History log of /PHP-8.0/ext/mysqlnd/mysqlnd_auth.c (Results 1 – 25 of 100)
Revision (<<< Hide revision tags) (Show revision tags >>>) Date Author Comments
# 36466042 05-Feb-2021 Daniel Black

Fix #78680: mysqlnd pam plugin missing terminating null

The PAM service requires the terminating null to be part
of the communication.

Tested with MariaDB-10.4(pam) and Percona

Fix #78680: mysqlnd pam plugin missing terminating null

The PAM service requires the terminating null to be part
of the communication.

Tested with MariaDB-10.4(pam) and Percona Server 5.7.32(auth_pam_compat).

Also changed MySQL Enterprise test to the server side plugin, authentication_pam
as opposed to the client plugin mysql_clear_password.

Add additional check for pamtest user and pam service file as
all are required for the test.

More importantly, test result should actually succeed.

Thanks Geoff Montee for bug report.

Closes GH-78680.

show more ...


Revision tags: php-8.0.0, php-7.3.25, php-7.4.13, php-8.0.0RC5, php-7.4.13RC1, php-8.0.0RC4, php-7.3.25RC1, php-7.4.12, php-8.0.0RC3, php-7.3.24, php-8.0.0RC2, php-7.4.12RC1, php-7.3.24RC1, php-7.2.34, php-8.0.0rc1, php-7.4.11, php-7.3.23, php-8.0.0beta4, php-7.4.11RC1, php-7.3.23RC1, php-8.0.0beta3, php-7.4.10, php-7.3.22, php-8.0.0beta2, php-7.3.22RC1, php-7.4.10RC1, php-8.0.0beta1, php-7.4.9, php-7.2.33, php-7.3.21, php-8.0.0alpha3, php-7.4.9RC1, php-7.3.21RC1, php-7.4.8, php-7.2.32, php-8.0.0alpha2, php-7.3.20, php-8.0.0alpha1, php-7.4.8RC1, php-7.3.20RC1, php-7.4.7, php-7.3.19
# 5a04796f 27-May-2020 Christoph M. Becker

Fix MSVC level 1 (severe) warnings

We fix (hopefully) all instances of:

* <https://docs.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-1-c4005>

Fix MSVC level 1 (severe) warnings

We fix (hopefully) all instances of:

* <https://docs.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-1-c4005>
* <https://docs.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-1-c4024>
* <https://docs.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-1-c4028>
* <https://docs.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-1-c4047>
* <https://docs.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-1-c4087>
* <https://docs.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-1-c4090>
* <https://docs.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-1-c4273>
* <https://docs.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-1-c4312>

`zend_llist_add_element()` and `zend_llist_prepend_element()` now
explicitly expect a *const* pointer.

We use the macro `ZEND_VOIDP()` instead of a `(void*)` cast to suppress
C4090; this should prevent accidential removal of the cast by
clarifying the intention, and makes it easier to remove the casts if
the issue[1] will be resolved sometime.

[1] <https://developercommunity.visualstudio.com/content/problem/390711/c-compiler-incorrect-propagation-of-const-qualifie.html>

show more ...


Revision tags: php-7.4.7RC1, php-7.3.19RC1, php-7.4.6, php-7.2.31, php-7.4.6RC1, php-7.3.18RC1, php-7.2.30, php-7.4.5, php-7.3.17
# ee21657a 03-Apr-2020 Qianqian Bu

Fix incorrect free for last_message

In commit a7305eb539596e175bd6c3ae9a20953358c5d677 the last_message
field of the connection object was changed to be always non-persistent.
But th

Fix incorrect free for last_message

In commit a7305eb539596e175bd6c3ae9a20953358c5d677 the last_message
field of the connection object was changed to be always non-persistent.
But there is a place on change_user path that still treats it
depending on conn->persistent flag. This will cause PHP crash after
com_change_user success when there is last_message set

show more ...


Revision tags: php-7.4.5RC1, php-7.3.17RC1
# 0afdf194 23-Mar-2020 Christoph M. Becker

Fix leak on Windows as well

Cf. <http://git.php.net/?p=php-src.git;a=commit;h=db08ef0d3274b239a6b9e68d71d02bb6acb71d82>


# db08ef0d 23-Mar-2020 Nikita Popov

Fix RSA memory leak in mysqlnd auth


Revision tags: php-7.3.18, php-7.4.4, php-7.2.29, php-7.3.16, php-7.4.4RC1, php-7.3.16RC1
# a0377021 26-Feb-2020 Christoph M. Becker

Native Windows support for mysqlnd sha256 authentification

We implement that on top of Cryptography API: Next Generation (CNG).


# a7400d5f 26-Feb-2020 Christoph M. Becker

Abstract over crypto operations


# 9d31a42a 18-Feb-2020 Nikita Popov

Don't use VLA in mysqlnd auth

We use alloca instead of VLA. This should also allow building
this code on Windows.


