Example 1 with AuthSwitchRequestPacket
use of io.mycat.beans.mysql.packet.AuthSwitchRequestPacket in project Mycat2 by MyCATApache.
the class VertxMySQLAuthHandler method handle.
@Override
public void handle(Buffer event) {
buffer.appendBuffer(event);
if (buffer.length() > 3) {
int length = readInt(buffer, 0, 3);
if (length == buffer.length() - 4) {
int packetId = buffer.getUnsignedByte(3);
Buffer payload = buffer.slice(4, buffer.length());
ReadView readView = new ReadView(payload);
if (!authSwitchResponse) {
this.authPacket = new AuthPacket();
authPacket.readPayload(readView);
if ("mysql_native_password".equalsIgnoreCase(authPacket.getAuthPluginName()) || authPacket.getAuthPluginName() == null) {
auth(packetId);
} else {
authSwitchResponse = true;
buffer = Buffer.buffer();
AuthSwitchRequestPacket authSwitchRequestPacket = new AuthSwitchRequestPacket();
authSwitchRequestPacket.setStatus((byte) 0xfe);
authSwitchRequestPacket.setAuthPluginName("mysql_native_password");
authSwitchRequestPacket.setAuthPluginData(new String(seedParts[2]));
MySQLPayloadWriter mySQLPayloadWriter = new MySQLPayloadWriter(1024);
authSwitchRequestPacket.writePayload(mySQLPayloadWriter);
socket.write(Buffer.buffer(MySQLPacketUtil.generateMySQLPacket(packetId + 1, mySQLPayloadWriter)));
return;
}
} else {
byte[] bytes = readView.readEOFStringBytes();
authPacket.setPassword(bytes);
auth(packetId);
}
}
}
}
Also used :
Buffer(io.vertx.core.buffer.Buffer)
AuthSwitchRequestPacket(io.mycat.beans.mysql.packet.AuthSwitchRequestPacket)
MySQLPayloadWriter(io.mycat.beans.mysql.MySQLPayloadWriter)
AuthPacket(io.mycat.beans.mysql.packet.AuthPacket)
Example 2 with AuthSwitchRequestPacket
use of io.mycat.beans.mysql.packet.AuthSwitchRequestPacket in project Mycat2 by MyCATApache.
the class MySQLClientAuthHandler method onSocketRead.
// public void setMycatSession(MycatSession mycatSession) {
// this.mycat = mycatSession;
// }
@Override
public void onSocketRead(MycatSession mycat) {
try {
if (mycat.getCurNIOHandler() != this) {
return;
}
if (!mycat.readFromChannel()) {
return;
}
mycat.setResponseFinished(ProcessState.READY);
// MycatSecurityConfig securityManager = runtime.getSecurityManager();
byte[] password = new byte[] {};
if (!isChangeAuthPlugin) {
// 密码读取与验证
this.auth = readResponseAuthPacket(mycat);
String authPluginName = auth.getAuthPluginName();
int capabilities = auth.getCapabilities();
// 切换auth_plugin
if (MySQLServerCapabilityFlags.isPluginAuth(capabilities) && !authPluginName.equals(clientAuthPluginName)) {
// 发送切换包的auth_response
isChangeAuthPlugin = true;
AuthSwitchRequestPacket authSwitchRequestPacket = new AuthSwitchRequestPacket();
clientAuthPluginName = StringUtil.isEmpty(authPluginName) ? MysqlNativePasswordPluginUtil.PROTOCOL_PLUGIN_NAME : authPluginName;
authSwitchRequestPacket.setAuthPluginName(MysqlNativePasswordPluginUtil.PROTOCOL_PLUGIN_NAME);
authSwitchRequestPacket.setStatus((byte) 0xfe);
authSwitchRequestPacket.setAuthPluginData(new String(seed));
MySQLPayloadWriter mySQLPayloadWriter = new MySQLPayloadWriter(1024);
authSwitchRequestPacket.writePayload(mySQLPayloadWriter);
