[debian-mysql] Bug#1001385: Bug#1001385: mariadb-client-10.5: authentification fails while the credentials are ok

Tue Dec 14 13:30:25 GMT 2021

Le lundi 13 décembre 2021 à 21:12 -0800, Otto Kekäläinen a écrit :
> On Mon, Dec 13, 2021 at 2:59 AM Anthony Bourguignon
> <debian+bts at toniob.net> wrote:
> > 
> > Le dimanche 12 décembre 2021 à 20:54 -0800, Otto Kekäläinen a écrit :
> > > Hello!
> > > 
> > > > On Thu, Dec 9, 2021 at 5:00 AM Anthony Bourguignon
> > > > <debian+bts at toniob.net> wrote:
> > > > ...
> > > > > I’m having an issue with the mariadb-client in bullseye. I can’t connect
> > > > > to a local server using the mariadb client.
> > > > > 
> > > > > To reproduce the bug :
> > > > >   - Install bullseye
> > > > >   - Install mariadb-server and mariadb-client
> > > > >   - connect as root and create a database and a user :
> > > > >     create database testbug;
> > > > >     grant all privileges on testbug.* to 'testbug'@'127.0.0.1'
> > > > >     identified by 's3cr3t';
> > > > >   - exit the client
> > > > >   - try to connect with those credentials :
> > > > >     mariadb -h 127.0.0.1 -u testbug -p testbug
> > > > > 
> > > > > You can’t connect and get an error :
> > > > >   ERROR 1045 (28000): Access denied for user 'testbug'@'localhost' (using password: YES)
> > > > 
> > > > You granted permissions to 'testbug'@'127.0.0.1' but you are
> > > > connecting from 'testbug'@'localhost'. Grant permissions to the
> > > > hostname (not IP) and try again. Also report back here if that solved
> > > > it for you, so we can close the bug report.
> > > 
> > > Did you try this? I am waiting for your comment on the above, thanks.
> > 
> > Hi. I’ve already replied to this, this is not the issue at all. There is an upstream bug, which has been confirmed :
> >   https://jira.mariadb.org/browse/MDEV-27215
> > 
> > So I think we should wait for the upstream patch to close this bug.
> 
> Upstream will only fix the error message to tell about truncation.
> There is no point in passwords beyond maybe 20 characters, let alone
> 80. I don't think massively long passwords will ever be supported,
> there is no benefit in doing so.

I don’t think the question is if I should or shouldn’t use long passwords. But the behavior of MariaDB should be consistent. If the limit is 80
characters, then it should be documented and we shouldn’t be allowed to put longer passwords. But being able to authenticate with a long passphrase on
one side, but can’t on another is really disturbing, and in my opinion is a bug.

I spent a complete morning trying to figure out why I couldn’t connect to my database with the client when the application was ok.