From 900f5875bc6a8922df04b3dbd9d4cc59d5084ed6 Mon Sep 17 00:00:00 2001 From: Marcin Krol Date: Sun, 22 Jul 2018 00:35:55 +0000 Subject: [PATCH] - temporarily revert mysql 8 auth fix, breaks build --- php.spec | 4 +- revert-mysql-8-auth-fix.patch | 632 ++++++++++++++++++++++++++++++++++ 2 files changed, 635 insertions(+), 1 deletion(-) create mode 100644 revert-mysql-8-auth-fix.patch diff --git a/php.spec b/php.spec index 40230f8..da21a7e 100644 --- a/php.spec +++ b/php.spec @@ -147,7 +147,7 @@ Summary(ru.UTF-8): PHP Версии 7 - язык препроцессирова Summary(uk.UTF-8): PHP Версії 7 - мова препроцесування HTML-файлів, виконувана на сервері Name: %{orgname}%{php_suffix} Version: 7.2.8 -Release: 1 +Release: 2 Epoch: 4 # All files licensed under PHP version 3.01, except # Zend is licensed under Zend @@ -210,6 +210,7 @@ Patch69: fpm-conf-split.patch Patch70: mysqlnd-ssl.patch Patch71: libdb-info.patch Patch72: phar-hash-shared.patch +Patch73: revert-mysql-8-auth-fix.patch URL: http://php.net/ %{?with_interbase:%{!?with_interbase_inst:BuildRequires: Firebird-devel >= 1.0.2.908-2}} %{?with_pspell:BuildRequires: aspell-devel >= 2:0.50.0} @@ -1968,6 +1969,7 @@ cp -p php.ini-production php.ini %patch70 -p1 %patch71 -p1 %patch72 -p1 -b .phar-shared +%patch73 -p1 %{__sed} -i -e '/PHP_ADD_LIBRARY_WITH_PATH/s#xmlrpc,#xmlrpc-epi,#' ext/xmlrpc/config.m4 diff --git a/revert-mysql-8-auth-fix.patch b/revert-mysql-8-auth-fix.patch new file mode 100644 index 0000000..ccde5b8 --- /dev/null +++ b/revert-mysql-8-auth-fix.patch @@ -0,0 +1,632 @@ +diff -urpa php-7.2.8/ext/mysqlnd/mysqlnd_auth.c php-7.2.8.rev/ext/mysqlnd/mysqlnd_auth.c +--- php-7.2.8/ext/mysqlnd/mysqlnd_auth.c 2018-07-17 05:35:47.000000000 +0000 ++++ php-7.2.8.rev/ext/mysqlnd/mysqlnd_auth.c 2018-07-22 00:12:44.558404079 +0000 +@@ -89,7 +89,6 @@ mysqlnd_run_authentication( + } + } + +- + { + zend_uchar * switch_to_auth_protocol_data = NULL; + size_t switch_to_auth_protocol_data_len = 0; +@@ -114,11 +113,10 @@ mysqlnd_run_authentication( + DBG_INF_FMT("salt(%d)=[%.*s]", plugin_data_len, plugin_data_len, plugin_data); + /* The data should be allocated with malloc() */ + if (auth_plugin) { +- scrambled_data = auth_plugin->methods.get_auth_data( +- NULL, &scrambled_data_len, conn, user, passwd, +- passwd_len, plugin_data, plugin_data_len, +- session_options, conn->protocol_frame_codec->data, +- mysql_flags); ++ scrambled_data = ++ auth_plugin->methods.get_auth_data(NULL, &scrambled_data_len, conn, user, passwd, passwd_len, ++ plugin_data, plugin_data_len, session_options, ++ conn->protocol_frame_codec->data, mysql_flags); + } + + if (conn->error_info->error_no) { +@@ -129,7 +127,6 @@ mysqlnd_run_authentication( + charset_no, + first_call, + requested_protocol, +- auth_plugin, plugin_data, plugin_data_len, + scrambled_data, scrambled_data_len, + &switch_to_auth_protocol, &switch_to_auth_protocol_len, + &switch_to_auth_protocol_data, &switch_to_auth_protocol_data_len +@@ -251,9 +248,6 @@ mysqlnd_auth_handshake(MYSQLND_CONN_DATA + unsigned int server_charset_no, + zend_bool use_full_blown_auth_packet, + const char * const auth_protocol, +- struct st_mysqlnd_authentication_plugin * auth_plugin, +- const zend_uchar * const orig_auth_plugin_data, +- const size_t orig_auth_plugin_data_len, + const zend_uchar * const auth_plugin_data, + const size_t