From 46351a8892976898935f653f5333782579a96fa5 Mon Sep 17 00:00:00 2001 From: Jinhua Tan <312841925@qq.com> Date: Tue, 18 Aug 2020 19:12:13 +0800 Subject: [PATCH] auth: do not send 0 byte for mysql_old_password when password is empty (#1133) --- AUTHORS | 1 + auth.go | 7 +++---- auth_test.go | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/AUTHORS b/AUTHORS index ccf2f466c..112e07524 100644 --- a/AUTHORS +++ b/AUTHORS @@ -86,6 +86,7 @@ Soroush Pour Stan Putrya Stanley Gunawan Steven Hartland +Tan Jinhua <312841925 at qq.com> Thomas Wodarek Tim Ruffles Tom Jenkinson diff --git a/auth.go b/auth.go index fec7040d4..1f9ceb059 100644 --- a/auth.go +++ b/auth.go @@ -136,10 +136,6 @@ func pwHash(password []byte) (result [2]uint32) { // Hash password using insecure pre 4.1 method func scrambleOldPassword(scramble []byte, password string) []byte { - if len(password) == 0 { - return nil - } - scramble = scramble[:8] hashPw := pwHash([]byte(password)) @@ -247,6 +243,9 @@ func (mc *mysqlConn) auth(authData []byte, plugin string) ([]byte, error) { if !mc.cfg.AllowOldPasswords { return nil, ErrOldPassword } + if len(mc.cfg.Passwd) == 0 { + return nil, nil + } // Note: there are edge cases where this should work but doesn't; // this is currently "wontfix": // https://github.com/go-sql-driver/mysql/issues/184 diff --git a/auth_test.go b/auth_test.go index 1920ef39f..3bce7fe22 100644 --- a/auth_test.go +++ b/auth_test.go @@ -1157,7 +1157,7 @@ func TestAuthSwitchOldPasswordEmpty(t *testing.T) { t.Errorf("got error: %v", err) } - expectedReply := []byte{1, 0, 0, 3, 0} + expectedReply := []byte{0, 0, 0, 3} if !bytes.Equal(conn.written, expectedReply) { t.Errorf("got unexpected data: %v", conn.written) } @@ -1184,7 +1184,7 @@ func TestOldAuthSwitchPasswordEmpty(t *testing.T) { t.Errorf("got error: %v", err) } - expectedReply := []byte{1, 0, 0, 3, 0} + expectedReply := []byte{0, 0, 0, 3} if !bytes.Equal(conn.written, expectedReply) { t.Errorf("got unexpected data: %v", conn.written) }