-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathmysql41.go
106 lines (87 loc) · 2.35 KB
/
mysql41.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
// Go driver for MySQL X Protocol
//
// Copyright 2016 Simon J Mudd.
//
// This Source Code Form is subject to the terms of the Mozilla Public
// License, v. 2.0. If a copy of the MPL was not distributed with this file,
// You can obtain one at http://mozilla.org/MPL/2.0/.
//
// MySQL X protocol authentication using MYSQL41 method
package mysql
import (
"crypto/sha1"
"fmt"
"io"
"log"
)
// MySQL41 manages the MySQL41 authentication protocol
type MySQL41 struct {
dbname string
name string
username string
password string
}
// NewMySQL41 returns a pointer to an initialised MySQL41 struct
func NewMySQL41(dbname, username, password string) *MySQL41 {
if username == "" {
return nil
}
m := MySQL41{
name: "MYSQL41",
username: username,
password: password,
dbname: dbname,
}
return &m
}
// generate the input of some bytes and return the SHA1 sum
func mysha1(someBytes []byte) []byte {
s1 := sha1.Sum(someBytes)
// convert from [20]byte to slice
return s1[:]
}
func xor(buf1, buf2 []byte) []byte {
if len(buf1) != len(buf2) {
log.Fatal("xor: length of both buffers has to be identical")
}
res := make([]byte, len(buf1))
for i := range buf1 {
res[i] = buf1[i] ^ buf2[i]
}
return res
}
// Name returns the name of the authentication method
func (p *MySQL41) Name() string {
return p.name
}
// GetInitialAuthData returns any initial authentication data
func (p *MySQL41) GetInitialAuthData() []byte {
return nil
}
func (p *MySQL41) scramble(scramble []byte) []byte {
buf1 := mysha1([]byte(p.password))
buf2 := mysha1(buf1)
s := sha1.New()
io.WriteString(s, string(scramble))
io.WriteString(s, string(buf2))
tmpBuffer := s.Sum(nil)
return xor(buf1, tmpBuffer)
}
// GetNextAuthData returns data db + name + encrypted hash
func (p *MySQL41) GetNextAuthData(serverData []byte) ([]byte, error) {
if len(serverData) != 20 {
return nil, fmt.Errorf("Scramble buffer had invalid length - expected 20 bytes, got %d", len(serverData))
}
// docs are not clear but this is where you prepend the dbname
retval := p.dbname + "\x00" + p.username + "\x00" // gives us len(username) + 2
// return the string as needed (no password)
if len(p.password) == 0 {
return []byte(retval), nil
}
pass := p.scramble(serverData)
retval += "*"
for i := range pass {
retval += fmt.Sprintf("%02x", byte(pass[i]))
}
return []byte(retval), nil
}