1 #ifndef MYSQL_PLUGIN_AUTH_INCLUDED
2 /* Copyright (C) 2010 Sergei Golubchik and Monty Program Ab
3    Copyright (c) 2010, Oracle and/or its affiliates.
4 
5    This program is free software; you can redistribute it and/or modify
6    it under the terms of the GNU General Public License as published by
7    the Free Software Foundation; version 2 of the License.
8 
9    This program is distributed in the hope that it will be useful,
10    but WITHOUT ANY WARRANTY; without even the implied warranty of
11    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12    GNU General Public License for more details.
13 
14    You should have received a copy of the GNU General Public License
15    along with this program; if not, write to the Free Software
16    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1335  USA */
17 
18 /**
19   @file
20 
21   Authentication Plugin API.
22 
23   This file defines the API for server authentication plugins.
24 */
25 
26 #define MYSQL_PLUGIN_AUTH_INCLUDED
27 
28 #include <mysql/plugin.h>
29 
30 #define MYSQL_AUTHENTICATION_INTERFACE_VERSION 0x0201
31 
32 #include <mysql/plugin_auth_common.h>
33 
34 #ifdef __cplusplus
35 extern "C" {
36 #endif
37 
38 /* defines for MYSQL_SERVER_AUTH_INFO.password_used */
39 
40 #define PASSWORD_USED_NO         0
41 #define PASSWORD_USED_YES        1
42 #define PASSWORD_USED_NO_MENTION 2
43 
44 
45 /**
46   Provides server plugin access to authentication information
47 */
48 typedef struct st_mysql_server_auth_info
49 {
50   /**
51     User name as sent by the client and shown in USER().
52     NULL if the client packet with the user name was not received yet.
53   */
54   const char *user_name;
55 
56   /**
57     Length of user_name
58   */
59   unsigned int user_name_length;
60 
61   /**
62     A corresponding column value from the mysql.user table for the
63     matching account name
64   */
65   const char *auth_string;
66 
67   /**
68     Length of auth_string
69   */
70   unsigned long auth_string_length;
71 
72   /**
73     Matching account name as found in the mysql.user table.
74     A plugin can override it with another name that will be
75     used by MySQL for authorization, and shown in CURRENT_USER()
76   */
77   char authenticated_as[MYSQL_USERNAME_LENGTH+1];
78 
79 
80   /**
81     The unique user name that was used by the plugin to authenticate.
82     Not used by the server.
83     Available through the @@EXTERNAL_USER variable.
84   */
85   char external_user[MYSQL_USERNAME_LENGTH+1];
86 
87   /**
88     This only affects the "Authentication failed. Password used: %s"
89     error message. has the following values :
90     0 : %s will be NO.
91     1 : %s will be YES.
92     2 : there will be no %s.
93     Set it as appropriate or ignore at will.
94   */
95   int  password_used;
96 
97   /**
98     Set to the name of the connected client host, if it can be resolved,
99     or to its IP address otherwise.
100   */
101   const char *host_or_ip;
102 
103   /**
104     Length of host_or_ip
105   */
106   unsigned int host_or_ip_length;
107 
108   /**
109     Current THD pointer (to use with various services)
110   */
111   MYSQL_THD thd;
112 
113 } MYSQL_SERVER_AUTH_INFO;
114 
115 /**
116   Server authentication plugin descriptor
117 */
118 struct st_mysql_auth
119 {
120   int interface_version;                        /**< version plugin uses */
121   /**
122     A plugin that a client must use for authentication with this server
123     plugin. Can be NULL to mean "any plugin".
124   */
125   const char *client_auth_plugin;
126   /**
127     Function provided by the plugin which should perform authentication (using
128     the vio functions if necessary) and return 0 if successful. The plugin can
129     also fill the info.authenticated_as field if a different username should be
130     used for authorization.
131   */
132   int (*authenticate_user)(MYSQL_PLUGIN_VIO *vio, MYSQL_SERVER_AUTH_INFO *info);
133 };
134 
135 #ifdef __cplusplus
136 }
137 #endif
138 
139 #endif
140 
141