PHP  
 PHP: Test and Code Coverage Analysis
downloads | QA | documentation | faq | getting help | mailing lists | reporting bugs | php.net sites | links | my php.net 
 

LCOV - code coverage report
Current view: top level - ext/mysqlnd - mysqlnd_auth.c (source / functions) Hit Total Coverage
Test: PHP Code Coverage Lines: 124 274 45.3 %
Date: 2014-09-19 Functions: 6 10 60.0 %
Legend: Lines: hit not hit

          Line data    Source code
       1             : /*
       2             :   +----------------------------------------------------------------------+
       3             :   | PHP Version 5                                                        |
       4             :   +----------------------------------------------------------------------+
       5             :   | Copyright (c) 2006-2014 The PHP Group                                |
       6             :   +----------------------------------------------------------------------+
       7             :   | This source file is subject to version 3.01 of the PHP license,      |
       8             :   | that is bundled with this package in the file LICENSE, and is        |
       9             :   | available through the world-wide-web at the following url:           |
      10             :   | http://www.php.net/license/3_01.txt                                  |
      11             :   | If you did not receive a copy of the PHP license and are unable to   |
      12             :   | obtain it through the world-wide-web, please send a note to          |
      13             :   | license@php.net so we can mail you a copy immediately.               |
      14             :   +----------------------------------------------------------------------+
      15             :   | Authors: Georg Richter <georg@mysql.com>                             |
      16             :   |          Andrey Hristov <andrey@mysql.com>                           |
      17             :   |          Ulf Wendel <uwendel@mysql.com>                              |
      18             :   +----------------------------------------------------------------------+
      19             : */
      20             : 
      21             : /* $Id: mysqlnd.c 307377 2011-01-11 13:02:57Z andrey $ */
      22             : #include "php.h"
      23             : #include "mysqlnd.h"
      24             : #include "mysqlnd_structs.h"
      25             : #include "mysqlnd_wireprotocol.h"
      26             : #include "mysqlnd_priv.h"
      27             : #include "mysqlnd_result.h"
      28             : #include "mysqlnd_charset.h"
      29             : #include "mysqlnd_debug.h"
      30             : 
      31             : /* {{{ mysqlnd_auth_handshake */
      32             : enum_func_status
      33        1859 : mysqlnd_auth_handshake(MYSQLND_CONN_DATA * conn,
      34             :                                                           const char * const user,
      35             :                                                           const char * const passwd,
      36             :                                                           const size_t passwd_len,
      37             :                                                           const char * const db,
      38             :                                                           const size_t db_len,
      39             :                                                           const MYSQLND_OPTIONS * const options,
      40             :                                                           zend_ulong mysql_flags,
      41             :                                                           unsigned int server_charset_no,
      42             :                                                           zend_bool use_full_blown_auth_packet,
      43             :                                                           const char * const auth_protocol,
      44             :                                                           const zend_uchar * const auth_plugin_data,
      45             :                                                           const size_t auth_plugin_data_len,
      46             :                                                           char ** switch_to_auth_protocol,
      47             :                                                           size_t * switch_to_auth_protocol_len,
      48             :                                                           zend_uchar ** switch_to_auth_protocol_data,
      49             :                                                           size_t * switch_to_auth_protocol_data_len
      50             :                                                           TSRMLS_DC)
      51             : {
      52        1859 :         enum_func_status ret = FAIL;
      53        1859 :         const MYSQLND_CHARSET * charset = NULL;
      54        1859 :         MYSQLND_PACKET_CHANGE_AUTH_RESPONSE * change_auth_resp_packet = NULL;
      55        1859 :         MYSQLND_PACKET_AUTH_RESPONSE * auth_resp_packet = NULL;
      56        1859 :         MYSQLND_PACKET_AUTH * auth_packet = NULL;
      57             : 
      58        1859 :         DBG_ENTER("mysqlnd_auth_handshake");
      59             : 
      60        1859 :         auth_resp_packet = conn->protocol->m.get_auth_response_packet(conn->protocol, FALSE TSRMLS_CC);
      61             : 
      62        1859 :         if (!auth_resp_packet) {
      63           0 :                 SET_OOM_ERROR(*conn->error_info);
      64           0 :                 goto end;
      65             :         }
      66             : 
      67        1859 :         if (use_full_blown_auth_packet != TRUE) {
      68           0 :                 change_auth_resp_packet = conn->protocol->m.get_change_auth_response_packet(conn->protocol, FALSE TSRMLS_CC);
