Class representing SASL client. More...

#include <auth_ldap_sasl_client.h>

Public Member Functions
	Sasl_client (MYSQL_PLUGIN_VIO vio, MYSQL mysql)
	Constructor. More...

	Sasl_client ()=delete
	Default constructor -not wanted. More...

	~Sasl_client ()
	Destructor. More...

bool	preauthenticate ()
	Perform preauthentication step if needed, specific to the SASL mechanism e.g. More...

bool	initilize_connection ()
	Initializes SASL client exchange. More...

void	interact (sasl_interact_t *ilist)
	Perform SASL interaction, callled as SASL callback. More...

bool	set_mechanism ()
	Decides and sets SASL mechanism to be used for authentication. More...

int	sasl_start (const char *client_output, int client_output_length)
	Starts SASL client exchange. More...

int	sasl_step (char server_input, int server_input_length, const char client_output, int client_output_length)
	Perform a step of SASL client exchange. More...

int	send_sasl_request_to_server (const char request, int request_len, char reponse, int response_len)
	Sends SASL message to server and receive an response. More...

bool	require_conclude_by_server ()
	Check if the authentication method requires conclusion message from the server. More...

Private Member Functions
bool	set_user ()
	If an empty original user name was given as client parameter and passed to the plugin via MYSQL structure, this function is used to determine the name for authentication and set this user name to the MYSQL structure. More...

void	set_user_info (const char name, const char pwd)
	Sets (copies) user name and password to the members. More...

Private Attributes
char	m_user_name [SASL_MAX_STR_SIZE]
	user name used for authentication More...

char	m_user_pwd [SASL_MAX_STR_SIZE]
	user password used for authentication More...

sasl_conn_t *	m_connection
	SASL connection data. More...

MYSQL_PLUGIN_VIO *	m_vio
	pointer to server communication channel More...

MYSQL *	m_mysql
	pointer to MYSQL structure More...

char *	m_mysql_user
	the original user name, More...

Sasl_mechanism *	m_sasl_mechanism
	the SASL mechanism used for authentication More...

Detailed Description

Class representing SASL client.

Constructor & Destructor Documentation

◆ Sasl_client() [1/2]

auth_ldap_sasl_client::Sasl_client::Sasl_client	(	MYSQL_PLUGIN_VIO *	vio,
		MYSQL *	mysql
	)

Constructor.

Parameters

vio	[in] pointer to server communication channel
mysql	[in] pointer to MYSQL structure

◆ Sasl_client() [2/2]

auth_ldap_sasl_client::Sasl_client::Sasl_client ( )

delete

Default constructor -not wanted.

◆ ~Sasl_client()

auth_ldap_sasl_client::Sasl_client::~Sasl_client ( )

Destructor.

Member Function Documentation

◆ initilize_connection()

bool auth_ldap_sasl_client::Sasl_client::initilize_connection ( )

Initializes SASL client exchange.

Return values

true	success
false	failure

Creating sasl connection.

◆ interact()

void auth_ldap_sasl_client::Sasl_client::interact ( sasl_interact_t * ilist )

Perform SASL interaction, callled as SASL callback.

Parameters

ilist [in] list of interaction ids to be served

◆ preauthenticate()

bool auth_ldap_sasl_client::Sasl_client::preauthenticate ( )

Perform preauthentication step if needed, specific to the SASL mechanism e.g.

obtaining Kerberos ticket for GSSAPI.

Return values

true	success
false	failure

◆ require_conclude_by_server()

bool auth_ldap_sasl_client::Sasl_client::require_conclude_by_server ( )

inline

Check if the authentication method requires conclusion message from the server.

Return values

true	conclusion required
false	conclusion not required

◆ sasl_start()

int auth_ldap_sasl_client::Sasl_client::sasl_start	(	const char **	client_output,
		int *	client_output_length
	)

Starts SASL client exchange.

