use of io.mycat.net.mysql.AuthPacket in project Mycat-Server by MyCATApache.
the class FrontendAuthenticator method handle.
@Override
public void handle(byte[] data) {
// check quit packet
if (data.length == QuitPacket.QUIT.length && data[4] == MySQLPacket.COM_QUIT) {
source.close("quit packet");
return;
}
AuthPacket auth = new AuthPacket();
auth.read(data);
// check user
if (!checkUser(auth.user, source.getHost())) {
failure(ErrorCode.ER_ACCESS_DENIED_ERROR, "Access denied for user '" + auth.user + "' with host '" + source.getHost() + "'");
return;
}
// check password
if (!checkPassword(auth.password, auth.user)) {
failure(ErrorCode.ER_ACCESS_DENIED_ERROR, "Access denied for user '" + auth.user + "', because password is error ");
return;
}
// check degrade
if (isDegrade(auth.user)) {
failure(ErrorCode.ER_ACCESS_DENIED_ERROR, "Access denied for user '" + auth.user + "', because service be degraded ");
return;
}
// check schema
switch(checkSchema(auth.database, auth.user)) {
case ErrorCode.ER_BAD_DB_ERROR:
failure(ErrorCode.ER_BAD_DB_ERROR, "Unknown database '" + auth.database + "'");
break;
case ErrorCode.ER_DBACCESS_DENIED_ERROR:
String s = "Access denied for user '" + auth.user + "' to database '" + auth.database + "'";
failure(ErrorCode.ER_DBACCESS_DENIED_ERROR, s);
break;
default:
success(auth);
}
}
use of io.mycat.net.mysql.AuthPacket in project Mycat-Server by MyCATApache.
the class MySQLDataSource method testConnection.
@Override
public boolean testConnection(String schema) throws IOException {
boolean isConnected = true;
Socket socket = null;
InputStream in = null;
OutputStream out = null;
try {
socket = new Socket(this.getConfig().getIp(), this.getConfig().getPort());
socket.setSoTimeout(1000 * 20);
socket.setReceiveBufferSize(32768);
socket.setSendBufferSize(32768);
socket.setTcpNoDelay(true);
socket.setKeepAlive(true);
in = new BufferedInputStream(socket.getInputStream(), 32768);
out = new BufferedOutputStream(socket.getOutputStream(), 32768);
/**
* Phase 1: MySQL to client. Send handshake packet.
*/
BinaryPacket bin1 = new BinaryPacket();
bin1.read(in);
HandshakePacket handshake = new HandshakePacket();
handshake.read(bin1);
/**
* Phase 2: client to MySQL. Send auth packet.
*/
AuthPacket authPacket = new AuthPacket();
authPacket.packetId = 1;
authPacket.clientFlags = getClientFlags();
authPacket.maxPacketSize = 1024 * 1024 * 16;
authPacket.charsetIndex = handshake.serverCharsetIndex & 0xff;
authPacket.user = this.getConfig().getUser();
;
try {
authPacket.password = passwd(this.getConfig().getPassword(), handshake);
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e.getMessage());
}
authPacket.database = schema;
authPacket.write(out);
out.flush();
/**
* Phase 3: MySQL to client. send OK/ERROR packet.
*/
BinaryPacket bin2 = new BinaryPacket();
bin2.read(in);
switch(bin2.data[0]) {
case OkPacket.FIELD_COUNT:
break;
case ErrorPacket.FIELD_COUNT:
ErrorPacket err = new ErrorPacket();
err.read(bin2);
isConnected = false;
case EOFPacket.FIELD_COUNT:
// 发送323响应认证数据包
Reply323Packet r323 = new Reply323Packet();
r323.packetId = ++bin2.packetId;
String passwd = this.getConfig().getPassword();
if (passwd != null && passwd.length() > 0) {
r323.seed = SecurityUtil.scramble323(passwd, new String(handshake.seed)).getBytes();
}
r323.write(out);
out.flush();
break;
}
} catch (IOException e) {
isConnected = false;
} finally {
try {
if (in != null) {
in.close();
}
} catch (IOException e) {
}
try {
if (out != null) {
out.write(QuitPacket.QUIT);
out.flush();
out.close();
}
} catch (IOException e) {
}
try {
if (socket != null)
socket.close();
} catch (IOException e) {
}
}
return isConnected;
}
Aggregations