      69           0 :                 if (!change_auth_resp_packet) {
      70           0 :                         SET_OOM_ERROR(*conn->error_info);
      71           0 :                         goto end;
      72             :                 }
      73             : 
      74           0 :                 change_auth_resp_packet->auth_data = auth_plugin_data;
      75           0 :                 change_auth_resp_packet->auth_data_len = auth_plugin_data_len;
      76             : 
      77           0 :                 if (!PACKET_WRITE(change_auth_resp_packet, conn)) {
      78           0 :                         CONN_SET_STATE(conn, CONN_QUIT_SENT);
      79           0 :                         SET_CLIENT_ERROR(*conn->error_info, CR_SERVER_GONE_ERROR, UNKNOWN_SQLSTATE, mysqlnd_server_gone);
      80           0 :                         goto end;
      81             :                 }
      82             :         } else {
      83        1859 :                 auth_packet = conn->protocol->m.get_auth_packet(conn->protocol, FALSE TSRMLS_CC);
      84             : 
      85        1859 :                 auth_packet->client_flags = mysql_flags;
      86        1859 :                 auth_packet->max_packet_size = options->max_allowed_packet;
      87        1863 :                 if (options->charset_name && (charset = mysqlnd_find_charset_name(options->charset_name))) {
      88           4 :                         auth_packet->charset_no      = charset->nr;
      89             :                 } else {
      90        1855 :                         auth_packet->charset_no      = server_charset_no;
      91             :                 }
      92             : 
      93        1859 :                 auth_packet->send_auth_data = TRUE;
      94        1859 :                 auth_packet->user            = user;
      95        1859 :                 auth_packet->db                      = db;
      96        1859 :                 auth_packet->db_len          = db_len;
      97             : 
      98        1859 :                 auth_packet->auth_data = auth_plugin_data;
      99        1859 :                 auth_packet->auth_data_len = auth_plugin_data_len;
     100        1859 :                 auth_packet->auth_plugin_name = auth_protocol;
     101             :                 
     102        1859 :                 if (conn->server_capabilities & CLIENT_CONNECT_ATTRS) {
     103           0 :                         auth_packet->connect_attr = conn->options->connect_attr;
     104             :                 }
     105             : 
     106        1859 :                 if (!PACKET_WRITE(auth_packet, conn)) {
     107           0 :                         goto end;
     108             :                 }
     109             :         }
     110        1859 :         if (use_full_blown_auth_packet == TRUE) {
     111        1859 :                 conn->charset = mysqlnd_find_charset_nr(auth_packet->charset_no);
     112             :         }
     113             : 
     114        1859 :         if (FAIL == PACKET_READ(auth_resp_packet, conn) || auth_resp_packet->response_code >= 0xFE) {
     115          32 :                 if (auth_resp_packet->response_code == 0xFE) {
     116             :                         /* old authentication with new server  !*/
     117           0 :                         if (!auth_resp_packet->new_auth_protocol) {
     118           0 :                                 DBG_ERR(mysqlnd_old_passwd);
     119           0 :                                 SET_CLIENT_ERROR(*conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, mysqlnd_old_passwd);
     120             :                         } else {
     121           0 :                                 *switch_to_auth_protocol = mnd_pestrndup(auth_resp_packet->new_auth_protocol, auth_resp_packet->new_auth_protocol_len, FALSE);
     122           0 :                                 *switch_to_auth_protocol_len = auth_resp_packet->new_auth_protocol_len;
     123           0 :                                 if (auth_resp_packet->new_auth_protocol_data) {
     124           0 :                                         *switch_to_auth_protocol_data_len = auth_resp_packet->new_auth_protocol_data_len;
     125           0 :                                         *switch_to_auth_protocol_data = mnd_emalloc(*switch_to_auth_protocol_data_len);
     126           0 :                                         memcpy(*switch_to_auth_protocol_data, auth_resp_packet->new_auth_protocol_data, *switch_to_auth_protocol_data_len);
     127             :                                 } else {
     128           0 :                                         *switch_to_auth_protocol_data = NULL;
     129           0 :                                         *switch_to_auth_protocol_data_len = 0;
     130             :                                 }                               
     131             :                         }
     132          32 :                 } else if (auth_resp_packet->response_code == 0xFF) {
     133          32 :                         if (auth_resp_packet->sqlstate[0]) {
     134          32 :                                 strlcpy(conn->error_info->sqlstate, auth_resp_packet->sqlstate, sizeof(conn->error_info->sqlstate));
     135          32 :                                 DBG_ERR_FMT("ERROR:%u [SQLSTATE:%s] %s", auth_resp_packet->error_no, auth_resp_packet->sqlstate, auth_resp_packet->error);
     136             :                         }
     137          32 :                         SET_CLIENT_ERROR(*conn->error_info, auth_resp_packet->error_no, UNKNOWN_SQLSTATE, auth_resp_packet->error);
     138             :                 }
     139          32 :                 goto end;
     140             :         }
     141             : 
