openstack/deb-python-pymysql
Code Issues Proposed changes

Fix handle AuthSwitch packet bug.

Browse Source 
MySQL documents annouce the AuthSwitch packet is contains with two
component `auth_plugin_name` and `auth_data`, which `auth_data` is
a string[EOF] string. But in fact it will return a string[NUL] string
or can also say the string[EOF] is consist of a 20bytes string and a '\0'
byte. Now we just follow the document which use those 21bytes as salt
and that is not correct.
This commit is contained in:
elemount
2017-06-29 11:20:50 +08:00
parent ef91351a73
commit 779d17db82
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
pymysql/connections.py
View File

@@ -132,6 +132,8 @@ def dump_packet(data): # pragma: no cover
print() print()
SCRAMBLE_LENGTH = 20
def _scramble(password, message): def _scramble(password, message):
if not password: if not password:
return b'' return b''
@@ -139,7 +141,7 @@ def _scramble(password, message):
stage1 = sha_new(password).digest() stage1 = sha_new(password).digest()
stage2 = sha_new(stage1).digest() stage2 = sha_new(stage1).digest()
s = sha_new() s = sha_new()
s.update(message) s.update(message[:SCRAMBLE_LENGTH])
s.update(stage2) s.update(stage2)
result = s.digest() result = s.digest()
return _my_crypt(result, stage1) return _my_crypt(result, stage1)