1/************************************************************************************
2 Copyright (C) 2014,2015,2018 MariaDB Corporation AB
3
4 This library is free software; you can redistribute it and/or
5 modify it under the terms of the GNU Library General Public
6 License as published by the Free Software Foundation; either
7 version 2 of the License, or (at your option) any later version.
8
9 This library is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 Library General Public License for more details.
13
14 You should have received a copy of the GNU Library General Public
15 License along with this library; if not see <http://www.gnu.org/licenses>
16 or write to the Free Software Foundation, Inc.,
17 51 Franklin St., Fifth Floor, Boston, MA 02110, USA
18*************************************************************************************/
19#include <ma_global.h>
20#include <mysql.h>
21#include <mysql/client_plugin.h>
22#include <string.h>
23#include <memory.h>
24#include <errmsg.h>
25
26
27/* function prototypes */
28static int auth_old_password(MYSQL_PLUGIN_VIO *vio, MYSQL *mysql);
29
30typedef struct st_mysql_client_plugin_AUTHENTICATION auth_plugin_t;
31
32typedef struct {
33 int (*read_packet)(struct st_plugin_vio *vio, uchar **buf);
34 int (*write_packet)(struct st_plugin_vio *vio, const uchar *pkt, size_t pkt_len);
35 void (*info)(struct st_plugin_vio *vio, struct st_plugin_vio_info *info);
36 /* -= end of MYSQL_PLUGIN_VIO =- */
37 MYSQL *mysql;
38 auth_plugin_t *plugin; /**< what plugin we're under */
39 const char *db;
40 struct {
41 uchar *pkt; /**< pointer into NET::buff */
42 uint pkt_len;
43 } cached_server_reply;
44 uint packets_read, packets_written; /**< counters for send/received packets */
45 my_bool mysql_change_user; /**< if it's mysql_change_user() */
46 int last_read_packet_len; /**< the length of the last *read* packet */
47} MCPVIO_EXT;
48
49#ifndef PLUGIN_DYNAMIC
50struct st_mysql_client_plugin_AUTHENTICATION mysql_old_password_client_plugin=
51#else
52struct st_mysql_client_plugin_AUTHENTICATION _mysql_client_plugin_declaration_ =
53#endif
54{
55 MYSQL_CLIENT_AUTHENTICATION_PLUGIN,
56 MYSQL_CLIENT_AUTHENTICATION_PLUGIN_INTERFACE_VERSION,
57 "mysql_old_password",
58 "Sergei Golubchik, R.J. Silk, Georg Richter",
59 "Old (pre 4.1) authentication plugin",
60 {1,0,0},
61 "LGPL",
62 NULL,
63 NULL,
64 NULL,
65 NULL,
66 auth_old_password
67};
68
69/**
70 client authentication plugin that does old MySQL authentication
71 using an 8-byte (4.0-) scramble
72*/
73
74static int auth_old_password(MYSQL_PLUGIN_VIO *vio, MYSQL *mysql)
75{
76 uchar *pkt;
77 int pkt_len;
78
79 if (((MCPVIO_EXT *)vio)->mysql_change_user)
80 {
81 /*
82 in mysql_change_user() the client sends the first packet.
83 we use the old scramble.
84 */
85 pkt= (uchar*)mysql->scramble_buff;
86 pkt_len= SCRAMBLE_LENGTH_323 + 1;
87 }
88 else
89 {
90 /* read the scramble */
91 if ((pkt_len= vio->read_packet(vio, &pkt)) < 0)
92 return CR_ERROR;
93
94 if (pkt_len != SCRAMBLE_LENGTH_323 + 1 &&
95 pkt_len != SCRAMBLE_LENGTH + 1)
96 return CR_SERVER_HANDSHAKE_ERR;
97
98 /* save it in MYSQL */
99 memmove(mysql->scramble_buff, pkt, pkt_len);
100 mysql->scramble_buff[pkt_len] = 0;
101 }
102
103 if (mysql && mysql->passwd[0])
104 {
105 char scrambled[SCRAMBLE_LENGTH_323 + 1];
106 ma_scramble_323(scrambled, (char*)pkt, mysql->passwd);
107 if (vio->write_packet(vio, (uchar*)scrambled, SCRAMBLE_LENGTH_323 + 1))
108 return CR_ERROR;
109 }
110 else
111 if (vio->write_packet(vio, 0, 0)) /* no password */
112 return CR_ERROR;
113
114 return CR_OK;
115}
116
117
118
119