--- a/src/auth/password-scheme.c	Tue Feb 18 22:58:30 2003 +0200
+++ b/src/auth/password-scheme.c	Wed Feb 19 13:28:56 2003 +0200
@@ -3,10 +3,14 @@
 #include "lib.h"
 #include "hex-binary.h"
 #include "md5.h"
+#include "md5crypt.h"
 #include "mycrypt.h"
 #include "randgen.h"
 #include "password-scheme.h"
 
+static const char *salt_chars =
+	"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
+
 int password_verify(const char *plaintext, const char *password,
 		    const char *scheme, const char *user)
 {
@@ -17,7 +21,10 @@
 		return 0;
 
 	if (strcasecmp(scheme, "CRYPT") == 0)
-		return strcmp(mycrypt(password, plaintext), plaintext) == 0;
+		return strcmp(mycrypt(plaintext, password), password) == 0;
+
+	if (strcasecmp(scheme, "MD5") == 0)
+		return strcmp(md5_crypt(plaintext, password), password) == 0;
 
 	if (strcasecmp(scheme, "PLAIN") == 0)
 		return strcmp(password, plaintext) == 0;
@@ -48,7 +55,15 @@
 {
 	const char *p, *scheme;
 
-	if (*password == NULL || **password != '{')
+	if (*password == NULL)
+		return NULL;
+
+	if (strncmp(*password, "$1$", 3) == 0) {
+		*password = t_strcut(*password + 3, '$');
+		return "MD5";
+	}
+
+	if (**password != '{')
 		return NULL;
 
 	p = strchr(*password, '}');
@@ -63,11 +78,10 @@
 const char *password_generate(const char *plaintext, const char *user,
 			      const char *scheme)
 {
-	static const char *salt_chars =
-		"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ./";
 	const char *realm, *str;
 	unsigned char digest[16];
-	char salt[3];
+	char salt[9];
+	int i;
 
 	if (strcasecmp(scheme, "CRYPT") == 0) {
 		random_fill(salt, 2);
@@ -77,6 +91,14 @@
 		return t_strdup(mycrypt(plaintext, salt));
 	}
 
+	if (strcasecmp(scheme, "MD5") == 0) {
+		random_fill(salt, 8);
+		for (i = 0; i < 8; i++)
+			salt[i] = salt_chars[salt[i] % (sizeof(salt_chars)-1)];
+		salt[8] = '\0';
+		return t_strdup(md5_crypt(plaintext, salt));
+	}
+
 	if (strcasecmp(scheme, "PLAIN") == 0)
 		return plaintext;