Details
-
Bug
-
Status: Closed (View Workflow)
-
Blocker
-
Resolution: Fixed
-
all
-
All
Description
The last zero byte should not be included in the salt when re-calculating the scramble responding to auth switch request.
Check attached before.png (current code, 0x00 included) and after.png (after fix, 0x00 excluded).
I have created a PR to fix this, please help to verify and review.
https://github.com/MariaDB/mariadb-connector-j/pull/93
Attachments
Activity
After some verification, i was wrong : this data depend on plugins implementation. : auth_pam really use all data : there is no null terminated byte.
Documentation is updated to use byte[EOF].
Additional documentation for each plugins would be great, but that's actually not done.
Did you face any issue or is this problem only related to documentation ?
Hey Diego,
This is an issue we faced when we asks client to switch to mysql_native_password while the client fails to absorb the correct salt. It's kind of a blocker here
correction done by commit : https://github.com/MariaDB/mariadb-connector-j/commit/c29464331ec1d84fd9cb0926207373e8f42b9985
will be in 1.5.6 (release this week)
documentation improved to describe authentication plugins format : https://mariadb.com/kb/en/mariadb/1-connecting-connecting/
I agree that implementation doesn't correspond to documentation.
Each authentication data remove this additional byte afterward.
Better to remove it when setting the data variable, like documentation https://mariadb.com/kb/en/mariadb/1-connecting-connecting/#authentication-switch-request describe it.
(https://dev.mysql.com/doc/internals/en/connection-phase-packets.html#packet-Protocol::AuthSwitchRequest is wrong describing this as string[EOF])