[Bug 1574900] [NEW] libpam-mysql undefined symbol: make_scrambled_password - Needs Patches Applied by RedHat / Fedora Community to Fix Ubuntu 16.04

Discussion:

OwN

2016-04-25 23:51:25 UTC

Permalink

Public bug reported:

In Ubuntu 16.04, the libpam-mysql package does not work. It crashes
with the below error:

PAM unable to dlopen(pam_mysql.so): /lib/security/pam_mysql.so:
undefined symbol: make_scrambled_password

I fixed this issue by download the source for the package and applying
the patches that come from this source RPM:

http://dinofly.com/files/linux/pam_mysql-0.7-0.20.rc1.fc23.src.rpm

I then created unofficial packages after applying the patch. They can
be downloaded here:

http://www.dinofly.com/files/linux/libpam-mysql_0.7~RC1-4ubuntu3_amd64.deb
http://www.dinofly.com/files/linux/libpam-mysql_0.7~RC1-4ubuntu3_i386.deb

libpam-mysql now works again on Ubuntu 16.04 x86 and x64.

Here is the initial RedHat bug report:

https://bugzilla.redhat.com/show_bug.cgi?id=709534

** Affects: pam-mysql (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password - Needs Patches
Applied by RedHat / Fedora Community to Fix Ubuntu 16.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

OwN

2016-04-26 02:52:30 UTC

Permalink

Disregard the proposed solution. It doesn't work. For some reason the
patch from Fedora's version is causing stack overflows. In any event,
this package needs to be fixed somehow. Legacy apps won't work anymore
without it.

We need some kind of solution for:

PAM unable to dlopen(pam_mysql.so): /lib/security/pam_mysql.so:
undefined symbol: make_scrambled_password
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password - Needs Patches
Applied by RedHat / Fedora Community to Fix Ubuntu 16.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Logan Rosen

2016-05-16 05:25:54 UTC

Permalink

** Bug watch added: Red Hat Bugzilla #709534
https://bugzilla.redhat.com/show_bug.cgi?id=709534

** Also affects: pam-mysql (Fedora) via
https://bugzilla.redhat.com/show_bug.cgi?id=709534
Importance: Unknown
Status: Unknown
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password - Needs Patches
Applied by RedHat / Fedora Community to Fix Ubuntu 16.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Launchpad Bug Tracker

2016-05-17 14:08:03 UTC

Permalink

Status changed to 'Confirmed' because the bug affects multiple users.

** Changed in: pam-mysql (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password - Needs Patches
Applied by RedHat / Fedora Community to Fix Ubuntu 16.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

OwN

2016-05-30 20:51:21 UTC

Permalink

More information for my problem here:

https://bugs.launchpad.net/ubuntu/+source/vsftpd/+bug/1574911
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password - Needs Patches
Applied by RedHat / Fedora Community to Fix Ubuntu 16.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

OwN

2016-05-30 20:48:45 UTC

Permalink

Thanks for looking into it Kaijia. Unfortunately, after applying your
patch, libpam-mysql still doesn't work. When I try to use it for VSFTPD
authentication, with this patch and the patch I tried to apply original
from Fedora, it crashes with the following:

*** stack smashing detected ***: /usr/sbin/vsftpd terminated

I can't seem to get it to work. I don't have any other log entries
besides that though. I looked in syslog, auth.log, and vsftpd.log.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password - Needs Patches
Applied by RedHat / Fedora Community to Fix Ubuntu 16.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Ubuntu Foundations Team Bug Bot

2016-05-29 12:29:16 UTC

Permalink

The attachment "libpam-mysql.patch" seems to be a patch. If it isn't,
please remove the "patch" flag from the attachment, remove the "patch"
tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the
team.

[This is an automated message performed by a Launchpad user owned by
~brian-murray, for any issues please contact him.]

** Tags added: patch
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password - Needs Patches
Applied by RedHat / Fedora Community to Fix Ubuntu 16.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Kaijia Feng

2016-05-29 12:23:59 UTC

Permalink

After reading MySQL's code, I was able to make it work with this patch
(almost the same as the Fedora patch). The patch switches from the
missing make_scrambled_password() to my_make_scrambled_password().
Although my_make_scrambled_password() was not visible to client programs
in MySQL 5.7, somehow libmysqlclient20 had fixed it earlier so
my_make_scrambled_password() is available. And as the MySQL source code
stated make_scrambled_password() as the wrapper around
my_make_scrambled_password() to maintain client lib ABI compatibility,
this switch changes should work.

P.S. I have tested the patch for 2 hours and hadn't noticed any stack
overflows. I will post if the overflow happens in the future.

** Patch added: "libpam-mysql.patch"
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+attachment/4672241/+files/libpam-mysql.patch
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password - Needs Patches
Applied by RedHat / Fedora Community to Fix Ubuntu 16.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Kaijia Feng

2016-05-29 10:01:45 UTC

Permalink

I found the possible reason in this MySQL bug report:
https://bugs.mysql.com/bug.php?id=80974

Noted in 5.7.13 changelog
The my_make_scrambled_password() function in the C client library was
restricted earlier in MySQL 5.7 (not exported to client programs).
The function has once again been made visible to client programs.