     142        1827 :         SET_NEW_MESSAGE(conn->last_message, conn->last_message_len, auth_resp_packet->message, auth_resp_packet->message_len, conn->persistent);
     143        1827 :         ret = PASS;
     144             : end:
     145        1859 :         PACKET_FREE(change_auth_resp_packet);
     146        1859 :         PACKET_FREE(auth_packet);
     147        1859 :         PACKET_FREE(auth_resp_packet);
     148        1859 :         DBG_RETURN(ret);
     149             : }
     150             : /* }}} */
     151             : 
     152             : 
     153             : /* {{{ mysqlnd_auth_change_user */
     154             : enum_func_status
     155          71 : mysqlnd_auth_change_user(MYSQLND_CONN_DATA * const conn,
     156             :                                                                 const char * const user,
     157             :                                                                 const size_t user_len,
     158             :                                                                 const char * const passwd,
     159             :                                                                 const size_t passwd_len,
     160             :                                                                 const char * const db,
     161             :                                                                 const size_t db_len,
     162             :                                                                 const zend_bool silent,
     163             :                                                                 zend_bool use_full_blown_auth_packet,
     164             :                                                                 const char * const auth_protocol,
     165             :                                                                 zend_uchar * auth_plugin_data,
     166             :                                                                 size_t auth_plugin_data_len,
     167             :                                                                 char ** switch_to_auth_protocol,
     168             :                                                                 size_t * switch_to_auth_protocol_len,
     169             :                                                                 zend_uchar ** switch_to_auth_protocol_data,
     170             :                                                                 size_t * switch_to_auth_protocol_data_len
     171             :                                                                 TSRMLS_DC)
     172             : {
     173          71 :         enum_func_status ret = FAIL;
     174          71 :         const MYSQLND_CHARSET * old_cs = conn->charset;
     175          71 :         MYSQLND_PACKET_CHANGE_AUTH_RESPONSE * change_auth_resp_packet = NULL;
     176          71 :         MYSQLND_PACKET_CHG_USER_RESPONSE * chg_user_resp = NULL;
     177          71 :         MYSQLND_PACKET_AUTH * auth_packet = NULL;
     178             : 
     179          71 :         DBG_ENTER("mysqlnd_auth_change_user");
     180             : 
     181          71 :         chg_user_resp = conn->protocol->m.get_change_user_response_packet(conn->protocol, FALSE TSRMLS_CC);
     182             : 
     183          71 :         if (!chg_user_resp) {
     184           0 :                 SET_OOM_ERROR(*conn->error_info);
     185           0 :                 goto end;
     186             :         }
     187             : 
     188          71 :         if (use_full_blown_auth_packet != TRUE) {
     189           0 :                 change_auth_resp_packet = conn->protocol->m.get_change_auth_response_packet(conn->protocol, FALSE TSRMLS_CC);
     190           0 :                 if (!change_auth_resp_packet) {
     191           0 :                         SET_OOM_ERROR(*conn->error_info);
     192           0 :                         goto end;
     193             :                 }
     194             : 
     195           0 :                 change_auth_resp_packet->auth_data = auth_plugin_data;
     196           0 :                 change_auth_resp_packet->auth_data_len = auth_plugin_data_len;
     197             : 
     198           0 :                 if (!PACKET_WRITE(change_auth_resp_packet, conn)) {
     199           0 :                         CONN_SET_STATE(conn, CONN_QUIT_SENT);
     200           0 :                         SET_CLIENT_ERROR(*conn->error_info, CR_SERVER_GONE_ERROR, UNKNOWN_SQLSTATE, mysqlnd_server_gone);
     201           0 :                         goto end;
     202             :                 }       
     203             :         } else {
     204          71 :                 auth_packet = conn->protocol->m.get_auth_packet(conn->protocol, FALSE TSRMLS_CC);
     205             : 
     206          71 :                 if (!auth_packet) {
     207           0 :                         SET_OOM_ERROR(*conn->error_info);
     208           0 :                         goto end;
     209             :                 }
     210             : 
     211          71 :                 auth_packet->is_change_user_packet = TRUE;
     212          71 :                 auth_packet->user            = user;
     213          71 :                 auth_packet->db                      = db;
     214          71 :                 auth_packet->db_len          = db_len;
     215          71 :                 auth_packet->silent          = silent;
     216             : 
     217          71 :                 auth_packet->auth_data = auth_plugin_data;
     218          71 :                 auth_packet->auth_data_len = auth_plugin_data_len;
     219          71 :                 auth_packet->auth_plugin_name = auth_protocol;
     220             : 
     221             : 
     222          71 :                 if (conn->m->get_server_version(conn TSRMLS_CC) >= 50123) {