mycat.writeBytes(mySQLPayloadWriter.toByteArray(), true);
return;
}
// 握手包中的加密密码
password = auth.getPassword();
} else {
MySQLPacket mySQLPacket = mycat.currentProxyPayload();
password = mySQLPacket.readEOFStringBytes();
}
int capabilities = auth.getCapabilities();
if (MySQLServerCapabilityFlags.isCanUseCompressionProtocol(capabilities)) {
String message = "Can Not Use Compression Protocol!";
failture(mycat, MySQLErrorCode.ER_UNKNOWN_ERROR, message);
mycat.lazyClose(true, message);
return;
}
String username = auth.getUsername();
int maxPacketSize = auth.getMaxPacketSize();
String database = auth.getDatabase();
int characterSet = auth.getCharacterSet();
Map<String, String> attrs = auth.getClientConnectAttrs();
MycatUser user = null;
SocketAddress remoteSocketAddress = mycat.channel().socket().getRemoteSocketAddress();
Authenticator authenticator = MetaClusterCurrent.wrapper(Authenticator.class);
String ip = SocketAddressUtil.simplySocketAddress(remoteSocketAddress);
Authenticator.AuthInfo authInfo = authenticator.getPassword(username, ip);
if (!authInfo.isOk()) {
failture(mycat, authInfo.getErrorCode(), authInfo.getException());
return;
} else {
String rightPassword = authInfo.getRightPassword();
if (rightPassword != null) {
if (!checkPassword(rightPassword, password)) {
// may be bug
String message = "Access denied for user '" + username + "'@'" + remoteSocketAddress.toString() + "' (using password: YES)";
mycat.setLastMessage(message);
mycat.setLastErrorCode(ER_ACCESS_DENIED_ERROR);
LOGGER.error("login fail: {}", message);
mycat.writeErrorEndPacketBySyncInProcessError(ER_ACCESS_DENIED_ERROR);
LOGGER.error("remoteSocketAddress:{} password is wrong", remoteSocketAddress);
return;
}
}
UserConfig userInfo = authenticator.getUserInfo(username);
user = new MycatUser(username, null, null, ip, remoteSocketAddress, userInfo);
}
mycat.getDataContext().setUser(user);
mycat.setSchema(database);
mycat.setServerCapabilities(auth.getCapabilities());
mycat.setIsolation(MySQLIsolation.REPEATED_READ);
mycat.setCharset(characterSet);
finished = true;
mycatSessionManager.initCommandDispatcher(mycat);
mycat.writeOkEndPacket();
} catch (Exception e) {
LOGGER.error("", e);
MycatMonitor.onAuthHandlerReadException(mycat, e);
onClear(mycat);
failture(mycat, e);
}
}
Also used :
AuthSwitchRequestPacket(io.mycat.beans.mysql.packet.AuthSwitchRequestPacket)
MycatUser(io.mycat.MycatUser)
UserConfig(io.mycat.config.UserConfig)
MySQLPayloadWriter(io.mycat.beans.mysql.MySQLPayloadWriter)
MySQLPacket(io.mycat.beans.mysql.packet.MySQLPacket)
SocketAddress(java.net.SocketAddress)
Authenticator(io.mycat.Authenticator)
Aggregations
MySQLPayloadWriter (io.mycat.beans.mysql.MySQLPayloadWriter)2
AuthSwitchRequestPacket (io.mycat.beans.mysql.packet.AuthSwitchRequestPacket)2
Authenticator (io.mycat.Authenticator)1
MycatUser (io.mycat.MycatUser)1
AuthPacket (io.mycat.beans.mysql.packet.AuthPacket)1
MySQLPacket (io.mycat.beans.mysql.packet.MySQLPacket)1
UserConfig (io.mycat.config.UserConfig)1
Buffer (io.vertx.core.buffer.Buffer)1
SocketAddress (java.net.SocketAddress)1
