From 1c20e7d36efaac58ececd18182685740c199182a Mon Sep 17 00:00:00 2001 From: Yuli Khodorkovskiy Date: Fri, 6 Dec 2019 10:02:41 -0500 Subject: [PATCH] Fix malformed SASL messages Per the PG documentation [0], an AuthenticationSASLContinue message has: AuthenticationSASLContinue (B) Byte1('R') Identifies the message as an authentication request. Int32 Length of message contents in bytes, including self. Int32(11) Specifies that this message contains a SASL challenge. Byten SASL data, specific to the SASL mechanism being used. The current implementation was mistakenly adding the lengh of msg bytes in between the Int32(11) and Byten. There was a similar issue for AuthenticationSASLFinal. [0] https://www.postgresql.org/docs/current/protocol-message-formats.html --- authentication_sasl_continue.go | 1 - authentication_sasl_final.go | 1 - 2 files changed, 2 deletions(-) diff --git a/authentication_sasl_continue.go b/authentication_sasl_continue.go index a393ae10..1b918a6e 100644 --- a/authentication_sasl_continue.go +++ b/authentication_sasl_continue.go @@ -40,7 +40,6 @@ func (src *AuthenticationSASLContinue) Encode(dst []byte) []byte { dst = pgio.AppendInt32(dst, -1) dst = pgio.AppendUint32(dst, AuthTypeSASLContinue) - dst = pgio.AppendInt32(dst, int32(len(src.Data))) dst = append(dst, src.Data...) pgio.SetInt32(dst[sp:], int32(len(dst[sp:]))) diff --git a/authentication_sasl_final.go b/authentication_sasl_final.go index b8f89d59..11d35660 100644 --- a/authentication_sasl_final.go +++ b/authentication_sasl_final.go @@ -40,7 +40,6 @@ func (src *AuthenticationSASLFinal) Encode(dst []byte) []byte { dst = pgio.AppendInt32(dst, -1) dst = pgio.AppendUint32(dst, AuthTypeSASLFinal) - dst = pgio.AppendInt32(dst, int32(len(src.Data))) dst = append(dst, src.Data...) pgio.SetInt32(dst[sp:], int32(len(dst[sp:])))