[MXS-4094] Allow empty token when client is replying to AuthSwitchRequest - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: 2.4
Fix Version/s: 2.5.22, 6.4.3, 22.08.1
Component/s: Authenticator
Labels:
None

Sprint:
MXS-SPRINT-165

Description

Reproduce steps:
1.Set mysql default auth plugin to caching_sha2_password.
2.create user 'nopass'@'%' identified with mysql_native_password by '';
3. login with -u nopass.

Reason:
The function send_mysql_native_password_response didn't handle user with empty password, it just add a 20-bytes scramble regardless of whether the password is null.

Solve:
After add some ugly code(see attachment), it worked for me.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

wecom-temp-502066fb8eb4770e47592ff11f525e73.png
2022-04-14 08:12
332 kB
Kevin

Activity

People

Assignee:: Esa Korhonen

Reporter:: Kevin

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2022-04-14 08:14

Updated:: 2022-10-04 16:03

Resolved:: 2022-09-01 15:18

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.