diff options
| author | Johannes Schlüter <johannes@php.net> | 2018-02-20 23:13:03 +0100 |
|---|---|---|
| committer | Johannes Schlüter <johannes@php.net> | 2018-02-20 23:13:03 +0100 |
| commit | 8f3c29aee1aefe4f3fa61a53f59d8ae4c95c5667 (patch) | |
| tree | 3ddeb59e3499318bb232cd2b0686cc0eb5625ad7 | |
| parent | e88e83d3e5c33fcd76f08b23e1a2e4e8dc98ce41 (diff) | |
| download | php-git-8f3c29aee1aefe4f3fa61a53f59d8ae4c95c5667.tar.gz | |
Fix negotiaton of MySQL auth plugin
| -rw-r--r-- | NEWS | 3 | ||||
| -rw-r--r-- | ext/mysqlnd/mysqlnd.c | 21 |
2 files changed, 17 insertions, 7 deletions
@@ -24,6 +24,9 @@ PHP NEWS . Fixed bug #75579 (Interned strings buffer overflow may cause crash). (Dmitry) +- myslqnd + . Fixed negotiaton of MySQL authenticaton plugin. (Johannes) + - PCRE: . Fixed bug #74183 (preg_last_error not returning error code after error). (Andrew Nester) diff --git a/ext/mysqlnd/mysqlnd.c b/ext/mysqlnd/mysqlnd.c index 40ca48e3f4..ef138f8bfd 100644 --- a/ext/mysqlnd/mysqlnd.c +++ b/ext/mysqlnd/mysqlnd.c @@ -596,11 +596,15 @@ mysqlnd_run_authentication( struct st_mysqlnd_authentication_plugin * auth_plugin = conn->m->fetch_auth_plugin_by_name(requested_protocol); if (!auth_plugin) { - php_error_docref(NULL, E_WARNING, "The server requested authentication method unknown to the client [%s]", requested_protocol); - SET_CLIENT_ERROR(*conn->error_info, CR_NOT_IMPLEMENTED, UNKNOWN_SQLSTATE, "The server requested authentication method unknown to the client"); - goto end; + if (first_call) { + mnd_pefree(requested_protocol, FALSE); + requested_protocol = mnd_pestrdup(MYSQLND_DEFAULT_AUTH_PROTOCOL, FALSE); + } else { + php_error_docref(NULL, E_WARNING, "The server requested authentication method unknown to the client [%s]", requested_protocol); + SET_CLIENT_ERROR(*conn->error_info, CR_NOT_IMPLEMENTED, UNKNOWN_SQLSTATE, "The server requested authentication method unknown to the client"); + goto end; + } } - DBG_INF("plugin found"); { zend_uchar * switch_to_auth_protocol_data = NULL; @@ -625,9 +629,12 @@ mysqlnd_run_authentication( DBG_INF_FMT("salt(%d)=[%.*s]", plugin_data_len, plugin_data_len, plugin_data); /* The data should be allocated with malloc() */ - scrambled_data = - auth_plugin->methods.get_auth_data(NULL, &scrambled_data_len, conn, user, passwd, passwd_len, - plugin_data, plugin_data_len, options, &conn->net->data->options, mysql_flags); + if (auth_plugin) { + scrambled_data = + auth_plugin->methods.get_auth_data(NULL, &scrambled_data_len, conn, user, passwd, passwd_len, + plugin_data, plugin_data_len, options, &conn->net->data->options, mysql_flags); + } + if (conn->error_info->error_no) { goto end; } |