server

package

v1.4.3 Latest Latest Go to latest Published: Jun 24, 2021 License: MIT Imports: 24 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/dollarkillerx/go-mysql

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func NewServerTLSConfig(caPem, certPem, keyPem []byte, authType tls.ClientAuthType) *tls.Config
type Conn
- func NewConn(conn net.Conn, user string, password string, h Handler) (*Conn, error)
- func NewCustomizedConn(conn net.Conn, serverConf *Server, p CredentialProvider, h Handler) (*Conn, error)
type CredentialProvider
type EmptyHandler
type Handler
type InMemoryProvider
- func NewInMemoryProvider() *InMemoryProvider
type Provider
type Server
- func NewDefaultServer() *Server
- func NewServer(serverVersion string, collationId uint8, defaultAuthMethod string, ...) *Server
- func (s *Server) InvalidateCache(username string, host string)
type Stmt
- func (s *Stmt) ResetParams()
- func (s *Stmt) Rest(params int, columns int, context interface{})

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrAccessDenied           = errors.New("access denied")
	ErrAccessDeniedNoPassword = fmt.Errorf("%w without password", ErrAccessDenied)
)

Functions ¶

func NewServerTLSConfig ¶

func NewServerTLSConfig(caPem, certPem, keyPem []byte, authType tls.ClientAuthType) *tls.Config

NewServerTLSConfig: generate TLS config for server side controlling the security level by authType

Types ¶

type Conn ¶

type Conn struct {
	*packet.Conn
	// contains filtered or unexported fields
}

Conn acts like a MySQL server connection, you can use MySQL client to communicate with it.

func NewConn ¶

func NewConn(conn net.Conn, user string, password string, h Handler) (*Conn, error)

NewConn: create connection with default server settings

func NewCustomizedConn ¶

func NewCustomizedConn(conn net.Conn, serverConf *Server, p CredentialProvider, h Handler) (*Conn, error)

NewCustomizedConn: create connection with customized server settings

func (*Conn) Capability ¶

func (c *Conn) Capability() uint32

func (*Conn) Charset ¶

func (c *Conn) Charset() uint8

func (*Conn) ClearInTransaction ¶

func (c *Conn) ClearInTransaction()

func (*Conn) Close ¶

func (c *Conn) Close()

func (*Conn) Closed ¶

func (c *Conn) Closed() bool

func (*Conn) ConnectionID ¶

func (c *Conn) ConnectionID() uint32

func (*Conn) GetUser ¶

func (c *Conn) GetUser() string

func (*Conn) HandleCommand ¶

func (c *Conn) HandleCommand() error

func (*Conn) IsAutoCommit ¶

func (c *Conn) IsAutoCommit() bool

func (*Conn) IsInTransaction ¶

func (c *Conn) IsInTransaction() bool

func (*Conn) SetInTransaction ¶

func (c *Conn) SetInTransaction()

type CredentialProvider ¶

type CredentialProvider interface {
	// check if the user exists
	CheckUsername(username string) (bool, error)
	// get user credential
	GetCredential(username string) (password string, found bool, err error)
}

interface for user credential provider hint: can be extended for more functionality =================================IMPORTANT NOTE=============================== if the password in a third-party credential provider could be updated at runtime, we have to invalidate the caching for 'caching_sha2_password' by calling 'func (s *Server)InvalidateCache(string, string)'.

type EmptyHandler ¶

type EmptyHandler struct {
}

func (EmptyHandler) HandleFieldList ¶

func (h EmptyHandler) HandleFieldList(table string, fieldWildcard string) ([]*Field, error)

func (EmptyHandler) HandleOtherCommand ¶

func (h EmptyHandler) HandleOtherCommand(cmd byte, data []byte) error

func (EmptyHandler) HandleQuery ¶

func (h EmptyHandler) HandleQuery(query string) (*Result, error)

func (EmptyHandler) HandleStmtClose ¶

func (h EmptyHandler) HandleStmtClose(context interface{}) error

func (EmptyHandler) HandleStmtExecute ¶

func (h EmptyHandler) HandleStmtExecute(context interface{}, query string, args []interface{}) (*Result, error)

func (EmptyHandler) HandleStmtPrepare ¶

func (h EmptyHandler) HandleStmtPrepare(query string) (int, int, interface{}, error)

