Hello,
i have a complex patch but the two simple thoughts were
1. char scrambled_passwd[32];
is wrong. make_scrambled_passwd returns octet2hex which is longer
according to mysql sources:
buf OUT buffer of size 2*SHA1_HASH_SIZE + 2 to store hex string
2. the hash itself changed between MySQL versions
Here is the simple patch without my macros, debug and so on...
-- Dalibor Straka
--- mod_auth_mysql.c 2008-01-24 23:06:26.000000000 +0100
+++ /tmp/mod_auth_mysql.c 2008-01-24 23:07:52.000000000 +0100
@@ -230,9 +230,14 @@
static int check_mysql_encryption(const char *passwd, char *enc_passwd)
{
- char scrambled_passwd[32];
+
+ char scrambled_passwd[2 * 0x20 + 2];
- make_scrambled_password(scrambled_passwd, passwd);
+ if (strlen(enc_passwd) == 16)
+ make_scrambled_password_323(scrambled_passwd, passwd);
+ else
+ make_scrambled_password(scrambled_passwd, passwd);
+
return (!strcmp(scrambled_passwd, enc_passwd));
}
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