auth_plugin_data_len, + char ** switch_to_auth_protocol, +@@ -324,11 +318,6 @@ mysqlnd_auth_handshake(MYSQLND_CONN_DATA + conn->charset = mysqlnd_find_charset_nr(auth_packet->charset_no); + } + +- if (auth_plugin && auth_plugin->methods.handle_server_response) { +- auth_plugin->methods.handle_server_response(auth_plugin, conn, +- orig_auth_plugin_data, orig_auth_plugin_data_len, passwd, passwd_len); +- } +- + if (FAIL == PACKET_READ(auth_resp_packet) || auth_resp_packet->response_code >= 0xFE) { + if (auth_resp_packet->response_code == 0xFE) { + /* old authentication with new server !*/ +@@ -624,8 +613,7 @@ static struct st_mysqlnd_authentication_ + } + }, + {/* methods */ +- mysqlnd_native_auth_get_auth_data, +- NULL ++ mysqlnd_native_auth_get_auth_data + } + }; + +@@ -674,8 +662,7 @@ static struct st_mysqlnd_authentication_ + } + }, + {/* methods */ +- mysqlnd_pam_auth_get_auth_data, +- NULL ++ mysqlnd_pam_auth_get_auth_data + } + }; + +@@ -859,283 +846,17 @@ static struct st_mysqlnd_authentication_ + } + }, + {/* methods */ +- mysqlnd_sha256_auth_get_auth_data, +- NULL ++ mysqlnd_sha256_auth_get_auth_data + } + }; + #endif + +-/*************************************** CACHING SHA2 Password *******************************/ +- +-#undef L64 +- +-#include "ext/hash/php_hash.h" +-#include "ext/hash/php_hash_sha.h" +- +-#define SHA256_LENGTH 32 +- +-/* {{{ php_mysqlnd_scramble_sha2 */ +-void php_mysqlnd_scramble_sha2(zend_uchar * const buffer, const zend_uchar * const scramble, const zend_uchar * const password, const size_t password_len) +-{ +- PHP_SHA256_CTX context; +- zend_uchar sha1[SHA256_LENGTH]; +- zend_uchar sha2[SHA256_LENGTH]; +- +- /* Phase 1: hash password */ +- PHP_SHA256Init(&context); +- PHP_SHA256Update(&context, password, password_len); +- PHP_SHA256Final(sha1, &context); +- +- /* Phase 2: hash sha1 */ +- PHP_SHA256Init(&context); +- PHP_SHA256Update(&context, (zend_uchar*)sha1, SHA256_LENGTH); +- PHP_SHA256Final(sha2, &context); +- +- /* Phase 3: hash scramble + sha2 */ +- PHP_SHA256Init(&context); +- PHP_SHA256Update(&context, (zend_uchar*)sha2, SHA256_LENGTH); +- PHP_SHA256Update(&context, scramble, SCRAMBLE_LENGTH); +- PHP_SHA256Final(buffer, &context); +- +- /* let's crypt buffer now */ +- php_mysqlnd_crypt(buffer, (const zend_uchar *)sha1, (const zend_uchar *)buffer, SHA256_LENGTH); +-} +-/* }}} */ +- +- +-/* {{{ mysqlnd_native_auth_get_auth_data */ +-static zend_uchar * +-mysqlnd_caching_sha2_get_auth_data(struct st_mysqlnd_authentication_plugin * self, +- size_t * auth_data_len, +- MYSQLND_CONN_DATA * conn, const char * const user, const char * const passwd, +- const size_t passwd_len, zend_uchar * auth_plugin_data, size_t auth_plugin_data_len, +- const MYSQLND_SESSION_OPTIONS * const session_options, +- const MYSQLND_PFC_DATA * const pfc_data, +- zend_ulong mysql_flags +- ) +-{ +- zend_uchar * ret = NULL; +- DBG_ENTER("mysqlnd_caching_sha2_get_auth_data"); +- DBG_INF_FMT("salt(%d)=[%.*s]", auth_plugin_data_len, auth_plugin_data_len, auth_plugin_data); +- *auth_data_len = 0; +- +- DBG_INF("First auth step: send hashed password"); +- /* copy scrambled pass*/ +- if (passwd && passwd_len) { +- ret = malloc(SHA256_LENGTH + 1); +- *auth_data_len = SHA256_LENGTH; +- php_mysqlnd_scramble_sha2((zend_uchar*)ret, auth_plugin_data, (zend_uchar*)passwd, passwd_len); +- ret[SHA256_LENGTH] = '\0'; +- DBG_INF_FMT("hash(%d)=[%.