One more commit required to merge second pack of Monty's patches

sql/item_strfunc.cc: Remove some debug sql/mysql_priv.h: New password has larger length sql/mysqld.cc: New option name to be consistent sql/password.c: Clean up hash generation
2025-07-30 16:24:05 +03:00 · 2002-10-03 22:42:13 +04:00
parent 8d8699f383
commit a370f86622
4 changed files with 22 additions and 22 deletions
--- a/sql/item_strfunc.cc
+++ b/sql/item_strfunc.cc
@ -1267,9 +1267,7 @@ String *Item_func_password::val_str(String *str)
  if (res->length() == 0)
    return &empty_string;
  make_scrambled_password(tmp_value,res->c_ptr());
-  printf("Returned to the function\n");
  str->set(tmp_value,get_password_length(),res->charset());
-  printf("At the exit\n");
  return str;
 }

--- a/sql/mysql_priv.h
+++ b/sql/mysql_priv.h
@ -66,7 +66,8 @@ char* query_table_status(THD *thd,const char *db,const char *table_name);
 ****************************************************************************/

 #define ACL_CACHE_SIZE		256
-#define HASH_PASSWORD_LENGTH	16
+/* Password lengh for 4.1 version previous versions had 16 bytes password hash */
+#define HASH_PASSWORD_LENGTH	45
 #define HOST_CACHE_SIZE		128
 #define MAX_ACCEPT_RETRY	10	// Test accept this many times
 #define MAX_FIELDS_BEFORE_HASH	32
--- a/sql/mysqld.cc
+++ b/sql/mysqld.cc
@ -278,7 +278,7 @@ static my_bool opt_noacl=0, opt_bootstrap=0, opt_myisam_log=0;
 my_bool opt_safe_user_create = 0, opt_no_mix_types = 0;
 my_bool opt_safe_show_db=0, lower_case_table_names, opt_old_rpl_compat;
 my_bool opt_show_slave_auth_info, opt_sql_bin_update = 0;
-my_bool opt_log_slave_updates= 0;
+my_bool opt_log_slave_updates= 0, opt_old_passwords=0;

 volatile bool  mqh_used = 0;
 FILE *bootstrap_file=0;
@ -396,6 +396,7 @@ const char *myisam_recover_options_str="OFF";
 const char *sql_mode_str="OFF";
 ulong rpl_recovery_rank=0;

+
 my_string mysql_unix_port=NULL, opt_mysql_tmpdir=NULL, mysql_tmpdir=NULL;
 ulong my_bind_addr;			/* the address we bind to */
 DATE_FORMAT dayord;
@ -2914,7 +2915,8 @@ enum options {
  OPT_INNODB_FORCE_RECOVERY,
  OPT_BDB_CACHE_SIZE,
  OPT_BDB_LOG_BUFFER_SIZE,
-  OPT_BDB_MAX_LOCK
+  OPT_BDB_MAX_LOCK,
+  OPT_OLD_PASSWORDS
 };


@ -3245,6 +3247,8 @@ struct my_option my_long_options[] =
   GET_STR, REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
  {"safe-mode", OPT_SAFE, "Skip some optimize stages (for testing).",
   0, 0, 0, GET_NO_ARG, NO_ARG, 0, 0, 0, 0, 0, 0},
+  {"old-passwords", OPT_OLD_PASSWORDS, "Use old password encryption method (needed for old clients)",
+   (gptr*) &opt_old_passwords, (gptr*) &opt_old_passwords, 0, GET_BOOL, NO_ARG, 0, 0, 0, 0, 0, 0},   
 #ifndef TO_BE_DELETED
  {"safe-show-database", OPT_SAFE_SHOW_DB,
   "Depricated option; One should use GRANT SHOW DATABASES instead...",
--- a/sql/password.c
+++ b/sql/password.c
@ -37,8 +37,7 @@
 #include <my_global.h>
 #include <my_sys.h>
 #include <m_string.h>
-/* To be replaced by SHA1 as Monty will do the Merge */
-#include <md5.h>
+#include <sha1.h>
 #include "mysql.h"


@ -47,7 +46,7 @@
 #define PVERSION41_CHAR '*'


-extern uint old_passwords; /* If prior 4.1 functions to be used */
+extern my_bool opt_old_passwords; /* If prior 4.1 functions to be used */



@ -101,9 +100,9 @@ void make_scrambled_password(char *to,const char *password)
  ulong hash_res[2];  /* Used for pre 4.1 password hashing */
  static uint salt=0; /* Salt for 4.1 version password */
  unsigned char* slt=(unsigned char*)&salt;
-  my_MD5_CTX context; 
-  unsigned char digest[16];
-  if (old_passwords) /* Pre 4.1 password encryption */
+  SHA1_CONTEXT context; 
+  uint8 digest[SHA1_HASH_SIZE];
+  if (opt_old_passwords) /* Pre 4.1 password encryption */
  {
    hash_password(hash_res,password);
    sprintf(to,"%08lx%08lx",hash_res[0],hash_res[1]);
@ -115,34 +114,32 @@ void make_scrambled_password(char *to,const char *password)
    salt+=getpid()+time(NULL)+0x01010101;
    /* Use only 2 first bytes from it */ 
    sprintf(&(to[1]),"%02x%02x",slt[0],slt[1]);
-    /* Waiting for Monty to do the merge */
-    my_MD5Init(&context);
+    sha1_reset(&context);
    /* Use Salt for Hash */
-    my_MD5Update(&context,(unsigned char*)&salt,2);
+    sha1_input(&context,(uint8*)&salt,2);
    
    for (; *password ; password++)
    {
      if (*password == ' ' || *password == '\t')
        continue;/* skip space in password */
-      my_MD5Update(&context,(unsigned char*)&password[0],1);	
+      sha1_input(&context,(int8*)&password[0],1);	
    }
-    my_MD5Final(digest,&context);
+    sha1_result(&context,digest);
    /* Print resulting hash into the password*/
-/*    sprintf(&(to[5]),
-      "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
+    sprintf(&(to[5]),
+      "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
      digest[0],digest[1],digest[2],digest[3],digest[4],digest[5],digest[6],
      digest[7],digest[8],digest[9],digest[10],digest[11],digest[12],digest[13],
-      digest[14],digest[15]);  */
-      sprintf(&to[5],"1234567890123456789012345");
+      digest[14],digest[15],digest[16],digest[17],digest[18],digest[19]); 
      
  }
 }

 uint get_password_length()
 {
-  if (old_passwords)
+  if (opt_old_passwords)
    return 16;
-  else return 37;
+  else return SHA1_HASH_SIZE*2+4+1;
 }