And since Ubuntu 16.04 use 5.7.12 LOL the fix was not introduced to
Ubuntu. I believe that unless we program a make_scrambled_password to
pam_mysql, this bug needs to be reported to libmysqlclient20.

** Bug watch added: MySQL Bug System #80974
http://bugs.mysql.com/bug.php?id=80974
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password - Needs Patches
Applied by RedHat / Fedora Community to Fix Ubuntu 16.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Markus

2017-02-28 08:06:03 UTC

Permalink

Hi,
this item affects me and te .deb files provided above were actually helpful. Can you provide a src deb package?
It the adressed somewhere and will be patched (officially) for 16.04 ?

Thanks a lot!

Markus
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password - Needs Patches
Applied by RedHat / Fedora Community to Fix Ubuntu 16.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Kaijia Feng

2017-02-28 08:47:18 UTC

Permalink

Hi Markus,

libpam-mysql is alive again as a new maintainer take over the project.
As for this bug, somehow another user named stewjohn committed a patch
exactly the same to mine above to the new repo. So you may use the
latest version in Ubuntu 17.04 that had the bug fixed from
http://packages.ubuntu.com/zesty/libpam-mysql

I've been using my patch for more than half year and it's running
without any problem so I think this bug can be closed now.

** Changed in: pam-mysql (Ubuntu)
Status: Confirmed => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password - Needs Patches
Applied by RedHat / Fedora Community to Fix Ubuntu 16.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

OwN

2017-02-28 14:05:42 UTC

Permalink

Sorry, but using it with VSFTPD doesn't work. It used to, but even with
the patch, it doesn't work, so for me the package is worthless.

I've moved on to using libpam-python anyways. However, it would be nice
if this package actually worked with VSFTPD as it used to.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password - Needs Patches
Applied by RedHat / Fedora Community to Fix Ubuntu 16.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Nish Aravamudan

2017-03-14 16:42:15 UTC

Permalink

** Also affects: pam-mysql (Ubuntu Xenial)
Importance: Undecided
Status: New

** Also affects: pam-mysql (Ubuntu Yakkety)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password - Needs Patches
Applied by RedHat / Fedora Community to Fix Ubuntu 16.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Nish Aravamudan

2017-03-14 16:49:15 UTC

Permalink

So there appear to be two moving parts here.

a) If building against a version of libmysqlclient without
make_scrambled_password, then https://github.com/NigelCunningham/pam-
MySQL/commit/2f6837b5fb8ef4f5d8a561f3bf82b36cc79e77f4 is needed. This
commit is present in 17.04 but not earlier releases.

b) libpam-mysql had a b-d on libmysqlclient15-dev. This was fixed in
Ubuntu in 0.7~RC1-4ubuntu2 for 16.04 and in Debian in 0.7~RC1-4.1 (which
is present in 16.10+). So this is Fix-Released everywhere already and
not tracked in this bug.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password - Needs Patches
Applied by RedHat / Fedora Community to Fix Ubuntu 16.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Nish Aravamudan

2017-03-14 17:13:15 UTC

Permalink

For a) in my prior comment, I have provided test builds at
https://launchpad.net/~nacc/+archive/ubuntu/lp1574900. Please try them
once the PPA is done building and report back.

** Changed in: pam-mysql (Ubuntu Xenial)
Assignee: (unassigned) => Nish Aravamudan (nacc)

** Changed in: pam-mysql (Ubuntu Yakkety)
Assignee: (unassigned) => Nish Aravamudan (nacc)

** Changed in: pam-mysql (Ubuntu)
Status: Fix Committed => Fix Released

** Changed in: pam-mysql (Ubuntu Xenial)
Status: New => In Progress

** Changed in: pam-mysql (Ubuntu Yakkety)
Status: New => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password - Needs Patches
Applied by RedHat / Fedora Community to Fix Ubuntu 16.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Nish Aravamudan

2017-03-14 19:15:28 UTC

Permalink

** Description changed:

+ [Impact]
+
+ * libpam-mysql is unable to be used because of an upstream symbol
+ change in libmysqlclient.
+
+ * Upstream libpam-mysql has fixed this by updating the source to use
+ the now-exported API.
+
+ [Test Case]
+
+ [Regression Potential]
+
+ * There is currently no fix or workaround, as the library is basically
+ broken as installed from Ubuntu.
+
+ * I believe the regression potential to be very low because the current
+ code does not work.
+
+ ---
+
In Ubuntu 16.04, the libpam-mysql package does not work. It crashes
with the below error:

PAM unable to dlopen(pam_mysql.so): /lib/security/pam_mysql.so:
undefined symbol: make_scrambled_password

I fixed this issue by download the source for the package and applying
the patches that come from this source RPM:

http://dinofly.com/files/linux/pam_mysql-0.7-0.20.rc1.fc23.src.rpm

I then created unofficial packages after applying the patch. They can
be downloaded here:

http://www.dinofly.com/files/linux/libpam-mysql_0.7~RC1-4ubuntu3_amd64.deb
http://www.dinofly.com/files/linux/libpam-mysql_0.7~RC1-4ubuntu3_i386.deb

libpam-mysql now works again on Ubuntu 16.04 x86 and x64.