*s]", *auth_data_len, *auth_data_len, ret); +- } +- +- DBG_RETURN(ret); +-} +-/* }}} */ +- +-#ifdef MYSQLND_HAVE_SSL +-static RSA * +-mysqlnd_caching_sha2_get_key(MYSQLND_CONN_DATA *conn) +-{ +- RSA * ret = NULL; +- const MYSQLND_PFC_DATA * const pfc_data = conn->protocol_frame_codec->data; +- const char * fname = (pfc_data->sha256_server_public_key && pfc_data->sha256_server_public_key[0] != '\0')? +- pfc_data->sha256_server_public_key: +- MYSQLND_G(sha256_server_public_key); +- php_stream * stream; +- DBG_ENTER("mysqlnd_cached_sha2_get_key"); +- DBG_INF_FMT("options_s256_pk=[%s] MYSQLND_G(sha256_server_public_key)=[%s]", +- pfc_data->sha256_server_public_key? pfc_data->sha256_server_public_key:"n/a", +- MYSQLND_G(sha256_server_public_key)? MYSQLND_G(sha256_server_public_key):"n/a"); +- if (!fname || fname[0] == '\0') { +- MYSQLND_PACKET_CACHED_SHA2_RESULT *req_packet = NULL; +- MYSQLND_PACKET_SHA256_PK_REQUEST_RESPONSE *pk_resp_packet = NULL; +- +- do { +- DBG_INF("requesting the public key from the server"); +- req_packet = conn->payload_decoder_factory->m.get_cached_sha2_result_packet(conn->payload_decoder_factory, FALSE); +- pk_resp_packet = conn->payload_decoder_factory->m.get_sha256_pk_request_response_packet(conn->payload_decoder_factory, FALSE); +- req_packet->request = 1; +- +- if (! PACKET_WRITE(req_packet)) { +- DBG_ERR_FMT("Error while sending public key request packet"); +- php_error(E_WARNING, "Error while sending public key request packet. PID=%d", getpid()); +- SET_CONNECTION_STATE(&conn->state, CONN_QUIT_SENT); +- break; +- } +- if (FAIL == PACKET_READ(pk_resp_packet) || NULL == pk_resp_packet->public_key) { +- DBG_ERR_FMT("Error while receiving public key"); +- php_error(E_WARNING, "Error while receiving public key. PID=%d", getpid()); +- SET_CONNECTION_STATE(&conn->state, CONN_QUIT_SENT); +- break; +- } +- DBG_INF_FMT("Public key(%d):\n%s", pk_resp_packet->public_key_len, pk_resp_packet->public_key); +- /* now extract the public key */ +- { +- BIO * bio = BIO_new_mem_buf(pk_resp_packet->public_key, pk_resp_packet->public_key_len); +- ret = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL); +- BIO_free(bio); +- } +- } while (0); +- PACKET_FREE(req_packet); +- PACKET_FREE(pk_resp_packet); +- +- DBG_INF_FMT("ret=%p", ret); +- DBG_RETURN(ret); +- +- SET_CLIENT_ERROR(conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, +- "caching_sha2_server_public_key is not set for the connection or as mysqlnd.sha256_server_public_key"); +- DBG_ERR("server_public_key is not set"); +- DBG_RETURN(NULL); +- } else { +- zend_string * key_str; +- DBG_INF_FMT("Key in a file. [%s]", fname); +- stream = php_stream_open_wrapper((char *) fname, "rb", REPORT_ERRORS, NULL); +- +- if (stream) { +- if ((key_str = php_stream_copy_to_mem(stream, PHP_STREAM_COPY_ALL, 0)) != NULL) { +- BIO * bio = BIO_new_mem_buf(ZSTR_VAL(key_str), ZSTR_LEN(key_str)); +- ret = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL); +- BIO_free(bio); +- DBG_INF("Successfully loaded"); +- DBG_INF_FMT("Public key:%*.s", ZSTR_LEN(key_str), ZSTR_VAL(key_str)); +- zend_string_release(key_str); +- } +- php_stream_close(stream); +- } +- } +- DBG_RETURN(ret); +- +-} +-#endif +- +- +-/* {{{ mysqlnd_caching_sha2_get_key */ +-static size_t +-mysqlnd_caching_sha2_get_and_use_key(MYSQLND_CONN_DATA *conn, +- const zend_uchar * auth_plugin_data, size_t auth_plugin_data_len, +- unsigned char **crypted, +- const char * const passwd, +- const size_t passwd_len) +-{ +-#ifdef MYSQLND_HAVE_SSL +- static RSA *server_public_key; +- server_public_key = mysqlnd_caching_sha2_get_key(conn); +- +- DBG_ENTER("mysqlnd_caching_sha2_get_and_use_key("); +- +- if (server_public_key) { +- int server_public_key_len; +- char xor_str[passwd_len + 1]; +- memcpy(xor_str, passwd, passwd_len); +- xor_str[passwd_len] = '\0'; +- mysqlnd_xor_string(xor_str, passwd_len, (char *) auth_plugin_data, auth_plugin_data_len); +- +- server_public_key_len = RSA_size(server_public_key); +- /* +- Because RSA_PKCS1_OAEP_PADDING is used there is a restriction on the passwd_len. +- RSA_PKCS1_OAEP_PADDING is recommended for new applications. See more here: +- http://www.openssl.org/docs/crypto/RSA_public_encrypt.html +- */ +- if ((size_t) server_public_key_len - 41 <= passwd_len) { +- /* password message is to long */ +- SET_CLIENT_ERROR(conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, "password is too long"); +- DBG_ERR("password is too long"); +- DBG_RETURN(0); +- } +- +- *crypted = emalloc(server_public_key_len); +- RSA_public_encrypt(passwd_len + 1, (zend_uchar *) xor_str, *crypted, server_public_key, RSA_PKCS1_OAEP_PADDING); +- DBG_RETURN(server_public_key_len); +- } +- DBG_RETURN(0); +-#else +- DBG_ENTER("mysqlnd_caching_sha2_get_and_use_key("); +- php_error_docref(NULL, E_WARNING, "PHP was built without openssl extension, can't send password encrypted"); +- DBG_RETURN(0); +-#endif +-} +-/* }}} */ +- +-/* {{{ mysqlnd_native_auth_get_auth_data */ +-static void +-mysqlnd_caching_sha2_handle_server_response(struct st_mysqlnd_authentication_plugin *self, +- MYSQLND_CONN_DATA * conn, +- const zend_uchar * auth_plugin_data, size_t auth_plugin_data_len, +- const char * const passwd, +- const size_t passwd_len) +-{ +- DBG_ENTER("mysqlnd_caching_sha2_handle_server_response"); +- MYSQLND_PACKET_CACHED_SHA2_RESULT *result_packet; +- result_packet = conn->payload_decoder_factory->m.get_cached_sha2_result_packet(conn->payload_decoder_factory, FALSE); +- +- if (FAIL == PACKET_READ(result_packet)) { +- DBG_VOID_RETURN; +- } +- +- switch (result_packet->response_code) { +- case 3: +- DBG_INF("fast path suceeded"); +- PACKET_FREE(result_packet); +- DBG_VOID_RETURN; +- case 4: +- if (conn->vio->data->ssl || conn->unix_socket.s) { +- DBG_INF("fast path failed, doing full auth via SSL"); +- result_packet->password = (zend_uchar *)passwd; +- result_packet->password_len = passwd_len + 1; +- PACKET_WRITE(result_packet); +- } else { +- DBG_INF("fast path failed, doing full auth without SSL"); +- result_packet->password_len = mysqlnd_caching_sha2_get_and_use_key(conn, auth_plugin_data, auth_plugin_data_len, &result_packet->password, passwd, passwd_len); +- PACKET_WRITE(result_packet); +- efree(result_packet->password); +- } +- PACKET_FREE(result_packet); +- DBG_VOID_RETURN; +- case 2: +- // The server tried to send a key, which we didn't expect +- // fall-through +- default: +- php_error_docref(NULL, E_WARNING, "Unexpected server respose while doing caching_sha2 auth: %i", result_packet->response_code); +- } +- +- PACKET_FREE(result_packet); +- +- DBG_VOID_RETURN; +-} +-/* }}} */ +- +-static struct