The Ultimate Guide to High Availability with MariaDB

Handshake

You are viewing an old version of this article. View the current version here.

Server handshake package

Fields

1          protocol version (0xA)
str_6      version prefix for MySQL replication = 5.5.5-
str_NUL    MariaDB server version
int_4      thread/connection id
str_8      authentication: scramble (1st part)
1            //reserved byte
int_2      server capabilities (1st part)
int_1      server default collation
int_2      status flags
int_2      server capabilities (2nd part)
int_1      length of 2nd scramble packet
if (server_capabilities & PLUGIN_AUTH) {
  int_1        plugin data length
} else {
  int_1        0x00
}
str_6    filler

if (server_capabilities & CLIENT_MYSQL) {
  str_4   filler
} else
  int_4    mariadb specific server capabilities  /* since 10.2 */

if (server_capabilities & CLIENT_SECURE_CONNECTION) {
  str        2nd scramble packet. Length = max(12, plugin data length - 9)
  1            //reserved byte
}

if (server_capabilities & PLUGIN_AUTH) {
  str_NUL    authentication plugin name
}

Client handshake response

If the client requests a TLS/SSL connection, first response will be an SSL connection request packet, then a handshake response packet. If no TLS is required, client send directly a handshake response packet.

SSL connection request packet

int_4      client capabilities
int_4      max packet size
int_1      client character collation
str_19     reserved
if !(server_capabilities & CLIENT_MYSQL)
  int_4    extended client capabilities
else
  str_4    reserved

handshake response packet

int_4      client capabilities
int_4      max packet size
int_1      client character collation
str_19     reserved
if !(server_capabilities & CLIENT_MYSQL)
  int_4    extended client capabilities
else
  str_4    reserved
str_NULL   username
if (server_capabilities & PLUGIN_AUTH_LENENC_CLIENT_DATA) {
  str_n    authentication data
} else if (server_capabilities & CLIENT_SECURE_CONNECTION) {
  int_1    length of authentication response
  str_n    authentication response
} else
  str_NUL  authentication response
if (server_capabilities & CLIENT_CONNECT_WITH_DB)
  str_NULL   default schema name
if (server_capabilities & CLIENT_PLUGIN_AUTH)
  str_NULL   authentication plugin name
if (server_capabilities & CLIENT_CONNECT_ATTRS) {
  int_LEC    size of connection attributes
  loop {
    str_LEC    key
    str_LEC    value
  }
}

Server authentication response

Authentication switch request

If client and server support CLIENT_AUTH capability, server may send a request to client to use another authentication plugin.

int_1      0xFE
str_NUL    authentication plugin name
str_NUL    authentication plugin data

If client or server doesn't support CLIENT_AUTH capability server sends only 0xFE - in this case client needs to use old_password_plugin.

int_1      0xFE

Comments

Comments loading...
Content reproduced on this site is the property of its respective owners, and this content is not reviewed in advance by MariaDB. The views, information and opinions expressed by this content do not necessarily represent those of MariaDB or any other party.