2011-01-13 05:40:05 +08:00
|
|
|
/*
|
|
|
|
+----------------------------------------------------------------------+
|
|
|
|
| PHP Version 5 |
|
|
|
|
+----------------------------------------------------------------------+
|
|
|
|
| Copyright (c) 2006-2011 The PHP Group |
|
|
|
|
+----------------------------------------------------------------------+
|
|
|
|
| This source file is subject to version 3.01 of the PHP license, |
|
|
|
|
| that is bundled with this package in the file LICENSE, and is |
|
|
|
|
| available through the world-wide-web at the following url: |
|
|
|
|
| http://www.php.net/license/3_01.txt |
|
|
|
|
| If you did not receive a copy of the PHP license and are unable to |
|
|
|
|
| obtain it through the world-wide-web, please send a note to |
|
|
|
|
| license@php.net so we can mail you a copy immediately. |
|
|
|
|
+----------------------------------------------------------------------+
|
|
|
|
| Authors: Georg Richter <georg@mysql.com> |
|
|
|
|
| Andrey Hristov <andrey@mysql.com> |
|
|
|
|
| Ulf Wendel <uwendel@mysql.com> |
|
|
|
|
+----------------------------------------------------------------------+
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* $Id: mysqlnd.c 307377 2011-01-11 13:02:57Z andrey $ */
|
|
|
|
#include "php.h"
|
|
|
|
#include "mysqlnd.h"
|
|
|
|
#include "mysqlnd_structs.h"
|
|
|
|
#include "mysqlnd_wireprotocol.h"
|
|
|
|
#include "mysqlnd_priv.h"
|
|
|
|
#include "mysqlnd_result.h"
|
|
|
|
#include "mysqlnd_charset.h"
|
|
|
|
#include "mysqlnd_debug.h"
|
|
|
|
|
|
|
|
|
2011-01-24 20:34:47 +08:00
|
|
|
/* {{{ mysqlnd_auth_handshake */
|
2011-01-15 04:04:17 +08:00
|
|
|
enum_func_status
|
|
|
|
mysqlnd_auth_handshake(MYSQLND * conn,
|
2011-01-13 05:40:05 +08:00
|
|
|
const char * const user,
|
|
|
|
const char * const passwd,
|
2011-01-24 21:58:18 +08:00
|
|
|
const size_t passwd_len,
|
2011-01-13 05:40:05 +08:00
|
|
|
const char * const db,
|
|
|
|
const size_t db_len,
|
|
|
|
const MYSQLND_OPTIONS * const options,
|
|
|
|
unsigned long mysql_flags,
|
2011-01-24 20:34:47 +08:00
|
|
|
unsigned int server_charset_no,
|
|
|
|
zend_bool use_full_blown_auth_packet,
|
|
|
|
const char * const auth_protocol,
|
|
|
|
const zend_uchar * const auth_plugin_data,
|
|
|
|
const size_t auth_plugin_data_len,
|
|
|
|
char ** switch_to_auth_protocol,
|
|
|
|
size_t * switch_to_auth_protocol_len,
|
|
|
|
zend_uchar ** switch_to_auth_protocol_data,
|
|
|
|
size_t * switch_to_auth_protocol_data_len
|
2011-01-13 05:40:05 +08:00
|
|
|
TSRMLS_DC)
|
|
|
|
{
|
|
|
|
enum_func_status ret = FAIL;
|
|
|
|
const MYSQLND_CHARSET * charset = NULL;
|
2011-01-24 20:34:47 +08:00
|
|
|
MYSQLND_PACKET_CHANGE_AUTH_RESPONSE * change_auth_resp_packet = NULL;
