+++ /dev/null
---- Percona-Server-5.6.14-rel62.0/client/mysql.cc~ 2013-10-22 09:42:41.000000000 +0200
-+++ Percona-Server-5.6.14-rel62.0/client/mysql.cc 2013-11-23 13:20:56.986861400 +0100
-@@ -152,7 +152,7 @@
- vertical=0, line_numbers=1, column_names=1,opt_html=0,
- opt_xml=0,opt_nopager=1, opt_outfile=0, named_cmds= 0,
- tty_password= 0, opt_nobeep=0, opt_reconnect=1,
-- opt_secure_auth= TRUE,
-+ opt_secure_auth= 0,
- default_pager_set= 0, opt_sigint_ignore= 0,
- auto_vertical_output= 0,
- show_warnings= 0, executing_query= 0, interrupted_query= 0,
---- Percona-Server-5.6.14-rel62.0/client/mysql.cc~ 2013-11-23 14:34:06.000000000 +0100
-+++ Percona-Server-5.6.14-rel62.0/client/mysql.cc 2013-11-23 15:25:56.195617871 +0100
-@@ -1737,7 +1737,7 @@
- 1, ULONG_MAX, 0, 1, 0},
- {"secure-auth", OPT_SECURE_AUTH, "Refuse client connecting to server if it"
- " uses old (pre-4.1.1) protocol.", &opt_secure_auth,
-- &opt_secure_auth, 0, GET_BOOL, NO_ARG, 1, 0, 0, 0, 0, 0},
-+ &opt_secure_auth, 0, GET_BOOL, NO_ARG, 0, 0, 0, 0, 0, 0},
- {"server-arg", OPT_SERVER_ARG, "Send embedded server this as a parameter.",
- 0, 0, 0, GET_STR, REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
- {"show-warnings", OPT_SHOW_WARNINGS, "Show warnings after every statement.",
---- Percona-Server-5.6.14-rel62.0/sql/sys_vars.cc~ 2013-11-23 15:30:45.000000000 +0100
-+++ Percona-Server-5.6.14-rel62.0/sql/sys_vars.cc 2013-11-23 15:30:50.922370696 +0100
-@@ -2655,9 +2655,7 @@
- "Disallow authentication for accounts that have old (pre-4.1) "
- "passwords",
- GLOBAL_VAR(opt_secure_auth), CMD_LINE(OPT_ARG, OPT_SECURE_AUTH),
-- DEFAULT(TRUE),
-- NO_MUTEX_GUARD, NOT_IN_BINLOG,
-- ON_CHECK(on_check_opt_secure_auth)
-+ DEFAULT(FALSE)
- );
-
- static Sys_var_charptr Sys_secure_file_priv(
-MySQL 5.6.11 does not allow pre-4.1.1 password hashes although the server is
-started with "skip-secure-auth option" (secure-auth mode disabled), this patch
-enables this feature again, it's a mysql_init() backport from MySQL 5.6.10.
-
-mysql> SHOW VARIABLES LIKE 'secure_auth' ;
-+---------------+-------+
-| Variable_name | Value |
-+---------------+-------+
-| secure_auth | OFF |
-+---------------+-------+
-
-$ mysql -uexample -pexample test
-ERROR 2049 (HY000): Connection using old (pre-4.1.1) authentication protocol refused (client option 'secure_auth' enabled)
-
-This bug has been also reported by Jørgen Thomsen: http://bugs.mysql.com/bug.php?id=69027
-
-Santi Saez 2013-04-22 / powerstack.org
-
-diff -urN mysql-5.6.11.orig/sql-common/client.c mysql-5.6.11/sql-common/client.c
---- mysql-5.6.11.orig/sql-common/client.c 2013-04-05 14:27:18.000000000 +0200
-+++ mysql-5.6.11/sql-common/client.c 2013-04-22 23:11:45.754001616 +0200
-@@ -4747,27 +4747,10 @@
-
- if (mysql->passwd[0])
- {
-- /*
-- If --secure-auth option is used, throw an error.
-- Note that, we do not need to check for CLIENT_SECURE_CONNECTION
-- capability of server. If server is not capable of handling secure
-- connections, we would have raised error before reaching here.
--
-- TODO: Change following code to access MYSQL structure through
-- client-side plugin service.
-- */
-- if (mysql->options.secure_auth)
-- {
-- set_mysql_error(mysql, CR_SECURE_AUTH, unknown_sqlstate);
-+ char scrambled[SCRAMBLE_LENGTH_323 + 1];
-+ scramble_323(scrambled, (char*)pkt, mysql->passwd);
-+ if (vio->write_packet(vio, (uchar*)scrambled, SCRAMBLE_LENGTH_323 + 1))
- DBUG_RETURN(CR_ERROR);
-- }
-- else
-- {
-- char scrambled[SCRAMBLE_LENGTH_323 + 1];
-- scramble_323(scrambled, (char*)pkt, mysql->passwd);
-- if (vio->write_packet(vio, (uchar*)scrambled, SCRAMBLE_LENGTH_323 + 1))
-- DBUG_RETURN(CR_ERROR);
-- }
- }
- else
- if (vio->write_packet(vio, 0, 0)) /* no password */
---- Percona-Server-5.6.14-rel62.0/sql-common/client.c~ 2013-11-29 10:48:02.000000000 +0100
-+++ Percona-Server-5.6.14-rel62.0/sql-common/client.c 2013-11-29 11:02:32.121352484 +0100
-@@ -1697,7 +1697,7 @@
- */
- mysql->reconnect= 0;
-
-- mysql->options.secure_auth= TRUE;
-+ mysql->options.secure_auth= 0;
-
- return mysql;
- }
TLD / packages / mysql.git / blobdiff