MySQL 8.0.39
Source Code Documentation
client_async_authentication.h
Go to the documentation of this file.
1/* Copyright (c) 2019, 2024, Oracle and/or its affiliates.
2
3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the GNU General Public License, version 2.0,
5 as published by the Free Software Foundation.
6
7 This program is designed to work with certain software (including
8 but not limited to OpenSSL) that is licensed under separate terms,
9 as designated in a particular file or component or in included license
10 documentation. The authors of MySQL hereby grant you an additional
11 permission to link the program and your derivative works with the
12 separately licensed software that they have either included with
13 the program or referenced in the documentation.
14
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License, version 2.0, for more details.
19
20 You should have received a copy of the GNU General Public License
21 along with this program; if not, write to the Free Software
22 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
23#ifndef SQL_COMMON_CLIENT_ASYNC_AUTHENTICATION_H
24#define SQL_COMMON_CLIENT_ASYNC_AUTHENTICATION_H
25
26#define MAX_CIPHER_LENGTH 1024
27
28#include <openssl/ossl_typ.h>
29#include <openssl/pem.h>
30#include <openssl/rsa.h>
31
33#include "mysql_async.h"
34#include "mysql_com.h"
35
36/* this is a "superset" of MYSQL_PLUGIN_VIO, in C++ I use inheritance */
37struct MCPVIO_EXT {
39 int (*write_packet)(MYSQL_PLUGIN_VIO *vio, const uchar *pkt, int pkt_len);
42 unsigned char **buf, int *result);
44 const unsigned char *pkt,
45 int pkt_len, int *result);
46
47 /* -= end of MYSQL_PLUGIN_VIO =- */
49 auth_plugin_t *plugin; /**< what plugin we're under */
50 const char *db;
51 struct {
52 uchar *pkt; /**< pointer into NET::buff */
54 /** a flag indicating that pkt, pkt_len contain valid packet to be reused */
57 int packets_read, packets_written; /**< counters for send/received packets */
58 int mysql_change_user; /**< if it's mysql_change_user() */
59 int last_read_packet_len; /**< the length of the last *read* packet */
60};
61
62/* Our state machines have four simple return codes: */
64 STATE_MACHINE_FAILED, /* Completion with a failure. */
65 STATE_MACHINE_CONTINUE, /* Keep calling the state machine. */
66 STATE_MACHINE_WOULD_BLOCK, /* Needs to block to continue. */
67 STATE_MACHINE_DONE /* Completion with a success. */
68};
69
70/* state machine for native password autheintication API */
74};
75
82};
83
92};
93
94/* A state machine for authentication itself. */
95struct mysql_async_auth;
97
100#if OPENSSL_VERSION_NUMBER >= 0x30000000L
101 EVP_PKEY *public_key;
102#else /* OPENSSL_VERSION_NUMBER >= 0x30000000L */
104#endif /* OPENSSL_VERSION_NUMBER >= 0x30000000L */
107};
108
112
113 char *data;
115 /** set to mysql_async_connect::scramble_plugin */
116 const char *data_plugin;
117 const char *db;
118
119 const char *auth_plugin_name;
123 int res;
124
127
128 /** Used by caching_sha256_password plugin */
132
134};
135
136/*
137 Connection is handled with a state machine. Each state is
138 represented by a function pointer (csm_function) which returns
139 a mysql_state_machine_status to indicate the state of the
140 connection.
141 This state machine has boundaries around network IO to allow
142 reuse between blocking and non-blocking clients.
143*/
146
147/*
148 define different states of an asynchronous SSL connection phase
149*/
154 SSL_NONE = 8103
156
157/*
158 Struct to track the state of a connection being established. Once
159 the connection is established, the context should be discarded and
160 relevant values copied out of it.
