mysql-test/suite/sys_vars/t/old_passwords_func.test · mysql-5.6.51 · Rasoul Jahanshahi / Mysql Server

Feb 12, 2013

Bug#15977433: --SECURE-AUTH OPTIONS ALLOWS CLIENT TO SEND · 56afc0cc

Harin Vadodaria authored Feb 12, 2013

              PASSWORD IN OLD FORMAT (PRE-4.1)

Description: If --secure-auth client option is used, client
             should raise an error if connection is using
             mysql_old_password stype password hash.
             However, at present client does not throw any
             error and if server is not running in
             secure_auth mode, connection is successfully
             established.

Solution: Introduce a check in client code that makes sure
          that whenever --secure-auth option is specified
          on client side, an error is raised if connection
          is trying to use mysql_old_password hash.

56afc0cc

Bug#15977433: --SECURE-AUTH OPTIONS ALLOWS CLIENT TO SEND

Harin Vadodaria authored Feb 12, 2013

              PASSWORD IN OLD FORMAT (PRE-4.1)

Description: If --secure-auth client option is used, client
             should raise an error if connection is using
             mysql_old_password stype password hash.
             However, at present client does not throw any
             error and if server is not running in
             secure_auth mode, connection is successfully
             established.

Solution: Introduce a check in client code that makes sure
          that whenever --secure-auth option is specified
          on client side, an error is raised if connection
          is trying to use mysql_old_password hash.