MySQL/PamMd5

Mamono> I'm trying to use pam_mysql to authenticate vsftpd against a mysql database and it works with cleartext passwords but when I try encrypted ones it fails.. levin> try changing MD5Data's to MD5's and include openssl/md5.h

levin> I'm wondering where that MD5Data function is defined and why it doesn't do anything

Mamono> pam_mysql.c:/* AFAIK, only FreeBSD has MD5Data defined in md5.h

levin> open up your mysql_com.h file and check the function definition for make_scrambled_password

Mamono> well, there is this: void make_scrambled_password_323(char *to, const char *password)

Mamono> yep, changed it to the 323 function and now it works with mysql password

Mamono> I went one step further and added another option to the crypt option that let's me use crypt=4 for mysql 4.1

Mamono> looks like 4.1 support is in the CVS version

Here is a patch for MySQL 4.1:


 * BEGIN PASTE ******

diff -ruN pam_mysql2/pam_mysql.c pam_mysql/pam_mysql.c --- pam_mysql2/pam_mysql.c     2005-01-05 05:38:53.000000000 +0000 +++ pam_mysql/pam_mysql.c      2002-09-15 06:28:58.000000000 +0000 @@ -300,9 +300,6 @@                               } else if ((!strcmp(myval, "2")) ||                                        (!strcasecmp(myval, "mysql"))) { options.crypt = 2; -                              } else if ((!strcmp(myval, "4")) || -                                       (!strcasecmp(myval, "mysql323"))) { -                                              options.crypt = 4; } else if ((!strcmp(myval, "3")) ||                                       (!strcasecmp(myval, "MD5"))) { @@ -579,9 +576,6 @@               case 2: make_scrambled_password(encryptedPass, passwd); break;
 * 1) ifdef HAVE_MD5DATA

-              case 4: make_scrambled_password_323(encryptedPass, passwd); -                      break; -               /* MD5 hash (not MD5 crypt) */ case 3: strcpy(encryptedPass, MD5Data(passwd, strlen(passwd), md5buf));
 * 1) ifdef HAVE_MD5DATA


 * END PASTE ******

If you add "crypt=4" in your pam config it will use the 4.0 and less password function