MXS-2633 Fix PAM authentication support with server version 10.4

The new server pam plugin does not always send the first password prompt with the
AuthSwitchRequest-packet. In this case the server expects the client (MaxScale) to
just send the password immediately. MaxScale now checks the length of the packet,
sending the password if the packet is short. This works with both old and new server
versions.

server/modules/authenticator/PAM/PAMBackendAuth/pam_backend_session.cc

@@ -211,15 +211,34 @@ bool PamBackendSession::extract(DCB* dcb, GWBUF* buffer)
     switch (m_state)
     {
         case State::INIT:
-        // Server should have sent the AuthSwitchRequest + 1st prompt
-        if (parse_authswitchreq(&data_ptr, end_ptr)
-            && parse_password_prompt(&data_ptr, end_ptr))
+        // Server should have sent the AuthSwitchRequest. If server version is 10.4, the server may not
+        // send a prompt. Older versions add the first prompt to the same packet.
+        if (parse_authswitchreq(&data_ptr, end_ptr))
         {
-            m_state = State::RECEIVED_PROMPT;
-            success = true;
+            if (end_ptr > data_ptr)
+            {
+                if (parse_password_prompt(&data_ptr, end_ptr))
+                {
+                    m_state = State::RECEIVED_PROMPT;
+                    success = true;
+                }
+                else
+                {
+                    // Password prompt should have been there, but was not.
+                    unexpected_data = true;
+                }
+            }
+            else
+            {
+                // Just the AuthSwitchRequest, this is ok. The server now expects a password so set state
+                // accordingly.
+                m_state = State::RECEIVED_PROMPT;
+                success = true;
+            }
         }
         else
         {
+            // No AuthSwitchRequest, error.
             unexpected_data = true;
         }
         break;