161*/
163 /* state for the overall connection process */
165 const char *host;
166 const char *user;
167 const char *passwd;
168 const char *db;
170 const char *unix_socket;
173
179 /** The server sends the default plugin name in Protocol::HandshakeV10 */
180 const char *scramble_plugin;
183
184 /* context needed to establish asynchronous authentication */
186 /* state for running init_commands */
189
191 SSL *ssl;
192 /* state function that will be called next */
194};
195
196#endif /* SQL_COMMON_CLIENT_ASYNC_AUTHENTICATION_H */
client_auth_caching_sha2_password_plugin_status
Definition: client_async_authentication.h:84
@ CACHING_SHA2_REQUEST_PUBLIC_KEY
Definition: client_async_authentication.h:88
@ CACHING_SHA2_READ_PUBLIC_KEY
Definition: client_async_authentication.h:89
@ CACHING_SHA2_SEND_PLAIN_PASSWORD
Definition: client_async_authentication.h:91
@ CACHING_SHA2_SEND_ENCRYPTED_PASSWORD
Definition: client_async_authentication.h:90
@ CACHING_SHA2_READING_PASSWORD
Definition: client_async_authentication.h:85
@ CACHING_SHA2_CHALLENGE_RESPONSE
Definition: client_async_authentication.h:87
@ CACHING_SHA2_WRITING_RESPONSE
Definition: client_async_authentication.h:86
mysql_state_machine_status
Definition: client_async_authentication.h:63
@ STATE_MACHINE_FAILED
Definition: client_async_authentication.h:64
@ STATE_MACHINE_CONTINUE
Definition: client_async_authentication.h:65
@ STATE_MACHINE_DONE
Definition: client_async_authentication.h:67
@ STATE_MACHINE_WOULD_BLOCK
Definition: client_async_authentication.h:66
client_auth_native_password_plugin_status
Definition: client_async_authentication.h:71
@ NATIVE_READING_PASSWORD
Definition: client_async_authentication.h:72
@ NATIVE_WRITING_RESPONSE
Definition: client_async_authentication.h:73
client_auth_sha256_password_plugin_status
Definition: client_async_authentication.h:76
@ SHA256_REQUEST_PUBLIC_KEY
Definition: client_async_authentication.h:78
@ SHA256_SEND_ENCRYPTED_PASSWORD
Definition: client_async_authentication.h:80
@ SHA256_READING_PASSWORD
Definition: client_async_authentication.h:77
@ SHA256_READ_PUBLIC_KEY
Definition: client_async_authentication.h:79
@ SHA256_SEND_PLAIN_PASSWORD
Definition: client_async_authentication.h:81
#define MAX_CIPHER_LENGTH
Definition: client_async_authentication.h:26
mysql_state_machine_status(* csm_function)(mysql_async_connect *)
Definition: client_async_authentication.h:145
ssl_exchange_state
Definition: client_async_authentication.h:150
@ SSL_REQUEST
Definition: client_async_authentication.h:151
@ SSL_CONNECT
Definition: client_async_authentication.h:152
@ SSL_COMPLETE
Definition: client_async_authentication.h:153
@ SSL_NONE
Definition: client_async_authentication.h:154
mysql_state_machine_status(* authsm_function)(mysql_async_auth *)
Definition: client_async_authentication.h:96
unsigned char uchar
Definition: my_inttypes.h:52
Declarations for asynchronous client communication.
Common definition between mysql server & client.
#define SCRAMBLE_LENGTH
Length of random string sent by server on handshake; this is also length of obfuscated password,...
Definition: mysql_com.h:128
#define NAME_LEN
Definition: mysql_com.h:67
#define USERNAME_LENGTH
Definition: mysql_com.h:69
Definition: buf0block_hint.cc:30
struct result result
Definition: result.h:34
This file defines constants and data structures that are the same for both client- and server-side au...
net_async_status
Definition: plugin_auth_common.h:136
struct rsa_st RSA
Definition: sql_authentication.h:103
Definition: client_async_authentication.h:37
auth_plugin_t * plugin
what plugin we're under
Definition: client_async_authentication.h:49
struct MCPVIO_EXT::@30 cached_server_reply
uchar * pkt
pointer into NET::buff
Definition: client_async_authentication.h:52
int packets_read
Definition: client_async_authentication.h:57
void(* info)(MYSQL_PLUGIN_VIO *vio, MYSQL_PLUGIN_VIO_INFO *info)
Definition: client_async_authentication.h:40
net_async_status(* write_packet_nonblocking)(struct MYSQL_PLUGIN_VIO *vio, const unsigned char *pkt, int pkt_len, int *result)
Definition: client_async_authentication.h:43
bool pkt_received
a flag indicating that pkt, pkt_len contain valid packet to be reused
Definition: client_async_authentication.h:55
const char * db
Definition: client_async_authentication.h:50
net_async_status(* read_packet_nonblocking)(struct MYSQL_PLUGIN_VIO *vio, unsigned char **buf, int *result)
Definition: client_async_authentication.h:41
uint pkt_len
Definition: client_async_authentication.h:53
MYSQL * mysql
Definition: client_async_authentication.h:48
int(* read_packet)(MYSQL_PLUGIN_VIO *vio, uchar **buf)
Definition: client_async_authentication.h:38
int(* write_packet)(MYSQL_PLUGIN_VIO *vio, const uchar *pkt, int pkt_len)
Definition: client_async_authentication.h:39
int last_read_packet_len
the length of the last read packet
Definition: client_async_authentication.h:59
int mysql_change_user
if it's mysql_change_user()
Definition: client_async_authentication.h:58
int packets_written
counters for send/received packets
Definition: client_async_authentication.h:57
Definition: plugin_auth_common.h:121
Provides plugin access to communication channel.
