1#ifndef MYSQL_PLUGIN_AUTH_INCLUDED
2/* Copyright (C) 2010 Sergei Golubchik and Monty Program Ab
3 Copyright (c) 2010, Oracle and/or its affiliates.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
17
18/**
19 @file
20
21 Authentication Plugin API.
22
23 This file defines the API for server authentication plugins.
24*/
25
26#define MYSQL_PLUGIN_AUTH_INCLUDED
27
28#include <mysql/plugin.h>
29
30#define MYSQL_AUTHENTICATION_INTERFACE_VERSION 0x0201
31
32#include <mysql/plugin_auth_common.h>
33
34#ifdef __cplusplus
35extern "C" {
36#endif
37
38/* defines for MYSQL_SERVER_AUTH_INFO.password_used */
39
40#define PASSWORD_USED_NO 0
41#define PASSWORD_USED_YES 1
42#define PASSWORD_USED_NO_MENTION 2
43
44
45/**
46 Provides server plugin access to authentication information
47*/
48typedef struct st_mysql_server_auth_info
49{
50 /**
51 User name as sent by the client and shown in USER().
52 NULL if the client packet with the user name was not received yet.
53 */
54 const char *user_name;
55
56 /**
57 Length of user_name
58 */
59 unsigned int user_name_length;
60
61 /**
62 A corresponding column value from the mysql.user table for the
63 matching account name
64 */
65 const char *auth_string;
66
67 /**
68 Length of auth_string
69 */
70 unsigned long auth_string_length;
71
72 /**
73 Matching account name as found in the mysql.user table.
74 A plugin can override it with another name that will be
75 used by MySQL for authorization, and shown in CURRENT_USER()
76 */
77 char authenticated_as[MYSQL_USERNAME_LENGTH+1];
78
79
80 /**
81 The unique user name that was used by the plugin to authenticate.
82 Not used by the server.
83 Available through the @@EXTERNAL_USER variable.
84 */
85 char external_user[MYSQL_USERNAME_LENGTH+1];
86
87 /**
88 This only affects the "Authentication failed. Password used: %s"
89 error message. has the following values :
90 0 : %s will be NO.
91 1 : %s will be YES.
92 2 : there will be no %s.
93 Set it as appropriate or ignore at will.
94 */
95 int password_used;
96
97 /**
98 Set to the name of the connected client host, if it can be resolved,
99 or to its IP address otherwise.
100 */
101 const char *host_or_ip;
102
103 /**
104 Length of host_or_ip
105 */
106 unsigned int host_or_ip_length;
107
108 /**
109 Current THD pointer (to use with various services)
110 */
111 MYSQL_THD thd;
112
113} MYSQL_SERVER_AUTH_INFO;
114
115/**
116 Server authentication plugin descriptor
117*/
118struct st_mysql_auth
119{
120 int interface_version; /**< version plugin uses */
121 /**
122 A plugin that a client must use for authentication with this server
123 plugin. Can be NULL to mean "any plugin".
124 */
125 const char *client_auth_plugin;
126 /**
127 Function provided by the plugin which should perform authentication (using
128 the vio functions if necessary) and return 0 if successful. The plugin can
129 also fill the info.authenticated_as field if a different username should be
130 used for authorization.
131 */
132 int (*authenticate_user)(MYSQL_PLUGIN_VIO *vio, MYSQL_SERVER_AUTH_INFO *info);
133};
134
135#ifdef __cplusplus
136}
137#endif
138
139#endif
140
141