Authentication against MySQL Table with old hashes fails
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
proftpd-dfsg (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Authentication using "Backend" encrypt Mechanism against a MySQL Table which users the old short hashes as used in MySQL <4.1 fails. Creating a new-style hash as used by PASSWORD is working like a charm. However the application is rather old and thus the shorter hashes (as created with OLD_PASSWORD() function) have been used.
Excerpt from sql.log:
----snip---
Feb 21 13:58:54 mod_sql/4.3[7553]: >>> cmd_check
Feb 21 13:58:54 mod_sql/4.3[7553]: checking password using SQLAuthType 'Backend'
Feb 21 13:58:54 mod_sql/4.3[7553]: entering mysql cmd_checkauth
Feb 21 13:58:54 mod_sql/4.3[7553]: password mismatch
Feb 21 13:58:54 mod_sql/4.3[7553]: exiting mysql cmd_checkauth
Feb 21 13:58:54 mod_sql/4.3[7553]: 'Backend' SQLAuthType handler reports failure
---snip---
(Using crypt or emtpy password also works, so this is not a configuration issue.)
This ist an Ubuntu 12.04.4 LTS Server using kernel 3.2.0-58 (amd_64)
I would like to add, that connecting the old proftpd 8.04 LTS installation against the DB on 12.04 works well, and connecting the proftpd on 12.04 against the old Database on the 8.04 LTS box fails. So it's definietely the proftpd package and not MySQL.