|
|
|
|
MYSQLND_PACKET_AUTH_RESPONSE * auth_resp_packet = NULL;
|
2011-01-13 05:40:05 +08:00
|
|
|
MYSQLND_PACKET_AUTH * auth_packet = NULL;
|
|
|
|
|
2011-01-24 20:34:47 +08:00
|
|
|
DBG_ENTER("mysqlnd_auth_handshake");
|
2011-01-13 05:40:05 +08:00
|
|
|
|
2011-01-24 20:34:47 +08:00
|
|
|
auth_resp_packet = conn->protocol->m.get_auth_response_packet(conn->protocol, FALSE TSRMLS_CC);
|
2011-01-13 05:40:05 +08:00
|
|
|
|
2011-01-24 20:34:47 +08:00
|
|
|
if (!auth_resp_packet) {
|
2011-10-26 07:01:49 +08:00
|
|
|
SET_OOM_ERROR(*conn->error_info);
|
2011-01-13 05:40:05 +08:00
|
|
|
goto end;
|
|
|
|
}
|
|
|
|
|
2011-01-24 20:34:47 +08:00
|
|
|
if (use_full_blown_auth_packet != TRUE) {
|
|
|
|
change_auth_resp_packet = conn->protocol->m.get_change_auth_response_packet(conn->protocol, FALSE TSRMLS_CC);
|
|
|
|
if (!change_auth_resp_packet) {
|
2011-10-26 07:01:49 +08:00
|
|
|
SET_OOM_ERROR(*conn->error_info);
|
2011-01-24 20:34:47 +08:00
|
|
|
goto end;
|
|
|
|
}
|
|
|
|
|
|
|
|
change_auth_resp_packet->auth_data = auth_plugin_data;
|
|
|
|
change_auth_resp_packet->auth_data_len = auth_plugin_data_len;
|
|
|
|
|
|
|
|
if (!PACKET_WRITE(change_auth_resp_packet, conn)) {
|
|
|
|
CONN_SET_STATE(conn, CONN_QUIT_SENT);
|
2011-10-26 07:01:49 +08:00
|
|
|
SET_CLIENT_ERROR(*conn->error_info, CR_SERVER_GONE_ERROR, UNKNOWN_SQLSTATE, mysqlnd_server_gone);
|
2011-01-24 20:34:47 +08:00
|
|
|
goto end;
|
|
|
|
}
|
2011-01-13 05:40:05 +08:00
|
|
|
} else {
|
2011-01-24 20:34:47 +08:00
|
|
|
auth_packet = conn->protocol->m.get_auth_packet(conn->protocol, FALSE TSRMLS_CC);
|
|
|
|
|
|
|
|
auth_packet->client_flags = mysql_flags;
|
|
|
|
auth_packet->max_packet_size = options->max_allowed_packet;
|
|
|
|
if (options->charset_name && (charset = mysqlnd_find_charset_name(options->charset_name))) {
|
|
|
|
auth_packet->charset_no = charset->nr;
|
|
|
|
} else {
|
2011-01-13 05:40:05 +08:00
|
|
|
#if MYSQLND_UNICODE
|
2011-01-24 20:34:47 +08:00
|
|
|
auth_packet->charset_no = 200;/* utf8 - swedish collation, check mysqlnd_charset.c */
|
2011-01-13 05:40:05 +08:00
|
|
|
#else
|
2011-01-24 20:34:47 +08:00
|
|
|
auth_packet->charset_no = server_charset_no;
|
2011-01-13 05:40:05 +08:00
|
|
|
#endif
|
2011-01-24 20:34:47 +08:00
|
|
|
}
|
2011-01-13 05:40:05 +08:00
|
|
|
|
2011-01-24 20:34:47 +08:00
|
|
|
auth_packet->send_auth_data = TRUE;
|
|
|
|
auth_packet->user = user;
|
|
|
|
auth_packet->db = db;
|
|
|
|
auth_packet->db_len = db_len;
|
2011-01-15 04:04:17 +08:00
|
|
|
|
2011-01-24 20:34:47 +08:00
|
|
|
auth_packet->auth_data = auth_plugin_data;
|
|
|
|
auth_packet->auth_data_len = auth_plugin_data_len;
|
|
|
|
auth_packet->auth_plugin_name = auth_protocol;
|
