MySQL 9.1.0
Source Code Documentation
auth_ldap_sasl_client Namespace Reference

Classes

class  Kerberos
 Kerberos class is built around kerberos library. More...
 
class  Krb5_interface
 Class representing interface to KRB5 functions. More...
 
class  Ldap_log_writer_error
 Log writer class. More...
 
class  Ldap_logger
 Class representing logger for LDAP plugins. More...
 
class  Sasl_client
 Class representing SASL client. More...
 
class  Sasl_mechanism
 Base class representing SASL mechanism. More...
 
class  Sasl_mechanism_kerberos
 Class representing GSSAPI/Kerberos mechanism. More...
 
class  Sasl_mechanism_scram
 Class representing SCRAM family of SASL mechanisms (currently SCRAM-SHA-1 and SCRAM-SHA-256). More...
 

Typedefs

using krb5_build_principal_type = krb5_error_code(*)(krb5_context context, krb5_principal *princ, unsigned int rlen, const char *realm,...)
 
using krb5_cc_close_type = krb5_error_code(*)(krb5_context context, krb5_ccache cache)
 
using krb5_cc_default_type = krb5_error_code(*)(krb5_context context, krb5_ccache *ccache)
 
using krb5_cc_get_principal_type = krb5_error_code(*)(krb5_context context, krb5_ccache cache, krb5_principal *principal)
 
using krb5_cc_initialize_type = krb5_error_code(*)(krb5_context context, krb5_ccache cache, krb5_principal principal)
 
using krb5_cc_remove_cred_type = krb5_error_code(*)(krb5_context context, krb5_ccache cache, krb5_flags flags, krb5_creds *creds)
 
using krb5_cc_retrieve_cred_type = krb5_error_code(*)(krb5_context context, krb5_ccache cache, krb5_flags flags, krb5_creds *mcreds, krb5_creds *creds)
 
using krb5_cc_store_cred_type = krb5_error_code(*)(krb5_context context, krb5_ccache cache, krb5_creds *creds)
 
using krb5_free_context_type = void(*)(krb5_context context)
 
using krb5_free_cred_contents_type = void(*)(krb5_context context, krb5_creds *val)
 
using krb5_free_default_realm_type = void(*)(krb5_context context, char *lrealm)
 
using krb5_free_error_message_type = void(*)(krb5_context ctx, const char *msg)
 
using krb5_free_principal_type = void(*)(krb5_context context, krb5_principal val)
 
using krb5_free_unparsed_name_type = void(*)(krb5_context context, char *val)
 
using krb5_get_default_realm_type = krb5_error_code(*)(krb5_context context, char **lrealm)
 
using krb5_get_error_message_type = const char *(*)(krb5_context ctx, krb5_error_code code)
 
using krb5_get_init_creds_opt_alloc_type = krb5_error_code(*)(krb5_context context, krb5_get_init_creds_opt **opt)
 
using krb5_get_init_creds_opt_free_type = void(*)(krb5_context context, krb5_get_init_creds_opt *opt)
 
using krb5_get_init_creds_password_type = krb5_error_code(*)(krb5_context context, krb5_creds *creds, krb5_principal client, const char *password, krb5_prompter_fct prompter, void *data, krb5_deltat start_time, const char *in_tkt_service, krb5_get_init_creds_opt *k5_gic_options)
 
using krb5_get_profile_type = krb5_error_code(*)(krb5_context context, struct _profile_t **profile)
 
using krb5_init_context_type = krb5_error_code(*)(krb5_context *context)
 
using krb5_parse_name_type = krb5_error_code(*)(krb5_context context, const char *name, krb5_principal *principal_out)
 
using krb5_timeofday_type = krb5_error_code(*)(krb5_context context, krb5_timestamp *timeret)
 
using krb5_unparse_name_type = krb5_error_code(*)(krb5_context context, krb5_const_principal principal, char **name)
 