st_mysqlnd_authentication_plugin mysqlnd_caching_sha2_auth_plugin = +-{ +- { +- MYSQLND_PLUGIN_API_VERSION, +- "auth_plugin_caching_sha2_password", +- MYSQLND_VERSION_ID, +- PHP_MYSQLND_VERSION, +- "PHP License 3.01", +- "Johannes Schlüter ", +- { +- NULL, /* no statistics , will be filled later if there are some */ +- NULL, /* no statistics */ +- }, +- { +- NULL /* plugin shutdown */ +- } +- }, +- {/* methods */ +- mysqlnd_caching_sha2_get_auth_data, +- mysqlnd_caching_sha2_handle_server_response +- } +-}; +- +- + /* {{{ mysqlnd_register_builtin_authentication_plugins */ + void + mysqlnd_register_builtin_authentication_plugins(void) + { + mysqlnd_plugin_register_ex((struct st_mysqlnd_plugin_header *) &mysqlnd_native_auth_plugin); + mysqlnd_plugin_register_ex((struct st_mysqlnd_plugin_header *) &mysqlnd_pam_authentication_plugin); +- mysqlnd_plugin_register_ex((struct st_mysqlnd_plugin_header *) &mysqlnd_caching_sha2_auth_plugin); + #ifdef MYSQLND_HAVE_SSL + mysqlnd_plugin_register_ex((struct st_mysqlnd_plugin_header *) &mysqlnd_sha256_authentication_plugin); + #endif +diff -urpa php-7.2.8/ext/mysqlnd/mysqlnd_auth.h php-7.2.8.rev/ext/mysqlnd/mysqlnd_auth.h +--- php-7.2.8/ext/mysqlnd/mysqlnd_auth.h 2018-07-17 05:35:47.000000000 +0000 ++++ php-7.2.8.rev/ext/mysqlnd/mysqlnd_auth.h 2018-07-22 00:10:53.908410675 +0000 +@@ -31,9 +31,26 @@ mysqlnd_auth_handshake(MYSQLND_CONN_DATA + unsigned int server_charset_no, + zend_bool use_full_blown_auth_packet, + const char * const auth_protocol, +- struct st_mysqlnd_authentication_plugin * auth_plugin, +- const zend_uchar * const orig_auth_plugin_data, +- const size_t orig_auth_plugin_data_len, ++ const zend_uchar * const auth_plugin_data, ++ const size_t auth_plugin_data_len, ++ char ** switch_to_auth_protocol, ++ size_t * switch_to_auth_protocol_len, ++ zend_uchar ** switch_to_auth_protocol_data, ++ size_t * switch_to_auth_protocol_data_len ++ ); ++ ++enum_func_status ++mysqlnd_auth_handshake(MYSQLND_CONN_DATA * conn, ++ const char * const user, ++ const char * const passwd, ++ const size_t passwd_len, ++ const char * const db, ++ const size_t db_len, ++ const MYSQLND_SESSION_OPTIONS * const session_options, ++ zend_ulong mysql_flags, ++ unsigned int server_charset_no, ++ zend_bool use_full_blown_auth_packet, ++ const char * const auth_protocol, + const zend_uchar * const auth_plugin_data, + const size_t auth_plugin_data_len, + char ** switch_to_auth_protocol, +diff -urpa php-7.2.8/ext/mysqlnd/mysqlnd_connection.c php-7.2.8.rev/ext/mysqlnd/mysqlnd_connection.c +--- php-7.2.8/ext/mysqlnd/mysqlnd_connection.c 2018-07-17 05:35:47.000000000 +0000 ++++ php-7.2.8.rev/ext/mysqlnd/mysqlnd_connection.c 2018-07-22 00:10:53.909410674 +0000 +@@ -678,10 +678,7 @@ MYSQLND_METHOD(mysqlnd_conn_data, connec + + { + const MYSQLND_CSTRING scheme = { transport.s, transport.l }; +- /* This will be overwritten below with a copy, but we can use it during authentication */ +- conn->unix_socket.s = (char *)socket_or_pipe.s; + if (FAIL == conn->m->connect_handshake(conn, &scheme, &username, &password, &database, mysql_flags)) { +- conn->unix_socket.s = NULL; + goto err; + } + conn->unix_socket.s = NULL; +diff -urpa php-7.2.8/ext/mysqlnd/mysqlnd_enum_n_def.h php-7.2.8.rev/ext/mysqlnd/mysqlnd_enum_n_def.h +--- php-7.2.8/ext/mysqlnd/mysqlnd_enum_n_def.h 2018-07-17 