Bug #27571593 CONN FAILS FOR USER CREATED USING MYSQL_PASSWD(SERV STRD WITH SHA256)-WL#11618

Fixed the way the password is generated for ssl based connections with the sha256_password which was missing an initial byte with the password's length.

Author: Jose Ramirez

Source/MySql.Data/Authentication/Sha256AuthenticationPlugin.cs

@@ -52,19 +52,19 @@ public class Sha256AuthenticationPlugin : MySqlAuthenticationPlugin
  protected override byte[] MoreData(byte[] data)
  {
  rawPubkey = data;
- byte[] buffer = GetPassword() as byte[];
+ byte[] buffer = GetNonLengthEncodedPassword() as byte[];
  return buffer;
  }
 
  public override object GetPassword()
  {
  if (Settings.SslMode != MySqlSslMode.None)
  {
- // send as clear text, since the channel is already encrypted
  byte[] passBytes = Encoding.GetBytes(Settings.Password);
- byte[] buffer = new byte[passBytes.Length + 1];
- Array.Copy(passBytes, 0, buffer, 0, passBytes.Length);
- buffer[passBytes.Length] = 0;
+ byte[] buffer = new byte[passBytes.Length + 2];
+ Array.Copy(passBytes, 0, buffer, 1, passBytes.Length);
+ buffer[0] = (byte) (passBytes.Length+1);
+ buffer[buffer.Length-1] = 0x00;
  return buffer;
  }
  else
@@ -83,6 +83,21 @@ public override object GetPassword()
  }
  }
 
+ private byte[] GetNonLengthEncodedPassword()
+ {
+ // Required for AuthChange requests.
+ if (Settings.SslMode != MySqlSslMode.None)
+ {
+ // Send as clear text, since the channel is already encrypted.
+ byte[] passBytes = Encoding.GetBytes(Settings.Password);
+ byte[] buffer = new byte[passBytes.Length + 1];
+ Array.Copy(passBytes, 0, buffer, 0, passBytes.Length);
+ buffer[passBytes.Length] = 0;
+ return buffer;
+ }
+ else return GetPassword() as byte[];
+ }
+
  private byte[] GetRsaPassword(string password, byte[] seedBytes, byte[] rawPublicKey)
  {
  if (password.Length == 0) return new byte[1];
@@ -100,7 +115,7 @@ private byte[] GetRsaPassword(string password, byte[] seedBytes, byte[] rawPubli
  throw new MySqlException("RSA2");
  return rsa.Encrypt(obfuscated, RSAEncryptionPadding.OaepSHA1);
 #else
-  RSACryptoServiceProvider rsa = MySqlPemReader.ConvertPemToRSAProvider(rawPublicKey);
+ RSACryptoServiceProvider rsa = MySqlPemReader.ConvertPemToRSAProvider(rawPublicKey);
  if (rsa == null)
  //throw new MySqlException(Resources.UnableToReadRSAKey);
  throw new MySqlException("RSA2");

Tests/MySql.Data.Tests/MySqlConnectionTests.cs

@@ -45,7 +45,7 @@ public void SetFixture(SetUpClass data)
  {
  st = data;
 if (st.conn.State != ConnectionState.Open && !st.conn.SoftClosed)
- st.conn.Open(); 
+ st.conn.Open();
  }
 
  [Fact]