auth

package
v0.0.9 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 20, 2024 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// UserNameMaxLength is the max length of username.
	UserNameMaxLength = 32
	// HostNameMaxLength is the max length of host name.
	HostNameMaxLength = 255
)
View Source
const (
	// MIXCHARS is the number of characters to use in the mix
	MIXCHARS = 32
	// SALT_LENGTH is the length of the salt
	SALT_LENGTH = 20 //nolint: revive
	// ITERATION_MULTIPLIER is the number of iterations to use
	ITERATION_MULTIPLIER = 1000 //nolint: revive
)

Variables

This section is empty.

Functions

func CheckHashingPassword

func CheckHashingPassword(pwhash []byte, password string, hash string) (bool, error)

CheckHashingPassword checks if a caching_sha2_password or tidb_sm3_password authentication string matches a password

func CheckScrambledPassword

func CheckScrambledPassword(salt, hpwd, auth []byte) bool

CheckScrambledPassword check scrambled password received from client. The new authentication is performed in following manner:

SERVER:  public_seed=create_random_string()
         send(public_seed)
CLIENT:  recv(public_seed)
         hash_stage1=sha1("password")
         hash_stage2=sha1(hash_stage1)
         reply=xor(hash_stage1, sha1(public_seed,hash_stage2)
         // this three steps are done in scramble()
         send(reply)
SERVER:  recv(reply)
         hash_stage1=xor(reply, sha1(public_seed,hash_stage2))
         candidate_hash2=sha1(hash_stage1)
         check(candidate_hash2==hash_stage2)
         // this three steps are done in check_scramble()

func DecodePassword

func DecodePassword(pwd string) ([]byte, error)

DecodePassword converts hex string password without prefix '*' to byte array.

func EncodePassword

func EncodePassword(pwd string) string

EncodePassword converts plaintext password(type is string) to hashed hex string.

func EncodePasswordBytes

func EncodePasswordBytes(pwd []byte) string

EncodePasswordBytes converts plaintext password(type is []byte) to hashed hex string.

func NewHashPassword

func NewHashPassword(pwd string, hash string) string

NewHashPassword creates a new password for caching_sha2_password or tidb_sm3_password

func NewSM3

func NewSM3() hash.Hash

NewSM3 returns a new hash.Hash computing the Sm3Hash checksum.

func Sha1Hash

func Sha1Hash(bs []byte) []byte

Sha1Hash is an util function to calculate sha1 hash.

func Sha256Hash

func Sha256Hash(input []byte) []byte

Sha256Hash is an util function to calculate sha256 hash.

func Sm3Hash

func Sm3Hash(data []byte) []byte

Sm3Hash returns the sm3 checksum of the data.

Types

type RoleIdentity

type RoleIdentity struct {
	Username string
	Hostname string
}

RoleIdentity represents a role name.

func (*RoleIdentity) Restore

func (role *RoleIdentity) Restore(ctx *format.RestoreCtx) error

Restore implements Node interface.

func (*RoleIdentity) String

func (role *RoleIdentity) String() string

String converts UserIdentity to the format user@host.

type UserIdentity

type UserIdentity struct {
	Username     string
	Hostname     string
	CurrentUser  bool
	AuthUsername string // Username matched in privileges system
	AuthHostname string // Match in privs system (i.e. could be a wildcard)
	AuthPlugin   string // The plugin specified in handshake, only used during authentication.
}

UserIdentity represents username and hostname.

func (*UserIdentity) LoginString

func (user *UserIdentity) LoginString() string

LoginString returns matched identity in user@host format It matches the login user.

func (*UserIdentity) Restore

func (user *UserIdentity) Restore(ctx *format.RestoreCtx) error

Restore implements Node interface.

func (*UserIdentity) String

func (user *UserIdentity) String() string

String converts UserIdentity to the format user@host. It defaults to providing the AuthIdentity (the matching entry in priv tables) To use the actual identity use LoginString()

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL