1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
--- mod_auth_mysql.c.orig Sat Oct 3 13:41:41 1998
+++ mod_auth_mysql.c Tue Jul 11 07:43:36 2006
@@ -55,8 +55,14 @@
static int check_mysql_encryption(const char *passwd, char *enc_passwd)
{
- char scrambled_passwd[32];
+ /* Make more then big enough */
+ char scrambled_passwd[256];
+#if MYSQL_VERSION_ID >= 40000
+ make_scrambled_password_323(scrambled_passwd, passwd);
+ if (strcmp(scrambled_passwd, enc_passwd) == 0) return 1;
+#endif /* MYSQL_VERSION_ID >= 40000 */
+
make_scrambled_password(scrambled_passwd, passwd);
return (!strcmp(scrambled_passwd, enc_passwd));
}
@@ -372,7 +378,12 @@
}
if (name != NULL) { /* open an SQL link */
/* link to the MySQL database and register its cleanup!@$ */
+#if MYSQL_VERSION_ID >= 40000
+ mysql_init(&auth_sql_server);
+ mysql_auth = mysql_real_connect(&auth_sql_server, auth_db_host, user, pwd, name, 0, NULL, 0);
+#else /* MYSQL_VERSION_ID < 40000 */
mysql_auth = mysql_connect(&auth_sql_server, auth_db_host, user, pwd);
+#endif /* MYSQL_VERSION_ID < 40000 */
if (sec->non_persistent && mysql_auth) {
note_cleanups_for_mysql_auth(r->pool, mysql_auth);
}
@@ -559,6 +570,10 @@
switch (mysql_check_user_password(r, c->user, sent_pw, sec)) {
case 0:
+ ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r,
+ "user %s: authentication failure for \"%s\": %s",
+ c->user, r->uri);
+ ap_note_basic_auth_failure(r);
note_basic_auth_failure(r);
return AUTH_REQUIRED;
break;
@@ -582,6 +597,7 @@
{
mysql_auth_config_rec *sec = (mysql_auth_config_rec *) get_module_config(r->per_dir_config, &auth_mysql_module);
char *user = r->connection->user;
+ conn_rec *c = r->connection;
int m = r->method_number;
int method_restricted = 0;
register int x;
@@ -653,6 +669,10 @@
if (!(sec->assume_authoritative)) {
return DECLINED;
}
+ ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r,
+ "user %s: authentication failure for \"%s\": %s",
+ c->user, r->uri);
+ ap_note_basic_auth_failure(r);
note_basic_auth_failure(r);
return AUTH_REQUIRED;
}
|
