[MDEV-29994] Length of Password for replication and upgrade - Jira

Details

Type: Bug
Status: Stalled (View Workflow)
Priority: Minor
Resolution: Unresolved
Affects Version/s: 10.7.4
Fix Version/s: 10.11
Component/s: Replication
Labels:
- beginner-friendly

Description

I set up replication, with this password : (10.7.4)

ePE5A0jpBrpyzDRILDGeuh5L9IoUCbDE1wgLWe4xCJg=

Everything working fine, after i decided to upgrade to 10.7.7

apt update

apt upgrade

then the password become :

ePE5A0jpBrpyzDRILDGeuh5L9IoUCbDE1wgLWe4xC

(in master.info), look the password is now truncated.

Attachments

Activity

Ascending order - Click to sort in descending order

Aurélien LEQUOY created issue - 2022-11-10 11:42

Aurélien LEQUOY made changes - 2022-11-10 11:43

Field	Original Value	New Value
Description	I set up replication, with this password : (10.7.4) {code:java} ePE5A0jpBrpyzDRILDGeuh5L9IoUCbDE1wgLWe4xCJg= {code} Everything working fine, after i decided to upgrade to 10.7.7 then the password become : {code:java} ePE5A0jpBrpyzDRILDGeuh5L9IoUCbDE1wgLWe4xC {code} (in master.info), look the password is now truncated.	I set up replication, with this password : (10.7.4) {code:java} ePE5A0jpBrpyzDRILDGeuh5L9IoUCbDE1wgLWe4xCJg= {code} Everything working fine, after i decided to upgrade to 10.7.7 {code:java} apt update apt upgrade {code} then the password become : {code:java} ePE5A0jpBrpyzDRILDGeuh5L9IoUCbDE1wgLWe4xC {code} (in master.info), look the password is now truncated.

Sergei Golubchik made changes - 2022-11-17 14:11

Assignee

Tuukka Pasanen [ JIRAUSER49166 ]

Sergei Golubchik made changes - 2022-11-17 14:11

Fix Version/s

10.7 [ 24805 ]

Tuukka Pasanen added a comment - 2022-11-18 07:38 - edited

Thank you for report and could you fill which Debian version. So I can try to replicate this easier.

Tuukka Pasanen added a comment - 2022-11-18 07:38 - edited Thank you for report and could you fill which Debian version. So I can try to replicate this easier.

Tuukka Pasanen added a comment - 2022-11-18 07:38 - edited

Please provide Debian/Ubuntu version was in use

Tuukka Pasanen added a comment - 2022-11-18 07:38 - edited Please provide Debian/Ubuntu version was in use

Tuukka Pasanen made changes - 2022-11-18 07:38

Status

Open [ 1 ]

Needs Feedback [ 10501 ]

Andrew Hutchings (Inactive) made changes - 2022-11-18 09:25

Assignee

Tuukka Pasanen [ JIRAUSER49166 ]

Andrew Hutchings [ JIRAUSER52179 ]

Andrew Hutchings (Inactive) added a comment - 2022-11-18 09:30

Hi,

In https://mariadb.com/kb/en/change-master-to/ it mentions "The maximum length of the MASTER_PASSWORD string is 32 characters.".

In this case the file will have been read by MariaDB Server and truncated at that point (the read segment only reads around 41 characters). Then the truncated version will have been written out when the file was updated.

Please for now use a smaller password and please feel free to open a feature request to support longer passwords.

Andrew Hutchings (Inactive) added a comment - 2022-11-18 09:30 Hi, In https://mariadb.com/kb/en/change-master-to/ it mentions "The maximum length of the MASTER_PASSWORD string is 32 characters.". In this case the file will have been read by MariaDB Server and truncated at that point (the read segment only reads around 41 characters). Then the truncated version will have been written out when the file was updated. Please for now use a smaller password and please feel free to open a feature request to support longer passwords.

Andrew Hutchings (Inactive) made changes - 2022-11-18 09:30

Status

Needs Feedback [ 10501 ]

Open [ 1 ]

Andrew Hutchings (Inactive) made changes - 2022-11-18 09:30

Component/s		N/A [ 14411 ]
Fix Version/s		N/A [ 14700 ]
Fix Version/s	10.7 [ 24805 ]
Resolution		Not a Bug [ 6 ]
Status	Open [ 1 ]	Closed [ 6 ]

Aurélien LEQUOY added a comment - 2022-11-26 14:13

the exact version :

No LSB modules are available.

Distributor ID:	Debian

Description:	Debian GNU/Linux 11 (bullseye)

Release:	11

Codename:	bullseye

uname -a

Linux gcp-prod-oos-sql-0001-mariadb-g01-001 5.10.0-19-cloud-amd64 #1 SMP Debian 5.10.149-2 (2022-10-21) x86_64 GNU/Linux

Aurélien LEQUOY added a comment - 2022-11-26 14:13 the exact version : No LSB modules are available. Distributor ID: Debian Description: Debian GNU/Linux 11 (bullseye) Release: 11 Codename: bullseye uname -a Linux gcp-prod-oos-sql- 0001 -mariadb-g01- 001 5.10 . 0 - 19 -cloud-amd64 # 1 SMP Debian 5.10 . 149 - 2 ( 2022 - 10 - 21 ) x86_64 GNU/Linux

Aurélien LEQUOY added a comment - 2022-11-26 14:13

dmidecode -s system-product-name

Google Compute Engine

Aurélien LEQUOY added a comment - 2022-11-26 14:13 dmidecode -s system-product-name Google Compute Engine

markus makela added a comment - 2022-12-02 12:42 - edited

The problem appears to be on line 500 in rpl_mi.cc:

        init_strvar_from_file(mi->password, SCRAMBLED_PASSWORD_CHAR_LENGTH+1,

                              &mi->file, 0) ||

SCRAMBLED_PASSWORD_CHAR_LENGTH+1 expands to 20 * 2 + 1 which would be OK if the password was stored in its hashed form but since it's in plaintext form, the length should be 96 to allow 32 character passwords in multi-byte character sets to be used (~~MDEV-4013~~ seems to have added support for them).

markus makela added a comment - 2022-12-02 12:42 - edited The problem appears to be on line 500 in rpl_mi.cc : init_strvar_from_file(mi->password, SCRAMBLED_PASSWORD_CHAR_LENGTH+1, &mi->file, 0) || SCRAMBLED_PASSWORD_CHAR_LENGTH+1 expands to 20 * 2 + 1 which would be OK if the password was stored in its hashed form but since it's in plaintext form, the length should be 96 to allow 32 character passwords in multi-byte character sets to be used ( MDEV-4013 seems to have added support for them).

Petko Vasilev (Inactive) made changes - 2022-12-02 17:31

Link

This issue relates to DBAAS-12128 [ DBAAS-12128 ]

Aurélien LEQUOY added a comment - 2022-12-09 19:15

we should return an error when we set a password more than 32 no ?

Aurélien LEQUOY added a comment - 2022-12-09 19:15 we should return an error when we set a password more than 32 no ?