2011-01-13 05:40:05 +08:00
|
|
|
|
2011-01-24 20:34:47 +08:00
|
|
|
if (!PACKET_WRITE(auth_packet, conn)) {
|
|
|
|
goto end;
|
|
|
|
}
|
2011-01-13 05:40:05 +08:00
|
|
|
}
|
2011-01-28 02:51:12 +08:00
|
|
|
if (use_full_blown_auth_packet == TRUE) {
|
|
|
|
conn->charset = mysqlnd_find_charset_nr(auth_packet->charset_no);
|
|
|
|
}
|
2011-01-13 05:40:05 +08:00
|
|
|
|
2011-01-24 20:34:47 +08:00
|
|
|
if (FAIL == PACKET_READ(auth_resp_packet, conn) || auth_resp_packet->response_code >= 0xFE) {
|
|
|
|
if (auth_resp_packet->response_code == 0xFE) {
|
2011-01-13 05:40:05 +08:00
|
|
|
/* old authentication with new server !*/
|
2011-01-24 20:34:47 +08:00
|
|
|
if (!auth_resp_packet->new_auth_protocol) {
|
|
|
|
DBG_ERR(mysqlnd_old_passwd);
|
2011-10-26 07:01:49 +08:00
|
|
|
SET_CLIENT_ERROR(*conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, mysqlnd_old_passwd);
|
2011-01-24 20:34:47 +08:00
|
|
|
} else {
|
|
|
|
*switch_to_auth_protocol = mnd_pestrndup(auth_resp_packet->new_auth_protocol, auth_resp_packet->new_auth_protocol_len, FALSE);
|
|
|
|
*switch_to_auth_protocol_len = auth_resp_packet->new_auth_protocol_len;
|
|
|
|
if (auth_resp_packet->new_auth_protocol_data) {
|
|
|
|
*switch_to_auth_protocol_data_len = auth_resp_packet->new_auth_protocol_data_len;
|
|
|
|
*switch_to_auth_protocol_data = mnd_emalloc(*switch_to_auth_protocol_data_len);
|
|
|
|
memcpy(*switch_to_auth_protocol_data, auth_resp_packet->new_auth_protocol_data, *switch_to_auth_protocol_data_len);
|
|
|
|
} else {
|
|
|
|
*switch_to_auth_protocol_data = NULL;
|
|
|
|
*switch_to_auth_protocol_data_len = 0;
|
|
|
|
}
|
2011-01-13 05:40:05 +08:00
|
|
|
}
|
2011-01-24 20:34:47 +08:00
|
|
|
} else if (auth_resp_packet->response_code == 0xFF) {
|
|
|
|
if (auth_resp_packet->sqlstate[0]) {
|
2011-10-26 07:01:49 +08:00
|
|
|
strlcpy(conn->error_info->sqlstate, auth_resp_packet->sqlstate, sizeof(conn->error_info->sqlstate));
|
2011-01-24 20:34:47 +08:00
|
|
|
DBG_ERR_FMT("ERROR:%u [SQLSTATE:%s] %s", auth_resp_packet->error_no, auth_resp_packet->sqlstate, auth_resp_packet->error);
|
|
|
|
}
|
2011-10-26 07:01:49 +08:00
|
|
|
SET_CLIENT_ERROR(*conn->error_info, auth_resp_packet->error_no, UNKNOWN_SQLSTATE, auth_resp_packet->error);
|
2011-01-13 05:40:05 +08:00
|
|
|
}
|
|
|
|
goto end;
|
|
|
|
}
|
|
|
|
|
2011-01-24 20:34:47 +08:00
|
|
|
SET_NEW_MESSAGE(conn->last_message, conn->last_message_len, auth_resp_packet->message, auth_resp_packet->message_len, conn->persistent);
|
2011-01-13 05:40:05 +08:00
|
|
|
ret = PASS;
|
|
|
|
end:
|
2011-01-24 20:34:47 +08:00
|
|
|
PACKET_FREE(change_auth_resp_packet);
|
2011-01-13 05:40:05 +08:00
|
|
|
PACKET_FREE(auth_packet);
|
2011-01-24 20:34:47 +08:00
|
|
|
