Uploaded image for project: 'MariaDB MaxScale'
  1. MariaDB MaxScale
  2. MXS-3160

PLUGIN_AUTH_LENENC_CLIENT_DATA capability not set

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.5.4
    • Component/s: Authenticator
    • Labels:
      None

      Description

      hanshake response has different way to send password depending on capability

      if (server_capabilities & PLUGIN_AUTH_LENENC_CLIENT_DATA)
      *  string<lenenc> authentication data
      else if (server_capabilities & CLIENT_SECURE_CONNECTION)
      *  int<1> length of authentication response
      *  string<fix> authentication response (length is indicated by previous field)
      else
      *  string<NUL> authentication response null ended
      
      

      Maxscale doesn't seem to set PLUGIN_AUTH_LENENC_CLIENT_DATA capability. this might prevent using password with size > 256 if SSL is set.

      In addition, this can permit using MySQL java connector, because it doesn't even follow it own protocol, but using :

      if (server_capabilities & PLUGIN_AUTH_LENENC_CLIENT_DATA)
      *  string<lenenc> authentication data
      else 
      *  int<1> length of authentication response
      *  string<fix> authentication response (length is indicated by previous field)
      
      

      so not setting PLUGIN_AUTH_LENENC_CLIENT_DATA results in sending length + password when maxscale expect password null ended.

        Attachments

          Activity

            People

            Assignee:
            markus makela markus makela
            Reporter:
            diego dupin Diego Dupin
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Git Integration