Handshake
You are viewing an old version of this article. View
the current version here.
Server handshake package
Initial handshake packet
1 protocol version (0xA) str_6 version prefix for MySQL replication = 5.5.5- str_NUL MariaDB server version int_4 thread/connection id str_8 authentication: scramble (1st part) 1 //reserved byte int_2 server capabilities (1st part) int_1 server default collation int_2 status flags int_2 server capabilities (2nd part) int_1 length of 2nd scramble packet if (server_capabilities & PLUGIN_AUTH) { int_1 plugin data length } else { int_1 0x00 } str_6 filler if (server_capabilities & CLIENT_MYSQL) { str_4 filler } else int_4 mariadb specific server capabilities /* since 10.2 */ if (server_capabilities & CLIENT_SECURE_CONNECTION) { str 2nd scramble packet. Length = max(12, plugin data length - 9) 1 //reserved byte } if (server_capabilities & PLUGIN_AUTH) { str_NUL authentication plugin name }
Client handshake response
If the client requests a TLS/SSL connection, first response will be an SSL connection request packet, then a handshake response packet. If no TLS is required, client send directly a handshake response packet.
SSL connection request packet
int_4 client capabilities int_4 max packet size int_1 client character collation str_19 reserved if !(server_capabilities & CLIENT_MYSQL) int_4 extended client capabilities else str_4 reserved
handshake response packet
int_4 client capabilities int_4 max packet size int_1 client character collation str_19 reserved if !(server_capabilities & CLIENT_MYSQL) int_4 extended client capabilities else str_4 reserved str_NULL username if (server_capabilities & PLUGIN_AUTH_LENENC_CLIENT_DATA) { str_n authentication data } else if (server_capabilities & CLIENT_SECURE_CONNECTION) { int_1 length of authentication response str_n authentication response } else str_NUL authentication response if (server_capabilities & CLIENT_CONNECT_WITH_DB) str_NULL default schema name if (server_capabilities & CLIENT_PLUGIN_AUTH) str_NULL authentication plugin name if (server_capabilities & CLIENT_CONNECT_ATTRS) { int_LEC size of connection attributes loop { str_LEC key str_LEC value } }
Server authentication response
Authentication switch request
If client and server support CLIENT_AUTH capability, server may send a request to client to use another authentication plugin.
int_1 0xFE str_NUL authentication plugin name str_NUL authentication plugin data
If client or server doesn't support CLIENT_AUTH capability server sends only 0xFE - in this case client needs to use old_password_plugin.
int_1 0xFE
Capabilities
Server and Client have different capabilities, here is the possibles values.
client with capabilities CLIENT_MYSQL + CONNECT_WITH_DB will have a value of 9 (1 + 8).
CLIENT_MYSQL | 1 | |
---|---|---|
FOUND_ROWS | 2 | |
CONNECT_WITH_DB | 8 | One can specify db on connect |
COMPRESS | 32 | Can use compression protocol |
LOCAL_FILES | 128 | Can use LOAD DATA LOCAL |
IGNORE_SPACE | 256 | Ignore spaces before '(' |
CLIENT_PROTOCOL_41 | 1 << 9 | 4.1 protocol |
CLIENT_INTERACTIVE | 1 << 10 | |
SSL | 1 << 11 | Can use SSL |
TRANSACTIONS | 1 << 12 | |
SECURE_CONNECTION | 1 << 13 | 4.1 authentication |
MULTI_STATEMENTS | 1 << 16 | Enable/disable multi-stmt support |
MULTI_RESULTS | 1 << 17 | Enable/disable multi-results |
PS_MULTI_RESULTS | 1 << 18 | Enable/disable multi-results for PrepareStatement |
PLUGIN_AUTH | 1 << 19 | Client supports plugin authentication |
CONNECT_ATTRS | 1 << 20 | Client send connection attributes |
PLUGIN_AUTH_LENENC_CLIENT_DATA | 1 << 21 | authentication data length is a length auth integer |
MARIADB_CLIENT_PROGRESS | 1 << 32 | Client support progress indicator (since 10.2) |
MARIADB_CLIENT_COM_MULTI | 1 << 33 | Permit COM_MULTI protocol |
Comments
Comments loading...
Content reproduced on this site is the property of its respective owners,
and this content is not reviewed in advance by MariaDB. The views, information and opinions
expressed by this content do not necessarily represent those of MariaDB or any other party.