PACKET_FREE(auth_resp_packet);
|
2011-01-13 05:40:05 +08:00
|
|
|
DBG_RETURN(ret);
|
|
|
|
}
|
|
|
|
/* }}} */
|
|
|
|
|
|
|
|
|
2011-01-24 20:34:47 +08:00
|
|
|
/* {{{ mysqlnd_auth_change_user */
|
2011-01-15 04:04:17 +08:00
|
|
|
enum_func_status
|
|
|
|
mysqlnd_auth_change_user(MYSQLND * const conn,
|
2011-01-13 05:40:05 +08:00
|
|
|
const char * const user,
|
|
|
|
const size_t user_len,
|
|
|
|
const char * const passwd,
|
2011-01-24 21:58:18 +08:00
|
|
|
const size_t passwd_len,
|
2011-01-13 05:40:05 +08:00
|
|
|
const char * const db,
|
|
|
|
const size_t db_len,
|
|
|
|
const zend_bool silent,
|
2011-01-24 20:34:47 +08:00
|
|
|
zend_bool use_full_blown_auth_packet,
|
|
|
|
const char * const auth_protocol,
|
|
|
|
zend_uchar * auth_plugin_data,
|
|
|
|
size_t auth_plugin_data_len,
|
|
|
|
char ** switch_to_auth_protocol,
|
|
|
|
size_t * switch_to_auth_protocol_len,
|
|
|
|
zend_uchar ** switch_to_auth_protocol_data,
|
|
|
|
size_t * switch_to_auth_protocol_data_len
|
2011-01-13 05:40:05 +08:00
|
|
|
TSRMLS_DC)
|
|
|
|
{
|
|
|
|
enum_func_status ret = FAIL;
|
|
|
|
const MYSQLND_CHARSET * old_cs = conn->charset;
|
2011-01-24 20:34:47 +08:00
|
|
|
MYSQLND_PACKET_CHANGE_AUTH_RESPONSE * change_auth_resp_packet = NULL;
|
|
|
|
MYSQLND_PACKET_CHG_USER_RESPONSE * chg_user_resp = NULL;
|
|
|
|
MYSQLND_PACKET_AUTH * auth_packet = NULL;
|
|
|
|
|
|
|
|
DBG_ENTER("mysqlnd_auth_change_user");
|
2011-01-13 05:40:05 +08:00
|
|
|
|
2011-01-24 20:34:47 +08:00
|
|
|
chg_user_resp = conn->protocol->m.get_change_user_response_packet(conn->protocol, FALSE TSRMLS_CC);
|
2011-01-13 05:40:05 +08:00
|
|
|
|
2011-01-24 20:34:47 +08:00
|
|
|
if (!chg_user_resp) {
|
2011-10-26 07:01:49 +08:00
|
|
|
SET_OOM_ERROR(*conn->error_info);
|
2011-01-13 05:40:05 +08:00
|
|
|
goto end;
|
|
|
|
}
|
2011-01-15 04:04:17 +08:00
|
|
|
|
2011-01-24 20:34:47 +08:00
|
|
|
if (use_full_blown_auth_packet != TRUE) {
|
|
|
|
change_auth_resp_packet = conn->protocol->m.get_change_auth_response_packet(conn->protocol, FALSE TSRMLS_CC);
|
|
|
|
if (!change_auth_resp_packet) {
|
2011-10-26 07:01:49 +08:00
|
|
|
SET_OOM_ERROR(*conn->error_info);
|
2011-01-24 20:34:47 +08:00
|
|
|
goto end;
|
|
|
|
}
|
2011-01-15 04:04:17 +08:00
|
|
|
|
2011-01-24 20:34:47 +08:00
|
|
|
change_auth_resp_packet->auth_data = auth_plugin_data;
|
|
|
|
change_auth_resp_packet->auth_data_len = auth_plugin_data_len;
|
2011-01-15 04:04:17 +08:00
|
|
|
|
2011-01-24 20:34:47 +08:00
|
|
|
if (!PACKET_WRITE(change_auth_resp_packet, conn)) {
|
|
|
|
CONN_SET_STATE(conn, CONN_QUIT_SENT);
|
2011-10-26 07:01:49 +08:00
|
|
|
SET_CLIENT_ERROR(*conn->error_info, CR_SERVER_GONE_ERROR, UNKNOWN_SQLSTATE, mysqlnd_server_gone);
|
2011-01-24 20:34:47 +08:00
