Implement mysql_clear_password #2533
Conversation
|
looks good! |
|
@ldanilek |
|
@abonander i ran cargo fmt. can you take another look 🙏 |
There was a problem hiding this comment.
I've been putting off merging this because honestly the idea is rather horrifying to me.
With this plugin enabled, and without additional defensive configuration like ssl-mode=VERIFY_IDENTITY (which isn't even suggested in the AWS tutorial), it would be quite straightforward for an attacker, e.g. by a compromised router, to trick the application into divulging its credentials.
The documentation on the configuration option should at the very least recommend a stronger .ssl_mode() setting than the default, either Required or VerifyCa in the case of connecting to AWS where a root certificate is provided.
i could add an assertion on |
|
We shouldn't have a panic that you can't work around without enabling TLS as that could get really annoying. I would accept maybe logging a warning, but making the implications clearer in the documentation is the main point. |
|
@abonander could you take another look please 🙏 . i've updated the comments to be scarier, and added a warning log when connecting in an insecure manner. |
Fixes #2443 by implementing
AuthPlugin::MySqlClearPasswordas described in mysql docs and sufficient to connect to a MySQL server hosted by AWS using IAM authentication with ephemeral passwords.For consistency with other clients, like mysql, and to avoid accidental security issues, we also add a flag to ConnectionOpts to enable this plugin, as described here.