#include <auth_ldap_sasl_client.h>
|
| Sasl_client () |
|
| ~Sasl_client () |
|
int | initilize () |
|
void | set_plugin_info (MYSQL_PLUGIN_VIO *vio, MYSQL *mysql) |
|
void | interact (sasl_interact_t *ilist) |
|
int | read_method_name_from_server () |
| SASL method is send from the Mysql server, and this is set by the client. More...
|
|
int | sasl_start (char **client_output, int *client_output_length) |
|
int | sasl_step (char *server_in, int server_in_length, char **client_out, int *client_out_length) |
|
int | send_sasl_request_to_server (const unsigned char *request, int request_len, unsigned char **reponse, int *response_len) |
| send SASL request to the server and read the servers reply. More...
|
|
void | set_user_info (std::string name, std::string pwd) |
|
std::string | get_method () |
|
void | read_kerberos_user_name () |
|
◆ Sasl_client()
Sasl_client::Sasl_client |
( |
| ) |
|
◆ ~Sasl_client()
Sasl_client::~Sasl_client |
( |
| ) |
|
◆ get_method()
std::string Sasl_client::get_method |
( |
| ) |
|
◆ initilize()
int Sasl_client::initilize |
( |
| ) |
|
This method try to get kerberos TGT if user name and password are not empty. If method fails, We should not start SASL authentication process. Otherwise SASL authentication may consume existing TGT and authentication process will start.
Creating sasl connection.
Set security properties.
◆ interact()
void Sasl_client::interact |
( |
sasl_interact_t * |
ilist | ) |
|
◆ read_kerberos_user_name()
void Sasl_client::read_kerberos_user_name |
( |
| ) |
|
◆ read_method_name_from_server()
int Sasl_client::read_method_name_from_server |
( |
| ) |
|
SASL method is send from the Mysql server, and this is set by the client.
SASL client and sasl server may support many sasl authentication methods and can negotiate in anyone. We want to enforce the SASL authentication set by the client.
Get authentication method from the server.
◆ sasl_start()
int Sasl_client::sasl_start |
( |
char ** |
client_output, |
|
|
int * |
client_output_length |
|
) |
| |
◆ sasl_step()
int Sasl_client::sasl_step |
( |
char * |
server_in, |
|
|
int |
server_in_length, |
|
|
char ** |
client_out, |
|
|
int * |
client_out_length |
|
) |
| |
◆ send_sasl_request_to_server()
int Sasl_client::send_sasl_request_to_server |
( |
const unsigned char * |
request, |
|
|
int |
request_len, |
|
|
unsigned char ** |
response, |
|
|
int * |
response_len |
|
) |
| |
send SASL request to the server and read the servers reply.
wraps the SASL message in a MySQL packet and sends it to the server.
if sending to the server fails, the function fails. But if reading the reply fails, the *response_len will be 0.
- Parameters
-
[in] | request | pointer to the SASL request payload |
[in] | request_len | length of the request |
[out] | response | pointer to a location where the response buffers location shall be stored. |
[out] | response_len | pointer to a location where the length of the response buffer shall be stored. |
- Return values
-
1 | write failed. |
0 | write succeeded, but read may have failed. |
Send the request to the MySQL server.
Get the sasl response from the MySQL server.
◆ set_plugin_info()
◆ set_user_info()
void Sasl_client::set_user_info |
( |
std::string |
name, |
|
|
std::string |
pwd |
|
) |
| |
◆ m_connection
sasl_conn_t* Sasl_client::m_connection |
|
protected |
◆ m_ldap_server_host
std::string Sasl_client::m_ldap_server_host |
|
protected |
◆ m_mechanism
◆ m_mysql
MYSQL* Sasl_client::m_mysql |
|
protected |
◆ m_sasl_mechanism
◆ m_service_name
◆ m_user_name
◆ m_user_pwd
◆ m_vio
The documentation for this class was generated from the following files: