Adjust the buffer size used by make_scrambled_password()
authorJoey Schulze <joey@infodrom.org>
Wed, 14 May 2008 20:19:08 +0000 (20:19 +0000)
committerJoey Schulze <joey@infodrom.org>
Wed, 14 May 2008 20:19:08 +0000 (20:19 +0000)
debian/changelog
debian/patches/008-make_scrambled_password.dpatch [new file with mode: 0644]
debian/patches/00list

index 0432dc5..0671155 100644 (file)
@@ -10,6 +10,8 @@ mod-auth-mysql (4.3.9-8) unstable; urgency=low
   * Stop altering the AUTH_MYSQL_VERSION with an old Debian revision
     [002-mysql_define]
   * Unify AuthMySQL_ and Auth_MySQL_ namespace [007-unify_namespace.dpatch]
+  * Adjust the buffer size used by make_scrambled_password()
+    [008-make_scrambled_password.dpatch] (closes: Bug#356064)
 
  --
 
diff --git a/debian/patches/008-make_scrambled_password.dpatch b/debian/patches/008-make_scrambled_password.dpatch
new file mode 100644 (file)
index 0000000..75c7664
--- /dev/null
@@ -0,0 +1,29 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 008-make_scrambled_password.dpatch by Joey Schulze <joey@debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Adjust the buffer size used by make_scrambled_password()
+
+@DPATCH@
+diff -urNad mod-auth-mysql~/mod_auth_mysql.c mod-auth-mysql/mod_auth_mysql.c
+--- mod-auth-mysql~/mod_auth_mysql.c   2008-05-14 18:46:21.000000000 +0200
++++ mod-auth-mysql/mod_auth_mysql.c    2008-05-14 22:15:44.000000000 +0200
+@@ -103,6 +103,9 @@
+ #endif
+ #define SHA1SUM_ENCRYPTION_FLAG               1<<6
++/* from include/sha1.h from the mysql-server source distribution */
++#define SHA1_HASH_SIZE 20 /* Hash size in bytes */
++
+ static int check_no_encryption(const char *passwd, char *enc_passwd)
+ {
+       return (!strcmp(passwd, enc_passwd));
+@@ -229,7 +232,7 @@
+ static int check_mysql_encryption(const char *passwd, char *enc_passwd)
+ {
+-      char scrambled_passwd[32];
++      char scrambled_passwd[2*SHA1_HASH_SIZE + 2];
+       
+       make_scrambled_password(scrambled_passwd, passwd);
+       return (!strcmp(scrambled_passwd, enc_passwd));
index 920815d..fdd431d 100644 (file)
@@ -4,3 +4,4 @@
 005-directives
 006-options
 007-unify_namespace
+008-make_scrambled_password