|
|
|
goto end;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
auth_packet = conn->protocol->m.get_auth_packet(conn->protocol, FALSE TSRMLS_CC);
|
|
|
|
|
|
|
|
if (!auth_packet) {
|
2011-10-26 07:01:49 +08:00
|
|
|
SET_OOM_ERROR(*conn->error_info);
|
2011-01-24 20:34:47 +08:00
|
|
|
goto end;
|
|
|
|
}
|
|
|
|
|
|
|
|
auth_packet->is_change_user_packet = TRUE;
|
|
|
|
auth_packet->user = user;
|
|
|
|
auth_packet->db = db;
|
|
|
|
auth_packet->db_len = db_len;
|
|
|
|
auth_packet->silent = silent;
|
|
|
|
|
|
|
|
auth_packet->auth_data = auth_plugin_data;
|
|
|
|
auth_packet->auth_data_len = auth_plugin_data_len;
|
|
|
|
auth_packet->auth_plugin_name = auth_protocol;
|
|
|
|
|
|
|
|
|
|
|
|
if (mysqlnd_get_server_version(conn) >= 50123) {
|
|
|
|
auth_packet->charset_no = conn->charset->nr;
|
|
|
|
}
|
2011-01-13 05:40:05 +08:00
|
|
|
|
2011-01-24 20:34:47 +08:00
|
|
|
if (!PACKET_WRITE(auth_packet, conn)) {
|
|
|
|
CONN_SET_STATE(conn, CONN_QUIT_SENT);
|
2011-10-26 07:01:49 +08:00
|
|
|
SET_CLIENT_ERROR(*conn->error_info, CR_SERVER_GONE_ERROR, UNKNOWN_SQLSTATE, mysqlnd_server_gone);
|
2011-01-24 20:34:47 +08:00
|
|
|
goto end;
|
|
|
|
}
|
2011-01-13 05:40:05 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
ret = PACKET_READ(chg_user_resp, conn);
|
2011-10-26 07:01:49 +08:00
|
|
|
COPY_CLIENT_ERROR(*conn->error_info, chg_user_resp->error_info);
|
2011-01-13 05:40:05 +08:00
|
|
|
|
2011-01-24 20:34:47 +08:00
|
|
|
if (0xFE == chg_user_resp->response_code) {
|
|
|
|
ret = FAIL;
|
|
|
|
if (!chg_user_resp->new_auth_protocol) {
|
|
|
|
DBG_ERR(mysqlnd_old_passwd);
|
2011-10-26 07:01:49 +08:00
|
|
|
SET_CLIENT_ERROR(*conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, mysqlnd_old_passwd);
|
2011-01-24 20:34:47 +08:00
|
|
|
} else {
|
|
|
|
*switch_to_auth_protocol = mnd_pestrndup(chg_user_resp->new_auth_protocol, chg_user_resp->new_auth_protocol_len, FALSE);
|
|
|
|
*switch_to_auth_protocol_len = chg_user_resp->new_auth_protocol_len;
|
|
|
|
if (chg_user_resp->new_auth_protocol_data) {
|
|
|
|
*switch_to_auth_protocol_data_len = chg_user_resp->new_auth_protocol_data_len;
|
|
|
|
*switch_to_auth_protocol_data = mnd_emalloc(*switch_to_auth_protocol_data_len);
|
|
|
|
memcpy(*switch_to_auth_protocol_data, chg_user_resp->new_auth_protocol_data, *switch_to_auth_protocol_data_len);
|
|
|
|
} else {
|
|
|
|
*switch_to_auth_protocol_data = NULL;
|
|
|
|
*switch_to_auth_protocol_data_len = 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2011-10-26 07:01:49 +08:00
|
|
|
if (conn->error_info->error_no) {
|
2011-01-13 05:40:05 +08:00
|
|
|
ret = FAIL;
|
|
|
|
/*
|
|
|
|
COM_CHANGE_USER is broken in 5.1. At least in 5.1.15 and 5.1.14, 5.1.11 is immune.
