Bug 654393

Description of problem:
When pam_mysql tries to retrieve pam's AUTHTOKEN, returns either (null) or "^H ^M^?INCORRECT"

Version-Release number of selected component (if applicable):
pam_mysql-0.7-0.4.rc1.el5.2.src.rpm

How reproducible:
 * Install the pam_mysql module according to instructions
 * Activate module on pam.d/system-auth
auth       sufficient     pam_mysql.so user=XXXXXX_pam passwd=XXXXXXX host=localhost db=XXXXXXX table=XXXXX usercolumn=name passwdcolumn=passwd verbose=1 disconnect_every_op=1 crypt=0 use_first_pass=1 try_first_pass=0
 * Login to the system
 * Check log on /var/log/secure
Steps to Reproduce:
1.
2.
3.
  
Actual results:
Nov 17 17:27:38 beta sshd[9080]: pam_mysql - option verbose is set to "1"
Nov 17 17:27:38 beta sshd[9080]: pam_mysql - option disconnect_every_op is set to "1"
Nov 17 17:27:38 beta sshd[9080]: pam_mysql - option crypt is set to "0"
Nov 17 17:27:38 beta sshd[9080]: pam_mysql - option use_first_pass is set to "1"
Nov 17 17:27:38 beta sshd[9080]: pam_mysql - option try_first_pass is set to "0"
Nov 17 17:27:38 beta sshd[9080]: pam_mysql - pam_mysql_close_db() called.
Nov 17 17:27:38 beta sshd[9080]: pam_mysql - pam_sm_authenticate() called.
Nov 17 17:27:38 beta sshd[9080]: pam_mysql - Error retrieving the password PAM_SUCCESS [ ^H ^M^?INCORRECT ].
Nov 17 17:27:38 beta sshd[9080]: pam_mysql - pam_mysql_open_db() called.
Nov 17 17:27:38 beta sshd[9080]: pam_mysql - pam_mysql_open_db() returning 0.
Nov 17 17:27:38 beta sshd[9080]: pam_mysql - pam_mysql_check_passwd(XXXXXX,^H ^M^?INCORRECT) called.
Nov 17 17:27:38 beta sshd[9080]: pam_mysql - pam_mysql_format_string() called
Nov 17 17:27:38 beta sshd[9080]: pam_mysql - pam_mysql_quick_escape() called.
Nov 17 17:27:38 beta sshd[9080]: pam_mysql - SELECT passwd FROM pam_users WHERE name = 'XXXXXXX'
Nov 17 17:27:38 beta sshd[9080]: pam_mysql - SELECT returned no result.
Nov 17 17:27:38 beta sshd[9080]: pam_mysql - pam_mysql_check_passwd() returning 1.
Nov 17 17:27:38 beta sshd[9080]: pam_mysql - pam_mysql_sql_log() called.
Nov 17 17:27:38 beta sshd[9080]: pam_mysql - pam_mysql_sql_log() returning 0.
Nov 17 17:27:38 beta sshd[9080]: pam_mysql - pam_mysql_close_db() called.
Nov 17 17:27:38 beta sshd[9080]: pam_mysql - pam_sm_authenticate() returning 10.


Expected results:


Additional info:
This output is a result of the following path, so the actual password can be seen :
--- pam_mysql-0.7RC1/pam_mysql.c        2006-01-09 11:35:59.000000000 +0100
+++ pam_mysql-0.7RC1_NEW/pam_mysql_passwd.c     2010-11-17 14:55:27.000000000 +0100
@@ -2566,7 +2566,7 @@
        int vresult;

        if (ctx->verbose) {
-               syslog(LOG_AUTHPRIV | LOG_ERR, PAM_MYSQL_LOG_PREFIX "pam_mysql_check_passwd() called.");
+               syslog(LOG_AUTHPRIV | LOG_ERR, PAM_MYSQL_LOG_PREFIX "pam_mysql_check_passwd(%s,%s) called.", user, passwd);
        }

        /* To avoid putting a plain password in the MySQL log file and on