     223          71 :                         auth_packet->charset_no      = conn->charset->nr;
     224             :                 }
     225             :         
     226          71 :                 if (!PACKET_WRITE(auth_packet, conn)) {
     227           1 :                         CONN_SET_STATE(conn, CONN_QUIT_SENT);
     228           1 :                                 SET_CLIENT_ERROR(*conn->error_info, CR_SERVER_GONE_ERROR, UNKNOWN_SQLSTATE, mysqlnd_server_gone);
     229           1 :                         goto end;
     230             :                 }
     231             :         }
     232             : 
     233          70 :         ret = PACKET_READ(chg_user_resp, conn);
     234          70 :         COPY_CLIENT_ERROR(*conn->error_info, chg_user_resp->error_info);
     235             : 
     236          70 :         if (0xFE == chg_user_resp->response_code) {
     237           0 :                 ret = FAIL;
     238           0 :                 if (!chg_user_resp->new_auth_protocol) {
     239           0 :                         DBG_ERR(mysqlnd_old_passwd);
     240           0 :                         SET_CLIENT_ERROR(*conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, mysqlnd_old_passwd);
     241             :                 } else {
     242           0 :                         *switch_to_auth_protocol = mnd_pestrndup(chg_user_resp->new_auth_protocol, chg_user_resp->new_auth_protocol_len, FALSE);
     243           0 :                         *switch_to_auth_protocol_len = chg_user_resp->new_auth_protocol_len;
     244           0 :                         if (chg_user_resp->new_auth_protocol_data) {
     245           0 :                                 *switch_to_auth_protocol_data_len = chg_user_resp->new_auth_protocol_data_len;
     246           0 :                                 *switch_to_auth_protocol_data = mnd_emalloc(*switch_to_auth_protocol_data_len);
     247           0 :                                 memcpy(*switch_to_auth_protocol_data, chg_user_resp->new_auth_protocol_data, *switch_to_auth_protocol_data_len);
     248             :                         } else {
     249           0 :                                 *switch_to_auth_protocol_data = NULL;
     250           0 :                                 *switch_to_auth_protocol_data_len = 0;
     251             :                         }                               
     252             :                 }
     253             :         }
     254             : 
     255          70 :         if (conn->error_info->error_no) {
     256          14 :                 ret = FAIL;
     257             :                 /*
     258             :                   COM_CHANGE_USER is broken in 5.1. At least in 5.1.15 and 5.1.14, 5.1.11 is immune.
     259             :                   bug#25371 mysql_change_user() triggers "packets out of sync"
     260             :                   When it gets fixed, there should be one more check here
     261             :                 */
     262          14 :                 if (conn->m->get_server_version(conn TSRMLS_CC) > 50113L &&conn->m->get_server_version(conn TSRMLS_CC) < 50118L) {
     263           0 :                         MYSQLND_PACKET_OK * redundant_error_packet = conn->protocol->m.get_ok_packet(conn->protocol, FALSE TSRMLS_CC);
     264           0 :                         if (redundant_error_packet) {
     265           0 :                                 PACKET_READ(redundant_error_packet, conn);
     266           0 :                                 PACKET_FREE(redundant_error_packet);
     267           0 :                                 DBG_INF_FMT("Server is %u, buggy, sends two ERR messages", conn->m->get_server_version(conn TSRMLS_CC));
     268             :                         } else {
     269           0 :                                 SET_OOM_ERROR(*conn->error_info);
     270             :                         }
     271             :                 }
     272             :         }
     273          70 :         if (ret == PASS) {
     274          56 :                 char * tmp = NULL;
     275             :                 /* if we get conn->user as parameter and then we first free it, then estrndup it, we will crash */
     276          56 :                 tmp = mnd_pestrndup(user, user_len, conn->persistent);
     277          56 :                 if (conn->user) {
     278          56 :                         mnd_pefree(conn->user, conn->persistent);
     279             :                 }
     280          56 :                 conn->user = tmp;
     281             : 
     282          56 :                 tmp = mnd_pestrdup(passwd, conn->persistent);
     283          56 :                 if (conn->passwd) {
     284          56 :                         mnd_pefree(conn->passwd, conn->persistent);
     285             :                 }
     286          56 :                 conn->passwd = tmp;
     287             : 
     288          56 :                 if (conn->last_message) {
     289           0 :                         mnd_pefree(conn->last_message, conn->persistent);
     290           0 :                         conn->last_message = NULL;
     291             :                 }
     292          56 :                 memset(conn->upsert_status, 0, sizeof(*conn->upsert_status));
     293             :                 /* set charset for old servers */
     294          56 :                 if (conn->m->get_server_version(conn TSRMLS_CC) < 50123) {
     295           0 :                         ret = conn->m->set_charset(conn, old_cs->name TSRMLS_CC);
     296             :                 }
     297          14 :         } else if (ret == FAIL && chg_user_resp->server_asked_323_auth == TRUE) {
     298             :                 /* old authentication with new server  !*/