|
|
|
|
bug#25371 mysql_change_user() triggers "packets out of sync"
|
|
|
|
When it gets fixed, there should be one more check here
|
|
|
|
*/
|
|
|
|
if (mysqlnd_get_server_version(conn) > 50113L && mysqlnd_get_server_version(conn) < 50118L) {
|
|
|
|
MYSQLND_PACKET_OK * redundant_error_packet = conn->protocol->m.get_ok_packet(conn->protocol, FALSE TSRMLS_CC);
|
|
|
|
if (redundant_error_packet) {
|
|
|
|
PACKET_READ(redundant_error_packet, conn);
|
|
|
|
PACKET_FREE(redundant_error_packet);
|
|
|
|
DBG_INF_FMT("Server is %u, buggy, sends two ERR messages", mysqlnd_get_server_version(conn));
|
|
|
|
} else {
|
2011-10-26 07:01:49 +08:00
|
|
|
SET_OOM_ERROR(*conn->error_info);
|
2011-01-13 05:40:05 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (ret == PASS) {
|
|
|
|
char * tmp = NULL;
|
|
|
|
/* if we get conn->user as parameter and then we first free it, then estrndup it, we will crash */
|
|
|
|
tmp = mnd_pestrndup(user, user_len, conn->persistent);
|
|
|
|
if (conn->user) {
|
|
|
|
mnd_pefree(conn->user, conn->persistent);
|
|
|
|
}
|
|
|
|
conn->user = tmp;
|
|
|
|
|
|
|
|
tmp = mnd_pestrdup(passwd, conn->persistent);
|
|
|
|
if (conn->passwd) {
|
|
|
|
mnd_pefree(conn->passwd, conn->persistent);
|
|
|
|
}
|
|
|
|
conn->passwd = tmp;
|
|
|
|
|
|
|
|
if (conn->last_message) {
|
|
|
|
mnd_pefree(conn->last_message, conn->persistent);
|
|
|
|
conn->last_message = NULL;
|
|
|
|
}
|
2011-10-26 07:01:49 +08:00
|
|
|
memset(conn->upsert_status, 0, sizeof(*conn->upsert_status));
|
2011-01-13 05:40:05 +08:00
|
|
|
/* set charset for old servers */
|
|
|
|
if (mysqlnd_get_server_version(conn) < 50123) {
|
|
|
|
ret = conn->m->set_charset(conn, old_cs->name TSRMLS_CC);
|
|
|
|
}
|
|
|
|
} else if (ret == FAIL && chg_user_resp->server_asked_323_auth == TRUE) {
|
|
|
|
/* old authentication with new server !*/
|
|
|
|
DBG_ERR(mysqlnd_old_passwd);
|
2011-10-26 07:01:49 +08:00
|
|
|
SET_CLIENT_ERROR(*conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, mysqlnd_old_passwd);
|
2011-01-13 05:40:05 +08:00
|
|
|
}
|
|
|
|
end:
|
2011-01-24 20:34:47 +08:00
|
|
|
PACKET_FREE(change_auth_resp_packet);
|
2011-01-13 05:40:05 +08:00
|
|
|
PACKET_FREE(auth_packet);
|
|
|
|
PACKET_FREE(chg_user_resp);
|
|
|
|
DBG_RETURN(ret);
|
|
|
|
}
|
|
|
|
/* }}} */
|
|
|
|
|
2011-01-15 04:04:17 +08:00
|
|
|
|
2011-01-24 20:34:47 +08:00
|
|
|
/******************************************* MySQL Native Password ***********************************/
|
|
|
|
|
|
|
|
#include "ext/standard/sha1.h"
|
|
|
|
|
|
|
|
/* {{{ php_mysqlnd_crypt */
|
|
|
|
static void
|
|
|
|
php_mysqlnd_crypt(zend_uchar *buffer, const zend_uchar *s1, const zend_uchar *s2, size_t len)
|
|
|
|
{
|
|
|
|
const zend_uchar *s1_end = s1 + len;
|
|
|
|
while (s1 < s1_end) {
|
|
|
|
*buffer++= *s1++ ^ *s2++;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
/* }}} */
|
|
|
|
|
|
|
|
|
|
|
|
/* {{{ php_mysqlnd_scramble */
|
|
|
|
void php_mysqlnd_scramble(zend_uchar * const buffer, const zend_uchar * const scramble, const zend_uchar * const password, size_t password_len)
