Menu
▾
▴
Re: [Pam-mysql-general] reading the pam_mysql source...
|
From: <ls...@kw...> - 2003-01-27 12:31:42
|
Zitat von Florian Verdet <flo...@un...>:
>
> Hi there,
>
>
> reading the pam_mysql source code, I found following:
>
> ***
> The code for MD5-passwds is useless as it is in the current CVS version (=
> on 20030124).
> Because the databases passwd column is defined to be 16 chars long:
> [line 64] char dbpasswd[17];
> A MD5 passwd has 34 chars (12 salt + 22 cryptedpasswd) and therefor needs=
> "char dbpasswd[35];".
> The fact of the too small / hard coded field sizes has allready been poin=
> ted out in BUG#[ 641632 ].
>
> ***
> [line 610] /* Global PAM functions stolen from other modules */
> [...]
> [line 1226] struct pam_module _pam_permit_modstruct =3D {
> [line 1227] "pam_permit",
> It's ok "stealing" as long it's GPL or similar, but...
> some checks/changements have to be done.
> According to
> http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam_modules-5.h=
> tml#ss5.4
> "The Linux-PAM Module Writers' Guide",
> there has to be the modulename as it apears in the fs.
> Here, you've (I mean the programmer) left the code of the "pam_permit" mo=
> dule, from which - potentially - the code has been copied.
> Replace "permit" with "mysql" (twice) ;-)
>
>
> As project for my "Bachelor of Science in Computer Science", I'm supposed=
> to develop an improved pam_mysql module.
> (more functionalities like session, account mgmt, more cb fields, easy to=
> change users passwd,... in the db (ev. GUI), etc.)
Would be nice to see further development on this handy module.
I'm sure the original author is happy about every sort of help.
Regards
Andreas
|
