← Back to team overview

linux-traipu team mailing list archive

[Bug 823637] [NEW] auth_pam and auth_http do not work

 

Public bug reported:

Plugins auth_pam and auth_http do not work.  The auth_pam problem was
supposedly fixed in bug 484069, but it must have been broken by some
later update.  I just tried auth_http, and it doesn't work either.  I
think the reason for both plugins is that the password they receive is a
MYSQL_HASH.  So auth_http, for example, gives curl "user:xJK#@(dK!-"
when it should be "user:password", the former being the MySQL-scrambled
password hash.  I tested and verified this by manually inserting a
plaintext password and it worked fine.

If the authentication system no longer provides a plaintext MySQL
password, then I think auth_pam and auth_http are doomed because unlike
auth_file they can't get the target password, scramble it with MySQL,
and then compare the two.

This affects trunk at rev 2390 and older code.

** Affects: drizzle
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of UBUNTU -
AL - BR, which is subscribed to Drizzle.
https://bugs.launchpad.net/bugs/823637

Title:
  auth_pam and auth_http do not work

Status in A Lightweight SQL Database for Cloud Infrastructure and Web Applications:
  New

Bug description:
  Plugins auth_pam and auth_http do not work.  The auth_pam problem was
  supposedly fixed in bug 484069, but it must have been broken by some
  later update.  I just tried auth_http, and it doesn't work either.  I
  think the reason for both plugins is that the password they receive is
  a MYSQL_HASH.  So auth_http, for example, gives curl "user:xJK#@(dK!-"
  when it should be "user:password", the former being the MySQL-
  scrambled password hash.  I tested and verified this by manually
  inserting a plaintext password and it worked fine.

  If the authentication system no longer provides a plaintext MySQL
  password, then I think auth_pam and auth_http are doomed because
  unlike auth_file they can't get the target password, scramble it with
  MySQL, and then compare the two.

  This affects trunk at rev 2390 and older code.

To manage notifications about this bug go to:
https://bugs.launchpad.net/drizzle/+bug/823637/+subscriptions


Follow ups

References