Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-34854

Parsec sends garbage when using an empty password

Details

    Description

      About parsec authentication, when user has an empty password, user doesn't have an authentication_string set (visible in mysql.user).
      Exchanges when creating a connection results then sends unexpected data when asking for ext-salt.

      example when using an empty password, packet is for example : 

      +--------------------------------------------------+
      		 
      |  0  1  2  3  4  5  6  7   8  9  a  b  c  d  e  f |
      		 
      +--------------------------------------------------+------------------+
      		 
      | 14 00 00 04 00 04 00 05  00 06 00 07 00 08 00 0B | ................ |
      		 
      | 00 0E 00 0F 00 10 00 13                          | ........         |
      		 
      +--------------------------------------------------+------------------+

      in place of something that begins with 'P0' like : 

      +--------------------------------------------------+
      		 
      |  0  1  2  3  4  5  6  7   8  9  a  b  c  d  e  f |
      		 
      +--------------------------------------------------+------------------+
      		 
      | 14 00 00 04 50 00 01 A5  ED 67 34 40 70 2A E3 8A | ....P....g4@p*.. |
      		 
      | 00 A2 BB 63 6B 9C D3 13                          | ...ck...         |
      		 
      +--------------------------------------------------+------------------+

      Attachments

        Issue Links

          is caused by

          New Feature - A new feature of the product, which has yet to be developed. MDEV-32618 PARSEC Authentication Plugin

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Activity

            Transition Time In Source Status Execution Times
            Nikita Malyavin made transition -
            Open In Progress
            		7h 3m 1
            Nikita Malyavin made transition -
            Stalled In Progress
            		25d 22h 53m 2
            Nikita Malyavin made transition -
            In Progress In Review
            		10d 12h 48m 3
            Sergei Golubchik made transition -
            In Review Stalled
            		20d 9h 28m 3
            Nikita Malyavin made transition -
            Stalled Closed
            		12d 22h 3m 1

            People

              nikitamalyavin Nikita Malyavin
              diego dupin Diego Dupin
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.