     299           0 :                 DBG_ERR(mysqlnd_old_passwd);
     300           0 :                 SET_CLIENT_ERROR(*conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, mysqlnd_old_passwd);
     301             :         }
     302             : end:
     303          71 :         PACKET_FREE(change_auth_resp_packet);
     304          71 :         PACKET_FREE(auth_packet);
     305          71 :         PACKET_FREE(chg_user_resp);
     306          71 :         DBG_RETURN(ret);
     307             : }
     308             : /* }}} */
     309             : 
     310             : 
     311             : /******************************************* MySQL Native Password ***********************************/
     312             : 
     313             : #include "ext/standard/sha1.h"
     314             : 
     315             : /* {{{ php_mysqlnd_crypt */
     316             : static void
     317        1916 : php_mysqlnd_crypt(zend_uchar *buffer, const zend_uchar *s1, const zend_uchar *s2, size_t len)
     318             : {
     319        1916 :         const zend_uchar *s1_end = s1 + len;
     320       42152 :         while (s1 < s1_end) {
     321       38320 :                 *buffer++= *s1++ ^ *s2++;
     322             :         }
     323        1916 : }
     324             : /* }}} */
     325             : 
     326             : 
     327             : /* {{{ php_mysqlnd_scramble */
     328        1916 : void php_mysqlnd_scramble(zend_uchar * const buffer, const zend_uchar * const scramble, const zend_uchar * const password, size_t password_len)
     329             : {
     330             :         PHP_SHA1_CTX context;
     331             :         zend_uchar sha1[SHA1_MAX_LENGTH];
     332             :         zend_uchar sha2[SHA1_MAX_LENGTH];
     333             : 
     334             :         /* Phase 1: hash password */
     335        1916 :         PHP_SHA1Init(&context);
     336        1916 :         PHP_SHA1Update(&context, password, password_len);
     337        1916 :         PHP_SHA1Final(sha1, &context);
     338             : 
     339             :         /* Phase 2: hash sha1 */
     340        1916 :         PHP_SHA1Init(&context);
     341        1916 :         PHP_SHA1Update(&context, (zend_uchar*)sha1, SHA1_MAX_LENGTH);
     342        1916 :         PHP_SHA1Final(sha2, &context);
     343             : 
     344             :         /* Phase 3: hash scramble + sha2 */
     345        1916 :         PHP_SHA1Init(&context);
     346        1916 :         PHP_SHA1Update(&context, scramble, SCRAMBLE_LENGTH);
     347        1916 :         PHP_SHA1Update(&context, (zend_uchar*)sha2, SHA1_MAX_LENGTH);
     348        1916 :         PHP_SHA1Final(buffer, &context);
     349             : 
     350             :         /* let's crypt buffer now */
     351        1916 :         php_mysqlnd_crypt(buffer, (const zend_uchar *)buffer, (const zend_uchar *)sha1, SHA1_MAX_LENGTH);
     352        1916 : }
     353             : /* }}} */
     354             : 
     355             : 
     356             : /* {{{ mysqlnd_native_auth_get_auth_data */
     357             : static zend_uchar *
     358        1930 : mysqlnd_native_auth_get_auth_data(struct st_mysqlnd_authentication_plugin * self,
     359             :                                                                   size_t * auth_data_len,
     360             :                                                                   MYSQLND_CONN_DATA * conn, const char * const user, const char * const passwd,
     361             :                                                                   const size_t passwd_len, zend_uchar * auth_plugin_data, size_t auth_plugin_data_len,
     362             :                                                                   const MYSQLND_OPTIONS * const options,
     363             :                                                                   const MYSQLND_NET_OPTIONS * const net_options,
     364             :                                                                   zend_ulong mysql_flags
     365             :                                                                   TSRMLS_DC)
     366             : {
     367        1930 :         zend_uchar * ret = NULL;
     368        1930 :         DBG_ENTER("mysqlnd_native_auth_get_auth_data");
     369        1930 :         *auth_data_len = 0;
     370             : 
     371             :         /* 5.5.x reports 21 as scramble length because it needs to show the length of the data before the plugin name */
     372        1930 :         if (auth_plugin_data_len < SCRAMBLE_LENGTH) {
     373             :                 /* mysql_native_password only works with SCRAMBLE_LENGTH scramble */
     374           0 :                 SET_CLIENT_ERROR(*conn->error_info, CR_MALFORMED_PACKET, UNKNOWN_SQLSTATE, "The server sent wrong length for scramble");
     375           0 :                 DBG_ERR_FMT("The server sent wrong length for scramble %u. Expected %u", auth_plugin_data_len, SCRAMBLE_LENGTH);
     376           0 :                 DBG_RETURN(NULL);
     377             :         }
     378             : 
     379             :         /* copy scrambled pass*/
     380        1930 :         if (passwd && passwd_len) {
     381        1916 :                 ret = malloc(SCRAMBLE_LENGTH);
     382        1916 :                 *auth_data_len = SCRAMBLE_LENGTH;
     383             :                 /* In 4.1 we use CLIENT_SECURE_CONNECTION and thus the len of the buf should be passed */
     384        1916 :                 php_mysqlnd_scramble((zend_uchar*)ret, auth_plugin_data, (zend_uchar*)passwd, passwd_len);
     385             :         }
     386        1930 :         DBG_RETURN(ret);
     387             : }
     388             : /* }}} */
     389             : 
     390             : 
