Re: MySQL obnoxious question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Words by Mário Gamito [Wed, Feb 20, 2008 at 12:35:26AM +0000]:
> Hi,
>
> Sorry for the little off-topic, but the vpoopmail list is kind of dead.
>

So is the diablo mailing list and I don't see any diablo nntp related
questions here.

> I'm running a qmail server with vpopmail with MySQL authentication.
>
> For obnoxious reasons, I'm running a web site in Windows/ASP.NET/C# that 
> once a user registers, it inserts in the MySQL qmail server the username, 
> password, etc.
>
> It's in the password that the problem lies.
> I need to hash it just before or after the MySQL INSERT statement.
> For that, I have to run a PHP shell script that follows my signature.
>
> Problem is MySQL doesn't run external commands.
>

All that does is generate a random md5 salt and do an md5 crypt of the
password. Why would you want to run that on an external command? I
guess you can easily do it on c#.

>
> <?php
>
> function randltr() {
>  $retval = 'a';
>  $rand = rand() % 64;
>  if ($rand < 26) $retval = $rand + 'a';
>  if ($rand > 25) $retval = $rand - 26 + 'A';
>  if ($rand > 51) $retval = $rand - 52 + '0';
>  if ($rand == 62) $retval = ';';
>  if ($rand == 63) $retval = '.';
>  return($retval);
> }
>
> function mkpasswd3(&$clearpass, &$crypted) {
>  srand ((double)microtime()*1000000);
>
>  $salt = '$1$';
>  for ($i = 0; $i < 5; $i++) $salt .= randltr();
>  $salt .= '0';
>  $crypted = crypt($clearpass, $salt);
>  if (strlen($crypted) > 0) return(true);
>  return(false);
> }
>
> $clearpass = 'yeshua';
> $crypted = '';
>
> if (mkpasswd3($clearpass, $crypted))
>  printf("%s -> %s\n", $clearpass, $crypted);
> else
> echo("Ohoh");
> -

-- 
Jose Celestino
----------------------------------------------------------------
http://www.msversus.org/     ; http://techp.org/petition/show/1
http://www.vinc17.org/noswpat.en.html
----------------------------------------------------------------
"If you would have your slaves remain docile, teach them hymns."
    -- Ed Weathers ("The Empty Box")
-
To unsubscribe from this list: send the line "unsubscribe linux-admin" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Newbie]     [Audio]     [Hams]     [Kernel Newbies]     [Util Linux NG]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Device Drivers]     [Samba]     [Video 4 Linux]     [Git]     [Fedora Users]

  Powered by Linux