+
+
+#ifndef NO_APR1
+/* MD5-based password algorithm compatible to the one found in Apache
+ * (should probably be available as a library function;
+ * then the static buffer would not be acceptable) */
+static char *apr1_crypt(const char *passwd, const char *salt)
+ {
+ static char out_buf[6 + 9 + 24 + 2]; /* "$apr1$..salt..$.......md5hash..........\0" */
+ unsigned char buf[MD5_DIGEST_LENGTH];
+ char *salt_out;
+ int n, i;
+ MD5_CTX md;
+ size_t passwd_len, salt_len;
+
+ passwd_len = strlen(passwd);
+ strcpy(out_buf, "$apr1$");
+ strncat(out_buf, salt, 8);
+ assert(strlen(out_buf) <= 6 + 8); /* "$apr1$..salt.." */
+ salt_out = out_buf + 6;
+ salt_len = strlen(salt_out);
+ assert(salt_len <= 8);
+
+ MD5_Init(&md);
+ MD5_Update(&md, passwd, passwd_len);
+ MD5_Update(&md, "$apr1$", 6);
+ MD5_Update(&md, salt_out, salt_len);
+
+ {
+ MD5_CTX md2;
+
+ MD5_Init(&md2);
+ MD5_Update(&md2, passwd, passwd_len);
+ MD5_Update(&md2, salt_out, salt_len);
+ MD5_Update(&md2, passwd, passwd_len);
+ MD5_Final(buf, &md2);
+ }
+ for (i = passwd_len; i > sizeof buf; i -= sizeof buf)
+ MD5_Update(&md, buf, sizeof buf);
+ MD5_Update(&md, buf, i);
+
+ n = passwd_len;
+ while (n)
+ {
+ MD5_Update(&md, (n & 1) ? "\0" : passwd, 1);
+ n >>= 1;
+ }
+ MD5_Final(buf, &md);
+
+ for (i = 0; i < 1000; i++)
+ {
+ MD5_CTX md2;
+
+ MD5_Init(&md2);
+ MD5_Update(&md2, (i & 1) ? (unsigned char *) passwd : buf,
+ (i & 1) ? passwd_len : sizeof buf);
+ if (i % 3)
+ MD5_Update(&md2, salt_out, salt_len);
+ if (i % 7)
+ MD5_Update(&md2, passwd, passwd_len);
+ MD5_Update(&md2, (i & 1) ? buf : (unsigned char *) passwd,
+ (i & 1) ? sizeof buf : passwd_len);
+ MD5_Final(buf, &md2);
+ }
+
+ {
+ /* transform buf into output string */
+
+ unsigned char buf_perm[sizeof buf];
+ int dest, source;
+ char *output;
+
+ /* silly output permutation */
+ for (dest = 0, source = 0; dest < 14; dest++, source = (source + 6) % 17)
+ buf_perm[dest] = buf[source];
+ buf_perm[14] = buf[5];
+ buf_perm[15] = buf[11];
+ assert(16 == sizeof buf_perm);
+
+ output = salt_out + salt_len;
+ assert(output == out_buf + strlen(out_buf));
+
+ *output++ = '$';
+
+ for (i = 0; i < 15; i += 3)
+ {
+ *output++ = cov_2char[buf_perm[i+2] & 0x3f];
+ *output++ = cov_2char[((buf_perm[i+1] & 0xf) << 2) |
+ (buf_perm[i+2] >> 6)];
+ *output++ = cov_2char[((buf_perm[i] & 3) << 4) |
+ (buf_perm[i+1] >> 4)];
+ *output++ = cov_2char[buf_perm[i] >> 2];
+ }
+ assert(i == 15);
+ *output++ = cov_2char[buf_perm[i] & 0x3f];
+ *output++ = cov_2char[buf_perm[i] >> 6];
+ *output = 0;
+ assert(strlen(out_buf) < sizeof(out_buf));
+ }
+
+ return out_buf;
+ }