Fix authentication to Tarantool >= 2.10

oleg-jukovec · Ivan Keberlein · oleg-jukovec · commit 1324c35f0cae · 2024-06-25T13:18:15.000+03:00
The authentication method is checked on the server-side since Tarantool 2.11 [1]. In fact, this has been required before [2]. So we need to add the authorization method value into the AUTH_REQUEST. 1. tarantool/tarantool@b5754d3 2. https://www.tarantool.io/en/doc/1.10/dev_guide/internals_index/#authentication Co-authored-by: Ivan Keberlein <i.keberleyn@it.ecommpay.com>
diff --git a/src/third_party/tp.h b/src/third_party/tp.h
@@ -715,6 +715,9 @@ enum tp_request_type {
 
 static const uint32_t SCRAMBLE_SIZE = 20;
 
+static const char* CHAP_SHA1_AUTH_METHOD = "chap-sha1";
+static const uint32_t CHAP_SHA1_AUTH_METHOD_SIZE = 9;
+
 /**
  * Receive greetings from the server.
  * Note, the input buffer is not copied,
@@ -1289,7 +1292,7 @@ tp_auth(struct tp *p, const char *salt_base64, const char *user, int ulen, const
 		mp_sizeof_uint(TP_TUPLE);
 	if (!nopass)
 		sz += mp_sizeof_array(2) +
-		      mp_sizeof_str(0) +
+		      mp_sizeof_str(CHAP_SHA1_AUTH_METHOD_SIZE) +
 		      mp_sizeof_str(SCRAMBLE_SIZE);
 	else
 		sz += mp_sizeof_array(0);
@@ -1310,7 +1313,7 @@ tp_auth(struct tp *p, const char *salt_base64, const char *user, int ulen, const
 	h = mp_encode_uint(h, TP_TUPLE);
 	if (!nopass) {
 		h = mp_encode_array(h, 2);
-		h = mp_encode_str(h, 0, 0);
+		h = mp_encode_str(h, CHAP_SHA1_AUTH_METHOD, CHAP_SHA1_AUTH_METHOD_SIZE);
 
 		// char salt[64];
 		zend_string *salt = NULL;
diff --git a/test/CreateTest.php b/test/CreateTest.php
@@ -107,8 +107,8 @@ public function test_06_bad_credentials() {
         $this->assertTrue($c->ping());
 
         $this->expectException(TarantoolClientError::class);
-        $this->expectExceptionMessage(
-            'Incorrect password supplied for user');
+        $this->expectExceptionMessageMatches(
+            '/(Incorrect password supplied for user)|(User not found or supplied credentials are invalid)/');
         $c->authenticate('test', 'bad_password');
     }
 
@@ -118,8 +118,8 @@ public function test_07_bad_guest_credentials() {
         $this->assertTrue($c->ping());
 
         $this->expectException(TarantoolClientError::class);
-        $this->expectExceptionMessage(
-            'Incorrect password supplied for user');
+        $this->expectExceptionMessageMatches(
+            '/(Incorrect password supplied for user)|(User not found or supplied credentials are invalid)/');
         $c->authenticate('guest', 'guest');
     }
 