|
|
|
|
{
|
|
|
|
PHP_SHA1_CTX context;
|
|
|
|
zend_uchar sha1[SHA1_MAX_LENGTH];
|
|
|
|
zend_uchar sha2[SHA1_MAX_LENGTH];
|
|
|
|
|
|
|
|
/* Phase 1: hash password */
|
|
|
|
PHP_SHA1Init(&context);
|
|
|
|
PHP_SHA1Update(&context, password, password_len);
|
|
|
|
PHP_SHA1Final(sha1, &context);
|
|
|
|
|
|
|
|
/* Phase 2: hash sha1 */
|
|
|
|
PHP_SHA1Init(&context);
|
|
|
|
PHP_SHA1Update(&context, (zend_uchar*)sha1, SHA1_MAX_LENGTH);
|
|
|
|
PHP_SHA1Final(sha2, &context);
|
|
|
|
|
|
|
|
/* Phase 3: hash scramble + sha2 */
|
|
|
|
PHP_SHA1Init(&context);
|
|
|
|
PHP_SHA1Update(&context, scramble, SCRAMBLE_LENGTH);
|
|
|
|
PHP_SHA1Update(&context, (zend_uchar*)sha2, SHA1_MAX_LENGTH);
|
|
|
|
PHP_SHA1Final(buffer, &context);
|
|
|
|
|
|
|
|
/* let's crypt buffer now */
|
|
|
|
php_mysqlnd_crypt(buffer, (const zend_uchar *)buffer, (const zend_uchar *)sha1, SHA1_MAX_LENGTH);
|
|
|
|
}
|
|
|
|
/* }}} */
|
|
|
|
|
|
|
|
|
2011-01-15 04:04:17 +08:00
|
|
|
/* {{{ mysqlnd_native_auth_get_auth_data */
|
|
|
|
static zend_uchar *
|
|
|
|
mysqlnd_native_auth_get_auth_data(struct st_mysqlnd_authentication_plugin * self,
|
|
|
|
size_t * auth_data_len,
|
|
|
|
MYSQLND * conn, const char * const user, const char * const passwd,
|
|
|
|
const size_t passwd_len, zend_uchar * auth_plugin_data, size_t auth_plugin_data_len,
|
|
|
|
const MYSQLND_OPTIONS * const options, unsigned long mysql_flags
|
|
|
|
TSRMLS_DC)
|
|
|
|
{
|
|
|
|
zend_uchar * ret = NULL;
|
|
|
|
DBG_ENTER("mysqlnd_native_auth_get_auth_data");
|
|
|
|
*auth_data_len = 0;
|
|
|
|
|
|
|
|
/* 5.5.x reports 21 as scramble length because it needs to show the length of the data before the plugin name */
|
2011-01-24 20:34:47 +08:00
|
|
|
if (auth_plugin_data_len < SCRAMBLE_LENGTH) {
|
2011-01-15 04:04:17 +08:00
|
|
|
/* mysql_native_password only works with SCRAMBLE_LENGTH scramble */
|
2011-10-26 07:01:49 +08:00
|
|
|
SET_CLIENT_ERROR(*conn->error_info, CR_MALFORMED_PACKET, UNKNOWN_SQLSTATE, "The server sent wrong length for scramble");
|
2011-01-15 04:04:17 +08:00
|
|
|
DBG_ERR_FMT("The server sent wrong length for scramble %u. Expected %u", auth_plugin_data_len, SCRAMBLE_LENGTH);
|
|
|
|
DBG_RETURN(NULL);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* copy scrambled pass*/
|
|
|
|
if (passwd && passwd_len) {
|
2011-01-24 20:34:47 +08:00
|
|
|
ret = malloc(SCRAMBLE_LENGTH);
|
2011-01-15 04:04:17 +08:00
|
|
|
*auth_data_len = SCRAMBLE_LENGTH;
|
|
|
|
/* In 4.1 we use CLIENT_SECURE_CONNECTION and thus the len of the buf should be passed */
|
|
|
|
php_mysqlnd_scramble((zend_uchar*)ret, auth_plugin_data, (zend_uchar*)passwd, passwd_len);
|
|
|
|
}
|
|
|
|
DBG_RETURN(ret);
|
|
|
|
}
|
|
|
|
/* }}} */
|
|
|
|
|
|
|
|
|
2011-01-13 05:40:05 +08:00
|
|
|
static struct st_mysqlnd_authentication_plugin mysqlnd_native_auth_plugin =
|
|
|
|
{
|
|
|
|
{
|
|
|
|
MYSQLND_PLUGIN_API_VERSION,
|
|
|
|
"auth_plugin_mysql_native_password",
|
|
|
|
MYSQLND_VERSION_ID,
|
|
|
|
MYSQLND_VERSION,
|
|
|
|
"PHP License 3.01",
|
|
|
|
