Oracle upgrade to 19.25 has broken OS authentication

[rwagnergit]

Prior to Oracle 19.25, this works:

` use DBI; use DBD::Oracle qw(:ora_session_modes);

$dbh = DBI->connect('DBI:Oracle:', '/', '', {ora_session_mode => ORA_SYSDBA, RaiseError => 1}) or die "Cannot connect to Oracle." . $DBI::errstr . "\n"; $sql = 'select 1 from dual'; ($count) = $dbh->selectrow_array ($sql); printf ("Count = %d\n",$count); $dbh->disconnect; `

perl test.pl Count = 1

After applying Oracle patch 36912597 (Oracle 19c Release Update October 2024), which takes the database home to 19.25, the above fails:

perl test.pl DBI connect('','/',...) failed: ORA-01005: null password given; logon denied (DBD ERROR: OCISessionBegin) at test.pl line 4.

I opened an SR with Oracle and they closed it saying they don't support Perl.

[rwagnergit]

OS authentication is documented at https://metacpan.org/pod/DBD::Oracle#OS-authentication

[p-is-for-pangolin]

Can you try using a blank username instead of '/'?

DBI->connect('DBI:Oracle:', '/', '', {ora_session_mode => ORA_SYSDBA}) and DBI->connect('DBI:Oracle:', '', '', {ora_session_mode => ORA_SYSDBA}) appear to have the exact same result in my pre-19.25 tests.

[rwagnergit]

Very interesting - that works. Even on 19.25.

[p-is-for-pangolin]

I'm way out of my league here, but from reading the code it looks like connect('/') results in calling OCISessionBegin( OCI_CRED_RDBMS, '/', '' ). Whereas connect('') results in calling OCISessionBegin( OCI_CRED_EXT ). I believe the latter is the correct Oracle-documented way to perform OS authentication, and maybe the former was an undocumented feature that stopped working in 19.25.

If DBD-Oracle wants to keep supporting its documented method of OS authentication it will need to work around this issue.

Note that ora_db_reauthenticate() in oci8.c may be similarly affected.