     391             : static struct st_mysqlnd_authentication_plugin mysqlnd_native_auth_plugin =
     392             : {
     393             :         {
     394             :                 MYSQLND_PLUGIN_API_VERSION,
     395             :                 "auth_plugin_mysql_native_password",
     396             :                 MYSQLND_VERSION_ID,
     397             :                 MYSQLND_VERSION,
     398             :                 "PHP License 3.01",
     399             :                 "Andrey Hristov <andrey@mysql.com>,  Ulf Wendel <uwendel@mysql.com>, Georg Richter <georg@mysql.com>",
     400             :                 {
     401             :                         NULL, /* no statistics , will be filled later if there are some */
     402             :                         NULL, /* no statistics */
     403             :                 },
     404             :                 {
     405             :                         NULL /* plugin shutdown */
     406             :                 }
     407             :         },
     408             :         {/* methods */
     409             :                 mysqlnd_native_auth_get_auth_data
     410             :         }
     411             : };
     412             : 
     413             : 
     414             : /******************************************* PAM Authentication ***********************************/
     415             : 
     416             : /* {{{ mysqlnd_pam_auth_get_auth_data */
     417             : static zend_uchar *
     418           0 : mysqlnd_pam_auth_get_auth_data(struct st_mysqlnd_authentication_plugin * self,
     419             :                                                            size_t * auth_data_len,
     420             :                                                            MYSQLND_CONN_DATA * conn, const char * const user, const char * const passwd,
     421             :                                                            const size_t passwd_len, zend_uchar * auth_plugin_data, size_t auth_plugin_data_len,
     422             :                                                            const MYSQLND_OPTIONS * const options,
     423             :                                                            const MYSQLND_NET_OPTIONS * const net_options,
     424             :                                                            zend_ulong mysql_flags
     425             :                                                            TSRMLS_DC)
     426             : {
     427           0 :         zend_uchar * ret = NULL;
     428             : 
     429             :         /* copy pass*/
     430           0 :         if (passwd && passwd_len) {
     431           0 :                 ret = (zend_uchar*) zend_strndup(passwd, passwd_len);
     432             :         }
     433           0 :         *auth_data_len = passwd_len;
     434             : 
     435           0 :         return ret;
     436             : }
     437             : /* }}} */
     438             : 
     439             : 
     440             : static struct st_mysqlnd_authentication_plugin mysqlnd_pam_authentication_plugin =
     441             : {
     442             :         {
     443             :                 MYSQLND_PLUGIN_API_VERSION,
     444             :                 "auth_plugin_mysql_clear_password",
     445             :                 MYSQLND_VERSION_ID,
     446             :                 MYSQLND_VERSION,
     447             :                 "PHP License 3.01",
     448             :                 "Andrey Hristov <andrey@php.net>,  Ulf Wendel <uw@php.net>, Georg Richter <georg@php.net>",
     449             :                 {
     450             :                         NULL, /* no statistics , will be filled later if there are some */
     451             :                         NULL, /* no statistics */
     452             :                 },
     453             :                 {
     454             :                         NULL /* plugin shutdown */
     455             :                 }
     456             :         },
     457             :         {/* methods */
     458             :                 mysqlnd_pam_auth_get_auth_data
     459             :         }
     460             : };
     461             : 
     462             : 
     463             : /******************************************* SHA256 Password ***********************************/
     464             : #ifdef MYSQLND_HAVE_SSL
     465             : static void
     466           0 : mysqlnd_xor_string(char * dst, const size_t dst_len, const char * xor_str, const size_t xor_str_len)
     467             : {
     468             :         unsigned int i;
     469           0 :         for (i = 0; i <= dst_len; ++i) {
     470           0 :                 dst[i] ^= xor_str[i % xor_str_len];
     471             :         }
     472           0 : }
     473             : 
     474             : 
     475             : #include <openssl/rsa.h>
     476             : #include <openssl/pem.h>
     477             : #include <openssl/err.h>
     478             : 
     479             : 
     480             : /* {{{ mysqlnd_sha256_get_rsa_key */
     481             : static RSA *
     482           0 : mysqlnd_sha256_get_rsa_key(MYSQLND_CONN_DATA * conn,
     483             :                                                    const MYSQLND_OPTIONS * const options,
     484             :                                                    const MYSQLND_NET_OPTIONS * const net_options
     485             :                                                    TSRMLS_DC)
     486             : {
     487           0 :         RSA * ret = NULL;
     488           0 :         const char * fname = (net_options->sha256_server_public_key && net_options->sha256_server_public_key[0] != '\0')? 