"Andrey Hristov <andrey@mysql.com>, Ulf Wendel <uwendel@mysql.com>, Georg Richter <georg@mysql.com>",
|
|
|
|
{
|
|
|
|
NULL, /* no statistics , will be filled later if there are some */
|
|
|
|
NULL, /* no statistics */
|
|
|
|
},
|
|
|
|
{
|
|
|
|
NULL /* plugin shutdown */
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{/* methods */
|
2011-01-15 04:04:17 +08:00
|
|
|
mysqlnd_native_auth_get_auth_data
|
2011-01-13 05:40:05 +08:00
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2011-01-15 04:04:17 +08:00
|
|
|
|
2011-01-24 20:34:47 +08:00
|
|
|
/******************************************* PAM Authentication ***********************************/
|
|
|
|
|
|
|
|
/* {{{ mysqlnd_pam_auth_get_auth_data */
|
|
|
|
static zend_uchar *
|
|
|
|
mysqlnd_pam_auth_get_auth_data(struct st_mysqlnd_authentication_plugin * self,
|
|
|
|
size_t * auth_data_len,
|
|
|
|
MYSQLND * conn, const char * const user, const char * const passwd,
|
|
|
|
const size_t passwd_len, zend_uchar * auth_plugin_data, size_t auth_plugin_data_len,
|
|
|
|
const MYSQLND_OPTIONS * const options, unsigned long mysql_flags
|
|
|
|
TSRMLS_DC)
|
|
|
|
{
|
|
|
|
zend_uchar * ret = NULL;
|
|
|
|
|
|
|
|
/* copy pass*/
|
|
|
|
if (passwd && passwd_len) {
|
2011-01-31 20:32:32 +08:00
|
|
|
ret = (zend_uchar*) zend_strndup(passwd, passwd_len);
|
2011-01-24 20:34:47 +08:00
|
|
|
}
|
|
|
|
*auth_data_len = passwd_len;
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
/* }}} */
|
|
|
|
|
|
|
|
|
|
|
|
static struct st_mysqlnd_authentication_plugin mysqlnd_pam_authentication_plugin =
|
|
|
|
{
|
|
|
|
{
|
|
|
|
MYSQLND_PLUGIN_API_VERSION,
|
2011-01-24 21:59:28 +08:00
|
|
|
"auth_plugin_mysql_clear_password",
|
2011-01-24 20:34:47 +08:00
|
|
|
MYSQLND_VERSION_ID,
|
|
|
|
MYSQLND_VERSION,
|
2011-01-24 21:59:28 +08:00
|
|
|
"PHP License 3.01",
|
2011-01-24 20:34:47 +08:00
|
|
|
"Andrey Hristov <andrey@mysql.com>, Ulf Wendel <uwendel@mysql.com>, Georg Richter <georg@mysql.com>",
|
|
|
|
{
|
|
|
|
NULL, /* no statistics , will be filled later if there are some */
|
|
|
|
NULL, /* no statistics */
|
|
|
|
},
|
|
|
|
{
|
|
|
|
NULL /* plugin shutdown */
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{/* methods */
|
|
|
|
mysqlnd_pam_auth_get_auth_data
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
/* {{{ mysqlnd_register_builtin_authentication_plugins */
|
2011-01-13 05:40:05 +08:00
|
|
|
void
|
2011-01-24 20:34:47 +08:00
|
|
|
mysqlnd_register_builtin_authentication_plugins(TSRMLS_D)
|
2011-01-13 05:40:05 +08:00
|
|
|
{
|
|
|
|
mysqlnd_plugin_register_ex((struct st_mysqlnd_plugin_header *) &mysqlnd_native_auth_plugin TSRMLS_CC);
|
2011-01-24 20:34:47 +08:00
|
|
|
mysqlnd_plugin_register_ex((struct st_mysqlnd_plugin_header *) &mysqlnd_pam_authentication_plugin TSRMLS_CC);
|
2011-01-13 05:40:05 +08:00
|
|
|
}
|
|
|
|
/* }}} */
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Local variables:
|
|
|
|
* tab-width: 4
|
|
|
|
* c-basic-offset: 4
|
|
|
|
* End:
|
|
|
|
* vim600: noet sw=4 ts=4 fdm=marker
|
|
|
|
* vim<600: noet sw=4 ts=4
|
|
|
|
*/
|