Here is the initial RedHat bug report:

https://bugzilla.redhat.com/show_bug.cgi?id=709534
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password - Needs Patches
Applied by RedHat / Fedora Community to Fix Ubuntu 16.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Dennie de Lange

2017-03-14 19:42:43 UTC

Permalink

** Description changed:

[Impact]

- * libpam-mysql is unable to be used because of an upstream symbol
+ * libpam-mysql is unable to be used because of an upstream symbol
change in libmysqlclient.

- * Upstream libpam-mysql has fixed this by updating the source to use
+ * Upstream libpam-mysql has fixed this by updating the source to use
the now-exported API.

[Test Case]

+ Steps to reproduce (with vsftpd):
+ Installation requirements: mysqlserver 5.7.x, libpam-mysql, vsftpd
+
+ create vsftpd user:
+ useradd --home /home/vsftpd --gid nogroup -m --shell /bin/false vsftpd
+
+ create mysql database and user:
+ == // Start SQL
+
+ CREATE DATABASE vsftpd;
+ GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON vsftpd.* TO 'vsftpd'@'localhost' IDENTIFIED BY 'ftpdpass';
+ GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON vsftpd.* TO 'vsftpd'@'localhost.localdomain' IDENTIFIED BY 'ftpdpass';
+ FLUSH PRIVILEGES;
+
+ USE vsftpd;
+
+ CREATE TABLE `accounts` (
+ `id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
+ `username` VARCHAR( 30 ) NOT NULL ,
+ `pass` VARCHAR( 50 ) NOT NULL ,
+ UNIQUE (
+ `username`
+ ));
+ insert into accounts(username,pass) values('user',password('password'));
+
+ ==// End SQL
+
+ Configure PAM:
+ insert into /etc/pam.d/vsftpd:
+
+ auth required pam_mysql.so verbose=1 user=vsftpd host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=3 passwd=ftpdpass
+ account required pam_mysql.so verbose=1 user=vsftpd host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=3 passwd=ftpdpass
+
+ Configure vsftpd (/etc/vsftpd.conf) :
+
+ listen=YES
+ anonymous_enable=NO
+ local_enable=YES
+ write_enable=YES
+ local_umask=022
+ dirmessage_enable=YES
+ xferlog_enable=YES
+ connect_from_port_20=YES
+ nopriv_user=vsftpd
+ chroot_local_user=YES
+ secure_chroot_dir=/var/run/vsftpd
+ pam_service_name=vsftpd
+ guest_enable=YES
+ guest_username=vsftpd
+ local_root=/home/vsftpd/$USER
+ user_sub_token=$USER
+ virtual_use_local_privs=YES
+
+ restart vsftpd:
+ /etc/init.d/vsftpd restart
+ check /var/log/auth.log
+
[Regression Potential]

- * There is currently no fix or workaround, as the library is basically
+ * There is currently no fix or workaround, as the library is basically
broken as installed from Ubuntu.

- * I believe the regression potential to be very low because the current
+ * I believe the regression potential to be very low because the current
code does not work.

---

In Ubuntu 16.04, the libpam-mysql package does not work. It crashes
with the below error:

PAM unable to dlopen(pam_mysql.so): /lib/security/pam_mysql.so:
undefined symbol: make_scrambled_password

I fixed this issue by download the source for the package and applying
the patches that come from this source RPM:

http://dinofly.com/files/linux/pam_mysql-0.7-0.20.rc1.fc23.src.rpm

I then created unofficial packages after applying the patch. They can
be downloaded here:

http://www.dinofly.com/files/linux/libpam-mysql_0.7~RC1-4ubuntu3_amd64.deb
http://www.dinofly.com/files/linux/libpam-mysql_0.7~RC1-4ubuntu3_i386.deb

libpam-mysql now works again on Ubuntu 16.04 x86 and x64.

Here is the initial RedHat bug report:

https://bugzilla.redhat.com/show_bug.cgi?id=709534
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password - Needs Patches
Applied by RedHat / Fedora Community to Fix Ubuntu 16.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu

Nish Aravamudan

2017-03-14 21:51:51 UTC

Permalink

** Summary changed:

- libpam-mysql undefined symbol: make_scrambled_password - Needs Patches Applied by RedHat / Fedora Community to Fix Ubuntu 16.04
+ libpam-mysql undefined symbol: make_scrambled_password
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Brian Murray

2017-03-16 17:14:12 UTC

Permalink

Hello OwN, or anyone else affected,

Accepted pam-mysql into xenial-proposed. The package will build now and
be available at https://launchpad.net/ubuntu/+source/pam-
mysql/0.7~RC1-4ubuntu2.1 in a few hours, and then in the -proposed
repository.

