1#ifndef MYSQL_PLUGIN_AUTH_COMMON_INCLUDED
2/* Copyright (c) 2010, 2024, Oracle and/or its affiliates.
3
4 This program is free software; you can redistribute it and/or modify
5 it under the terms of the GNU General Public License, version 2.0,
6 as published by the Free Software Foundation.
7
8 This program is designed to work with certain software (including
9 but not limited to OpenSSL) that is licensed under separate terms,
10 as designated in a particular file or component or in included license
11 documentation. The authors of MySQL hereby grant you an additional
12 permission to link the program and your derivative works with the
13 separately licensed software that they have either included with
14 the program or referenced in the documentation.
15
16 Without limiting anything contained in the foregoing, this file,
17 which is part of C Driver for MySQL (Connector/C), is also subject to the
18 Universal FOSS Exception, version 1.0, a copy of which can be found at
19 http://oss.oracle.com/licenses/universal-foss-exception.
20
21 This program is distributed in the hope that it will be useful,
22 but WITHOUT ANY WARRANTY; without even the implied warranty of
23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 GNU General Public License, version 2.0, for more details.
25
26 You should have received a copy of the GNU General Public License
27 along with this program; if not, write to the Free Software
28 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
29
30/**
31 @file include/mysql/plugin_auth_common.h
32
33 This file defines constants and data structures that are the same for
34 both client- and server-side authentication plugins.
35*/
36#define MYSQL_PLUGIN_AUTH_COMMON_INCLUDED
37
38/** the max allowed length for a user name */
39#define MYSQL_USERNAME_LENGTH 96
40
41/**
42 return values of the plugin authenticate_user() method.
43*/
44
45/**
46 Authentication failed, plugin internal error.
47 An error occurred in the authentication plugin itself.
48 These errors are reported in table performance_schema.host_cache,
49 column COUNT_AUTH_PLUGIN_ERRORS.
50*/
51#define CR_AUTH_PLUGIN_ERROR 3
52/**
53 Authentication failed, client server handshake.
54 An error occurred during the client server handshake.
55 These errors are reported in table performance_schema.host_cache,
56 column COUNT_HANDSHAKE_ERRORS.
57*/
58#define CR_AUTH_HANDSHAKE 2
59/**
60 Authentication failed, user credentials.
61 For example, wrong passwords.
62 These errors are reported in table performance_schema.host_cache,
63 column COUNT_AUTHENTICATION_ERRORS.
64*/
65#define CR_AUTH_USER_CREDENTIALS 1
66/**
67 Authentication failed. Additionally, all other CR_xxx values
68 (libmysql error code) can be used too.
69
70 The client plugin may set the error code and the error message directly
71 in the MYSQL structure and return CR_ERROR. If a CR_xxx specific error
72 code was returned, an error message in the MYSQL structure will be
73 overwritten. If CR_ERROR is returned without setting the error in MYSQL,
74 CR_UNKNOWN_ERROR will be user.
75*/
76#define CR_ERROR 0
77/**
78 Authentication (client part) was successful. It does not mean that the
79 authentication as a whole was successful, usually it only means
80 that the client was able to send the user name and the password to the
81 server. If CR_OK is returned, the libmysql reads the next packet expecting
82 it to be one of OK, ERROR, or CHANGE_PLUGIN packets.
83*/
84#define CR_OK -1
85/**
86 Authentication was successful.
87 It means that the client has done its part successfully and also that
88 a plugin has read the last packet (one of OK, ERROR, CHANGE_PLUGIN).
89 In this case, libmysql will not read a packet from the server,
90 but it will use the data at mysql->net.read_pos.
91
92 A plugin may return this value if the number of roundtrips in the
93 authentication protocol is not known in advance, and the client plugin
94 needs to read one packet more to determine if the authentication is finished
95 or not.
96*/
97#define CR_OK_HANDSHAKE_COMPLETE -2
98/**
99 Authentication was successful with limited operations.
100 It means that the both client and server side plugins decided to allow
101 authentication with very limited operations ALTER USER to do registration.
102*/
103#define CR_OK_AUTH_IN_SANDBOX_MODE -3
104/**
105Flag to be passed back to server from authentication plugins via
106authenticated_as when proxy mapping should be done by the server.
107*/
108#define PROXY_FLAG 0
109
110/*
111 We need HANDLE definition if on Windows. Define WIN32_LEAN_AND_MEAN (if
112 not already done) to minimize amount of imported declarations.
113*/
114#if defined(_WIN32) && !defined(MYSQL_ABI_CHECK)
115#ifndef WIN32_LEAN_AND_MEAN
116#define WIN32_LEAN_AND_MEAN
117#endif
118#include <windows.h>
119#endif
120
121struct MYSQL_PLUGIN_VIO_INFO {
122 enum {
123 MYSQL_VIO_INVALID,
124 MYSQL_VIO_TCP,
125 MYSQL_VIO_SOCKET,
126 MYSQL_VIO_PIPE,
127 MYSQL_VIO_MEMORY
128 } protocol;
129 int socket; /**< it's set, if the protocol is SOCKET or TCP */
130#if defined(_WIN32) && !defined(MYSQL_ABI_CHECK)
131 HANDLE handle; /**< it's set, if the protocol is PIPE or MEMORY */
132#endif
133};
134
135/* state of an asynchronous operation */
136enum net_async_status {
137 NET_ASYNC_COMPLETE = 0,
138 NET_ASYNC_NOT_READY,
139 NET_ASYNC_ERROR,
140 NET_ASYNC_COMPLETE_NO_MORE_RESULTS
141};
142
143/**
144 Provides plugin access to communication channel
145*/
146typedef struct MYSQL_PLUGIN_VIO {
147 /**
148 Plugin provides a pointer reference and this function sets it to the
149 contents of any incoming packet. Returns the packet length, or -1 if
150 the plugin should terminate.
151 */
152 int (*read_packet)(struct MYSQL_PLUGIN_VIO *vio, unsigned char **buf);
153
154 /**
155 Plugin provides a buffer with data and the length and this
156 function sends it as a packet. Returns 0 on success, 1 on failure.
157 */
158 int (*write_packet)(struct MYSQL_PLUGIN_VIO *vio, const unsigned char *packet,
159 int packet_len);
160
161 /**
162 Fills in a MYSQL_PLUGIN_VIO_INFO structure, providing the information
163 about the connection.
164 */
165 void (*info)(struct MYSQL_PLUGIN_VIO *vio,
166 struct MYSQL_PLUGIN_VIO_INFO *info);
167
168 /**
169 Non blocking version of read_packet. This function points buf to starting
170 position of incoming packet. When this function returns NET_ASYNC_NOT_READY
171 plugin should call this function again until all incoming packets are read.
172 If return code is NET_ASYNC_COMPLETE, plugin can do further processing of
173 read packets.
174 */
175 enum net_async_status (*read_packet_nonblocking)(struct MYSQL_PLUGIN_VIO *vio,
176 unsigned char **buf,
177 int *result);
178 /**
179 Non blocking version of write_packet. Sends data available in pkt of length
180 pkt_len to server in asynchronous way.
181 */
182 enum net_async_status (*write_packet_nonblocking)(
183 struct MYSQL_PLUGIN_VIO *vio, const unsigned char *pkt, int pkt_len,
184 int *result);
185
186} MYSQL_PLUGIN_VIO;
187
188#endif
189

Provided by KDAB

Privacy Policy
Learn to use CMake with our Intro Training
Find out more

source code of include/mysql/plugin_auth_common.h