Revision tags: php-7.4.3, php-7.2.28, php-7.3.15RC1, php-7.4.3RC1, php-7.3.15
# bb5cdd9b 24-Jan-2020 Nikita Popov

Fixed bug #79011

auth_plugin_data_len here is 21, including the trailing null byte.
Directly use SCRAMBLE_LENGTH instead. Also add a sanity check that
the provided scramble is long e

Fixed bug #79011

auth_plugin_data_len here is 21, including the trailing null byte.
Directly use SCRAMBLE_LENGTH instead. Also add a sanity check that
the provided scramble is long enough.

show more ...


Revision tags: php-7.2.27, php-7.4.2, php-7.3.14, php-7.3.14RC1, php-7.4.2RC1
# 32cd373d 27-Dec-2019 Nikita Popov

Handle empty password fast path in caching_sha2_password

If an empty password is used, no additional packets are exchanged
during caching_sha2_password auth. We're only looking for an

Handle empty password fast path in caching_sha2_password

If an empty password is used, no additional packets are exchanged
during caching_sha2_password auth. We're only looking for an
OK/ERR response.

show more ...


# 813d4a00 27-Dec-2019 Nikita Popov

Handle error response during caching_sha2_password auth

In particular, this fixes handling of expired passwords.


# e7e1254f 27-Dec-2019 Nikita Popov

Add support for caching_sha2_password in change user authentication

Same as for connection handshakes.


# 03ee36d1 27-Dec-2019 Nikita Popov

Fix unix socket check during caching_sha2_password

The fact that conn->unix_socket is set does not mean that a Unix
socket is actually in use -- this member is set in a default
confi

Fix unix socket check during caching_sha2_password

The fact that conn->unix_socket is set does not mean that a Unix
socket is actually in use -- this member is set in a default
configuration.

Instead check whether a unix_socket stream ops is used.

show more ...


# 6225137b 27-Dec-2019 Nikita Popov

Support auth switch request during caching sha2 auth


Revision tags: php-7.4.1, php-7.2.26, php-7.3.13
# b6a59cee 11-Dec-2019 Nikita Popov

Free RSA public key in mysqlnd sha256 auth

Not sure why this only started showing up as a leak now.


Revision tags: php-7.4.1RC1, php-7.3.13RC1, php-7.2.26RC1, php-7.4.0, php-7.2.25, php-7.3.12, php-7.4.0RC6, php-7.3.12RC1, php-7.2.25RC1, php-7.4.0RC5, php-7.1.33, php-7.2.24, php-7.3.11, php-7.4.0RC4, php-7.3.11RC1, php-7.2.24RC1, php-7.4.0RC3
# 5d6e923d 24-Sep-2019 Gabriel Caruso

Remove mention of PHP major version in Copyright headers

Closes GH-4732.


Revision tags: php-7.2.23, php-7.3.10, php-7.4.0RC2, php-7.2.23RC1, php-7.3.10RC1, php-7.4.0RC1, php-7.1.32, php-7.2.22, php-7.3.9, php-7.4.0beta4, php-7.2.22RC1, php-7.3.9RC1
# cdf16c01 12-Aug-2019 Qianqian Bu

fix the problem for connect_attr, set db condition, and add a new attribute _server_host


Revision tags: php-7.4.0beta2, php-7.1.31, php-7.2.21, php-7.3.8, php-7.4.0beta1, php-7.2.21RC1, php-7.3.8RC1, php-7.4.0alpha3, php-7.3.7, php-7.2.20, php-7.4.0alpha2, php-7.3.7RC3, php-7.3.7RC2, php-7.2.20RC2, php-7.4.0alpha1, php-7.3.7RC1, php-7.2.20RC1, php-7.2.19, php-7.3.6, php-7.1.30, php-7.2.19RC1, php-7.3.6RC1, php-7.1.29, php-7.2.18, php-7.3.5, php-7.2.18RC1, php-7.3.5RC1, php-7.2.17, php-7.3.4, php-7.1.28, php-7.3.4RC1, php-7.2.17RC1, php-7.1.27, php-7.3.3, php-7.2.16
# 9a4926b2 21-Feb-2019 Fabien Villepinte

Fix typo in error message


Revision tags: php-7.3.3RC1, php-7.2.16RC1, php-7.2.15, php-7.3.2
# c245898b 03-Feb-2019 Peter Kokot

Update and fix remaining year ranges (2019)

This patch follows previous license year ranges updates. With new
approach source code files now have simplified headers with license
info

Update and fix remaining year ranges (2019)

This patch follows previous license year ranges updates. With new
approach source code files now have simplified headers with license
information without year ranges.

show more ...


