I want to auth mod_sql & proftpd against existing database.
Passwords in database are stored as md5(md5($password) . $salt))
I've tried to use such mod_sql config.

SQLAuthTypes Plaintext
SQLUserInfo custom:/auth
SQLNamedQuery auth SELECT "username, '%A' as passwd, NULL as uid, NULL as gid,
concat('/home/', username) as homedir, NULL as shell FROM user
WHERE username='%U' and PASSWORD = md5(concat(md5('%A'), salt)) LIMIT 1"

The idea is to check passwords in SQL, so it will be possible to auth
with passwords crypted in such way.
The problem is that %A meta doesn't return password for non-anon

some copy-paste from mod_sql.c:

case 'A': {
char *pass;

argp = arg;
pass = get_param_ptr(main_server->conf, C_PASS, FALSE);
if (!pass)
pass = "UNKNOWN";

sstrncpy(argp, pass, sizeof(arg));

Is it possible to get password for non-anonymous user here?

Best regards,
Maxim mailto:maxim@osetia.org

This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
ProFTPD Users List
Unsubscribe problems?