Parameters

client_output	[out] buffer with the initial client message to be sent to server
client_output_length	[out] length of client_output

Returns: SASL result code

◆ sasl_step()

int auth_ldap_sasl_client::Sasl_client::sasl_step	(	char *	server_input,
		int	server_input_length,
		const char **	client_output,
		int *	client_output_length
	)

Perform a step of SASL client exchange.

Parameters

server_input	[in] buffer with message from the server
server_input_length	[in] length of server_input
client_output	[out] buffer with the client message to be sent to server
client_output_length	[out] length of client_output

Returns: SASL result code

◆ send_sasl_request_to_server()

int auth_ldap_sasl_client::Sasl_client::send_sasl_request_to_server	(	const char *	request,
		int	request_len,
		char **	reponse,
		int *	response_len
	)

Sends SASL message to server and receive an response.

SASL message is wrapped in a MySQL packet before sending.

Parameters

request	[in] pointer to the SASL request
request_len	[in] length of request
reponse	[out] pointer to received SASL response
response_len	[out] length of reponse or 0 on reading failure

Return values

1	write failed
0	write succeeded

Send the request to the MySQL server.

Get the sasl response from the MySQL server.

◆ set_mechanism()

bool auth_ldap_sasl_client::Sasl_client::set_mechanism ( )

Decides and sets SASL mechanism to be used for authentication.

Return values

true	success
false	failure

Get authentication method from the server.

◆ set_user()

bool auth_ldap_sasl_client::Sasl_client::set_user ( )

private

If an empty original user name was given as client parameter and passed to the plugin via MYSQL structure, this function is used to determine the name for authentication and set this user name to the MYSQL structure.

For proper memory management (string allocated by the plugin should not be freed by the main client module and vice versa), the original user name from MYSQL is stored to m_mysql_user and on destructing the object the original name is set back to MYSQL and m_mysql_user is freed.

Return values

true	success
false	failure

◆ set_user_info()

void auth_ldap_sasl_client::Sasl_client::set_user_info	(	const char *	name,
		const char *	pwd
	)

private

Sets (copies) user name and password to the members.

Parameters

name	[in] user name
pwd	[in] user password

Member Data Documentation

◆ m_connection

sasl_conn_t* auth_ldap_sasl_client::Sasl_client::m_connection

private

SASL connection data.

◆ m_mysql

MYSQL* auth_ldap_sasl_client::Sasl_client::m_mysql

private

pointer to MYSQL structure

◆ m_mysql_user

char* auth_ldap_sasl_client::Sasl_client::m_mysql_user

private

the original user name,

See also: set_user()

◆ m_sasl_mechanism

Sasl_mechanism* auth_ldap_sasl_client::Sasl_client::m_sasl_mechanism

private

the SASL mechanism used for authentication

◆ m_user_name

char auth_ldap_sasl_client::Sasl_client::m_user_name[SASL_MAX_STR_SIZE]

private

user name used for authentication

◆ m_user_pwd

char auth_ldap_sasl_client::Sasl_client::m_user_pwd[SASL_MAX_STR_SIZE]

private

user password used for authentication

◆ m_vio

MYSQL_PLUGIN_VIO* auth_ldap_sasl_client::Sasl_client::m_vio

private

pointer to server communication channel

The documentation for this class was generated from the following files:

libmysql/authentication_ldap/auth_ldap_sasl_client.h
libmysql/authentication_ldap/auth_ldap_sasl_client.cc

Public Member Functions

Private Member Functions

Private Attributes

Detailed Description

Constructor & Destructor Documentation

◆ Sasl_client() [1/2]

◆ Sasl_client() [2/2]

◆ ~Sasl_client()

Member Function Documentation

◆ initilize_connection()

◆ interact()

◆ preauthenticate()

◆ require_conclude_by_server()

◆ sasl_start()

◆ sasl_step()

◆ send_sasl_request_to_server()

◆ set_mechanism()

◆ set_user()

◆ set_user_info()

Member Data Documentation

◆ m_connection

◆ m_mysql

◆ m_mysql_user

◆ m_sasl_mechanism

◆ m_user_name

◆ m_user_pwd

◆ m_vio