Fix GH-11438: mysqlnd fails to authenticate with sha256_password accounts using passwords longer than 19 characters #11445
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ccounts using passwords longer than 19 characters https://dev.mysql.com/doc/dev/mysql-server/latest/page_caching_sha2_authentication_exchanges.html tells us that the nonce used in this authentication method is 20 bytes long. However, we might receive additional scramble data in php_mysqlnd_greet_read not used in this method. On my test setup, I received 21 bytes (20 bytes + '\0'). This resulted in the xor computation to incorrectly include the NUL byte. Every password of at least 20 characters therefore failed to authenticate using this method. Looking at mysql-server source code also seems to reveal that it always uses a fixed number of scramble bytes [1]. [1] https://github.com/mysql/mysql-server/blob/ea7087d885006918ad54458e7aad215b1650312c/sql/auth/sha2_password.cc#L1078-L1079
kamil-tekiela
requested changes
Aug 2, 2023
|
I think I got it. So sorry again, but I think I misled you and myself by pointing at a very weird test that is either completely nonsense or tests some obscure feature. Anyway, I trimmed it down to the actual bug fix and now the test works. You can verify with your fix it is green, and without is red. Hopefully CI agrees. |
|
Alright, thanks for taking care of the test. |
kamil-tekiela
approved these changes
Aug 3, 2023
jorgsowa
pushed a commit
to jorgsowa/php-src
that referenced
this pull request
Aug 16, 2023
…ccounts using passwords longer than 19 characters https://dev.mysql.com/doc/dev/mysql-server/latest/page_caching_sha2_authentication_exchanges.html tells us that the nonce used in this authentication method is 20 bytes long. However, we might receive additional scramble data in php_mysqlnd_greet_read not used in this method. On my test setup, I received 21 bytes (20 bytes + '\0'). This resulted in the xor computation to incorrectly include the NUL byte. Every password of at least 20 characters therefore failed to authenticate using this method. Looking at mysql-server source code also seems to reveal that it always uses a fixed number of scramble bytes [1]. [1] https://github.com/mysql/mysql-server/blob/ea7087d885006918ad54458e7aad215b1650312c/sql/auth/sha2_password.cc#L1078-L1079 Closes phpGH-11445. Co-authored-by: Kamil Tekiela <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
https://dev.mysql.com/doc/dev/mysql-server/latest/page_caching_sha2_authentication_exchanges.html tells us that the nonce used in this authentication method is 20 bytes long. However, we might receive additional scramble data in php_mysqlnd_greet_read not used in this method.
On my test setup, I received 21 bytes (20 bytes + '\0'). This resulted in the xor computation to incorrectly include the NUL byte. Every password of at least 20 characters therefore failed to authenticate using this method.
Looking at mysql-server source code also seems to reveal that it always uses a fixed number of scramble bytes [1].
[1] https://github.com/mysql/mysql-server/blob/ea7087d885006918ad54458e7aad215b1650312c/sql/auth/sha2_password.cc#L1078-L1079
I'm a mysqlnd noob, so someone should triple check this please.