Second part of WL #519:

Client option secure-auth deployed on all possible layers: - mysql client command-line and config file option - mysql_options option MYSQL_SECURE_AUTH - mysql_real_connect will automatically take into account that option if mysql->options.my_cnf_file/my_cnf_group is set client/client_priv.h: added OPT_SECURE_AUTH to enum of all my_read_default_options options. client/mysql.cc: added support for mysql command-line option --secure-auth include/errmsg.h: added return code for option --secure-auth include/mysql.h: added MYSQL_SECURE_AUTH to enum of all mysql_options options. added secure_auth flag to MYSQL handle libmysql/errmsg.c: Error messages for option --secure-auth sql-common/client.c: added check for secure-auth in mysql_real_connect: if password is provided, and secure-auth is on, then client will refuse connecting to pre-4.1.1 server
2025-07-30 16:24:05 +03:00 · 2003-11-28 13:11:44 +03:00
parent 94387d4be3
commit 506572b69e
6 changed files with 38 additions and 9 deletions
--- a/include/mysql.h
+++ b/include/mysql.h
@ -145,7 +145,7 @@ enum mysql_option
  MYSQL_OPT_PROTOCOL, MYSQL_SHARED_MEMORY_BASE_NAME, MYSQL_OPT_READ_TIMEOUT,
  MYSQL_OPT_WRITE_TIMEOUT, MYSQL_OPT_USE_RESULT,
  MYSQL_OPT_USE_REMOTE_CONNECTION, MYSQL_OPT_USE_EMBEDDED_CONNECTION,
-  MYSQL_OPT_GUESS_CONNECTION, MYSQL_SET_CLIENT_IP
+  MYSQL_OPT_GUESS_CONNECTION, MYSQL_SET_CLIENT_IP, MYSQL_SECURE_AUTH
 };

 struct st_mysql_options {
@ -184,6 +184,8 @@ struct st_mysql_options {
 #endif
  enum mysql_option methods_to_use;
  char *client_ip;
+  /* Refuse client connecting to server if it uses old (pre-4.1.1) protocol */
+  my_bool secure_auth;
 };

 enum mysql_status