COM_CHANGE_USER

COM_CHANGE_USER resets the connection and re-authenticates with the given credentials. The packet is identical to the authentication packet in the connection handshake.

Fields

  • int<1> 0x11 : COM_CHANGE_USER header.

  • string username.

  • If (server_capabilities & CLIENT_SECURE_CONNECTION):

    • int<1> length of authentication response.

    • string authentication response.

  • Else:

    • string authentication response.

  • string default schema name.

  • int<2> client character collation.

  • If (server_capabilities & CLIENT_PLUGIN_AUTH):

    • string authentication plugin name.

  • If (server_capabilities & CLIENT_CONNECT_ATTRS):

Response

Server response is like connection authentication :

  • An OK packet in case of success OK_Packet.

  • An error packet in case of error ERR_Packet.

  • Authentication switch:

    • If the client or server doesn't have PLUGIN_AUTH capability:

      • Server sends 0xFE byte.

      • Client sends old_password.

    • Else:

    • Authentication switch ends with server sending either OK_Packet or ERR_Packet.

If the authentication fails more than three times, all future COM_CHANGE_USER commands on the connection will return the #08S01 Unknown command error. This is an anti-brute-force mechanism designed to prevent rapid guessing of passwords.

This page is licensed: CC BY-SA / Gnu FDL

Last updated

Was this helpful?