Revision tags: php-7.2.15RC1
# 92ac598a 22-Jan-2019 Peter Kokot

Remove local variables

This patch removes the so called local variables defined per
file basis for certain editors to properly show tab width, and
similar settings. These are mainly

Remove local variables

This patch removes the so called local variables defined per
file basis for certain editors to properly show tab width, and
similar settings. These are mainly used by Vim and Emacs editors
yet with recent changes the once working definitions don't work
anymore in Vim without custom plugins or additional configuration.
Neither are these settings synced across the PHP code base.

A simpler and better approach is EditorConfig and fixing code
using some code style fixing tools in the future instead.

This patch also removes the so called modelines for Vim. Modelines
allow Vim editor specifically to set some editor configuration such as
syntax highlighting, indentation style and tab width to be set in the
first line or the last 5 lines per file basis. Since the php test
files have syntax highlighting already set in most editors properly and
EditorConfig takes care of the indentation settings, this patch removes
these as well for the Vim 6.0 and newer versions.

With the removal of local variables for certain editors such as
Emacs and Vim, the footer is also probably not needed anymore when
creating extensions using ext_skel.php script.

Additionally, Vim modelines for setting php syntax and some editor
settings has been removed from some *.phpt files. All these are
mostly not relevant for phpt files neither work properly in the
middle of the file.

show more ...


Revision tags: php-7.3.2RC1, php-5.6.40, php-7.1.26, php-7.3.1, php-7.2.14
# 8975e4dc 07-Jan-2019 Andrey Hristov

Simplify the command factory

Since more than an year it not possible to create commands in the heap
but they are allocated on the stack and directly run. In this regard, it
doesn't m

Simplify the command factory

Since more than an year it not possible to create commands in the heap
but they are allocated on the stack and directly run. In this regard, it
doesn't make sense to have all the vararg stuff. Commands made sense
to be created and pushed onto a stack then a general executor will
run thru the stack and execute/handle the commands.

show more ...


# 711e1fb3 07-Jan-2019 Andrey Hristov

Mark const what should not be changed


Revision tags: php-7.2.14RC1, php-7.3.1RC1, php-5.6.39, php-7.1.25, php-7.2.13, php-7.0.33, php-7.3.0, php-7.1.25RC1
# 4f06e67a 20-Nov-2018 Nikita Popov

Re-commit MySQL 8 cached SHA auth support

With changes to (hopefully) correctly fall back if OpenSSL support
is missing. Furthermore the hard-coded dependency on ext/hash is
no longe

Re-commit MySQL 8 cached SHA auth support

With changes to (hopefully) correctly fall back if OpenSSL support
is missing. Furthermore the hard-coded dependency on ext/hash is
no longer an issue, as this extension is required in master.

This reverts commit 63072e9c0ebbb676cd39d0f867d873737c676add, reversing
changes made to 4cbabb6852d2a7d966fb78a53d9d4c1cac18f10b.

show more ...


Revision tags: php-7.2.13RC1, php-7.3.0RC6, php-7.1.24, php-7.2.12, php-7.3.0RC5, php-7.1.24RC1, php-7.2.12RC1, php-7.3.0RC4, php-7.1.23, php-7.2.11, php-7.3.0RC3, php-7.1.23RC1, php-7.2.11RC1, php-7.3.0RC2, php-5.6.38, php-7.1.22, php-7.3.0RC1, php-7.2.10, php-7.0.32
# 03740ef7 04-Sep-2018 Nikita Popov

Revert all MySQL auth related changes

Per bug #76651 these changes do not appear to work correctly in
some cases. As no immediate fix seems to be forthcoming, I'm
reverting these cha

Revert all MySQL auth related changes

Per bug #76651 these changes do not appear to work correctly in
some cases. As no immediate fix seems to be forthcoming, I'm
reverting these changes.

Revert "Fixed invalid free introduced by d6e81f0bfd0cb90586dd83d4fd47a4302605261a (avoid keeping "invalid" pointer)"

This reverts commit 11507c0e1bfa17a96480f3648397f6975c31551e.

Revert "Fix mysqlnd build without openssl"

This reverts commit 6c9db02ff7812c298d1e7e292ba731d9d3a66790.

Revert "Fix VC compilation as variable size array is not supported"

This reverts commit f96df64cb2219fda42ca875483f874cf3052647c.

Revert "Fix MySQL 8 auth"

This reverts commit d6e81f0bfd0cb90586dd83d4fd47a4302605261a.

show more ...


Revision tags: php-7.1.22RC1, php-7.3.0beta3, php-7.2.10RC1, php-7.1.21, php-7.2.9, php-7.3.0beta2, php-7.1.21RC1, php-7.3.0beta1, php-7.2.9RC1
# cf8ef08e 25-Jul-2018 Peter Kokot

Fix typos in code


1234