[pam_mysql: 23/23] Fix make_scrambled_password

[Paul Komkoff]

commit a3d804631f59a2900302b27e6dde17590247ba88
Author: Paul P. Komkoff Jr <i at stingr.net>
Date:   Fri Jun 10 10:59:43 2011 +0400

    Fix make_scrambled_password

 pam_mysql-0.7RC1-scrambled.patch |   33 +++++++++++++++++++++++++++++++++
 pam_mysql.spec                   |    7 ++++++-
 2 files changed, 39 insertions(+), 1 deletions(-)
---
diff --git a/pam_mysql-0.7RC1-scrambled.patch b/pam_mysql-0.7RC1-scrambled.patch
new file mode 100644
index 0000000..6b695b5
--- /dev/null
+++ b/pam_mysql-0.7RC1-scrambled.patch
@@ -0,0 +1,33 @@
+diff -u pam_mysql-0.7RC1/pam_mysql.c pam_mysql-0.7RC1.scrambled/pam_mysql.c
+--- pam_mysql-0.7RC1/pam_mysql.c	2006-01-09 11:35:59.000000000 +0100
++++ pam_mysql-0.7RC1.scrambled/pam_mysql.c	2011-06-09 20:20:46.346658126 +0200
+@@ -2554,6 +2554,11 @@
+ }
+ /* }}} */
+ 
++void my_make_scrambled_password(
++     char *to,
++     const char *password,
++     size_t pass_len);
++
+ /* {{{ pam_mysql_check_passwd
+  */
+ static pam_mysql_err_t pam_mysql_check_passwd(pam_mysql_ctx_t *ctx,
+@@ -2655,7 +2660,7 @@
+ 						make_scrambled_password(buf, passwd);
+ 					}
+ #else
+-					make_scrambled_password(buf, passwd);
++					my_make_scrambled_password(buf, passwd, strlen(passwd));
+ #endif
+ 
+ 					vresult = strcmp(row[0], buf);
+@@ -2846,7 +2851,7 @@
+ 					make_scrambled_password(encrypted_passwd, new_passwd);
+ 				}
+ #else
+-				make_scrambled_password(encrypted_passwd, new_passwd);
++				my_make_scrambled_password(encrypted_passwd, new_passwd, strlen(new_passwd));
+ #endif
+ 				break;
+ 
diff --git a/pam_mysql.spec b/pam_mysql.spec
index 9836d81..fd44642 100644
--- a/pam_mysql.spec
+++ b/pam_mysql.spec
@@ -1,13 +1,14 @@
 Summary:	PAM module for auth UNIX users using MySQL data base
 Name:		pam_mysql
 Version:	0.7
-Release:	0.11.rc1%{?dist}.2
+Release:	0.12.rc1%{?dist}
 Epoch:		1
 License:	GPLv2+
 Group:		System Environment/Base
 Source0:	http://dl.sf.net/pam-mysql/%{name}-%{version}RC1.tar.gz
 Patch0:		pam_mysql-0.7RC1-resps-segfault.patch
 Patch1:		pam_mysql-0.7RC1-first-pass.patch
+Patch2:		pam_mysql-0.7RC1-scrambled.patch
 URL:		http://sf.net/projects/pam-mysql/
 BuildRequires:  pam-devel mysql-devel cyrus-sasl-devel pkgconfig openssl-devel
 BuildRoot:	%(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
@@ -21,6 +22,7 @@ users against an MySQL database.
 %setup -q -n %{name}-%{version}RC1
 %patch0 -p1
 %patch1 -p1
+%patch2 -p1
 
 %build
 %configure \
@@ -49,6 +51,9 @@ rm -rf $RPM_BUILD_ROOT
 /%{_lib}/security/pam_mysql.so
 
 %changelog
+* Fri Jun 10 2011 Paul P. Komkoff Jr <i at stingr.net> 1:0.7-0.12.rc1
+- make_scrambled_password fix (bz#709534)
+
 * Wed Mar 23 2011 Dan Horák <dan at danny.cz> - 1:0.7-0.11.rc1.2
 - rebuilt for mysql 5.5.10 (soname bump in libmysqlclient)