Please help us by testing this new package. See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, and change the tag
from verification-needed to verification-done. If it does not fix the
bug for you, please add a comment stating that, and change the tag to
verification-failed. In either case, details of your testing will help
us make a better decision.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in
advance!

** Changed in: pam-mysql (Ubuntu Xenial)
Status: In Progress => Fix Committed

** Tags added: verification-needed

** Changed in: pam-mysql (Ubuntu Yakkety)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Brian Murray

2017-03-16 17:19:03 UTC

Permalink

Hello OwN, or anyone else affected,

Accepted pam-mysql into yakkety-proposed. The package will build now and
be available at https://launchpad.net/ubuntu/+source/pam-
mysql/0.7~RC1-4.1ubuntu1.1 in a few hours, and then in the -proposed
repository.

Please help us by testing this new package. See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, and change the tag
from verification-needed to verification-done. If it does not fix the
bug for you, please add a comment stating that, and change the tag to
verification-failed. In either case, details of your testing will help
us make a better decision.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in
advance!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

OwN

2017-03-17 16:36:21 UTC

Permalink

This post might be inappropriate. Click to display it.

OwN

2017-03-17 16:41:17 UTC

Permalink

Granted, it turns out I am using MariaDB (10.0.29-MariaDB-
0ubuntu0.16.04.1 Ubuntu 16.04). Is this package supposed to work with
MySQL and its drop-in replacement MariaDB?

Trying official MySQL...
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Nish Aravamudan

2017-03-17 17:16:23 UTC

Permalink

Hello OwN,

vsftpd having a stack smashing issue would appear to be its own bug.

This bug is purely about solving the mysql auth issues with 'undefined
symbols'.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

OwN

2017-03-17 17:40:39 UTC

Permalink

Using the official MySQL didn't work either with VSFTPD. The undefined
symbols problem seems to be solved though.

I will file a bug against VSFTPD then since it appears they are not
related... though this used to work just fine in older versions of
Ubuntu.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

OwN

2017-03-17 18:00:05 UTC

Permalink

Reopened:

https://bugs.launchpad.net/ubuntu/+source/vsftpd/+bug/1574911

But yes, the fix for libpam-mysql looks good... I guess. My only usage
was for VSFTPD though.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

ChristianEhrhardt

2017-03-20 13:48:55 UTC

Permalink

While re-triaging the update in other bug I also came to verify this fix
in Xenial at least.

** Tags removed: verification-needed
** Tags added: verification-done-yenial verification-needed-yakkety
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Joi Owen

2017-03-20 16:33:30 UTC

Permalink

I've been following this thread for a while now, as this issue also
exists in Trusty. I am using someone's custom-patched vsftpd deb. Is
there any plan to backport this release to trusty?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Nish Aravamudan

2017-03-20 16:55:38 UTC

Permalink

@jlellis: There is no MySQL 5.7 in Trusty. Are you using a PPA? Or are
you saying that MySQL 5.5 also has this problem?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Joi Owen

2017-03-20 17:31:46 UTC

Permalink

This issue with libpam predates mysql 5.7. It's present in trusty's
vsftpd 3.0.2-1ubuntu2.14.04.1, mysql 5.5.54-0ubuntu0.14.04.1, and the
standard libpam package. My workaround last year when I encountered the
issue was to remove both vsftpd and libpam-mysql from the default repos
and to manually install vsdfpd from

http://dinofly.com/files/linux/vsftpd_3.0.2-1ubuntu2_amd64.deb

https://ubuntuforums.org/archive/index.php/t-2218804.html is the spot
where I found this fix a year ago. I've been waiting for an official
fix ever since but if one has been released, I missed it. I'm still
running this custom version.

It is entirely possible that the bug I'm experiencing with 5.5 is
different but related to what is causing the problem covered in 1574900,
but as the symptoms seem to be identical, I tend to assume it is the
same bug.

The host involved here is my employer's primary public ftp server where
we give 3rd parties (customers, contractors, etc) the ability to upload
large files and we have a simple mysql db where their virtual users are
kept. If you need a guinea pig host for testing, I can easily spin up a
clone of this system for testing purposes.

-----Original Message-----
From: ***@canonical.com [mailto:***@canonical.com] On Behalf Of Nish Aravamudan
Sent: Monday, March 20, 2017 11:56 AM
To: Joi L. Ellis <***@pavlovmedia.com>
Subject: [Bug 1574900] Re: libpam-mysql undefined symbol: make_scrambled_password

@jlellis: There is no MySQL 5.7 in Trusty. Are you using a PPA? Or are
you saying that MySQL 5.5 also has this problem?