using krb5_verify_init_creds_type = krb5_error_code(*)(krb5_context context, krb5_creds *creds, krb5_principal server, krb5_keytab keytab, krb5_ccache *ccache, krb5_verify_init_creds_opt *options)
 
using krb5_appdefault_boolean_type = void(*)(krb5_context context, const char *appname, const krb5_data *realm, const char *option, int default_value, int *ret_value)
 
using krb5_appdefault_string_type = void(*)(krb5_context context, const char *appname, const krb5_data *realm, const char *option, const char *default_value, char **ret_value)
 
using krb5_free_string_type = void(*)(krb5_context context, char *val)
 
using profile_get_string_type = long(*)(profile_t profile, const char *name, const char *subname, const char *subsubname, const char *def_val, char **ret_string)
 
using profile_release_type = void(*)(profile_t profile)
 
using profile_release_string_type = void(*)(char *str)
 

Enumerations

enum  ldap_log_level {
  LDAP_LOG_LEVEL_NONE = 1 , LDAP_LOG_LEVEL_ERROR , LDAP_LOG_LEVEL_ERROR_WARNING , LDAP_LOG_LEVEL_ERROR_WARNING_INFO ,
  LDAP_LOG_LEVEL_ALL
}
 LDAP plugin log levels type. More...
 

Functions

void buf_to_str (std::stringstream &log_stream, const char *buf, size_t buf_len)
 Write a buffer to stream. More...
 
static int sasl_authenticate (MYSQL_PLUGIN_VIO *vio, MYSQL *mysql)
 
static int initialize_plugin (char *, size_t, int, va_list)
 
static int deinitialize_plugin ()
 

Variables

const int SASL_ERROR_INVALID_METHOD = -2
 
const char dbg_prefix [] = "[DBG]"
 
const char info_prefix [] = "[Note]"
 
const char warning_prefix [] = "[Warning]"
 
const char error_prefix [] = "[Error]"
 

Enumeration Type Documentation

◆ ldap_log_level

LDAP plugin log levels type.

Enumerator
LDAP_LOG_LEVEL_NONE 
LDAP_LOG_LEVEL_ERROR 
LDAP_LOG_LEVEL_ERROR_WARNING 
LDAP_LOG_LEVEL_ERROR_WARNING_INFO 
LDAP_LOG_LEVEL_ALL 

Function Documentation

◆ buf_to_str()

void auth_ldap_sasl_client::buf_to_str ( std::stringstream &  log_stream,
const char *  buf,
size_t  buf_len 
)

Write a buffer to stream.

Helper to log SASL messages.

Parameters
log_stream[in] the stream
buf[in] the buffer
buf_len[in] length of the buffer

◆ deinitialize_plugin()

LDAP SASL Client Authentication auth_ldap_sasl_client::deinitialize_plugin ( )
static

◆ initialize_plugin()

static int auth_ldap_sasl_client::initialize_plugin ( char *  ,
size_t  ,
int  ,
va_list   
)
static

Initialize client-side of SASL.

◆ sasl_authenticate()

static int auth_ldap_sasl_client::sasl_authenticate ( MYSQL_PLUGIN_VIO vio,
MYSQL mysql 
)
static

Running SASL authentication step till authentication process is concluded MySQL server plug-in working as proxy for SASL / LDAP server.

From client side, authentication has succeeded, but in case of some mechanism (e.g. GSSAPI) we need to send data to server side.

Variable Documentation

◆ dbg_prefix

const char auth_ldap_sasl_client::dbg_prefix[] = "[DBG]"

◆ error_prefix

const char auth_ldap_sasl_client::error_prefix[] = "[Error]"

◆ info_prefix

const char auth_ldap_sasl_client::info_prefix[] = "[Note]"

◆ SASL_ERROR_INVALID_METHOD

const int auth_ldap_sasl_client::SASL_ERROR_INVALID_METHOD = -2

◆ warning_prefix

const char auth_ldap_sasl_client::warning_prefix[] = "[Warning]"