Re: bbbb429a1eb: Auth: release the plugins from responsibility to fill scramble_buff.
Hi, Nikita, Conceptually ok, see one omission below. On Sep 09, Nikita Malyavin wrote:
revision-id: bbbb429a1eb (mariadb-11.6.1-12-gbbbb429a1eb) parent(s): db5d1cde450 author: Nikita Malyavin committer: Nikita Malyavin timestamp: 2024-09-07 20:44:02 +0200 message:
Auth: release the plugins from responsibility to fill scramble_buff.
Fill it once during the Initial Handshake Packet parsing. This uses the fact that the server guarantees first 20 bytes to be the scramble.
Submodule libmariadb de6305915f8..12d78187061: diff --git a/libmariadb/libmariadb/mariadb_lib.c b/libmariadb/libmariadb/mariadb_lib.c index 78195d44..07953ea4 100644 --- a/libmariadb/libmariadb/mariadb_lib.c +++ b/libmariadb/libmariadb/mariadb_lib.c @@ -1954,6 +1954,8 @@ restart: goto error; } } + memmove(mysql->scramble_buff, scramble_data, SCRAMBLE_LENGTH); + mysql->scramble_buff[SCRAMBLE_LENGTH]= 0; /* Set character set */ if (mysql->options.charset_name) diff --git a/libmariadb/plugins/auth/my_auth.c b/libmariadb/plugins/auth/my_auth.c index a2fd519d..47d26150 100644 --- a/libmariadb/plugins/auth/my_auth.c +++ b/libmariadb/plugins/auth/my_auth.c @@ -126,10 +126,6 @@ static int native_password_auth_client(MYSQL_PLUGIN_VIO *vio, MYSQL *mysql)
if (pkt_len != SCRAMBLE_LENGTH + 1) return CR_SERVER_HANDSHAKE_ERR; - - /* save it in MYSQL */ - memmove(mysql->scramble_buff, pkt, SCRAMBLE_LENGTH); - mysql->scramble_buff[SCRAMBLE_LENGTH] = 0;
This looks ok
}
if (mysql && mysql->passwd[0]) diff --git a/sql-common/client.c b/sql-common/client.c index 6d030ce0a17..28b477c1e9a 100644 --- a/sql-common/client.c +++ b/sql-common/client.c @@ -4178,10 +4178,6 @@ static int native_password_auth_client(MYSQL_PLUGIN_VIO *vio, MYSQL *mysql)
if (pkt_len != SCRAMBLE_LENGTH + 1) DBUG_RETURN(CR_SERVER_HANDSHAKE_ERR); - - /* save it in MYSQL */ - memcpy(mysql->scramble, pkt, SCRAMBLE_LENGTH); - mysql->scramble[SCRAMBLE_LENGTH] = 0;
this isn't, you removed memcpy from the plugin, but didn't add it to mysql_real_connect in sql-common/client.c.
}
if (mysql->passwd[0])
Regards, Sergei Chief Architect, MariaDB Server and security@mariadb.org
Hello Sergei! Thanks, fixed this in the new version of the commit (bb-11.7-parsec) 95e61a58 Auth: release the cilent plugins from responsibility to fill MYSQL::scramble. BR Nikita
participants (2)
-
Nikita Malyavin -
Sergei Golubchik