MySQL 9.1.0
Source Code Documentation
sql_authentication.h File Reference
#include <openssl/rsa.h>
#include <stddef.h>
#include <sys/types.h>
#include "lex_string.h"
#include "my_thread_local.h"
#include "mysql/plugin_auth.h"
#include "mysql/plugin_auth_common.h"
#include "mysql/strings/m_ctype.h"
#include "sql/sql_plugin_ref.h"

Go to the source code of this file.

Classes

class  Thd_charset_adapter
 
struct  MPVIO_EXT
 The internal version of what plugins know as MYSQL_PLUGIN_VIO, basically the context of the authentication session. More...
 
class  Rsa_authentication_keys
 
class  Cached_authentication_plugins
 

Macros

#define AUTH_DEFAULT_RSA_PRIVATE_KEY   "private_key.pem"
 
#define AUTH_DEFAULT_RSA_PUBLIC_KEY   "public_key.pem"
 

Typedefs

typedef struct rsa_st RSA
 

Enumerations

enum  cached_plugins_enum { PLUGIN_CACHING_SHA2_PASSWORD = 0 , PLUGIN_SHA256_PASSWORD , PLUGIN_LAST }
 

Functions

bool init_rsa_keys (void)
 Loads the RSA key pair from disk and store them in a global variable. More...
 
void deinit_rsa_keys (void)
 
int show_rsa_public_key (THD *thd, SHOW_VAR *var, char *buff)
 
ACL_USERdecoy_user (const LEX_CSTRING &username, const LEX_CSTRING &hostname, MEM_ROOT *mem, struct rand_struct *rand, bool is_initialized)
 When authentication is attempted using an unknown username a dummy user account with no authentication capabilities is assigned to the connection. More...
 

Variables

LEX_CSTRING validate_password_plugin_name
 
bool allow_all_hosts
 
Cached_authentication_pluginsg_cached_authentication_plugins
 

Macro Definition Documentation

◆ AUTH_DEFAULT_RSA_PRIVATE_KEY

#define AUTH_DEFAULT_RSA_PRIVATE_KEY   "private_key.pem"

◆ AUTH_DEFAULT_RSA_PUBLIC_KEY

#define AUTH_DEFAULT_RSA_PUBLIC_KEY   "public_key.pem"

Typedef Documentation

◆ RSA

typedef struct rsa_st RSA

Enumeration Type Documentation

◆ cached_plugins_enum

Enumerator
PLUGIN_CACHING_SHA2_PASSWORD 
PLUGIN_SHA256_PASSWORD 
PLUGIN_LAST 

Function Documentation

◆ decoy_user()

ACL_USER * decoy_user ( const LEX_CSTRING username,
const LEX_CSTRING hostname,
MEM_ROOT mem,
struct rand_struct rand,
bool  is_initialized 
)

When authentication is attempted using an unknown username a dummy user account with no authentication capabilities is assigned to the connection.

When server is started with -skip-grant-tables, a dummy user account with authentication capabilities is assigned to the connection. Dummy user authenticates with the empty authentication string. This is done to decrease the cost of enumerating user accounts based on authentication protocol.

Parameters
[in]usernameA dummy user to be created.
[in]hostnameHost of the dummy user.
[in]memMemory in which the dummy ACL user will be created.
[in]randSeed value to generate random data
[in]is_initializedState of ACL caches
Return values
Adummy ACL USER

◆ deinit_rsa_keys()

void deinit_rsa_keys ( void  )

◆ init_rsa_keys()

bool init_rsa_keys ( void  )

Loads the RSA key pair from disk and store them in a global variable.

See also
init_ssl()
Returns
Error code
Return values
falseSuccess
trueError

Presence of only a private key file and a public temp file implies that server crashed after creating the private key file and could not create a public key file. Hence removing the private key file.

◆ show_rsa_public_key()

int show_rsa_public_key ( THD thd,
SHOW_VAR var,
char *  buff 
)

Variable Documentation

◆ allow_all_hosts

bool allow_all_hosts
extern

◆ g_cached_authentication_plugins

Cached_authentication_plugins* g_cached_authentication_plugins
extern

◆ validate_password_plugin_name

LEX_CSTRING validate_password_plugin_name
extern