Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-31839

Interactive clients should print a warning (or error?) when passwords will be transmitted in cleartext

Details

    Description

      MariaDB Server has two client authentication plugins that can transmit passwords in cleartext:

      • dialog
      • mysql_clear_password

      It is generally recommended to use TLS encryption when using either of these two client authentication plugins to ensure that passwords are not transmitted in cleartext.

      Currently, interactive clients do not raise a warning or error when either of these plugins are used without TLS encryption.

      Folks like jcd, markus makela, and esa.korhonen might have some input on how to implement this in a way that works with other MariaDB products.

      Attachments

        Activity

          GeoffMontee Geoff Montee (Inactive) created issue -
          markus makela markus makela added a comment - - edited

          One way to pass information in a way that does not require an extra roundtrip like SHOW WARNINGS would require is to use the system variable session tracker. It can be used to pass arbitrary information to the client in the final OK packet sent after authentication. It's a little bit outside of the intended scope of the tracker but given the extremely useful ability to pass arbitrary text data to clients it's (IMO) a pretty nice idea.

          This could also be used to deliver out-of-band messages to the client that would not require the use of the existing warning mechanism and could display warnings without needing user interaction. It could even be used to implement a MotD type global messages that would be displayed to connected clients when the administrator sets a global variable to some value.

          markus makela markus makela added a comment - - edited One way to pass information in a way that does not require an extra roundtrip like SHOW WARNINGS would require is to use the system variable session tracker. It can be used to pass arbitrary information to the client in the final OK packet sent after authentication. It's a little bit outside of the intended scope of the tracker but given the extremely useful ability to pass arbitrary text data to clients it's (IMO) a pretty nice idea. This could also be used to deliver out-of-band messages to the client that would not require the use of the existing warning mechanism and could display warnings without needing user interaction. It could even be used to implement a MotD type global messages that would be displayed to connected clients when the administrator sets a global variable to some value.

          In 11.3 we'll likely have TLS everywhere, enabled by default. There will be only a minority of users who'd use these plugins over a non-secure connection, as it would require them to disable ssl explicitly in my.cnf.

          serg Sergei Golubchik added a comment - In 11.3 we'll likely have TLS everywhere, enabled by default. There will be only a minority of users who'd use these plugins over a non-secure connection, as it would require them to disable ssl explicitly in my.cnf .

          markus makela, I'd rather suggest a separate session tracker, like session warning tracker, not sysvar tracker. and it needs a limit of how many warnings to send

          serg Sergei Golubchik added a comment - markus makela , I'd rather suggest a separate session tracker, like session warning tracker, not sysvar tracker. and it needs a limit of how many warnings to send
          markus makela markus makela added a comment -

          Yes, a separate session tracker would be ideal. Perhaps something like session_track_warnings=5 to limit it to 5 warnings.

          markus makela markus makela added a comment - Yes, a separate session tracker would be ideal. Perhaps something like session_track_warnings=5 to limit it to 5 warnings.

          markus makela, we're diverging. the original issue was about a client-side warning, not about how to send warnings from the server. server side warnings tracker needs a new issue

          serg Sergei Golubchik added a comment - markus makela , we're diverging. the original issue was about a client-side warning, not about how to send warnings from the server. server side warnings tracker needs a new issue
          julien.fritsch Julien Fritsch made changes -
          Field Original Value New Value
          Issue Type Task [ 3 ] New Feature [ 2 ]

          People

            ralf.gebhardt Ralf Gebhardt
            GeoffMontee Geoff Montee (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.