Put zero filler into the SSL handshake packet. (go-sql-driver#1066)

According to the linked documentation at http://dev.mysql.com/doc/internals/en/connection-phase-packets.html#packet-Protocol::SSLRequest SSLRequest packet should have zero filler similar to the regular handshake request, but now the driver puts zeros only in the regular request. Luckily vanilla MySQL doesn't rely on this zero filler and doesn't verify its presence, thus the driver worked fine so far. But MySQL can change to rely on zeros at any point. The problem was discovered while testing against a customized MySQL.
tz70s · Sep 5, 2020 · 4af1bfe · 4af1bfe
1 parent c395bfb
commit 4af1bfe
Showing 1 changed file with 6 additions and 6 deletions.
diff --git a/packets.go b/packets.go
@@ -349,6 +349,12 @@ func (mc *mysqlConn) writeHandshakeResponsePacket(authResp []byte, plugin string
 		return errors.New("unknown collation")
 	}
 
+	// Filler [23 bytes] (all 0x00)
+	pos := 13
+	for ; pos < 13+23; pos++ {
+		data[pos] = 0
+	}
+
 	// SSL Connection Request Packet
 	// http://dev.mysql.com/doc/internals/en/connection-phase-packets.html#packet-Protocol::SSLRequest
 	if mc.cfg.tls != nil {
@@ -367,12 +373,6 @@ func (mc *mysqlConn) writeHandshakeResponsePacket(authResp []byte, plugin string
 		mc.buf.nc = tlsConn
 	}
 
-	// Filler [23 bytes] (all 0x00)
-	pos := 13
-	for ; pos < 13+23; pos++ {
-		data[pos] = 0
-	}
-
 	// User [null terminated string]
 	if len(mc.cfg.User) > 0 {
 		pos += copy(data[pos:], mc.cfg.User)