1 #ifndef SQL_AUTHENTICATION_INCLUDED 2 #define SQL_AUTHENTICATION_INCLUDED 3 4 /* Copyright (c) 2000, 2021, Oracle and/or its affiliates. 5 6 This program is free software; you can redistribute it and/or modify 7 it under the terms of the GNU General Public License, version 2.0, 8 as published by the Free Software Foundation. 9 10 This program is also distributed with certain software (including 11 but not limited to OpenSSL) that is licensed under separate terms, 12 as designated in a particular file or component or in included license 13 documentation. The authors of MySQL hereby grant you an additional 14 permission to link the program and your derivative works with the 15 separately licensed software that they have included with MySQL. 16 17 This program is distributed in the hope that it will be useful, 18 but WITHOUT ANY WARRANTY; without even the implied warranty of 19 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 20 GNU General Public License, version 2.0, for more details. 21 22 You should have received a copy of the GNU General Public License 23 along with this program; if not, write to the Free Software Foundation, 24 51 Franklin Street, Suite 500, Boston, MA 02110-1335 USA */ 25 26 #include "my_global.h" // NO_EMBEDDED_ACCESS_CHECKS 27 #include "my_thread_local.h" // my_thread_id 28 #include <mysql/plugin_auth.h> // MYSQL_SERVER_AUTH_INFO 29 #include "sql_plugin_ref.h" // plugin_ref 30 31 /* Forward declarations */ 32 class THD; 33 typedef struct charset_info_st CHARSET_INFO; 34 class ACL_USER; 35 class Protocol_classic; 36 typedef struct st_net NET; 37 38 /* Classes */ 39 40 class Thd_charset_adapter 41 { 42 THD *thd; 43 public: Thd_charset_adapter(THD * thd_arg)44 Thd_charset_adapter(THD *thd_arg) : thd (thd_arg) {} 45 bool init_client_charset(uint cs_number); 46 47 const CHARSET_INFO *charset(); 48 }; 49 50 51 /** 52 The internal version of what plugins know as MYSQL_PLUGIN_VIO, 53 basically the context of the authentication session 54 */ 55 struct MPVIO_EXT : public MYSQL_PLUGIN_VIO 56 { 57 MYSQL_SERVER_AUTH_INFO auth_info; 58 const ACL_USER *acl_user; 59 plugin_ref plugin; ///< what plugin we're under 60 LEX_STRING db; ///< db name from the handshake packet 61 /** when restarting a plugin this caches the last client reply */ 62 struct { 63 const char *plugin, *pkt; ///< pointers into NET::buff 64 uint pkt_len; 65 } cached_client_reply; 66 /** this caches the first plugin packet for restart request on the client */ 67 struct { 68 char *pkt; 69 uint pkt_len; 70 } cached_server_packet; 71 int packets_read, packets_written; ///< counters for send/received packets 72 /** when plugin returns a failure this tells us what really happened */ 73 enum { SUCCESS, FAILURE, RESTART } status; 74 75 /* encapsulation members */ 76 char *scramble; 77 MEM_ROOT *mem_root; 78 struct rand_struct *rand; 79 my_thread_id thread_id; 80 uint *server_status; 81 Protocol_classic *protocol; 82 ulong max_client_packet_length; 83 char *ip; 84 char *host; 85 Thd_charset_adapter *charset_adapter; 86 LEX_CSTRING acl_user_plugin; 87 int vio_is_encrypted; 88 bool can_authenticate(); 89 }; 90 91 #if defined(HAVE_OPENSSL) 92 typedef struct rsa_st RSA; 93 class Rsa_authentication_keys 94 { 95 private: 96 RSA *m_public_key; 97 RSA *m_private_key; 98 int m_cipher_len; 99 char *m_pem_public_key; 100 101 void get_key_file_path(char *key, String *key_file_path); 102 bool read_key_file(RSA **key_ptr, bool is_priv_key, char **key_text_buffer); 103 104 public: 105 Rsa_authentication_keys(); ~Rsa_authentication_keys()106 ~Rsa_authentication_keys() 107 { 108 } 109 110 void free_memory(); 111 void *allocate_pem_buffer(size_t buffer_len); get_private_key()112 RSA *get_private_key() 113 { 114 return m_private_key; 115 } 116 get_public_key()117 RSA *get_public_key() 118 { 119 return m_public_key; 120 } 121 122 int get_cipher_length(); 123 bool read_rsa_keys(); get_public_key_as_pem(void)124 const char *get_public_key_as_pem(void) 125 { 126 return m_pem_public_key; 127 } 128 129 }; 130 131 #endif /* HAVE_OPENSSL */ 132 133 /* Data Structures */ 134 135 extern LEX_CSTRING native_password_plugin_name; 136 extern LEX_CSTRING sha256_password_plugin_name; 137 extern LEX_CSTRING validate_password_plugin_name; 138 extern LEX_CSTRING default_auth_plugin_name; 139 140 #ifndef NO_EMBEDDED_ACCESS_CHECKS 141 extern bool allow_all_hosts; 142 #endif /* NO_EMBEDDED_ACCESS_CHECKS */ 143 144 extern plugin_ref native_password_plugin; 145 146 #endif /* SQL_AUTHENTICATION_INCLUDED */ 147