[Bug] IoTDB Python Client v0.13.3: Password Authentication Bypass When enable_rpc_compression is Set to False

[SunnySaman]

Search before asking

• I searched in the issues and found nothing similar.

Version

I>pip list | findstr iot
apache-iotdb              0.13.3

>pip list | findstr sess

>python --version
Python 3.10.1

Describe the bug and provide the minimal reproduce step

描述：

Issue Summary:
In the IoTDB Python client library version 0.13.3, there appears to be an issue with password authentication when the parameter enable_rpc_compression in the Session.open() method is set to False. Specifically, regardless of the password provided, a successful connection can be established, which should not be the case if the password is incorrect.

Steps to Reproduce:

1. Install IoTDB Python client library version 0.13.3.
2. Attempt to establish a session using the following code snippet:

   from iotdb.Session import Session
   
   ip_address = "your_iotdb_ip"
   port = 6667  # Default IoTDB port
   user = "your_username"
   password = "incorrect_password"  # Intentionally incorrect password
   
   session = Session(ip_address, port, user, password)
   session.open(False)  # Setting enable_rpc_compression to False

3. Observe that despite providing an incorrect password, the session establishes successfully without any authentication failure.

[HTHou]

Already fixed in #9433 2 years ago.
Please use https://pypi.org/project/apache-iotdb/0.13.5.1/ which contains the fix.