Uploaded image for project: 'MariaDB Connector/C'
  1. MariaDB Connector/C
  2. CONC-469

auth_socket authentication (MySQL 8 Server) not supported

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.1.8
    • Fix Version/s: 3.1.9
    • Environment:
      MySQL 8.0.20, Ubuntu 20.04 LTS

      Description

      Currently it's not possible to connect to a MySQL 8 server using an account configured with auth_socket authentication.
      In its default installation, MySQL 8 on Ubuntu 20.04 uses auth_socket for the root account.

      I've compiled a minimal test program for the connection:

      #include <stdio.h>
      #include <stdlib.h>
      #include <mysql.h>
      int main(int argc, char *argv[]) {
      	MYSQL mysql;
      	mysql_init(&mysql);
      	printf("connecting...\n");
      	if (!mysql_real_connect(&mysql,"localhost","root",NULL,NULL, 0, "/var/run/mysqld/mysqld.sock", 0)) {
      		fprintf(stderr, "Failed to connect to database: Error: %s\n",
      		mysql_error(&mysql));
      		return(1);
      	}
       
      	printf("Connected.\n");
      	return(0);
      

      The MariaDB Connector/C is compiled and linked statically:

      CFLAGS=-DMYSQL_CLIENT=1 cmake .. -DCLIENT_PLUGIN_DIALOG=OFF -DCLIENT_PLUGIN_CLEARTEXT=STATIC
       -DCLIENT_PLUGIN_AUTH_GSSAPI=STATIC -DCLIENT_PLUGIN_SHA256_PASSWORD=STATIC -DCLIENT_PLUGIN_CACHING_S
      HA2_PASSWORD=STATIC -DCLIENT_PLUGIN_MYSQL_CLEAR_PASSWORD=STATIC -DCLIENT_PLUGIN_MYSQL_OLD_PASSWORD=S
      TATIC \
       -DCMAKE_BUILD_TYPE=Release \
      ...
      

      The test program runs fine when connecting to a MariaDB 10.3 server (root account configured with plugin unix_socket).
      However, running the same binary when connecting to MySQL 8, it aborts:

      connecting...
      Failed to connect to database: Error: Error in server handshake
      

      strace output:

      [...]
      socket(AF_UNIX, SOCK_STREAM, 0)         = 3
      fcntl(3, F_SETFL, O_RDONLY|O_NONBLOCK)  = 0
      connect(3, {sa_family=AF_UNIX, sun_path="/var/run/mysqld/mysqld.sock"}, 110) = 0
      fcntl(3, F_SETFL, O_RDONLY)             = 0
      setsockopt(3, SOL_IP, IP_TOS, [8], 4)   = -1 EOPNOTSUPP (Operation not supported)
      setsockopt(3, SOL_SOCKET, SO_KEEPALIVE, [1], 4) = 0
      recvfrom(3, "[\0\0\0\n8.0.20-0ubuntu0.20.04.1\0\335\n\0"..., 16384, MSG_DONTWAIT, NULL, NULL) = 95
      sendto(3, "\250\0\0\1\205\242\236\0\0\0\0@\10\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 172, MSG_DONTWAIT|MSG_NOSIGNAL, NULL, 0) = 172
      recvfrom(3, "\7\0\0\2\0\0\0\2\0\0\0", 16384, MSG_DONTWAIT, NULL, NULL) = 11
      close(3)                                = 0
      write(2, "Failed to connect to database: E"..., 64Failed to connect to database: Error: Error in server handshake
      ) = 64
      exit_group(1)                           = ?
      +++ exited with 1 +++
      

      Log message in MySQL error.log:

      2020-05-22T06:28:40.787048Z 2798 [Note] [MY-010914] [Server] Aborted connection 2798 to db: 'mysql' user: 'root' host: 'localhost' (Got an error reading communication packets).
      

      On MySQL 8.0, the plugin column for the root account contains auth_socket, while on MariaDB it is unix_socket:

      mysql> select host, user, plugin from mysql.user where user='root';
      +-----------+------+-------------+
      | host      | user | plugin      |
      +-----------+------+-------------+
      | localhost | root | auth_socket |
      +-----------+------+-------------+
      1 row in set (0.01 sec)
      

      Maybe this might be a problem?

      Please let me know if I can provide more informations. I've already had a look at the Connector/C source; the error CR_SERVER_HANDSHAKE_ERR looks to be only returned from within the auth-plugins.

      Currently the Connector/C can't be used as a "drop-in replacement" in combination with MySQL 8, though the auth code for caching_sha2_pwd already has been included.

      Thanks & best regards!

      -Klaus

        Attachments

          Activity

            People

            Assignee:
            georg Georg Richter
            Reporter:
            klk Klaus Keppler
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: