MySQL 8.0.30
Source Code Documentation
auth_ldap_sasl_client.h
Go to the documentation of this file.
1/* Copyright (c) 2016, 2022, Oracle and/or its affiliates.
2
3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the GNU General Public License, version 2.0,
5 as published by the Free Software Foundation.
6
7 This program is also distributed with certain software (including
8 but not limited to OpenSSL) that is licensed under separate terms,
9 as designated in a particular file or component or in included license
10 documentation. The authors of MySQL hereby grant you an additional
11 permission to link the program and your derivative works with the
12 separately licensed software that they have included with MySQL.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License, version 2.0, for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
22
23#ifndef AUTH_LDAP_SASL_CLIENT_H_
24#define AUTH_LDAP_SASL_CLIENT_H_
25
26#include "my_config.h"
27
29
30#include <mysql.h>
31#include <mysql/client_plugin.h>
32#include <mysql/plugin.h>
34#include <sasl/sasl.h>
35#include <stdio.h>
36#include <stdlib.h>
37#include <string.h>
38#include "log_client.h"
39
40#define SASL_MAX_STR_SIZE 1024
41#define SASL_BUFFER_SIZE 9000
42#define SASL_SERVICE_NAME "ldap"
43
44static const sasl_callback_t callbacks[] = {
45#ifdef SASL_CB_GETREALM
46 {SASL_CB_GETREALM, nullptr, nullptr},
47#endif
48 {SASL_CB_USER, nullptr, nullptr},
49 {SASL_CB_AUTHNAME, nullptr, nullptr},
50 {SASL_CB_PASS, nullptr, nullptr},
51 {SASL_CB_ECHOPROMPT, nullptr, nullptr},
52 {SASL_CB_NOECHOPROMPT, nullptr, nullptr},
53 {SASL_CB_LIST_END, nullptr, nullptr}};
54
55/*
56 MAX SSF - The maximum Security Strength Factor supported by the mechanism
57 (roughly the number of bits of encryption provided, but may have other
58 meanings, for example an SSF of 1 indicates integrity protection only, no
59 encryption). SECURITY PROPERTIES are: NOPLAIN, NOACTIVE, NODICT, FORWARD,
60 NOANON, CRED, MUTUAL. More details are in:
61 https://www.sendmail.org/~ca/email/cyrus2/mechanisms.html
62*/
63sasl_security_properties_t security_properties = {
64 /** Minimum acceptable final level. (min_ssf) */
65 56,
66 /** Maximum acceptable final level. (max_ssf) */
67 0,
68 /** Maximum security layer receive buffer size. */
69 0,
70 /** security flags (security_flags) */
71 0,
72 /** Property names. (property_names) */
73 nullptr,
74 /** Property values. (property_values)*/
75 nullptr,
76};
77
79 public:
82 int initilize();
84 void interact(sasl_interact_t *ilist);
86 int sasl_start(char **client_output, int *client_output_length);
87 int sasl_step(char *server_in, int server_in_length, char **client_out,
88 int *client_out_length);
89 int send_sasl_request_to_server(const unsigned char *request, int request_len,
90 unsigned char **reponse, int *response_len);
91 void set_user_info(std::string name, std::string pwd);
92 std::string get_method();
93#if defined(KERBEROS_LIB_CONFIGURED)
95#endif
96
97 protected:
103 sasl_conn_t *m_connection;
107};
108
109#endif // AUTH_LDAP_SASL_CLIENT_H_
sasl_security_properties_t security_properties
Definition: auth_ldap_sasl_client.h:63
#define SASL_MAX_STR_SIZE
Definition: auth_ldap_sasl_client.h:40
static const sasl_callback_t callbacks[]
Definition: auth_ldap_sasl_client.h:44
Definition: auth_ldap_sasl_client.h:78
void set_user_info(std::string name, std::string pwd)
Definition: auth_ldap_sasl_client.cc:351
char m_user_pwd[SASL_MAX_STR_SIZE]
Definition: auth_ldap_sasl_client.h:99
void read_kerberos_user_name()
Definition: auth_ldap_sasl_client.cc:330
int initilize()
Definition: auth_ldap_sasl_client.cc:175
int send_sasl_request_to_server(const unsigned char *request, int request_len, unsigned char **reponse, int *response_len)
Definition: auth_ldap_sasl_client.cc:232
char m_user_name[SASL_MAX_STR_SIZE]
Definition: auth_ldap_sasl_client.h:98
MYSQL * m_mysql
Definition: auth_ldap_sasl_client.h:105
MYSQL_PLUGIN_VIO * m_vio
Definition: auth_ldap_sasl_client.h:104
std::string get_method()
Definition: auth_ldap_sasl_client.cc:327
int sasl_step(char *server_in, int server_in_length, char **client_out, int *client_out_length)
Definition: auth_ldap_sasl_client.cc:303
std::string m_ldap_server_host
Definition: auth_ldap_sasl_client.h:102
Sasl_client()
Definition: auth_ldap_sasl_client.cc:168
void interact(sasl_interact_t *ilist)
Definition: auth_ldap_sasl_client.cc:67
int read_method_name_from_server()
SASL method is send from the Mysql server, and this is set by the client.
Definition: auth_ldap_sasl_client.cc:107
void set_plugin_info(MYSQL_PLUGIN_VIO *vio, MYSQL *mysql)
Definition: auth_ldap_sasl_client.cc:96
char m_mechanism[SASL_MAX_STR_SIZE]
Definition: auth_ldap_sasl_client.h:100
int sasl_start(char **client_output, int *client_output_length)
Definition: auth_ldap_sasl_client.cc:268
sasl_conn_t * m_connection
Definition: auth_ldap_sasl_client.h:103
char m_service_name[SASL_MAX_STR_SIZE]
Definition: auth_ldap_sasl_client.h:101
~Sasl_client()
Definition: auth_ldap_sasl_client.cc:223
Sasl_mechanism * m_sasl_mechanism
Definition: auth_ldap_sasl_client.h:106
Definition: auth_ldap_sasl_mechanism.h:42
MySQL Client Plugin API.
static MYSQL mysql
Definition: mysql.cc:153
This file defines the client API to MySQL and also the ABI of the dynamically linked libmysqlclient.
This file defines constants and data structures that are the same for both client- and server-side au...
case opt name
Definition: sslopt-case.h:32
Provides plugin access to communication channel.
Definition: plugin_auth_common.h:145
Definition: mysql.h:298