Bug#14751925: USELESS ERROR MESSAGE WHEN SHA-256

harinvadodaria · harinvadodaria · commit fb14715c7d45 · 2012-12-11T17:16:11.000+05:30
CONNECTION FAILS BECAUSE OF MISSING
              SSL/RSA

Description: Client side code supporting pluggable
             authentication assumes that an error
             can be raised by server and there is
             no consideration for the possibility
             that client plugin denied the access.
             Hence error becomes "MySQL Unknown
             Error". This patch fixes this issue
             for sha256 client plugin and introduces
             client side error with required
             description.
diff --git a/include/errmsg.h b/include/errmsg.h
@@ -103,7 +103,8 @@ extern const char *client_errors[];	/* Error messages */
 #define CR_ALREADY_CONNECTED                    2058
 #define CR_AUTH_PLUGIN_CANNOT_LOAD              2059
 #define CR_DUPLICATE_CONNECTION_ATTR            2060
-#define CR_ERROR_LAST  /*Copy last error nr:*/  2060
+#define CR_AUTH_PLUGIN_ERR                      2061
+#define CR_ERROR_LAST  /*Copy last error nr:*/  2061
 /* Add error numbers before CR_ERROR_LAST and change it accordingly. */
 
 #endif /* ERRMSG_INCLUDED */
diff --git a/libmysql/errmsg.c b/libmysql/errmsg.c
@@ -85,6 +85,8 @@ const char *client_errors[]=
   "The number of columns in the result set differs from the number of bound buffers. You must reset the statement, rebind the result set columns, and execute the statement again",
   "This handle is already connected. Use a separate handle for each connection.",
   "Authentication plugin '%s' cannot be loaded: %s",
+  "There is an attribute with the same name already",
+  "Authentication plugin '%s' reported error: %s",
   ""
 };
 
diff --git a/mysql-test/include/not_sha256_rsa_auth.inc b/mysql-test/include/not_sha256_rsa_auth.inc
@@ -0,0 +1,5 @@
+# Only run this test if YaSSL is supported
+let $shavars= query_get_value("SELECT COUNT(*) as shavars FROM information_schema.session_variables WHERE variable_name = 'sha256_password_private_key_path'", shavars, 1);
+if ($shavars != 0){
+  skip Need YaSSL support;
+}
diff --git a/sql-common/client_authentication.cc b/sql-common/client_authentication.cc
@@ -232,7 +232,10 @@ int sha256_password_auth_client(MYSQL_PLUGIN_VIO *vio, MYSQL *mysql)
       if (vio->write_packet(vio, (uchar*) encrypted_password, cipher_length))
         DBUG_RETURN(CR_ERROR);
 #else
-      DBUG_RETURN(CR_ERROR); // If no yassl support
+      set_mysql_extended_error(mysql, CR_AUTH_PLUGIN_ERR, unknown_sqlstate,
+                                ER(CR_AUTH_PLUGIN_ERR), "sha256_password",
+                                "Authentication requires SSL encryption");
+      DBUG_RETURN(CR_ERROR); // If no openssl support
 #endif
     }
     else
