* Use MD5 for what it is best at...
*/
-char *
+const char *
md5_crypt(const char *pw, const char *salt)
{
- static char passwd[120], *p;
- static const char *sp,*ep;
+ char passwd[120], *p;
+ const char *sp,*ep;
unsigned char final[16];
int sl,pl,i,j;
struct md5_context ctx,ctx1;
/* Don't leave anything around in vm they could use. */
memset(final,0,sizeof final);
- return passwd;
+ return t_strdup(passwd);
}
return NULL;
if (strncmp(*password, "$1$", 3) == 0) {
- *password = t_strcut(*password + 3, '$');
- return "MD5";
+ /* skip the salt */
+ p = strchr(*password + 3, '$');
+ if (p != NULL) {
+ /* stop at next '$' */
+ p = strchr(p+1, '$');
+ if (p != NULL)
+ *password = t_strdup_until(*password, p);
+ return "MD5";
+ }
}
if (**password != '{')
projects / thirdparty / dovecot / core.git / commitdiff
