Allow to dump passwords used during auth in debug builds #5168
Conversation
Summary of ChangesHello @JavierJF, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request enhances the debugging capabilities for MySQL authentication handshakes by introducing new utility functions for hexadecimal string conversion and leveraging them to provide more detailed and configurable password logging within debug builds. This allows developers to inspect authentication-related passwords, either masked or in hexadecimal format, depending on the configured debug verbosity level, thereby improving troubleshooting for authentication issues. Highlights
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
|
Can one of the admins verify this patch? |
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request enhances debug logging by allowing passwords to be dumped in HEX format. The introduction of hex and unhex utility functions is a good step towards centralizing this functionality. My review focuses on improving the performance of these new utility functions, fixing a bug in the new debug logging logic that could lead to truncated passwords, and correcting a minor typo.
JavierJF
force-pushed
the
v3.0-debug_log_pass
branch
from
b16ab4e to
aded5fc
Compare
…hake This message is dump with each call to 'process_pkt_handshake_response' printing the updated context. When the verbosity value for module 'debug_mysql_protocol' is >= 5, the stored and client supplied passwords will be dumped in HEX format, for values < 5, the passwords will be masked.
JavierJF
force-pushed
the
v3.0-debug_log_pass
branch
from
aded5fc to
4304b99
Compare
|
2 participants
An already present debug message in
process_pkt_handshake_responsehas been improved with further context, and with password information, both stored and client supplied. How passwords are dumped can be controlled, when the verbosity value for module 'debug_mysql_protocol' is >= 5, the stored and client supplied passwords will be dumped in HEX format, for values < 5, the passwords will be masked.