Definition: plugin_auth_common.h:146
Definition: mysql.h:299
Definition: client_plugin.h:121
Definition: client_async_authentication.h:109
bool non_blocking
Definition: client_async_authentication.h:111
const char * data_plugin
set to mysql_async_connect::scramble_plugin
Definition: client_async_authentication.h:116
sha2_async_auth sha2_auth
Definition: client_async_authentication.h:133
auth_plugin_t * auth_plugin
Definition: client_async_authentication.h:120
char * change_user_buff
Definition: client_async_authentication.h:125
int client_auth_plugin_state
Used by caching_sha256_password plugin.
Definition: client_async_authentication.h:129
MCPVIO_EXT mpvio
Definition: client_async_authentication.h:121
const char * auth_plugin_name
Definition: client_async_authentication.h:119
uint current_factor_index
Definition: client_async_authentication.h:131
MYSQL * mysql
Definition: client_async_authentication.h:110
char * data
Definition: client_async_authentication.h:113
authsm_function state_function
Definition: client_async_authentication.h:130
uint data_len
Definition: client_async_authentication.h:114
ulong pkt_length
Definition: client_async_authentication.h:122
int change_user_buff_len
Definition: client_async_authentication.h:126
const char * db
Definition: client_async_authentication.h:117
int res
Definition: client_async_authentication.h:123
Definition: client_async_authentication.h:162
const char * scramble_plugin
The server sends the default plugin name in Protocol::HandshakeV10.
Definition: client_async_authentication.h:180
char * scramble_data
Definition: client_async_authentication.h:178
char buff[NAME_LEN+USERNAME_LENGTH+100]
Definition: client_async_authentication.h:176
SSL * ssl
Definition: client_async_authentication.h:191
int scramble_data_len
Definition: client_async_authentication.h:177
csm_function state_function
Definition: client_async_authentication.h:193
ssl_exchange_state ssl_state
Definition: client_async_authentication.h:190
char ** current_init_command
Definition: client_async_authentication.h:188
MYSQL * mysql
Definition: client_async_authentication.h:164
char * host_info
Definition: client_async_authentication.h:175
ulong client_flag
Definition: client_async_authentication.h:171
uint port
Definition: client_async_authentication.h:169
struct mysql_async_auth * auth_context
Definition: client_async_authentication.h:185
bool scramble_buffer_allocated
Definition: client_async_authentication.h:182
bool non_blocking
Definition: client_async_authentication.h:172
ulong pkt_length
Definition: client_async_authentication.h:174
const char * user
Definition: client_async_authentication.h:166
bool saved_reconnect
Definition: client_async_authentication.h:187
const char * db
Definition: client_async_authentication.h:168
const char * passwd
Definition: client_async_authentication.h:167
const char * unix_socket
Definition: client_async_authentication.h:170
char * scramble_buffer
Definition: client_async_authentication.h:181
const char * host
Definition: client_async_authentication.h:165
Definition: client_async_authentication.h:98
int cipher_length
Definition: client_async_authentication.h:106
unsigned char encrypted_password[MAX_CIPHER_LENGTH]
Definition: client_async_authentication.h:99
unsigned char scramble_pkt[SCRAMBLE_LENGTH]
Definition: client_async_authentication.h:105
RSA * public_key
Definition: client_async_authentication.h:103
unsigned int uint
Definition: uca9-dump.cc:75