[Proftpd-user] mod_sql custom sql auth - proftpd
This is a discussion on [Proftpd-user] mod_sql custom sql auth - proftpd ; Hello,
I want to auth mod_sql & proftpd against existing database.
Passwords in database are stored as md5(md5($password) . $salt))
I've tried to use such mod_sql config.
SQLAuthTypes Plaintext
SQLUserInfo custom:/auth
SQLNamedQuery auth SELECT "username, '%A' as passwd, NULL as ...
-
[Proftpd-user] mod_sql custom sql auth
Hello,
I want to auth mod_sql & proftpd against existing database.
Passwords in database are stored as md5(md5($password) . $salt))
I've tried to use such mod_sql config.
SQLAuthTypes Plaintext
SQLUserInfo custom:/auth
SQLNamedQuery auth SELECT "username, '%A' as passwd, NULL as uid, NULL as gid,
concat('/home/', username) as homedir, NULL as shell FROM user
WHERE username='%U' and PASSWORD = md5(concat(md5('%A'), salt)) LIMIT 1"
The idea is to check passwords in SQL, so it will be possible to auth
with passwords crypted in such way.
The problem is that %A meta doesn't return password for non-anon
session.
some copy-paste from mod_sql.c:
case 'A': {
char *pass;
argp = arg;
pass = get_param_ptr(main_server->conf, C_PASS, FALSE);
if (!pass)
pass = "UNKNOWN";
sstrncpy(argp, pass, sizeof(arg));
}
break;
Is it possible to get password for non-anonymous user here?
--
Best regards,
Maxim mailto:maxim@osetia.org
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
ProFTPD Users List
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