05:35:47.000000000 +0000 ++++ php-7.2.8.rev/ext/mysqlnd/mysqlnd_enum_n_def.h 2018-07-22 00:10:53.909410674 +0000 +@@ -631,7 +631,6 @@ enum mysqlnd_packet_type + PROT_CHG_USER_RESP_PACKET, + PROT_SHA256_PK_REQUEST_PACKET, + PROT_SHA256_PK_REQUEST_RESPONSE_PACKET, +- PROT_CACHED_SHA2_RESULT_PACKET, + PROT_LAST /* should always be last */ + }; + +diff -urpa php-7.2.8/ext/mysqlnd/mysqlnd_structs.h php-7.2.8.rev/ext/mysqlnd/mysqlnd_structs.h +--- php-7.2.8/ext/mysqlnd/mysqlnd_structs.h 2018-07-17 05:35:47.000000000 +0000 ++++ php-7.2.8.rev/ext/mysqlnd/mysqlnd_structs.h 2018-07-22 00:10:53.909410674 +0000 +@@ -970,7 +970,6 @@ struct st_mysqlnd_packet_chg_user_resp; + struct st_mysqlnd_packet_auth_pam; + struct st_mysqlnd_packet_sha256_pk_request; + struct st_mysqlnd_packet_sha256_pk_request_response; +-struct st_mysqlnd_packet_cached_sha2_result; + + typedef struct st_mysqlnd_packet_greet * (*func_mysqlnd_protocol_payload_decoder_factory__get_greet_packet)(MYSQLND_PROTOCOL_PAYLOAD_DECODER_FACTORY * const factory, const zend_bool persistent); + typedef struct st_mysqlnd_packet_auth * (*func_mysqlnd_protocol_payload_decoder_factory__get_auth_packet)(MYSQLND_PROTOCOL_PAYLOAD_DECODER_FACTORY * const factory, const zend_bool persistent); +@@ -987,7 +986,6 @@ typedef struct st_mysqlnd_packet_prepare + typedef struct st_mysqlnd_packet_chg_user_resp*(*func_mysqlnd_protocol_payload_decoder_factory__get_change_user_response_packet)(MYSQLND_PROTOCOL_PAYLOAD_DECODER_FACTORY * const factory, const zend_bool persistent); + typedef struct st_mysqlnd_packet_sha256_pk_request *(*func_mysqlnd_protocol_payload_decoder_factory__get_sha256_pk_request_packet)(MYSQLND_PROTOCOL_PAYLOAD_DECODER_FACTORY * const factory, const zend_bool persistent); + typedef struct st_mysqlnd_packet_sha256_pk_request_response *(*func_mysqlnd_protocol_payload_decoder_factory__get_sha256_pk_request_response_packet)(MYSQLND_PROTOCOL_PAYLOAD_DECODER_FACTORY * const factory, const zend_bool persistent); +-typedef struct st_mysqlnd_packet_cached_sha2_result *(*func_mysqlnd_protocol_payload_decoder_factory__get_cached_sha2_result_packet)(MYSQLND_PROTOCOL_PAYLOAD_DECODER_FACTORY * const factory, const zend_bool persistent); + + typedef enum_func_status (*func_mysqlnd_protocol_payload_decoder_factory__send_command)( + MYSQLND_PROTOCOL_PAYLOAD_DECODER_FACTORY * payload_decoder_factory, +@@ -1045,7 +1043,6 @@ MYSQLND_CLASS_METHODS_TYPE(mysqlnd_proto + func_mysqlnd_protocol_payload_decoder_factory__get_change_user_response_packet get_change_user_response_packet; + func_mysqlnd_protocol_payload_decoder_factory__get_sha256_pk_request_packet get_sha256_pk_request_packet; + func_mysqlnd_protocol_payload_decoder_factory__get_sha256_pk_request_response_packet get_sha256_pk_request_response_packet; +- func_mysqlnd_protocol_payload_decoder_factory__get_cached_sha2_result_packet get_cached_sha2_result_packet; + + func_mysqlnd_protocol_payload_decoder_factory__send_command send_command; + func_mysqlnd_protocol_payload_decoder_factory__send_command_handle_response send_command_handle_response; +@@ -1358,18 +1355,11 @@ typedef zend_uchar * (*func_auth_plugin_ + const MYSQLND_PFC_DATA * const pfc_data, zend_ulong mysql_flags + ); + +-typedef void (*func_auth_plugin__handle_server_response)(struct st_mysqlnd_authentication_plugin * self, +- MYSQLND_CONN_DATA * conn, +- const zend_uchar * auth_plugin_data, size_t auth_plugin_data_len, +- const char * const passwd, +- const size_t passwd_len); +- + struct st_mysqlnd_authentication_plugin + { + struct st_mysqlnd_plugin_header plugin_header; + struct { + func_auth_plugin__get_auth_data get_auth_data; +- func_auth_plugin__handle_server_response handle_server_response; + } methods; + }; + +diff -urpa php-7.2.8/ext/mysqlnd/mysqlnd_wireprotocol.c php-7.2.8.rev/ext/mysqlnd/mysqlnd_wireprotocol.c +--- php-7.2.8/ext/mysqlnd/mysqlnd_wireprotocol.c 2018-07-17 05:35:47.000000000 +0000 ++++ php-7.2.8.rev/ext/mysqlnd/mysqlnd_wireprotocol.c 2018-07-22 00:11:47.108407504 +0000 +@@ -2273,85 +2273,6 @@ php_mysqlnd_sha256_pk_request_response_f + } + /* }}} */ + +-static +-size_t php_mysqlnd_cached_sha2_result_write(void * _packet) +-{ +- MYSQLND_PACKET_CACHED_SHA2_RESULT * packet= (MYSQLND_PACKET_CACHED_SHA2_RESULT *) _packet; +- MYSQLND_ERROR_INFO * error_info = packet->header.error_info; +- MYSQLND_PFC * pfc = packet->header.protocol_frame_codec; +- MYSQLND_VIO * vio = packet->header.vio; +- MYSQLND_STATS * stats = packet->header.stats; +-#ifndef _MSC_VER +- zend_uchar buffer[MYSQLND_HEADER_SIZE + packet->password_len + 1]; +-#else +- ALLOCA_FLAG(use_heap) +- zend_uchar *buffer = do_alloca(MYSQLND_HEADER_SIZE + packet->password_len + 1, use_heap); +-#endif +- size_t sent; +- +- DBG_ENTER("php_mysqlnd_cached_sha2_result_write"); +- +- if (packet->request == 1) { +- int1store(buffer + MYSQLND_HEADER_SIZE, '\2'); +- sent = pfc->data->m.send(pfc, vio, buffer, 1, stats, error_info); +- } else { +- memcpy(buffer + MYSQLND_HEADER_SIZE, packet->password, packet->password_len); +- sent = pfc->data->m.send(pfc, vio, buffer, packet->password_len, stats, error_info); +- } +- +-#ifdef _MSC_VER +- free_alloca(buffer, use_heap); +-#endif +- +- DBG_RETURN(sent); +-} +- +-static enum_func_status +-php_mysqlnd_cached_sha2_result_read(void * _packet) +-{ +- MYSQLND_PACKET_CACHED_SHA2_RESULT * packet= (MYSQLND_PACKET_CACHED_SHA2_RESULT *) _packet; +- MYSQLND_ERROR_INFO * error_info = packet->header.error_info; +- MYSQLND_PFC * pfc = packet->header.protocol_frame_codec; +- MYSQLND_VIO * vio = packet->header.vio; +- MYSQLND_STATS * stats = packet->header.stats; +- MYSQLND_CONNECTION_STATE * connection_state = packet->header.connection_state; +- zend_uchar buf[SHA256_PK_REQUEST_RESP_BUFFER_SIZE]; +- zend_uchar *p = buf; +- const zend_uchar * const begin = buf; +- +- DBG_ENTER("php_mysqlnd_cached_sha2_result_read"); +- if (FAIL == mysqlnd_read_packet_header_and_body(&(packet->header), pfc, vio, stats, error_info, connection_state, buf, sizeof(buf), "PROT_CACHED_SHA2_RESULT_PACKET", PROT_CACHED_SHA2_RESULT_PACKET)) { +- DBG_RETURN(FAIL); +- } +- BAIL_IF_NO_MORE_DATA; +- +- p++; +- packet->response_code = uint1korr(p); +- BAIL_IF_NO_MORE_DATA; +- +- p++; +- packet->result = uint1korr(p); +- BAIL_IF_NO_MORE_DATA; +- +- DBG_RETURN(PASS); +- +-premature_end: +- DBG_ERR_FMT("OK packet %d bytes shorter than expected", p - begin - packet->header.size); +- php_error_docref(NULL, E_WARNING, "SHA256_PK_REQUEST_RESPONSE packet "MYSQLND_SZ_T_SPEC" bytes shorter than expected", +- p - begin - packet->header.size); +- DBG_RETURN(FAIL); +-} +- +-static void +-php_mysqlnd_cached_sha2_result_free_mem(void * _packet, zend_bool stack_allocation) +-{ +- MYSQLND_PACKET_CACHED_SHA2_RESULT * p = (MYSQLND_PACKET_CACHED_SHA2_RESULT *) _packet; +- +- if (!stack_allocation) { +- mnd_pefree(p, p->header.persistent); +- } +-} +-/* }}} */ + /* {{{ packet_methods */ + static + mysqlnd_packet_methods packet_methods[PROT_LAST] = +@@ -2445,15 +2366,9 @@ mysqlnd_packet_methods packet_methods[PR + php_mysqlnd_sha256_pk_request_response_read, + NULL, /* write */ + php_mysqlnd_sha256_pk_request_response_free_mem, +- }, /* PROT_SHA256_PK_REQUEST_RESPONSE_PACKET */ +- { +- sizeof(MYSQLND_PACKET_CACHED_SHA2_RESULT), +- php_mysqlnd_cached_sha2_result_read, +- php_mysqlnd_cached_sha2_result_write, +- php_mysqlnd_cached_sha2_result_free_mem +- } /* PROT_CACHED_SHA2_RESULT_PACKET */ ++ } /* PROT_SHA256_PK_REQUEST_RESPONSE_PACKET */ + }; +-/* }}} */ ++/* }}} */ + + + /* {{{ mysqlnd_protocol::get_greet_packet */ +@@ -2802,30 +2717,6 @@ MYSQLND_METHOD(mysqlnd_protocol, get_sha + } + /* }}} */ + +-/* {{{ mysqlnd_protocol::init_cached_sha2_result_packet */ +-static struct st_mysqlnd_packet_cached_sha2_result * +-MYSQLND_METHOD(mysqlnd_protocol, get_cached_sha2_result_packet) +-(MYSQLND_PROTOCOL_PAYLOAD_DECODER_FACTORY * const factory, const zend_bool persistent) +-{ +- struct st_mysqlnd_packet_cached_sha2_result * packet = mnd_pecalloc(1, packet_methods[PROT_CACHED_SHA2_RESULT_PACKET].struct_size, persistent); +- DBG_ENTER("mysqlnd_protocol::init_cached_sha2_result_packet"); +- if (packet) { +- memset(packet, 0, sizeof(*packet)); +- packet->header.m = &packet_methods[PROT_CACHED_SHA2_RESULT_PACKET]; +- packet->header.factory = factory; +- +- packet->header.protocol_frame_codec = factory->conn->protocol_frame_codec; +- packet->header.vio = factory->conn->vio; +- packet->header.stats = factory->conn->stats; +- packet->header.error_info = factory->conn->error_info; +- packet->header.connection_state = &factory->conn->state; +- +- packet->header.persistent = persistent; +- } +- DBG_RETURN(packet); +-} +-/* }}} */ +- + + /* {{{ mysqlnd_protocol::send_command */ + static enum_func_status +@@ -3056,7 +2947,6 @@ MYSQLND_CLASS_METHODS_START(mysqlnd_prot + MYSQLND_METHOD(mysqlnd_protocol, get_change_user_response_packet), + MYSQLND_METHOD(mysqlnd_protocol, get_sha256_pk_request_packet), + MYSQLND_METHOD(mysqlnd_protocol, get_sha256_pk_request_response_packet), +- MYSQLND_METHOD(mysqlnd_protocol, get_cached_sha2_result_packet), + + MYSQLND_METHOD(mysqlnd_protocol, send_command), + MYSQLND_METHOD(mysqlnd_protocol, send_command_handle_response), +diff -urpa php-7.2.8/ext/mysqlnd/mysqlnd_wireprotocol.h php-7.2.8.rev/ext/mysqlnd/mysqlnd_wireprotocol.h +--- php-7.2.8/ext/mysqlnd/mysqlnd_wireprotocol.h 2018-07-17 05:35:47.000000000 +0000 ++++ php-7.2.8.rev/ext/mysqlnd/mysqlnd_wireprotocol.h 2018-07-22 00:10:53.910410674 +0000 +@@ -292,16 +292,6 @@ typedef struct st_mysqlnd_packet_sha256 + size_t public_key_len; + } MYSQLND_PACKET_SHA256_PK_REQUEST_RESPONSE; + +-typedef struct st_mysqlnd_packet_cached_sha2_result { +- MYSQLND_PACKET_HEADER header; +- uint8_t response_code; +- uint8_t result; +- uint8_t request; +- zend_uchar * password; +- size_t password_len; +-} MYSQLND_PACKET_CACHED_SHA2_RESULT; +- +- + + zend_ulong php_mysqlnd_net_field_length(const zend_uchar **packet); + zend_uchar * php_mysqlnd_net_store_length(zend_uchar *packet, const uint64_t length); -- 2.44.0