原文:http://www.verydemo.com/demo_c92_i396592.html
这个是笔者对论坛主机的FTP服务进行注册用户验证,论坛采用的是VBB,看了看VBB的密码加密方式,MD5,FAINT。
PROFTPD的MOD_SQL模块并不支持MD5。VBB是直接调用MYSQL的MD5()函数进行密码加密。怎么办?HACK!笔者用的PROFTPD是最新的Proftpd 1.2.8,mod_sql 版本是 4.10,查了一下 mod_sql.c 文件,发现增加一种验证方式还是很简单的,当然这个要归功mod_sql.c的程序架构设计得不错。
下面是笔者修改后得mod_sql.c的部分代码,有中文的地方是笔者加的。
#include "conf.h" #include "privs.h" #include "mod_sql.h" #define _MOD_VERSION "mod_sql/4.10" #ifdef HAVE_CRYPT_H #include #endif #ifdef HAVE_LIMITS_H #include #endif /**************/ /* 引入md5头文件 */ #include /**************/ /* Uncomment the following define to allow OpenSSL hashed password checking; * you'll also need to link with OpenSSL's crypto library ( -lcrypto ) */ /* #define HAVE_OPENSSL */ #ifdef HAVE_OPENSSL #include #endif /* default information for tables and fields */ #define MOD_SQL_DEF_USERTABLE "users" #define MOD_SQL_DEF_USERNAMEFIELD "userid" #define MOD_SQL_DEF_USERUIDFIELD "uid" #define MOD_SQL_DEF_USERGIDFIELD "gid" #define MOD_SQL_DEF_USERPASSWORDFIELD "password" #define MOD_SQL_DEF_USERSHELLFIELD "shell" #define MOD_SQL_DEF_USERHOMEDIRFIELD "homedir" #define MOD_SQL_DEF_GROUPTABLE "groups" #define MOD_SQL_DEF_GROUPNAMEFIELD "groupname" #define MOD_SQL_DEF_GROUPGIDFIELD "gid" #define MOD_SQL_DEF_GROUPMEMBERSFIELD "members" /* default minimum id / default uid / default gid info. * uids and gids less than MOD_SQL_MIN_USER_UID and * MOD_SQL_MIN_USER_GID, respectively, get automatically * mapped to the defaults, below. These can be * overridden using directives */ #define MOD_SQL_MIN_USER_UID 999 #define MOD_SQL_MIN_USER_GID 999 #define MOD_SQL_DEF_UID 65533 #define MOD_SQL_DEF_GID 65533 #define MOD_SQL_BUFSIZE 32 /* Named Query defines */ #define SQL_SELECT_C "SELECT" #define SQL_INSERT_C "INSERT" #define SQL_UPDATE_C "UPDATE" #define SQL_FREEFORM_C "FREEFORM" /* authmask defines */ #define SQL_AUTH_USERS (1<<0) #define SQL_AUTH_GROUPS (1<<1) #define SQL_AUTH_USERS_DEFINITIVE (1<<2) #define SQL_AUTH_GROUPS_DEFINITIVE (1<<3) #define SQL_AUTH_USERSET (1<<4) #define SQL_AUTH_GROUPSET (1<<5) #define SQL_FAST_USERSET (1<<6) #define SQL_FAST_GROUPSET (1<<7) #define SQL_GROUPS (cmap.authmask & SQL_AUTH_GROUPS) #define SQL_USERS (cmap.authmask & SQL_AUTH_USERS) #define SQL_GROUPSET (cmap.authmask & SQL_AUTH_GROUPSET) #define SQL_USERSET (cmap.authmask & SQL_AUTH_USERSET) #define SQL_FASTGROUPS (cmap.authmask & SQL_FAST_GROUPSET) #define SQL_FASTUSERS (cmap.authmask & SQL_FAST_USERSET) #define SQL_GROUPGOD (cmap.authmask & SQL_AUTH_GROUPS_DEF |