diff options
| author | unknown <kostja@oak.local> | 2003-07-04 20:52:04 +0400 |
|---|---|---|
| committer | unknown <kostja@oak.local> | 2003-07-04 20:52:04 +0400 |
| commit | ccbcf1c9da89eaee2dfb4219da1d86b6f590ac20 (patch) | |
| tree | 8b19a2b1b84bfe2fb3f99f403acec7fb0a600501 /sql/password.c | |
| parent | dbb088b034e19e99ec209cbbc4eed3bff64172da (diff) | |
| download | mariadb-git-ccbcf1c9da89eaee2dfb4219da1d86b6f590ac20.tar.gz | |
Bug fixes for authentication
OLD_PASSWORD made a keyword to allow set password=old_password('abc') constructions.
BitKeeper/etc/ignore:
Added BitKeeper/post-commit BitKeeper/post-commit-manual build_tags.sh tests/connect_test BUILD/compile-pentium-maintainer to the ignore list
include/mysql_com.h:
scramble return type changed to void as now it's not used
libmysql/libmysql.c:
fixed bug with with failed authentification when scramble contained zero byte
sql-common/client.c:
applied patch from Lycos team
fixed bug with scramble containing zero byte
sql/item_create.cc:
removed create_func_old_password, create_func_password as they are not used any more
sql/item_create.h:
removed create_func_old_password, create_func_password as they are not used any more
sql/item_strfunc.cc:
Added alloc() function to Item_func_password, Item_func_old_password, which is used in sql_yacc.yy
sql/item_strfunc.h:
Added alloc() function to Item_func_password, Item_func_old_password, which is used in sql_yacc.yy
sql/lex.h:
OLD_PASSWORD now is keyword, to allow statements like
set password=old_password('abc')
sql/password.c:
fixed scramble return value
trailing zero now is not written
sql/sql_acl.cc:
incorporated patch from Lycos team
41 replaced with constant
acl_getroot rewritten to support ER_AUTH_... error
sql/sql_parse.cc:
authenticate merged with check_user
check_user return values reversed, support for ER_AUTH in check_user.added
sql/sql_yacc.yy:
OLD_PASSWORD now is keyword, to allow statements like
set password=old_password('abc')
Diffstat (limited to 'sql/password.c')
| -rw-r--r-- | sql/password.c | 12 |
1 files changed, 4 insertions, 8 deletions
diff --git a/sql/password.c b/sql/password.c index be6514d89c6..bfdb453af01 100644 --- a/sql/password.c +++ b/sql/password.c @@ -446,22 +446,20 @@ make_scrambled_password(char *to, const char *password) Produce an obscure octet sequence from password and random string, recieved from the server. This sequence corresponds to the password, but password can not be easily restored from it. The sequence - is then sent to the server for validation. Trailing zero is stored in - the buf. + is then sent to the server for validation. Trailing zero is not stored + in the buf as it is not needed. This function is used by client to create authenticated reply to the server's greeting. SYNOPSIS scramble() buf OUT store scrambled string here. The buf must be at least - SHA1_HASH_SIZE+1 bytes long. + SHA1_HASH_SIZE bytes long. message IN random message, must be exactly SCRAMBLE_LENGTH long and NULL-terminated. password IN users' password - RETURN VALUE - end of scrambled string */ -char * +void scramble(char *to, const char *message, const char *password) { SHA1_CONTEXT sha1_context; @@ -483,8 +481,6 @@ scramble(char *to, const char *message, const char *password) /* xor allows 'from' and 'to' overlap: lets take advantage of it */ sha1_result(&sha1_context, (uint8 *) to); my_crypt(to, (const uint8 *) to, hash_stage1, SCRAMBLE_LENGTH); - to[SHA1_HASH_SIZE]= '\0'; - return to + SHA1_HASH_SIZE; } |