[#MXS-4094] Allow empty token when client is replying to AuthSwitchRequest

[MXS-4094] Allow empty token when client is replying to AuthSwitchRequest Created: 2022-04-14 Updated: 2022-10-04 Resolved: 2022-09-01
Status:	Closed
Project:	MariaDB MaxScale
Component/s:	Authenticator
Affects Version/s:	2.4
Fix Version/s:	2.5.22, 6.4.3, 22.08.1

Type:

Bug

Priority:

Major

Reporter:

Kevin

Assignee:

Esa Korhonen

Resolution:

Fixed

Votes:

Labels:

None

Attachments:

wecom-temp-502066fb8eb4770e47592ff11f525e73.png

Sprint:

MXS-SPRINT-165

Description

Reproduce steps:
1.Set mysql default auth plugin to caching_sha2_password.
2.create user 'nopass'@'%' identified with mysql_native_password by '';
3. login with -u nopass.

Reason:
The function send_mysql_native_password_response didn't handle user with empty password, it just add a 20-bytes scramble regardless of whether the password is null.

Solve:
After add some ugly code(see attachment), it worked for me.

Comments

Comment by markus makela [ 2022-07-06 ]

bookding can you reproduce this with MaxScale 2.5?

Generated at Thu Feb 08 04:26:09 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.

[MXS-4094] Allow empty token when client is replying to AuthSwitchRequest Created: 2022-04-14 Updated: 2022-10-04 Resolved: 2022-09-01