thanks for the 'hashing' information
the reason the guy on the forum isn't willing to share his code is that his
code is fake - you can see that by the simple syntax errors i told him about
his 'analysis of my code' is hilarious - even more so when it is 'his code' i
was compiling that was producing the errors he was 'analyzing'
the excessive units he has on his uses clause - no real code is going to mix
every fpc related mariadb/mysql unit there is - mixing the different levels of
methods
uses
Classes, SysUtils, blcksock, libssh2, sockets, mysql56conn, SQLDB
{$IFDEF mswindows}
,Windows
{$ifend};
his jumping on using threads from the 3rd post response when using
TTCPBlockSocket blocking (synchronous)
i still have no clue why he was connecting to port 1500 Unofficial IBM Tivoli
Storage Manager server
serTCP.bind('0.0.0.0','1500');
and there was no code that even did a login to the server (which is the code i
need)
just hilarious
On Sat, 5 Aug 2023 22:47:45 +0200
Rik van Kekem <r...@graficalc.nl> wrote:
> Op 05-08-2023 om 21:15 schreef paste...@gmx.com:
> > are you the guy on the fpc mailing list? do you read what i write? or
> > just make it up like that guy? in case someone else knows about
> > mariadb/mysql with synapse - i'm still trying to find the fpc (or
> > delphi) method/code for doing the password hash i have the c code but
> > not finding the fpc code to do the same
> No. It's been a while since I've been on the mailinglist from fpc.
> I'm rvk on the fpc/lazarus forum and am one of the most frequent
> posters/helpers. I'm not a troll.
>
> I'm the last one posted on the forum in that topic about mysql
> authentication but haven't got a reaction back there anymore.
> (So others probably also wouldn't be inclined to help in a topic where
> there is no response anymore.)
> That topic only went as far as getting a "Got packets out of order".
>
> I'm also not sure who you are since you haven't signed your messages.
>
> Anyway... I don't have exact code for you (myisjwj on the forum does but
> (s)he doesn't seem to be willing to throw it on the forum).
>
> But the calculation of the password would be in the documentation.
> (I guess you already found that.)
>
> If you get mysql_clear_password or mysql_old_password then the password
> would of course be as you passed it in your code.
>
> If you get sha256_password or caching_sha2_password it becomes a lot
> more complicated.
>
> If you get back mysql_native_password it would be:
> SHA1( password ) XOR SHA1( seed + SHA1( SHA1( password ) ) )
> (the seed you got in the first message from the server: string<8>
> scramble 1st part (authentication seed))
>
> You could use DCPCrypt library to hash for SHA1 (need to do that a few
> times).
> After that you would need xor the first buffer with sha1(password) of 20
> characters, with the second.
>
> uses DCPsha1;
> function HashSHA1(text: RawByteString): RawByteString;
> var
> hash: TDCP_sha1;
> begin
> hash := TDCP_sha1.Create(nil);
> try
> hash.Init;
> hash.UpdateStr(text);
> Setlength(Result, hash.GetHashSize div 8);
> hash.Final(Result[1]);
> finally
> hash.Free;
> end;
> end;
>
> But that's probably more a topic for the fpc forum than the mailinglist
> for Synapse.
> There are also people more capable of coding this on the forum.
>
> --
> Grtz,
> Rik
_______________________________________________
synalist-public mailing list
synalist-public@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/synalist-public