     489             :                                                                 net_options->sha256_server_public_key:
     490           0 :                                                                 MYSQLND_G(sha256_server_public_key);
     491             :         php_stream * stream;
     492           0 :         DBG_ENTER("mysqlnd_sha256_get_rsa_key");
     493           0 :         DBG_INF_FMT("options_s256_pk=[%s] MYSQLND_G(sha256_server_public_key)=[%s]",
     494           0 :                                  net_options->sha256_server_public_key? net_options->sha256_server_public_key:"n/a",
     495           0 :                                  MYSQLND_G(sha256_server_public_key)? MYSQLND_G(sha256_server_public_key):"n/a");
     496           0 :         if (!fname || fname[0] == '\0') {
     497           0 :                 MYSQLND_PACKET_SHA256_PK_REQUEST * pk_req_packet = NULL;
     498           0 :                 MYSQLND_PACKET_SHA256_PK_REQUEST_RESPONSE * pk_resp_packet = NULL;
     499             : 
     500             :                 do {
     501           0 :                         DBG_INF("requesting the public key from the server");
     502           0 :                         pk_req_packet = conn->protocol->m.get_sha256_pk_request_packet(conn->protocol, FALSE TSRMLS_CC);
     503           0 :                         if (!pk_req_packet) {
     504           0 :                                 SET_OOM_ERROR(*conn->error_info);
     505           0 :                                 break;
     506             :                         }
     507           0 :                         pk_resp_packet = conn->protocol->m.get_sha256_pk_request_response_packet(conn->protocol, FALSE TSRMLS_CC);
     508           0 :                         if (!pk_resp_packet) {
     509           0 :                                 SET_OOM_ERROR(*conn->error_info);
     510           0 :                                 PACKET_FREE(pk_req_packet);
     511           0 :                                 break;
     512             :                         }
     513             : 
     514           0 :                         if (! PACKET_WRITE(pk_req_packet, conn)) {
     515           0 :                                 DBG_ERR_FMT("Error while sending public key request packet");
     516           0 :                                 php_error(E_WARNING, "Error while sending public key request packet. PID=%d", getpid());
     517           0 :                                 CONN_SET_STATE(conn, CONN_QUIT_SENT);
     518           0 :                                 break;
     519             :                         }
     520           0 :                         if (FAIL == PACKET_READ(pk_resp_packet, conn) || NULL == pk_resp_packet->public_key) {
     521           0 :                                 DBG_ERR_FMT("Error while receiving public key");
     522           0 :                                 php_error(E_WARNING, "Error while receiving public key. PID=%d", getpid());
     523           0 :                                 CONN_SET_STATE(conn, CONN_QUIT_SENT);
     524           0 :                                 break;
     525             :                         }
     526           0 :                         DBG_INF_FMT("Public key(%d):\n%s", pk_resp_packet->public_key_len, pk_resp_packet->public_key);
     527             :                         /* now extract the public key */
     528             :                         {
     529           0 :                                 BIO * bio = BIO_new_mem_buf(pk_resp_packet->public_key, pk_resp_packet->public_key_len);
     530           0 :                                 ret = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL);
     531           0 :                                 BIO_free(bio);
     532             :                         }
     533             :                 } while (0);
     534           0 :                 PACKET_FREE(pk_req_packet);
     535           0 :                 PACKET_FREE(pk_resp_packet);
     536             : 
     537           0 :                 DBG_INF_FMT("ret=%p", ret);
     538           0 :                 DBG_RETURN(ret);
     539             :         
     540             :                 SET_CLIENT_ERROR(*conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE,
     541             :                         "sha256_server_public_key is not set for the connection or as mysqlnd.sha256_server_public_key");
     542             :                 DBG_ERR("server_public_key is not set");
     543             :                 DBG_RETURN(NULL);
     544             :         } else {
     545             :                 zend_string * key_str;
     546           0 :                 DBG_INF_FMT("Key in a file. [%s]", fname);
     547           0 :                 stream = php_stream_open_wrapper((char *) fname, "rb", REPORT_ERRORS, NULL);
     548             : 
     549           0 :                 if (stream) {
     550           0 :                         if ((key_str = php_stream_copy_to_mem(stream, PHP_STREAM_COPY_ALL, 0)) != NULL) {
     551           0 :                                 BIO * bio = BIO_new_mem_buf(key_str->val, key_str->len);
     552           0 :                                 ret = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL);
     553           0 :                                 BIO_free(bio);
     554           0 :                                 DBG_INF("Successfully loaded");
     555           0 :                                 DBG_INF_FMT("Public key:%*.s", key_str->len, key_str->val);
     556             :                                 zend_string_release(key_str);
     557             :                         }
     558           0 :                         php_stream_free(stream, PHP_STREAM_FREE_CLOSE);
     559             :                 }
     560             :         }
     561           0 :         DBG_RETURN(ret);
     562             : }
     563             : /* }}} */
     564             : 
     565             : 
     566             : /* {{{ mysqlnd_sha256_auth_get_auth_data */
     567             : static zend_uchar *
     568           0 : mysqlnd_sha256_auth_get_auth_data(struct st_mysqlnd_authentication_plugin * self,
     569             :                                                                   size_t * auth_data_len,
     570             :                                                                   MYSQLND_CONN_DATA * conn, const char * const user, const char * const passwd,
