Description of problem: Unable to start apache httpd with mod_auth_mysql installed. Version-Release number of selected component (if applicable): mod_auth_mysql-3.0.0-14.fc15.i686 httpd-2.2.17-10.fc15.1.i686 mysql-libs-5.5.12-1.fc15.i686 How reproducible: always Steps to Reproduce: 1. httpd -t Actual results: httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 6 of /etc/httpd/conf.d/auth_mysql.conf: Cannot load /etc/httpd/modules/mod_auth_mysql.so into server: /etc/httpd/modules/mod_auth_mysql.so: undefined symbol: make_scrambled_password Additional info: Need to recompile this module against newer mysql libs?
Hello, I may confirm that I cannot use the Web mail system (squirrelmail) because of this. httpd won't start. IMHO, this is pretty severe and urgent... Răzvan
You can try to rebuild this package yourself if you need urgent solution. Try to download src.rpm: yumdownloader --source mod_auth_mysql and rebuild: rpmbuild --rebuild mod_auth_mysql*src.rpm Sure, you need all required programs and libraries installed on your build system.
Just tried this with mod_auth_mysql.i686, 1:3.0.0-14.fc15. Unfortunately same result. Could one of the devel packages need updating?
Adding a "me too" to this bug. On x86_64 system (KVM guest) running apache with mod_auth_mysql required.
Same problem here. Please fix this soon! Thanks
My I add my vote. This is critical for many web apps.
This is a more widespread problem with more than one *_mysql.so module with the new libmysqlclient.so.18. The affected *_mysql.so's all are making the deprecated make_scrambled_password call. The f14 version of libmyclient.so (.16) allowed the call even though it was deprecated. The new version version (.18) does not. Any mysql module that is making the call is failing to load (like this one in mod_auth_mysql) or failing on use (like pam_mysql.) This is pretty serious in that nobody can authenticate against a mySql database anywhere. I run almost strictly mySql-based virtual users, so my FTP and web server is pretty much toast until this is fixed.
I did a quick grep for "make_scrambled_password" in binary files that weren't the libmusqlclient.so's . Came up with Binary file /usr/lib64/httpd/modules/mod_auth_mysql.so matches Binary file /etc/httpd/modules/mod_auth_mysql.so matches Binary file /lib64/security/pam_mysql.so matches Hardly definitive, but possibly helpful. Looks like it is fairly limited in scope - on my system at least. But it still is a major problem.
Looks like similar problem was already fixed in pure-ftpd. https://bugzilla.redhat.com/show_bug.cgi?id=708287
I concur. That's how I found reference to it.
Definitely a critical problem. Tom - I think you are barking up the right tree - mod_auth_mysql 3.0.0 appears to need updating. I pulled the source from http://modauthmysql.sourceforge.net/ and it still uses the old call. I see that someone made a version of libmysqlclient.18 with the old make_scrambled method in it for backward compatibility: http://www.mdvrb-factory.de/i586/libmysql18-5.5.12-1bmdv2010.2.i586.html I extracted that rpm and tried to copy its lib in place but it's built against a different libssl. Since the site is in german I'm having trouble finding the source rpm. It should be easy either to rebuild against it or use it to patch mysql. If you happen to read german, let me know if you find the src rpm and I'll be glad to monkey with it.
Created attachment 503754 [details] A temporarily hacked libmysqlclient.so.18.0.0 Here's a workaround that was successful for me. I grabbed the mysql source rpm with yumdownloader --source mysql. I modified libmysql.version to export make_scrambled_password and make_scrambled_password_323. Then manually copied libmysqlclient.so.18.0.0 into /usr/lib/mysql (after making a copy of the original). httpd now starts. I've attached it here purely for quick-fix purposes until a proper fix comes down the pipe.
(In reply to comment #9) > Looks like similar problem was already fixed in pure-ftpd. > https://bugzilla.redhat.com/show_bug.cgi?id=708287 Sorry, wrong bug ID: https://bugzilla.redhat.com/show_bug.cgi?id=690346 I think hacking mysql to be backward compatible is not a good solution. Looks like this old version has some security problems, because password length was not specified. If you consider mysql changes are correct, please change component to mysql. There looks to be another problem. There is no "my_make_scrambled_password" in fedora15's mysql header files. Anybody knows why?
I definitely agree it's the wrong permanent solution. But I would guess we are safe that httpd doesn't have a null-termination problem on the password string. So to get going for now, it's would seem to be a reasonable temporary solution to get back on the air. It's definitely not an option to turn off mod_auth_mysql Additionally, and I may be reading the rpm source wrong, it looks like in the mysql code it's deprecated, not removed. I didn't try very hard to make mod_auth_mysql work with my_make_scrambled_password. It looked to be exported. Are you sure there isn't just a method signature issue - when you changed the call, is the length right type?
Please, test following update and add positive karma if it works.
mod_auth_mysql-3.0.0-18.fc15 has been submitted as an update for Fedora 15. https://admin.fedoraproject.org/updates/mod_auth_mysql-3.0.0-18.fc15
Awesome. Works for me.
I loaded the fix. Apache now loads without error. Will test it further. Thanks. Should I put in a bugzilla for pam_mysql.so for same problem?
Package mod_auth_mysql-3.0.0-18.fc15: * should fix your issue, * was pushed to the Fedora 15 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing mod_auth_mysql-3.0.0-18.fc15' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/mod_auth_mysql-3.0.0-18.fc15 then log in and leave karma (feedback).
mod_auth_mysql-3.0.0-18.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report.