From 556b1023c452449e2a0df4739a0dbd02f59c120f Mon Sep 17 00:00:00 2001 From: Rahim Kanji Date: Fri, 9 Jan 2026 01:23:07 +0500 Subject: [PATCH] Removed change_user_auth_switch flag --- include/PgSQL_Session.h | 10 ---------- lib/PgSQL_Session.cpp | 19 ++----------------- 2 files changed, 2 insertions(+), 27 deletions(-) diff --git a/include/PgSQL_Session.h b/include/PgSQL_Session.h index 55b156429..098ddd14b 100644 --- a/include/PgSQL_Session.h +++ b/include/PgSQL_Session.h @@ -528,16 +528,6 @@ public: //bool started_sending_data_to_client; // this status variable tracks if some result set was sent to the client, or if proxysql is still buffering everything bool use_ssl; #endif // 0 - /** - * @brief This status variable tracks whether the session is performing an - * 'Auth Switch' due to a 'COM_CHANGE_USER' packet. - * @details It becomes 'true' when the packet is detected and processed by: - * - 'MySQL_Protocol::process_pkt_COM_CHANGE_USER' - * It's reset before sending the final response for 'Auth Switch' to the client by: - * - 'PgSQL_Session::handler___status_CONNECTING_CLIENT___STATE_SERVER_HANDSHAKE' - * This flag was introduced for issue #3504. - */ - bool change_user_auth_switch; // MySQL_STMTs_meta* sess_STMTs_meta; // StmtLongDataHandler* SLDH; diff --git a/lib/PgSQL_Session.cpp b/lib/PgSQL_Session.cpp index d835bb282..919bfd882 100644 --- a/lib/PgSQL_Session.cpp +++ b/lib/PgSQL_Session.cpp @@ -269,7 +269,6 @@ PgSQL_Session::PgSQL_Session() { active_transactions = 0; use_ssl = false; - change_user_auth_switch = false; match_regexes = NULL; copy_cmd_matcher = NULL; @@ -3475,20 +3474,7 @@ void PgSQL_Session::handler___status_CONNECTING_CLIENT___STATE_SERVER_HANDSHAKE( } free(addr); free(client_addr); - } - else { - uint8_t _pid = 2; - if (client_myds->switching_auth_stage) _pid += 2; - if (is_encrypted) _pid++; - // If this condition is met, it means that the - // 'STATE_SERVER_HANDSHAKE' being performed isn't from the start of a - // connection, but as a consequence of a 'COM_USER_CHANGE' which - // requires an 'Auth Switch'. Thus, we impose a 'pid' of '3' for the - // response 'OK' packet. See #3504 for more context. - if (change_user_auth_switch) { - _pid = 3; - change_user_auth_switch = 0; - } + } else { if (use_ssl == true && is_encrypted == false) { *wrong_pass = true; GloPgSQL_Logger->log_audit_entry(PGSQL_LOG_EVENT_TYPE::AUTH_ERR, this, NULL); @@ -3503,8 +3489,7 @@ void PgSQL_Session::handler___status_CONNECTING_CLIENT___STATE_SERVER_HANDSHAKE( __sync_add_and_fetch(&PgHGM->status.client_connections_aborted, 1); free(_s); __sync_fetch_and_add(&PgHGM->status.access_denied_wrong_password, 1); - } - else { + } else { // we are good! //client_myds->myprot.generate_pkt_OK(true,NULL,NULL, (is_encrypted ? 3 : 2), 0,0,0,0,NULL,false); proxy_debug(PROXY_DEBUG_MYSQL_CONNECTION, 8, "Session=%p , DS=%p . STATE_CLIENT_AUTH_OK\n", this, client_myds);