     571             :                                                                   const size_t passwd_len, zend_uchar * auth_plugin_data, size_t auth_plugin_data_len,
     572             :                                                                   const MYSQLND_OPTIONS * const options,
     573             :                                                                   const MYSQLND_NET_OPTIONS * const net_options,
     574             :                                                                   zend_ulong mysql_flags
     575             :                                                                   TSRMLS_DC)
     576             : {
     577             :         RSA * server_public_key;
     578           0 :         zend_uchar * ret = NULL;
     579           0 :         DBG_ENTER("mysqlnd_sha256_auth_get_auth_data");
     580           0 :         DBG_INF_FMT("salt(%d)=[%.*s]", auth_plugin_data_len, auth_plugin_data_len, auth_plugin_data);
     581             : 
     582             : 
     583           0 :         if (conn->net->data->ssl) {
     584           0 :                 DBG_INF("simple clear text under SSL");
     585             :                 /* clear text under SSL */
     586           0 :                 *auth_data_len = passwd_len;
     587           0 :                 ret = malloc(passwd_len);
     588           0 :                 memcpy(ret, passwd, passwd_len);
     589             :         } else {
     590           0 :                 *auth_data_len = 0;
     591           0 :                 server_public_key = mysqlnd_sha256_get_rsa_key(conn, options, net_options TSRMLS_CC);
     592             : 
     593           0 :                 if (server_public_key) {
     594             :                         int server_public_key_len;
     595           0 :                         char xor_str[passwd_len + 1];
     596           0 :                         memcpy(xor_str, passwd, passwd_len);
     597           0 :                         xor_str[passwd_len] = '\0';
     598           0 :                         mysqlnd_xor_string(xor_str, passwd_len, (char *) auth_plugin_data, auth_plugin_data_len);
     599             : 
     600           0 :                         server_public_key_len = RSA_size(server_public_key);
     601             :                         /*
     602             :                           Because RSA_PKCS1_OAEP_PADDING is used there is a restriction on the passwd_len.
     603             :                           RSA_PKCS1_OAEP_PADDING is recommended for new applications. See more here:
     604             :                           http://www.openssl.org/docs/crypto/RSA_public_encrypt.html
     605             :                         */
     606           0 :                         if ((size_t) server_public_key_len - 41 <= passwd_len) {
     607             :                                 /* password message is to long */
     608           0 :                                 SET_CLIENT_ERROR(*conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, "password is too long");
     609           0 :                                 DBG_ERR("password is too long");
     610           0 :                                 DBG_RETURN(NULL);
     611             :                         }
     612             : 
     613           0 :                         *auth_data_len = server_public_key_len;
     614           0 :                         ret = malloc(*auth_data_len);
     615           0 :                         RSA_public_encrypt(passwd_len + 1, (zend_uchar *) xor_str, ret, server_public_key, RSA_PKCS1_OAEP_PADDING);
     616             :                 }
     617             :         }
     618             : 
     619           0 :         DBG_RETURN(ret);
     620             : }
     621             : /* }}} */
     622             : 
     623             : 
     624             : static struct st_mysqlnd_authentication_plugin mysqlnd_sha256_authentication_plugin =
     625             : {
     626             :         {
     627             :                 MYSQLND_PLUGIN_API_VERSION,
     628             :                 "auth_plugin_sha256_password",
     629             :                 MYSQLND_VERSION_ID,
     630             :                 MYSQLND_VERSION,
     631             :                 "PHP License 3.01",
     632             :                 "Andrey Hristov <andrey@mysql.com>,  Ulf Wendel <uwendel@mysql.com>",
     633             :                 {
     634             :                         NULL, /* no statistics , will be filled later if there are some */
     635             :                         NULL, /* no statistics */
     636             :                 },
     637             :                 {
     638             :                         NULL /* plugin shutdown */
     639             :                 }
     640             :         },
     641             :         {/* methods */
     642             :                 mysqlnd_sha256_auth_get_auth_data
     643             :         }
     644             : };
     645             : #endif
     646             : 
     647             : /* {{{ mysqlnd_register_builtin_authentication_plugins */
     648             : void
     649       20335 : mysqlnd_register_builtin_authentication_plugins(TSRMLS_D)
     650             : {
     651       20335 :         mysqlnd_plugin_register_ex((struct st_mysqlnd_plugin_header *) &mysqlnd_native_auth_plugin TSRMLS_CC);
     652       20335 :         mysqlnd_plugin_register_ex((struct st_mysqlnd_plugin_header *) &mysqlnd_pam_authentication_plugin TSRMLS_CC);
     653             : #ifdef MYSQLND_HAVE_SSL
     654       20335 :         mysqlnd_plugin_register_ex((struct st_mysqlnd_plugin_header *) &mysqlnd_sha256_authentication_plugin TSRMLS_CC);
     655             : #endif
     656       20335 : }
     657             : /* }}} */
     658             : 
     659             : 
     660             : /*
     661             :  * Local variables:
     662             :  * tab-width: 4
     663             :  * c-basic-offset: 4
     664             :  * End:
     665             :  * vim600: noet sw=4 ts=4 fdm=marker
     666             :  * vim<600: noet sw=4 ts=4
     667             :  */

Generated by: LCOV version 1.10

Generated at Fri, 19 Sep 2014 17:11:11 +0000 (40 hours ago)

Copyright © 2005-2014 The PHP Group
All rights reserved.