--
You received this bug notification because you are subscribed to pam- mysql in Ubuntu.
Matching subscriptions: pam-mysql
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password

Status in pam-mysql package in Ubuntu:
Fix Released
Status in pam-mysql source package in Xenial:
Fix Committed
Status in pam-mysql source package in Yakkety:
Fix Committed
Status in pam-mysql package in Fedora:
Unknown

Bug description:
[Impact]

* libpam-mysql is unable to be used because of an upstream symbol
change in libmysqlclient.

* Upstream libpam-mysql has fixed this by updating the source to use
the now-exported API.

[Test Case]

Steps to reproduce (with vsftpd):
Installation requirements: mysqlserver 5.7.x, libpam-mysql, vsftpd

create vsftpd user:
useradd --home /home/vsftpd --gid nogroup -m --shell /bin/false vsftpd

create mysql database and user:
== // Start SQL

CREATE DATABASE vsftpd;
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON vsftpd.* TO 'vsftpd'@'localhost' IDENTIFIED BY 'ftpdpass';
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON vsftpd.* TO 'vsftpd'@'localhost.localdomain' IDENTIFIED BY 'ftpdpass';
FLUSH PRIVILEGES;

USE vsftpd;

CREATE TABLE `accounts` (
`id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
`username` VARCHAR( 30 ) NOT NULL ,
`pass` VARCHAR( 50 ) NOT NULL ,
UNIQUE (
`username`
));
insert into accounts(username,pass) values('user',password('password'));

==// End SQL

Configure PAM:
insert into /etc/pam.d/vsftpd:

auth required pam_mysql.so verbose=1 user=vsftpd host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=3 passwd=ftpdpass
account required pam_mysql.so verbose=1 user=vsftpd host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=3 passwd=ftpdpass

Configure vsftpd (/etc/vsftpd.conf) :

listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
nopriv_user=vsftpd
chroot_local_user=YES
secure_chroot_dir=/var/run/vsftpd
pam_service_name=vsftpd
guest_enable=YES
guest_username=vsftpd
local_root=/home/vsftpd/$USER
user_sub_token=$USER
virtual_use_local_privs=YES

restart vsftpd:
/etc/init.d/vsftpd restart
check /var/log/auth.log

[Regression Potential]

* There is currently no fix or workaround, as the library is
basically broken as installed from Ubuntu.

* I believe the regression potential to be very low because the
current code does not work.

---

In Ubuntu 16.04, the libpam-mysql package does not work. It crashes
with the below error:

PAM unable to dlopen(pam_mysql.so): /lib/security/pam_mysql.so:
undefined symbol: make_scrambled_password

I fixed this issue by download the source for the package and applying
the patches that come from this source RPM:

http://dinofly.com/files/linux/pam_mysql-0.7-0.20.rc1.fc23.src.rpm

I then created unofficial packages after applying the patch. They can
be downloaded here:

http://www.dinofly.com/files/linux/libpam-mysql_0.7~RC1-4ubuntu3_amd64.deb
http://www.dinofly.com/files/linux/libpam-mysql_0.7~RC1-4ubuntu3_i386.deb

libpam-mysql now works again on Ubuntu 16.04 x86 and x64.

Here is the initial RedHat bug report:

https://bugzilla.redhat.com/show_bug.cgi?id=709534

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-b

Nish Aravamudan

2017-03-20 17:53:12 UTC

Permalink

@jlellis: you get "libpam-mysql undefined symbol:
make_scrambled_password" on Trusty?

This bug is not about fixing vsftpd itself. Probably a new bug should be
opened, or the vsftpd bug should be used for trusty as well.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

OwN

2017-03-21 01:22:09 UTC

Permalink

The VSFTPD bug regarding libpam-mysql stack smashing is here:

https://bugs.launchpad.net/ubuntu/+source/vsftpd/+bug/1574911

Someone reproduced it today and left much better instructions on how to
reproduce the issue than I did.

Should I open a new bug with those findings tagged under libpam-mysql?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Nish Aravamudan

2017-03-21 15:40:17 UTC

Permalink

@Brian and other SRU team members, let's see if we can debug the vsftpd
stack smashing issue before releasing pam-mysql (it will probably be a
follow-on patch for pam-mysql), if that's ok with the SRU team?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Andreas Hasenack

2017-05-11 20:14:39 UTC

Permalink

** Description changed:

[Impact]

* libpam-mysql is unable to be used because of an upstream symbol
change in libmysqlclient.

* Upstream libpam-mysql has fixed this by updating the source to use
the now-exported API.

