1 diff -urN cyrus-sasl-2.1.21.orig/lib/checkpw.c cyrus-sasl-2.1.21/lib/checkpw.c
2 --- cyrus-sasl-2.1.21.orig/lib/checkpw.c 2005-08-24 11:36:23.000000000 +0200
3 +++ cyrus-sasl-2.1.21/lib/checkpw.c 2005-08-24 11:36:07.000000000 +0200
5 #define PASSWORD_FORMAT_CLEARTEXT 1
6 #define PASSWORD_FORMAT_CRYPT 2
7 #define PASSWORD_FORMAT_CRYPTTRAD 3
8 +#define PASSWORD_FORMAT_MD5 4
9 #define PASSWORD_SALT_BUF_LEN 22
11 /* weeds out crypt(3) password's salt */
12 int _sasl_get_salt (char *dest, char *src, int format);
13 +const char *_sasl_md5sum(const char *src);
15 /******************************
16 * crypt(3) patch stop *
18 /* traditional crypt(3) */
19 else if (strncmp(p, "crypt_trad", 11) == 0)
20 password_format = PASSWORD_FORMAT_CRYPTTRAD;
21 + /* md5sum like hash */
22 + else if (strncmp(p, "md5", 11) == 0)
23 + password_format = PASSWORD_FORMAT_MD5;
24 /* cleartext password */
26 password_format = PASSWORD_FORMAT_CLEARTEXT;
28 _sasl_get_salt(salt, (char *) auxprop_values[0].values[0], password_format);
30 /* crypt(3)-ed password? */
31 - if (password_format != PASSWORD_FORMAT_CLEARTEXT) {
32 + if (password_format == PASSWORD_FORMAT_CRYPT || password_format == PASSWORD_FORMAT_CRYPTTRAD) {
33 /* compare password */
34 if (auxprop_values[0].name && auxprop_values[0].values && auxprop_values[0].values[0] && strcmp(crypt(passwd, salt), auxprop_values[0].values[0]) == 0)
39 + /* md5 hash password */
40 + else if (password_format == PASSWORD_FORMAT_MD5) {
41 + if (auxprop_values[0].name && auxprop_values[0].values && auxprop_values[0].values[0] && strcasecmp(auxprop_values[0].values[0], _sasl_md5sum(passwd)) == 0)
46 else if (password_format == PASSWORD_FORMAT_CLEARTEXT) {
47 /* compare passwords */
48 if (auxprop_values[0].name && auxprop_values[0].values && auxprop_values[0].values[0] && strcmp(auxprop_values[0].values[0], passwd) == 0)
49 @@ -1087,3 +1099,24 @@
54 +const char *_sasl_md5sum(const char *src) {
55 + static char md5sum[33];
56 + const char hex[] = "0123456789abcdef";
62 + _sasl_MD5Init(&ctx);
63 + _sasl_MD5Update(&ctx, src, strlen(src));
64 + _sasl_MD5Final(&md5, &ctx);
66 + for(i=0; i<16; i++) {
67 + md5sum[j++] = hex[md5[i] >> 4];
68 + md5sum[j++] = hex[md5[i] & 0x0F];