There seems to be a problem with the Auth part

[bkda]

Change the TestAuthWithoutSecure test like below code, modify the password you will get unexpected result.

It will return invalid authPluginName, because the nativePassword function return bytes with 0x00, [17 167 145 105 109 173 51 88 102 33 107 0 67 175 113 232 40 58 206 120].

So when you try to read authResponse, you just get the part of the authResponse. And the code continues to execute, the order changes. Actually you will get the database name as the plugin name, that's why we got invalid authPluginName error.

proto/auth_test.go

func TestAuthWithoutSecure(t *testing.T) {
    want := NewAuth()
    want.charset = 0x02
    want.authResponseLen = 20
    want.clientFlags = DefaultClientCapability &^ sqldb.CLIENT_SECURE_CONNECTION &^ sqldb.CLIENT_PLUGIN_AUTH_LENENC_CLIENT_DATA
    want.clientFlags |= sqldb.CLIENT_CONNECT_WITH_DB
    want.authResponse = nativePassword("password", DefaultSalt)
    want.user = "root"
    want.database = "test_db"
    want.pluginName = DefaultAuthPluginName

    got := NewAuth()
    err := got.UnPack(want.Pack(
        DefaultClientCapability&^sqldb.CLIENT_SECURE_CONNECTION,
        0x02,
        "root",
        "password",
        DefaultSalt,
        "test_db",
    ))
    got.authResponseLen = 20
    assert.Nil(t, err)
    assert.Equal(t, want, got)
}

[BohuTANG]

Thanks for pointing that out. This is a bug when we generate the scremble with NULL char for the client/driver without CLIENT_SECURE_CONNECTION capacity. We will fixed it in the next version.

BTW, We have fixed it in ClickHouse on this commit: https://github.com/ClickHouse/ClickHouse/pull/10140/commits/e544edd72643a804fe9fe75e723f1eadc3a6bae9

[BohuTANG]

看 id 感觉是国人，随手 Google 了下，还真是。。

If you have any problems with go-mysqlstack, you can also find me: overred.shuttler@gmail.com

Thanks.

[BohuTANG]

Please re-pull the master again, we have fixed this issue.