[Test Case]

- Steps to reproduce (with vsftpd):
+ Steps to reproduce (with vsftpd):
Installation requirements: mysqlserver 5.7.x, libpam-mysql, vsftpd

- create vsftpd user:
+ create vsftpd user:
useradd --home /home/vsftpd --gid nogroup -m --shell /bin/false vsftpd

- create mysql database and user:
+ create mysql database and user:
== // Start SQL
-
- CREATE DATABASE vsftpd;
- GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON vsftpd.* TO 'vsftpd'@'localhost' IDENTIFIED BY 'ftpdpass';
- GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON vsftpd.* TO 'vsftpd'@'localhost.localdomain' IDENTIFIED BY 'ftpdpass';
- FLUSH PRIVILEGES;

- USE vsftpd;
+     CREATE DATABASE vsftpd;
+     GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON vsftpd.* TO 'vsftpd'@'localhost' IDENTIFIED BY 'ftpdpass';
+     GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON vsftpd.* TO 'vsftpd'@'localhost.localdomain' IDENTIFIED BY 'ftpdpass';
+     FLUSH PRIVILEGES;

- CREATE TABLE `accounts` (
- `id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
- `username` VARCHAR( 30 ) NOT NULL ,
- `pass` VARCHAR( 50 ) NOT NULL ,
- UNIQUE (
- `username`
- ));
- insert into accounts(username,pass) values('user',password('password'));
+     USE vsftpd;
+
+     CREATE TABLE `accounts` (
+       `id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
+       `username` VARCHAR( 30 ) NOT NULL ,
+       `pass` VARCHAR( 50 ) NOT NULL ,
+     UNIQUE (
+       `username`
+     ));
+     insert into accounts(username,pass) values('user',password('password'));

==// End SQL

- Configure PAM:
- insert into /etc/pam.d/vsftpd:
+ Configure PAM:
+ insert into /etc/pam.d/vsftpd:

- auth required pam_mysql.so verbose=1 user=vsftpd host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=3 passwd=ftpdpass
- account required pam_mysql.so verbose=1 user=vsftpd host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=3 passwd=ftpdpass
+     auth required pam_mysql.so verbose=1 user=vsftpd host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=2 passwd=ftpdpass
+     account required pam_mysql.so verbose=1 user=vsftpd host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=2 passwd=ftpdpass

Configure vsftpd (/etc/vsftpd.conf) :

- listen=YES
- anonymous_enable=NO
- local_enable=YES
- write_enable=YES
- local_umask=022
- dirmessage_enable=YES
- xferlog_enable=YES
- connect_from_port_20=YES
- nopriv_user=vsftpd
- chroot_local_user=YES
- secure_chroot_dir=/var/run/vsftpd
- pam_service_name=vsftpd
- guest_enable=YES
- guest_username=vsftpd
- local_root=/home/vsftpd/$USER
- user_sub_token=$USER
- virtual_use_local_privs=YES
+     listen=YES
+     anonymous_enable=NO
+     local_enable=YES
+     write_enable=YES
+     local_umask=022
+     dirmessage_enable=YES
+     xferlog_enable=YES
+     connect_from_port_20=YES
+     nopriv_user=vsftpd
+     chroot_local_user=YES
+     secure_chroot_dir=/var/run/vsftpd
+     pam_service_name=vsftpd
+     guest_enable=YES
+     guest_username=vsftpd
+     local_root=/home/vsftpd/$USER
+     user_sub_token=$USER
+     virtual_use_local_privs=YES

restart vsftpd:
- /etc/init.d/vsftpd restart
+ /etc/init.d/vsftpd restart
check /var/log/auth.log

[Regression Potential]

* There is currently no fix or workaround, as the library is basically
broken as installed from Ubuntu.

* I believe the regression potential to be very low because the current
code does not work.

---

In Ubuntu 16.04, the libpam-mysql package does not work. It crashes
with the below error:

PAM unable to dlopen(pam_mysql.so): /lib/security/pam_mysql.so:
undefined symbol: make_scrambled_password

I fixed this issue by download the source for the package and applying
the patches that come from this source RPM:

http://dinofly.com/files/linux/pam_mysql-0.7-0.20.rc1.fc23.src.rpm

I then created unofficial packages after applying the patch. They can
be downloaded here:

http://www.dinofly.com/files/linux/libpam-mysql_0.7~RC1-4ubuntu3_amd64.deb
http://www.dinofly.com/files/linux/libpam-mysql_0.7~RC1-4ubuntu3_i386.deb

libpam-mysql now works again on Ubuntu 16.04 x86 and x64.

Here is the initial RedHat bug report:

https://bugzilla.redhat.com/show_bug.cgi?id=709534
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/

Andreas Hasenack

2017-05-11 22:15:43 UTC

Permalink

TL;DR
- pam_mysql.c buf in pam_mysql_check_passwd() is overflowing
- my_make_scrambled_password() is NOT returning content that can be compared to what is stored in the mysql DB when using PASSWORD().
- my_make_scrambled_password_sha1() seems to be the right one to use, as it returns a string of hex values, but it's not exported

Details:

It's buf that is overflowing in pam_mysql.c:
/* PASSWORD */
case 2: {
char buf[42];
...
my_make_scrambled_password(buf, passwd, strlen(passwd));
syslog(LOG_AUTHPRIV | LOG_ERR, PAM_MYSQL_LOG_PREFIX "andreas: row0=%s buf=%s passwd=%s", row[0], buf, passwd);

I added some simple debugging above, and got;
May 11 22:08:42 yakkety-pam-mysql vsftpd: pam_mysql - andreas: row0=*2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 buf=$5$EI#015W7T^j'x#00173VPb#016g#025J$8cyy7LNV0Uhg0RCY1OV0OcrbqCB7eaYBsRmWnBJmzT2 passwd=password

row0 matches what's in the DB:
mysql> SELECT pass FROM accounts WHERE username = 'user';
+-------------------------------------------+
| pass |
+-------------------------------------------+
| *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 |

You can see that buf contains something in a very different format than what is stored in mysql. It's definitely not in hex format, it's much larger than 42 and I'm not even sure if it's supposed to be \0 terminated. I haven't found docs for my_make_scrambled_password() yet.

