API mis-parses secure_auth parameter

Bug #1401995 reported by Nic Sandfield on 2014-12-12
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
MySQL Server
Unknown
Unknown
Percona Server
Status tracked in 5.7
5.5
Undecided
Unassigned
5.6
High
Unassigned
5.7
High
Unassigned

Bug Description

In contrast to the standard client tools (mysql, mysqldump, mytop, ...) the API lib mishandles the secure_auth parameter.

In a configuration file having
  secure_auth = FALSE
the API will always treat it as "secure_auth = TRUE".
Examples of the woes of people struggling with this are
https://rt.cpan.org/Ticket/Display.html?id=100831
http://stackoverflow.com/a/27429036/891516

The one-line patch changes the handling so that
  secure_auth
is treated the same as now (TRUE) but
  secure_auth = FALSE
is handled correctly.

Applying this patch means that code using the v5.6 API can access a v4.0 server.

Nic Sandfield (niczero) wrote :
Muhammad Irfan (muhammad-irfan) wrote :

* MySQL 5.6.23 client with --secure-auth=FALSE

[root@centos63 mysql4]# mysql -umirfan -p -S /tmp/mysql_mirfan.sock --secure-auth=FALSE
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 16
Server version: 4.0.30

Copyright (c) 2009-2015 Percona LLC and/or its affiliates
Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> \s
--------------
mysql Ver 14.14 Distrib 5.6.23-72.1, for Linux (x86_64) using EditLine wrapper

Connection id: 16
Current database:
Current user: mirfan@localhost
SSL: Not in use
Current pager: stdout
Using outfile: ''
Using delimiter: ;
Server version: 4.0.30
Protocol version: 10
Connection: Localhost via UNIX socket
ERROR 1193 (HY000): Unknown system variable 'character_set_client'
ERROR 1193 (HY000): Unknown system variable 'character_set_client'
Client characterset: utf8
Server characterset: utf8
UNIX socket: /tmp/mysql_mirfan.sock
Uptime: 8 min 21 sec

Threads: 1 Questions: 18 Slow queries: 0 Opens: 11 Flush tables: 1 Open tables: 0 Queries per second avg: 0.036
--------------

[root@centos63 mysql4]# perl -v
This is perl, v5.10.1 (*) built for x86_64-linux-thread-multi
Copyright 1987-2009, Larry Wall

[root@centos63 mysql4]# cat /tmp/75430.cnf
[client]
host = localhost
port = 15000
user = mirfan
password = 123
secure_auth = FALSE
socket=/tmp/mysql_mirfan.sock

[root@centos63 mysql4]# perl -MDBI -E'DBI->connect(q{DBI:mysql:test;mysql_read_default_file=/tmp/75430.cnf})'
DBI connect('test;mysql_read_default_file=/tmp/75430.cnf','',...) failed: Connection using old (pre-4.1.1) authentication protocol refused (client option 'secure_auth' enabled) at -e line 1

* With skip_secure_auth

[root@centos63 mysql4]# cat /tmp/75430.cnf
[client]
host = localhost
port = 15000
user = mirfan
password = 123
skip-secure-auth
socket=/tmp/mysql_mirfan.sock

[root@centos63 mysql4]# perl -MDBI -E'DBI->connect(q{DBI:mysql:test;mysql_read_default_file=/tmp/75430.cnf})'
[root@centos63 mysql4]#

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.