]>
Commit | Line | Data |
---|---|---|
610a5a46 AM |
1 | --- Percona-Server-5.6.14-rel62.0/client/mysql.cc~ 2013-10-22 09:42:41.000000000 +0200 |
2 | +++ Percona-Server-5.6.14-rel62.0/client/mysql.cc 2013-11-23 13:20:56.986861400 +0100 | |
3 | @@ -152,7 +152,7 @@ | |
4 | vertical=0, line_numbers=1, column_names=1,opt_html=0, | |
5 | opt_xml=0,opt_nopager=1, opt_outfile=0, named_cmds= 0, | |
6 | tty_password= 0, opt_nobeep=0, opt_reconnect=1, | |
7 | - opt_secure_auth= TRUE, | |
8 | + opt_secure_auth= 0, | |
9 | default_pager_set= 0, opt_sigint_ignore= 0, | |
10 | auto_vertical_output= 0, | |
11 | show_warnings= 0, executing_query= 0, interrupted_query= 0, | |
12 | --- Percona-Server-5.6.14-rel62.0/client/mysql.cc~ 2013-11-23 14:34:06.000000000 +0100 | |
13 | +++ Percona-Server-5.6.14-rel62.0/client/mysql.cc 2013-11-23 15:25:56.195617871 +0100 | |
14 | @@ -1737,7 +1737,7 @@ | |
15 | 1, ULONG_MAX, 0, 1, 0}, | |
16 | {"secure-auth", OPT_SECURE_AUTH, "Refuse client connecting to server if it" | |
17 | " uses old (pre-4.1.1) protocol.", &opt_secure_auth, | |
18 | - &opt_secure_auth, 0, GET_BOOL, NO_ARG, 1, 0, 0, 0, 0, 0}, | |
19 | + &opt_secure_auth, 0, GET_BOOL, NO_ARG, 0, 0, 0, 0, 0, 0}, | |
20 | {"server-arg", OPT_SERVER_ARG, "Send embedded server this as a parameter.", | |
21 | 0, 0, 0, GET_STR, REQUIRED_ARG, 0, 0, 0, 0, 0, 0}, | |
22 | {"show-warnings", OPT_SHOW_WARNINGS, "Show warnings after every statement.", | |
23 | --- Percona-Server-5.6.14-rel62.0/sql/sys_vars.cc~ 2013-11-23 15:30:45.000000000 +0100 | |
24 | +++ Percona-Server-5.6.14-rel62.0/sql/sys_vars.cc 2013-11-23 15:30:50.922370696 +0100 | |
25 | @@ -2655,9 +2655,7 @@ | |
26 | "Disallow authentication for accounts that have old (pre-4.1) " | |
27 | "passwords", | |
28 | GLOBAL_VAR(opt_secure_auth), CMD_LINE(OPT_ARG, OPT_SECURE_AUTH), | |
29 | - DEFAULT(TRUE), | |
30 | - NO_MUTEX_GUARD, NOT_IN_BINLOG, | |
31 | - ON_CHECK(on_check_opt_secure_auth) | |
32 | + DEFAULT(FALSE) | |
33 | ); | |
34 | ||
35 | static Sys_var_charptr Sys_secure_file_priv( | |
36 | MySQL 5.6.11 does not allow pre-4.1.1 password hashes although the server is | |
37 | started with "skip-secure-auth option" (secure-auth mode disabled), this patch | |
38 | enables this feature again, it's a mysql_init() backport from MySQL 5.6.10. | |
39 | ||
40 | mysql> SHOW VARIABLES LIKE 'secure_auth' ; | |
41 | +---------------+-------+ | |
42 | | Variable_name | Value | | |
43 | +---------------+-------+ | |
44 | | secure_auth | OFF | | |
45 | +---------------+-------+ | |
46 | ||
47 | $ mysql -uexample -pexample test | |
48 | ERROR 2049 (HY000): Connection using old (pre-4.1.1) authentication protocol refused (client option 'secure_auth' enabled) | |
49 | ||
50 | This bug has been also reported by Jørgen Thomsen: http://bugs.mysql.com/bug.php?id=69027 | |
51 | ||
52 | Santi Saez 2013-04-22 / powerstack.org | |
53 | ||
54 | diff -urN mysql-5.6.11.orig/sql-common/client.c mysql-5.6.11/sql-common/client.c | |
55 | --- mysql-5.6.11.orig/sql-common/client.c 2013-04-05 14:27:18.000000000 +0200 | |
56 | +++ mysql-5.6.11/sql-common/client.c 2013-04-22 23:11:45.754001616 +0200 | |
57 | @@ -4747,27 +4747,10 @@ | |
58 | ||
59 | if (mysql->passwd[0]) | |
60 | { | |
61 | - /* | |
62 | - If --secure-auth option is used, throw an error. | |
63 | - Note that, we do not need to check for CLIENT_SECURE_CONNECTION | |
64 | - capability of server. If server is not capable of handling secure | |
65 | - connections, we would have raised error before reaching here. | |
66 | - | |
67 | - TODO: Change following code to access MYSQL structure through | |
68 | - client-side plugin service. | |
69 | - */ | |
70 | - if (mysql->options.secure_auth) | |
71 | - { | |
72 | - set_mysql_error(mysql, CR_SECURE_AUTH, unknown_sqlstate); | |
73 | + char scrambled[SCRAMBLE_LENGTH_323 + 1]; | |
74 | + scramble_323(scrambled, (char*)pkt, mysql->passwd); | |
75 | + if (vio->write_packet(vio, (uchar*)scrambled, SCRAMBLE_LENGTH_323 + 1)) | |
76 | DBUG_RETURN(CR_ERROR); | |
77 | - } | |
78 | - else | |
79 | - { | |
80 | - char scrambled[SCRAMBLE_LENGTH_323 + 1]; | |
81 | - scramble_323(scrambled, (char*)pkt, mysql->passwd); | |
82 | - if (vio->write_packet(vio, (uchar*)scrambled, SCRAMBLE_LENGTH_323 + 1)) | |
83 | - DBUG_RETURN(CR_ERROR); | |
84 | - } | |
85 | } | |
86 | else | |
87 | if (vio->write_packet(vio, 0, 0)) /* no password */ | |
88 | --- Percona-Server-5.6.14-rel62.0/sql-common/client.c~ 2013-11-29 10:48:02.000000000 +0100 | |
89 | +++ Percona-Server-5.6.14-rel62.0/sql-common/client.c 2013-11-29 11:02:32.121352484 +0100 | |
90 | @@ -1697,7 +1697,7 @@ | |
91 | */ | |
92 | mysql->reconnect= 0; | |
93 | ||
94 | - mysql->options.secure_auth= TRUE; | |
95 | + mysql->options.secure_auth= 0; | |
96 | ||
97 | return mysql; | |
98 | } |