That magic number 42 comes from mysql's sql/auth/password.c for a *different* function:
/*
MySQL 4.1.1 password hashing: SHA conversion (see RFC 2289, 3174) twice
applied to the password string, and then produced octet sequence is
converted to hex string.
The result of this function is used as return value from PASSWORD() and
is stored in the database.
SYNOPSIS
my_make_scrambled_password_sha1()
buf OUT buffer of size 2*SHA1_HASH_SIZE + 2 to store hex string
password IN password string
pass_len IN length of password string
*/

Where:
./include/sha1.h:#define SHA1_HASH_SIZE 20 /* Hash size in bytes */

so buf has size 2*20+2 = 42. (what about null termination?)

BUT that Synopsis is for my_make_scrambled_password_sha1(), *NOT*
my_make_scrambled_password().

my_make_scrambled_password() seems to be something very different:
void my_make_scrambled_password(char *to, const char *password,
size_t pass_len)
{

char salt[CRYPT_SALT_LENGTH + 1];

generate_user_salt(salt, CRYPT_SALT_LENGTH + 1);
my_crypt_genhash(to,
CRYPT_MAX_PASSWORD_SIZE,
password,
pass_len,
salt,
0);

}

CRYPT_MAX_PASSWORD_SIZE is much bigger than 42, and in any case the
result is not a string of hex values.

Further digging needed, but I'm EOD now :)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Andreas Hasenack

2017-05-11 22:17:54 UTC

Permalink

I'm going to post this over in #1574911 too
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Andy Whitcroft

2017-05-16 13:38:38 UTC

Permalink

Marking this as verification-failed as it seems this is definitivly not
the right solution.

** Tags removed: verification-done-yenial verification-needed-yakkety
** Tags added: verification-failed-xenial verification-failed-yakkety
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Andreas Hasenack

2017-05-17 18:16:38 UTC

Permalink

Since mysql 5.6, there is no exported function that mimics the server-
side PASSWORD() hash. my_make_scrambled_password() doesn't do it, and
make_scrambled_password() isn't exported anymore.

The solution here is to reimplement that hash algorithm inside
pam_mysql. One of the upstream forks did it, but still tries to use
my_make_scrambled_password() if it's available, for which I opened bug
https://github.com/NigelCunningham/pam-MySQL/issues/29.

** Bug watch added: github.com/NigelCunningham/pam-MySQL/issues #29
https://github.com/NigelCunningham/pam-MySQL/issues/29
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

johndros

2017-05-28 13:36:45 UTC

Permalink

Hello,

As of the following bug is there a working fix for xenial?
Because i installed the unofficial package at first comment but turns on error "Error in service module" if i try either https://launchpad.net/ubuntu/+source/pam-mysql/0.7~RC1-4ubuntu2.1 still have error "PAM unable to dlopen(pam_mysql.so): /lib/security/pam_mysql.so: undefined symbol: make_scrambled_password"
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Łukasz Zemczak

2017-06-27 15:24:54 UTC

Permalink

As part of a recent change in the Stable Release Update verification
policy we would like to inform that for a bug to be considered verified
for a given release a verification-done-$RELEASE tag needs to be added
to the bug where $RELEASE is the name of the series the package that was
tested (e.g. verification-done-xenial). Please note that the global
'verification-done' tag can no longer be used for this purpose.

Thank you!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Launchpad Bug Tracker

2017-09-19 18:19:14 UTC

Permalink

** Merge proposal linked:
https://code.launchpad.net/~ahasenack/ubuntu/+source/pam-mysql/+git/pam-mysql/+merge/331007
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubun

Andreas Hasenack

2017-09-20 17:51:17 UTC

Permalink

I have a branch with a patch for xenial, but I'm afraid the pam-mysql
source package is very much broken there. The build process de-applies
the patches, then builds the binaries, then applies the patches, and
finishes. Not even the two existing patches are applied in that package,
much less my third patch.

The xenial branch is at
https://code.launchpad.net/~ahasenack/ubuntu/+source/pam-mysql/+git/pam-
mysql/+ref/xenial-pam-mysql-scrambled-1574911 if someone wants to take
over. The patch is backported in there but untested.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.ubuntu.com/mailman/li

Bug Watch Updater

2017-10-27 23:17:51 UTC

Permalink

Launchpad has imported 10 comments from the remote bug at
https://bugzilla.redhat.com/show_bug.cgi?id=709534.

