Commit: 4c9e222f99731a851e20c6c0972246d079719095 Author: Andrey Hristov <and...@php.net> Wed, 3 Oct 2012 14:02:33 +0200 Parents: 5a385487c2dbf6a49b0edb140f9cb33c1f7299a1 Branches: master
Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=4c9e222f99731a851e20c6c0972246d079719095 Log: if ssl has been switched on transmit clear-text password Changed paths: M ext/mysqlnd/mysqlnd.c M ext/mysqlnd/mysqlnd_auth.c M ext/mysqlnd/mysqlnd_net.c M ext/mysqlnd/mysqlnd_structs.h Diff: diff --git a/ext/mysqlnd/mysqlnd.c b/ext/mysqlnd/mysqlnd.c index 557924c..f5fe075 100644 --- a/ext/mysqlnd/mysqlnd.c +++ b/ext/mysqlnd/mysqlnd.c @@ -874,6 +874,9 @@ MYSQLND_METHOD(mysqlnd_conn_data, connect)(MYSQLND_CONN_DATA * conn, saved_compression = TRUE; net->data->compressed = FALSE; } + if (net->data->ssl) { + net->data->ssl = FALSE; + } } else { unsigned int max_allowed_size = MYSQLND_ASSEMBLED_PACKET_MAX_SIZE; conn->m->set_client_option(conn, MYSQLND_OPT_MAX_ALLOWED_PACKET, (char *)&max_allowed_size TSRMLS_CC); diff --git a/ext/mysqlnd/mysqlnd_auth.c b/ext/mysqlnd/mysqlnd_auth.c index 72b2532..f2c5adc 100644 --- a/ext/mysqlnd/mysqlnd_auth.c +++ b/ext/mysqlnd/mysqlnd_auth.c @@ -579,33 +579,40 @@ mysqlnd_sha256_auth_get_auth_data(struct st_mysqlnd_authentication_plugin * self DBG_ENTER("mysqlnd_sha256_auth_get_auth_data"); DBG_INF_FMT("salt(%d)=[%.*s]", auth_plugin_data_len, auth_plugin_data_len, auth_plugin_data); - *auth_data_len = 0; - - server_public_key = mysqlnd_sha256_get_rsa_key(conn, options, net_options TSRMLS_CC); - if (server_public_key) { - int server_public_key_len; - char xor_str[passwd_len + 1]; - memcpy(xor_str, passwd, passwd_len); - xor_str[passwd_len] = '\0'; - mysqlnd_xor_string(xor_str, passwd_len, (char *) auth_plugin_data, auth_plugin_data_len); + if (conn->net->data->ssl) { + /* clear text under SSL */ + *auth_data_len = passwd_len; + ret = malloc(passwd_len); + memcpy(ret, passwd, passwd_len); + } else { + *auth_data_len = 0; + server_public_key = mysqlnd_sha256_get_rsa_key(conn, options, net_options TSRMLS_CC); + + if (server_public_key) { + int server_public_key_len; + char xor_str[passwd_len + 1]; + memcpy(xor_str, passwd, passwd_len); + xor_str[passwd_len] = '\0'; + mysqlnd_xor_string(xor_str, passwd_len, (char *) auth_plugin_data, auth_plugin_data_len); + + server_public_key_len = RSA_size(server_public_key); + /* + Because RSA_PKCS1_OAEP_PADDING is used there is a restriction on the passwd_len. + RSA_PKCS1_OAEP_PADDING is recommended for new applications. See more here: + http://www.openssl.org/docs/crypto/RSA_public_encrypt.html + */ + if ((size_t) server_public_key_len - 41 <= passwd_len) { + /* password message is to long */ + SET_CLIENT_ERROR(*conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, "password is too long"); + DBG_ERR("password is too long"); + DBG_RETURN(NULL); + } - server_public_key_len = RSA_size(server_public_key); - /* - Because RSA_PKCS1_OAEP_PADDING is used there is a restriction on the passwd_len. - RSA_PKCS1_OAEP_PADDING is recommended for new applications. See more here: - http://www.openssl.org/docs/crypto/RSA_public_encrypt.html - */ - if ((size_t) server_public_key_len - 41 <= passwd_len) { - /* password message is to long */ - SET_CLIENT_ERROR(*conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, "password is too long"); - DBG_ERR("password is too long"); - DBG_RETURN(NULL); + *auth_data_len = server_public_key_len; + ret = malloc(*auth_data_len); + RSA_public_encrypt(passwd_len + 1, (zend_uchar *) xor_str, ret, server_public_key, RSA_PKCS1_OAEP_PADDING); } - - *auth_data_len = server_public_key_len; - ret = malloc(*auth_data_len); - RSA_public_encrypt(passwd_len + 1, (zend_uchar *) xor_str, ret, server_public_key, RSA_PKCS1_OAEP_PADDING); } DBG_RETURN(ret); diff --git a/ext/mysqlnd/mysqlnd_net.c b/ext/mysqlnd/mysqlnd_net.c index b3d9744..4f55ddb 100644 --- a/ext/mysqlnd/mysqlnd_net.c +++ b/ext/mysqlnd/mysqlnd_net.c @@ -908,6 +908,7 @@ MYSQLND_METHOD(mysqlnd_net, enable_ssl)(MYSQLND_NET * const net TSRMLS_DC) php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot connect to MySQL by using SSL"); DBG_RETURN(FAIL); } + net->data->ssl = TRUE; /* get rid of the context. we are persistent and if this is a real pconn used by mysql/mysqli, then the context would not survive cleaning of EG(regular_list), where it is registered, as a diff --git a/ext/mysqlnd/mysqlnd_structs.h b/ext/mysqlnd/mysqlnd_structs.h index 16092e9..7f512b7 100644 --- a/ext/mysqlnd/mysqlnd_structs.h +++ b/ext/mysqlnd/mysqlnd_structs.h @@ -797,6 +797,7 @@ struct st_mysqlnd_net_data { php_stream *stream; zend_bool compressed; + zend_bool ssl; #ifdef MYSQLND_DO_WIRE_CHECK_BEFORE_COMMAND zend_uchar last_command; #else -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php