opad);
			$hash .= pack("H*",md5(iil_xor($pass, $ipad) . base64_decode($encChallenge)));
			$hash = md5($hash);

			// generate reply
			$reply = base64_encode($user . ' ' . $hash);
			$reply = base64_encode('"' . $user . '" "' . $hash . '"');

			// send result, get reply
			fputs($conn->fp, $reply."\r\n");
			@@ -499,12 +501,15 @@

			if ($line[0] == "+") {
			$conn->message.='Got challenge: '.htmlspecialchars($line)."\n";

			//got a challenge string, try CRAM-5
			$result = iil_C_Authenticate($conn, $user, $password, substr($line,2));

			$conn->message.= "Tried CRAM-MD5: $result \n";
			} else {
			$conn->message.='No challenge ('.htmlspecialchars($line)."), try plain\n";
			$auth = "plain";

			$auth = 'plain';
			}
			}