Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
None
-
None
Description
hanshake response has different way to send password depending on capability
if (server_capabilities & PLUGIN_AUTH_LENENC_CLIENT_DATA)
|
* string<lenenc> authentication data
|
else if (server_capabilities & CLIENT_SECURE_CONNECTION)
|
* int<1> length of authentication response
|
* string<fix> authentication response (length is indicated by previous field)
|
else
|
* string<NUL> authentication response null ended
|
|
Maxscale doesn't seem to set PLUGIN_AUTH_LENENC_CLIENT_DATA capability. this might prevent using password with size > 256 if SSL is set.
In addition, this can permit using MySQL java connector, because it doesn't even follow it own protocol, but using :
if (server_capabilities & PLUGIN_AUTH_LENENC_CLIENT_DATA)
|
* string<lenenc> authentication data
|
else
|
* int<1> length of authentication response
|
* string<fix> authentication response (length is indicated by previous field)
|
|
so not setting PLUGIN_AUTH_LENENC_CLIENT_DATA results in sending length + password when maxscale expect password null ended.
