A new user interface for you! Read more...

File pam_mysql-sqlfix.patch of Package pam_mysql

Index: pam_mysql.c
===================================================================
--- pam_mysql.c.orig
+++ pam_mysql.c
@@ -2339,6 +2339,8 @@ static void pam_mysql_close_db(pam_mysql
 
 	mysql_close(ctx->mysql_hdl);
 
+	mysql_library_end();
+
 	xfree(ctx->mysql_hdl);
 	ctx->mysql_hdl = NULL;
 }
@@ -2581,7 +2583,7 @@ static pam_mysql_err_t pam_mysql_check_p
 	err = pam_mysql_format_string(ctx, &query,
 		(ctx->where == NULL ?
 			"SELECT %[passwdcolumn] FROM %[table] WHERE %[usercolumn] = '%s'":
-			"SELECT %[passwdcolumn] FROM %[table] WHERE %[usercolumn] = '%s' AND (%S)"),
+			"SELECT %[passwdcolumn] FROM %[table] WHERE %[usercolumn] = '%s' AND %S GROUP BY %[passwdcolumn]"),
 				1, user, ctx->where);
 
 	if (err) {
@@ -2608,7 +2610,9 @@ static pam_mysql_err_t pam_mysql_check_p
 
 	switch (mysql_num_rows(result)) {
 		case 0:
-			syslog(LOG_AUTHPRIV | LOG_ERR, "%s", PAM_MYSQL_LOG_PREFIX "SELECT returned no result.");
+			if (ctx->verbose) {
+				syslog(LOG_AUTHPRIV | LOG_ERR, "%s", PAM_MYSQL_LOG_PREFIX "SELECT returned no result.");
+			}
 			err = PAM_MYSQL_ERR_NO_ENTRY;
 			goto out;
 
@@ -2891,7 +2895,7 @@ static pam_mysql_err_t pam_mysql_update_
 	err = pam_mysql_format_string(ctx, &query,
 		(ctx->where == NULL ?
 			"UPDATE %[table] SET %[passwdcolumn] = '%s' WHERE %[usercolumn] = '%s'":
-			"UPDATE %[table] SET %[passwdcolumn] = '%s' WHERE %[usercolumn] = '%s' AND (%S)"),
+			"UPDATE %[table] SET %[passwdcolumn] = '%s' WHERE %[usercolumn] = '%s' AND %S GROUP BY %[passwdcolumn]"),
 				1, (encrypted_passwd == NULL ? "": encrypted_passwd), user, ctx->where);
 	if (err) {
 		goto out;
@@ -2949,7 +2953,7 @@ static pam_mysql_err_t pam_mysql_query_u
 	err = pam_mysql_format_string(ctx, &query,
 		(ctx->where == NULL ?
 			"SELECT %[statcolumn], %[passwdcolumn] FROM %[table] WHERE %[usercolumn] = '%s'":
-			"SELECT %[statcolumn], %[passwdcolumn] FROM %[table] WHERE %[usercolumn] = '%s' AND (%S)"),
+			"SELECT %[statcolumn], %[passwdcolumn] FROM %[table] WHERE %[usercolumn] = '%s' AND %S GROUP BY %[passwdcolumn]"),
 				1, user, ctx->where);
 
 	if (err) {
@@ -2976,7 +2980,9 @@ static pam_mysql_err_t pam_mysql_query_u
 
 	switch (mysql_num_rows(result)) {
 		case 0:
-			syslog(LOG_AUTHPRIV | LOG_ERR, "%s", PAM_MYSQL_LOG_PREFIX "SELECT returned no result.");
+			if (ctx->verbose) {
+				syslog(LOG_AUTHPRIV | LOG_ERR, "%s", PAM_MYSQL_LOG_PREFIX "SELECT returned no result.");
+			}
 			err = PAM_MYSQL_ERR_NO_ENTRY;
 			goto out;