func (EmptyHandler) UseDB ¶

func (h EmptyHandler) UseDB(dbName string) error

type Handler ¶

type Handler interface {
	//handle COM_INIT_DB command, you can check whether the dbName is valid, or other.
	UseDB(dbName string) error
	//handle COM_QUERY command, like SELECT, INSERT, UPDATE, etc...
	//If Result has a Resultset (SELECT, SHOW, etc...), we will send this as the response, otherwise, we will send Result
	HandleQuery(query string) (*Result, error)
	//handle COM_FILED_LIST command
	HandleFieldList(table string, fieldWildcard string) ([]*Field, error)
	//handle COM_STMT_PREPARE, params is the param number for this statement, columns is the column number
	//context will be used later for statement execute
	HandleStmtPrepare(query string) (params int, columns int, context interface{}, err error)
	//handle COM_STMT_EXECUTE, context is the previous one set in prepare
	//query is the statement prepare query, and args is the params for this statement
	HandleStmtExecute(context interface{}, query string, args []interface{}) (*Result, error)
	//handle COM_STMT_CLOSE, context is the previous one set in prepare
	//this handler has no response
	HandleStmtClose(context interface{}) error
	//handle any other command that is not currently handled by the library,
	//default implementation for this method will return an ER_UNKNOWN_ERROR
	HandleOtherCommand(cmd byte, data []byte) error
}

type InMemoryProvider ¶

type InMemoryProvider struct {
	// contains filtered or unexported fields
}

implements a in memory credential provider

func NewInMemoryProvider ¶

func NewInMemoryProvider() *InMemoryProvider

func (*InMemoryProvider) AddUser ¶

func (m *InMemoryProvider) AddUser(username, password string)

func (*InMemoryProvider) CheckUsername ¶

func (m *InMemoryProvider) CheckUsername(username string) (found bool, err error)

func (*InMemoryProvider) GetCredential ¶

func (m *InMemoryProvider) GetCredential(username string) (password string, found bool, err error)

type Provider ¶

type Provider InMemoryProvider

type Server ¶

type Server struct {
	// contains filtered or unexported fields
}

Defines a basic MySQL server with configs.

We do not aim at implementing the whole MySQL connection suite to have the best compatibilities for the clients. The MySQL server can be configured to switch auth methods covering 'mysql_old_password', 'mysql_native_password', 'mysql_clear_password', 'authentication_windows_client', 'sha256_password', 'caching_sha2_password', etc.

However, since some old auth methods are considered broken with security issues. MySQL major versions like 5.7 and 8.0 default to 'mysql_native_password' or 'caching_sha2_password', and most MySQL clients should have already supported at least one of the three auth methods 'mysql_native_password', 'caching_sha2_password', and 'sha256_password'. Thus here we will only support these three auth methods, and use 'mysql_native_password' as default for maximum compatibility with the clients and leave the other two as config options.

The MySQL doc states that 'mysql_old_password' will be used if 'CLIENT_PROTOCOL_41' or 'CLIENT_SECURE_CONNECTION' flag is not set. We choose to drop the support for insecure 'mysql_old_password' auth method and require client capability 'CLIENT_PROTOCOL_41' and 'CLIENT_SECURE_CONNECTION' are set. Besides, if 'CLIENT_PLUGIN_AUTH' is not set, we fallback to 'mysql_native_password' auth method.

func NewDefaultServer ¶

func NewDefaultServer() *Server

NewDefaultServer: New mysql server with default settings.

NOTES: TLS support will be enabled by default with auto-generated CA and server certificates (however, you can still use non-TLS connection). By default, it will verify the client certificate if present. You can enable TLS support on the client side without providing a client-side certificate. So only when you need the server to verify client identity for maximum security, you need to set a signed certificate for the client.

func NewServer ¶

func NewServer(serverVersion string, collationId uint8, defaultAuthMethod string, pubKey []byte, tlsConfig *tls.Config) *Server

NewServer: New mysql server with customized settings.

NOTES: You can control the authentication methods and TLS settings here. For auth method, you can specify one of the supported methods 'mysql_native_password', 'caching_sha2_password', and 'sha256_password'. The specified auth method will be enforced by the server in the connection phase. That means, client will be asked to switch auth method if the supplied auth method is different from the server default. And for TLS support, you can specify self-signed or CA-signed certificates and decide whether the client needs to provide a signed or unsigned certificate to provide different level of security.

func (*Server) InvalidateCache ¶

func (s *Server) InvalidateCache(username string, host string)

type Stmt ¶

type Stmt struct {
	ID    uint32
	Query string

	Params  int
	Columns int

	Args []interface{}

	Context interface{}
}

func (*Stmt) ResetParams ¶

func (s *Stmt) ResetParams()

func (*Stmt) Rest ¶

func (s *Stmt) Rest(params int, columns int, context interface{})

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
example

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL