Attention ! apus case
In glibc 2.17 the crypt function implementation was tightened up
to allow for future implementation improvements, standards
conformance, and FIPS compliance. From the 2.17 NEWS:
* The `crypt' function now fails if passed salt bytes that violate the
specification for those values. On Linux, the `crypt' function will
consult /proc/sys/crypto/fips_enabled to determine if "FIPS mode" is
enabled, and fail on encrypted strings using the MD5 or DES algorithm
when the mode is enabled.
In this particular case the salt is an invalid POSIX salt that
contains an ASCII space "#" in character 0 outside of the allowed
alphabet for salts which is `./0-9a-zA-Z' and therefore crypt will
reject that salt as invalid, return NULL, and set errno.
Previous to glibc 2.17 a call to crypt would accept invalid POSIX
salts.