If you reply to an imported comment from within Launchpad, your comment
will be sent to the remote bug automatically. Read more about
Launchpad's inter-bugtracker facilities at
https://help.launchpad.net/InterBugTracking.

------------------------------------------------------------------------
On 2011-05-31T22:11:09+00:00 Bruno wrote:

Description of problem:

Hi, i have a Fedora 15 x64 with postfix, courier-imap, mysql, and i have a problem with module pam_mysql. Every time i try authenticate for smtp i recive this error from /var/log/secure:
PAM unable to dlopen(/lib64/security/pam_mysql.so): /lib64/security/pam_mysql.so: undefined symbol: make_scrambled_password

Reply at: https://bugs.launchpad.net/ubuntu/+source/pam-
mysql/+bug/1574900/comments/0

------------------------------------------------------------------------
On 2011-05-31T23:00:32+00:00 Paul wrote:

Will try to fix this tomorrow.

Reply at: https://bugs.launchpad.net/ubuntu/+source/pam-
mysql/+bug/1574900/comments/1

------------------------------------------------------------------------
On 2011-06-01T20:10:07+00:00 Bruno wrote:

(In reply to comment #1)

Will try to fix this tomorrow.

Ok, i thin the problem is in libmysqlclient version 1.8

Reply at: https://bugs.launchpad.net/ubuntu/+source/pam-
mysql/+bug/1574900/comments/2

------------------------------------------------------------------------
On 2011-06-08T16:05:26+00:00 Tom wrote:

This is a more widespread problem with more than one *_mysql.so module
with the new libmysqlclient.so.18.

The affected *_mysql.so's all are making the deprecated
make_scrambled_password call. The f14 version of libmyclient.so (.16)
allowed the call even though it was deprecated. The new version version
(.18) does not.

Any mysql module that is making the call is failing to load (like
apache's mod_auth_mysql) or failing on use (like this one - pam_mysql.)

This is pretty serious in that nobody can authenticate against a mySql
database anywhere. I run almost strictly mySql-based virtual users, so
my FTP and web server is pretty much toast until this is fixed.

Reply at: https://bugs.launchpad.net/ubuntu/+source/pam-
mysql/+bug/1574900/comments/3

------------------------------------------------------------------------
On 2011-06-09T14:59:12+00:00 Tom wrote:

*** Bug 712132 has been marked as a duplicate of this bug. ***

Reply at: https://bugs.launchpad.net/ubuntu/+source/pam-
mysql/+bug/1574900/comments/4

------------------------------------------------------------------------
On 2011-06-09T15:02:06+00:00 Tom wrote:

Look at https://bugzilla.redhat.com/show_bug.cgi?id=708287 for more
details. There was a similar bug with PureFTP that was fixed in Beta.

Reply at: https://bugs.launchpad.net/ubuntu/+source/pam-
mysql/+bug/1574900/comments/5

------------------------------------------------------------------------
On 2011-06-10T06:14:20+00:00 Jan wrote:

Created attachment 504018
Patch

Paul, please try to use this patch.

Reply at: https://bugs.launchpad.net/ubuntu/+source/pam-
mysql/+bug/1574900/comments/6

------------------------------------------------------------------------
On 2011-06-13T20:11:45+00:00 Fedora wrote:

pam_mysql-0.7-0.12.rc1.fc15 has been submitted as an update for Fedora 15.
https://admin.fedoraproject.org/updates/pam_mysql-0.7-0.12.rc1.fc15

Reply at: https://bugs.launchpad.net/ubuntu/+source/pam-
mysql/+bug/1574900/comments/7

------------------------------------------------------------------------
On 2011-06-15T05:43:29+00:00 Fedora wrote:

Package pam_mysql-0.7-0.12.rc1.fc15:
* should fix your issue,
* was pushed to the Fedora 15 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing pam_mysql-0.7-0.12.rc1.fc15'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/pam_mysql-0.7-0.12.rc1.fc15
then log in and leave karma (feedback).

Reply at: https://bugs.launchpad.net/ubuntu/+source/pam-
mysql/+bug/1574900/comments/8

------------------------------------------------------------------------
On 2011-07-04T18:51:37+00:00 Fedora wrote:

pam_mysql-0.7-0.12.rc1.fc15 has been pushed to the Fedora 15 stable
repository. If problems still persist, please make note of it in this
bug report.

Reply at: https://bugs.launchpad.net/ubuntu/+source/pam-
mysql/+bug/1574900/comments/9

** Changed in: pam-mysql (Fedora)
Status: Unknown => Fix Released

** Changed in: pam-mysql (Fedora)
Importance: Unknown => Critical

** Bug watch added: Red Hat Bugzilla #708287
https://bugzilla.redhat.com/show_bug.cgi?id=708287
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900

Title:
libpam-mysql undefined symbol: make_scrambled_password

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions

--
ubuntu-bugs mailing list
ubuntu-***@lists.ubuntu.com
https://lists.u