MySQL Forums
Forum List  »  Security

SHA1 handshake pass
Posted by: John Schellingerhout
Date: September 18, 2017 02:58AM


I'm not sure I placed this in the right section, but my question is if someone could explain how the handshake authentication works.
As I get from MySQL internals, it should be SHA1 pass and I tried it, but get acces denied for user 'user'@ip back.
I did a lot of googling, but somehow I didn's found that much information about it, until this morning someone explained to do sha1(pass) XOR SHA1(20 bytes server greeting hash + sha1(sha1(pass))
But this didn't work either.
Then I found a mysql 4/5 hash calculator and surprising, it shows the result of sha1(sha1(pass)) and not that of the salt + sha1(sha1(hash)), but unfortunality it doesn't work either.

So, what routine/algoritm do I have to use to authentica in the answer on servers greeting (handshake)?

We're trying to log data into mysql from an simple embedded solution, so we haven;t te ability to use connectors or so.
Hopefully someone wants to explain it?

P.S. SHA1 routine works, I checked SHA1 and SHA1(SHA1()) and both has the right hash result.
So somehow MySQL doenst;t or recognize the pass correctly or I'm sending the wrong sha1 hash?

Is it correct MySQL returns my local IP after the user in stead of its own IP?

Thanks a lot,

Regards John

Options: ReplyQuote

Written By
SHA1 handshake pass
September 18, 2017 02:58AM
September 19, 2017 03:08AM
September 21, 2017 05:15AM
September 25, 2017 02:16AM

Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.