Update Dependencies (#349)

* github.com/russross/meddler v1.0.0 -> v1.0.1 * github.com/gin-gonic/gin v1.6.3 -> v1.7.4 * github.com/go-sql-driver/mysql v1.5.0 -> v1.6.0 * github.com/sirupsen/logrus v1.6.0 -> v1.8.1 * github.com/rs/zerolog v1.18.0 -> v1.25.0
2025-10-28 18:29:58 +00:00 · 2021-09-24 18:39:57 +02:00
parent 0bd10fa507
commit 4df9c8d6a5
495 changed files with 39456 additions and 29666 deletions
--- a/vendor/github.com/go-sql-driver/mysql/auth.go
+++ b/vendor/github.com/go-sql-driver/mysql/auth.go
@@ -15,6 +15,7 @@ import (
 	"crypto/sha256"
 	"crypto/x509"
 	"encoding/pem"
+	"fmt"
 	"sync"
 )

@@ -136,10 +137,6 @@ func pwHash(password []byte) (result [2]uint32) {

 // Hash password using insecure pre 4.1 method
 func scrambleOldPassword(scramble []byte, password string) []byte {
-	if len(password) == 0 {
-		return nil
-	}
-
 	scramble = scramble[:8]

 	hashPw := pwHash([]byte(password))
@@ -247,6 +244,9 @@ func (mc *mysqlConn) auth(authData []byte, plugin string) ([]byte, error) {
 		if !mc.cfg.AllowOldPasswords {
 			return nil, ErrOldPassword
 		}
+		if len(mc.cfg.Passwd) == 0 {
+			return nil, nil
+		}
 		// Note: there are edge cases where this should work but doesn't;
 		// this is currently "wontfix":
 		// https://github.com/go-sql-driver/mysql/issues/184
@@ -372,7 +372,10 @@ func (mc *mysqlConn) handleAuthResult(oldAuthData []byte, plugin string) error {
 							return err
 						}

-						block, _ := pem.Decode(data[1:])
+						block, rest := pem.Decode(data[1:])
+						if block == nil {
+							return fmt.Errorf("No Pem data found, data: %s", rest)
+						}
 						pkix, err := x509.ParsePKIXPublicKey(block.Bytes)
 						if err != nil {
 							return err