archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-16 05:58:45 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Merge branch 'PHP-8.2'

Browse source 
* PHP-8.2:
  Fix GH-11440: authentication to a sha256_password account fails over SSL
This commit is contained in:
Niels Dossche 2023-08-02 20:33:43 +02:00
commit 6fc8ab2eb8
1 changed files with 5 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

7
ext/mysqlnd/mysqlnd_auth.c
View file

@ -912,9 +912,12 @@ mysqlnd_sha256_auth_get_auth_data(struct st_mysqlnd_authentication_plugin * self
if (conn->vio->data->ssl) { if (conn->vio->data->ssl) {
DBG_INF("simple clear text under SSL"); DBG_INF("simple clear text under SSL");
/* clear text under SSL */ /* clear text under SSL */
*auth_data_len = passwd_len; /* NUL termination byte required: https://dev.mysql.com/doc/dev/mysql-server/latest/page_protocol_connection_phase_authentication_methods_clear_text_password.html
ret = malloc(passwd_len); * (this is similar to bug #78680, but now as GH-11440) */
*auth_data_len = passwd_len + 1;
ret = malloc(passwd_len + 1);
memcpy(ret, passwd, passwd_len); memcpy(ret, passwd, passwd_len);
ret[passwd_len] = '\0';
} else { } else {
*auth_data_len = 0; *auth_data_len = 0;
server_public_key = mysqlnd_sha256_get_rsa_key(conn, session_options, pfc_data); server_public_key = mysqlnd_sha256_get_rsa_key(conn, session_options, pfc_data);