after.PNG
before.PNG
[CONJ-394] Wrong salt used when calculating scramble after authentication switch Created: 2016-11-28 Updated: 2016-12-14 Resolved: 2016-12-12 |
|
| Status: | Closed |
| Project: | MariaDB Connector/J |
| Component/s: | Other |
| Affects Version/s: | all |
| Fix Version/s: | 1.5.6 |
| Type: | Bug | Priority: | Blocker |
| Reporter: | xiangyhu | Assignee: | Diego Dupin |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | Compatibility, plugins | ||
| Environment: |
All |
||
| Attachments: |
after.PNG
before.PNG
|
| Description |
|
The last zero byte should not be included in the salt when re-calculating the scramble responding to auth switch request. Check attached before.png (current code, 0x00 included) and after.png (after fix, 0x00 excluded). I have created a PR to fix this, please help to verify and review. |
| Comments |
| Comment by Diego Dupin [ 2016-12-07 ] |
|
I agree that implementation doesn't correspond to documentation. |
| Comment by Diego Dupin [ 2016-12-07 ] |
|
After some verification, i was wrong : this data depend on plugins implementation. : auth_pam really use all data : there is no null terminated byte. Additional documentation for each plugins would be great, but that's actually not done. Did you face any issue or is this problem only related to documentation ? |
| Comment by xiangyhu [ 2016-12-12 ] |
|
Hey Diego, This is an issue we faced when we asks client to switch to mysql_native_password while the client fails to absorb the correct salt. It's kind of a blocker here |
| Comment by Diego Dupin [ 2016-12-12 ] |
|
correction done by commit : https://github.com/MariaDB/mariadb-connector-j/commit/c29464331ec1d84fd9cb0926207373e8f42b9985 |
| Comment by Diego Dupin [ 2016-12-12 ] |
|
documentation improved to describe authentication plugins format : https://mariadb.com/kb/en/mariadb/1-connecting-connecting/ |
