Patch for bug 356064
Hi all,
first I'm resending a patch I've originaly sent to the related bug and
an old maintainer. Second I'd like to maintain the package. I'm little
bit confused after reading http://www.debian.org/devel/join/newmaint.
What I want to do is changing the source code, apply patches, solve the
issues, merge new patches and probably create the package and upload it
somewhere (doesn't necessarily have to be the final production place).
-- Dalibor Straka
-----------------------------------------------------------------------
Hello,
i have a complex patch but the two simple thoughts were
1. char scrambled_passwd[32];
is wrong. make_scrambled_passwd returns octet2hex which is longer
according to mysql sources:
buf OUT buffer of size 2*SHA1_HASH_SIZE + 2 to store hex string
2. the hash itself changed between MySQL versions
Here is the simple patch without my macros, debug and so on...
-- Dalibor Straka
--- mod_auth_mysql.c 2008-01-24 23:06:26.000000000 +0100
+++ /tmp/mod_auth_mysql.c 2008-01-24 23:07:52.000000000 +0100
@@ -230,9 +230,14 @@
static int check_mysql_encryption(const char *passwd, char *enc_passwd)
{
- char scrambled_passwd[32];
+
+ char scrambled_passwd[2 * 0x20 + 2];
- make_scrambled_password(scrambled_passwd, passwd);
+ if (strlen(enc_passwd) == 16)
+ make_scrambled_password_323(scrambled_passwd, passwd);
+ else
+ make_scrambled_password(scrambled_passwd, passwd);
+
return (!strcmp(scrambled_passwd, enc_passwd));
}
Reply to: