1 | /************************************************************************************ |
2 | Copyright (C) 2014,2015,2018 MariaDB Corporation AB |
3 | |
4 | This library is free software; you can redistribute it and/or |
5 | modify it under the terms of the GNU Library General Public |
6 | License as published by the Free Software Foundation; either |
7 | version 2 of the License, or (at your option) any later version. |
8 | |
9 | This library is distributed in the hope that it will be useful, |
10 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
11 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
12 | Library General Public License for more details. |
13 | |
14 | You should have received a copy of the GNU Library General Public |
15 | License along with this library; if not see <http://www.gnu.org/licenses> |
16 | or write to the Free Software Foundation, Inc., |
17 | 51 Franklin St., Fifth Floor, Boston, MA 02110, USA |
18 | *************************************************************************************/ |
19 | #include <ma_global.h> |
20 | #include <mysql.h> |
21 | #include <mysql/client_plugin.h> |
22 | #include <string.h> |
23 | #include <memory.h> |
24 | #include <errmsg.h> |
25 | |
26 | |
27 | /* function prototypes */ |
28 | static int auth_old_password(MYSQL_PLUGIN_VIO *vio, MYSQL *mysql); |
29 | |
30 | typedef struct st_mysql_client_plugin_AUTHENTICATION auth_plugin_t; |
31 | |
32 | typedef struct { |
33 | int (*read_packet)(struct st_plugin_vio *vio, uchar **buf); |
34 | int (*write_packet)(struct st_plugin_vio *vio, const uchar *pkt, size_t pkt_len); |
35 | void (*info)(struct st_plugin_vio *vio, struct st_plugin_vio_info *info); |
36 | /* -= end of MYSQL_PLUGIN_VIO =- */ |
37 | MYSQL *mysql; |
38 | auth_plugin_t *plugin; /**< what plugin we're under */ |
39 | const char *db; |
40 | struct { |
41 | uchar *pkt; /**< pointer into NET::buff */ |
42 | uint pkt_len; |
43 | } cached_server_reply; |
44 | uint packets_read, packets_written; /**< counters for send/received packets */ |
45 | my_bool mysql_change_user; /**< if it's mysql_change_user() */ |
46 | int last_read_packet_len; /**< the length of the last *read* packet */ |
47 | } MCPVIO_EXT; |
48 | |
49 | #ifndef PLUGIN_DYNAMIC |
50 | struct st_mysql_client_plugin_AUTHENTICATION mysql_old_password_client_plugin= |
51 | #else |
52 | struct st_mysql_client_plugin_AUTHENTICATION _mysql_client_plugin_declaration_ = |
53 | #endif |
54 | { |
55 | MYSQL_CLIENT_AUTHENTICATION_PLUGIN, |
56 | MYSQL_CLIENT_AUTHENTICATION_PLUGIN_INTERFACE_VERSION, |
57 | "mysql_old_password" , |
58 | "Sergei Golubchik, R.J. Silk, Georg Richter" , |
59 | "Old (pre 4.1) authentication plugin" , |
60 | {1,0,0}, |
61 | "LGPL" , |
62 | NULL, |
63 | NULL, |
64 | NULL, |
65 | NULL, |
66 | auth_old_password |
67 | }; |
68 | |
69 | /** |
70 | client authentication plugin that does old MySQL authentication |
71 | using an 8-byte (4.0-) scramble |
72 | */ |
73 | |
74 | static int auth_old_password(MYSQL_PLUGIN_VIO *vio, MYSQL *mysql) |
75 | { |
76 | uchar *pkt; |
77 | int pkt_len; |
78 | |
79 | if (((MCPVIO_EXT *)vio)->mysql_change_user) |
80 | { |
81 | /* |
82 | in mysql_change_user() the client sends the first packet. |
83 | we use the old scramble. |
84 | */ |
85 | pkt= (uchar*)mysql->scramble_buff; |
86 | pkt_len= SCRAMBLE_LENGTH_323 + 1; |
87 | } |
88 | else |
89 | { |
90 | /* read the scramble */ |
91 | if ((pkt_len= vio->read_packet(vio, &pkt)) < 0) |
92 | return CR_ERROR; |
93 | |
94 | if (pkt_len != SCRAMBLE_LENGTH_323 + 1 && |
95 | pkt_len != SCRAMBLE_LENGTH + 1) |
96 | return CR_SERVER_HANDSHAKE_ERR; |
97 | |
98 | /* save it in MYSQL */ |
99 | memmove(mysql->scramble_buff, pkt, pkt_len - 1); |
100 | mysql->scramble_buff[pkt_len - 1] = 0; |
101 | } |
102 | |
103 | if (mysql && mysql->passwd[0]) |
104 | { |
105 | char scrambled[SCRAMBLE_LENGTH_323 + 1]; |
106 | ma_scramble_323(scrambled, (char*)pkt, mysql->passwd); |
107 | if (vio->write_packet(vio, (uchar*)scrambled, SCRAMBLE_LENGTH_323 + 1)) |
108 | return CR_ERROR; |
109 | } |
110 | else |
111 | if (vio->write_packet(vio, 0, 0)) /* no password */ |
112 | return CR_ERROR; |
113 | |
114 | return CR_OK; |
115 | } |
116 | |
117 | |
118 | |
119 | |