Bug#965077: MySQL database with "SQLAUthTypes Backend" doesn't work anymore in buster
Andreas Trottmann
andreas.trottmann at werft22.com
Wed Jul 15 18:11:45 BST 2020
Package: proftpd-mod-mysql
Version: 1.3.6-4+deb10u5
Tags: patch
I am using an admin tool that saves account information in a MySQL /
MariaDB-Datbase and uses the "password()" function to obfuscate stored
passwords.
This has been working "out of the box" in the Stretch version of ProFTPD
using the configuration option "SQLAUthTypes Backend". It doesn't work
anymore in the Buster version; users can't authenticate anymore.
Apparently, the function contrib/mod_sql_mysql.c tries to use an
undocumented function of libmysqlclient to create the obfuscated
password; it switches between my_make_scrambled_password,
my_make_scrambled_password_323, make_scrambled_password and
make_scrammbed_password_323. It appears that in the Buster version of
libmysqlcilent, none of these are available and thus it can't ever
create an obfuscated password from what the user logging in has provided.
Googling led me to a similar problem in pure-ftpd that had a patch here:
https://serverfault.com/questions/861176/pure-ftpd-mysql-wont-start-after-updating-mariadb-to-10-2
This patch basically recreates the function of the
*make_scrambled_password* functions using the SHA-1 implementation in libmd.
I have modified this to apply to ProFTPD and attached the patch to this
e-mail. In my tests, this has worked.
Kind regards
--
Andreas Trottmann
More information about the Pkg-proftpd-maintainers
mailing list