upstream/haproxy
1
0
Fork 0
mirror of https://github.com/haproxy/haproxy.git synced 2026-02-03 20:39:41 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 8
haproxy/doc
History
Hyeonggeun Oh 2527d9dcd1
Some checks are pending
Contrib / build (push) Waiting to run
Details
alpine/musl / gcc (push) Waiting to run
Details
VTest / Generate Build Matrix (push) Waiting to run
Details
VTest / (push) Blocked by required conditions
Details
Windows / Windows, gcc, all features (push) Waiting to run
Details
MEDIUM: tcpcheck: add post-80 option for mysql-check to support MySQL 8.x 
This patch adds a new 'post-80' option that sets the
CLIENT_PLUGIN_AUTH (0x00080000) capability flag
and explicitly specifies mysql_native_password as
the authentication plugin in the handshake response.

This patch also addes documentation content for post-80 option
support in MySQL 8.x version. Which handles new default auth
plugin caching_sha2_password.

MySQL 8.0 changed the default authentication plugin from
mysql_native_password to caching_sha2_password.
The current mysql-check implementation only supports pre-41
and post-41 client auth protocols, which lack the CLIENT_PLUGIN_AUTH
capability flag. When HAProxy sends a post-41 authentication
packet to a MySQL 8.x server, the server responds with error 1251:
"Client does not support authentication protocol requested by server".

The new client capabilities for post-80 are:
- CLIENT_PROTOCOL_41 (0x00000200)
- CLIENT_SECURE_CONNECTION (0x00008000)
- CLIENT_PLUGIN_AUTH (0x00080000)

Usage example:
backend mysql_servers
	option mysql-check user haproxy post-80
	server db1 192.168.1.10:3306 check

The health check user must be created with mysql_native_password:
CREATE USER 'haproxy'@'%' IDENTIFIED WITH mysql_native_password BY '';

This addresses https://github.com/haproxy/haproxy/issues/2934.
2026-02-03 07:36:53 +01:00
..
design-thoughts CLEANUP: assorted typo fixes in the code and comments 2025-04-02 11:12:20 +02:00
internals DOC: internals: cleanup few typos in master-worker documentation 2026-01-29 18:44:40 +01:00
lua-api CLEANUP: assorted typo fixes in the code, commits and doc 2025-07-10 19:49:48 +02:00
51Degrees-device-detection.txt DOC: 51d: updated 51Degrees repo URL for v3.2.10 2023-11-23 16:26:13 +01:00
acl.fig [DOC] add diagrams of queuing and future ACL design 2009-02-22 16:46:38 +01:00
coding-style.txt DOC: fix typos in the documentation files 2026-01-20 08:15:28 +01:00
configuration.txt MEDIUM: tcpcheck: add post-80 option for mysql-check to support MySQL 8.x 2026-02-03 07:36:53 +01:00
cookie-options.txt DOC: fix a few typos in the documentation 2018-11-18 22:23:15 +01:00
DeviceAtlas-device-detection.txt DOC: deviceatlas build clarifications 2025-07-03 09:08:06 +02:00
gpl.txt [LICENSE] licensing clarifications 2006-06-15 21:48:13 +02:00
haproxy.1 DOC: add description of pidfile in master-worker mode 2020-08-26 18:40:53 +02:00
HAProxyCommunityEdition_60px.png DOC: replace the README by a markdown version 2024-05-30 13:53:46 +02:00
intro.txt DOC: fix typos in the documentation files 2026-01-20 08:15:28 +01:00
lgpl.txt [LICENSE] licensing clarifications 2006-06-15 21:48:13 +02:00
linux-syn-cookies.txt DOC: add doc/linux-syn-cookies.txt 2015-08-11 12:17:41 +02:00
lua.txt [RELEASE] Released version 3.1-dev6 2024-08-21 17:50:03 +02:00
management.txt DOC: fix mismatched quotes typos around words in the documentation files 2026-01-20 08:15:41 +01:00
netscaler-client-ip-insertion-protocol.txt DOC: fix typos 2019-05-25 07:34:24 +02:00
network-namespaces.txt MAJOR: namespace: add Linux network namespace support 2014-11-21 07:51:57 +01:00
peers-v2.0.txt MEDIUM: stick-tables: add a new stored type for glitch_cnt and glitch_rate 2024-02-08 15:51:49 +01:00
peers.txt CLEANUP: assorted typo fixes in the code and comments 2022-12-07 09:08:18 +01:00
proxy-protocol.txt DOC: proxy-protocol: Add SSL client certificate TLV 2026-01-20 08:11:19 +01:00
queuing.fig [DOC] add diagrams of queuing and future ACL design 2009-02-22 16:46:38 +01:00
regression-testing.txt DOC: reg-tests: update VTest upstream link in the starting guide 2026-01-26 13:56:13 +01:00
seamless_reload.txt CLEANUP: removed obsolete examples an move a few to better places 2019-06-15 21:25:06 +02:00
SOCKS4.protocol.txt MEDIUM: connection: Upstream SOCKS4 proxy support 2019-05-31 17:24:06 +02:00
SPOE.txt CLEANUP: assorted typo fixes in the code, commits and doc 2025-04-03 11:37:25 +02:00
WURFL-device-detection.txt CONTRIB: move src/wurfl.c and contrib/wurfl to addons/wurfl 2021-04-02 17:48:42 +02:00