Documentation ¶
Index ¶
- Constants
- func CheckScrambledPassword(salt, hpwd, auth []byte) bool
- func CheckShaPassword(pwhash []byte, password string) (bool, error)
- func DecodePassword(pwd string) ([]byte, error)
- func EncodePassword(pwd string) string
- func EncodePasswordBytes(pwd []byte) string
- func NewSha2Password(pwd string) string
- func Sha1Hash(bs []byte) []byte
- type RoleIdentity
- type UserIdentity
Constants ¶
const ( // UserNameMaxLength is the max length of username. UserNameMaxLength = 32 // HostNameMaxLength is the max length of host name. HostNameMaxLength = 255 )
const ( // MIXCHARS is the number of characters to use in the mix MIXCHARS = 32 // SALT_LENGTH is the length of the salt SALT_LENGTH = 20 //nolint: revive // ITERATION_MULTIPLIER is the number of iterations to use ITERATION_MULTIPLIER = 1000 //nolint: revive )
Variables ¶
This section is empty.
Functions ¶
func CheckScrambledPassword ¶
CheckScrambledPassword check scrambled password received from client. The new authentication is performed in following manner:
SERVER: public_seed=create_random_string() send(public_seed) CLIENT: recv(public_seed) hash_stage1=sha1("password") hash_stage2=sha1(hash_stage1) reply=xor(hash_stage1, sha1(public_seed,hash_stage2) // this three steps are done in scramble() send(reply) SERVER: recv(reply) hash_stage1=xor(reply, sha1(public_seed,hash_stage2)) candidate_hash2=sha1(hash_stage1) check(candidate_hash2==hash_stage2) // this three steps are done in check_scramble()
func CheckShaPassword ¶
CheckShaPassword is to checks if a MySQL style caching_sha2 authentication string matches a password
func DecodePassword ¶
DecodePassword converts hex string password without prefix '*' to byte array.
func EncodePassword ¶
EncodePassword converts plaintext password(type is string) to hashed hex string.
func EncodePasswordBytes ¶
EncodePasswordBytes converts plaintext password(type is []byte) to hashed hex string.
func NewSha2Password ¶
NewSha2Password creates a new MySQL style caching_sha2 password hash
Types ¶
type RoleIdentity ¶
RoleIdentity represents a role name.
func (*RoleIdentity) Restore ¶
func (role *RoleIdentity) Restore(ctx *format.RestoreCtx) error
Restore implements Node interface.
func (*RoleIdentity) String ¶
func (role *RoleIdentity) String() string
String converts UserIdentity to the format user@host.
type UserIdentity ¶
type UserIdentity struct { Username string Hostname string CurrentUser bool AuthUsername string // Username matched in privileges system AuthHostname string // Match in privs system (i.e. could be a wildcard) }
UserIdentity represents username and hostname.
func (*UserIdentity) LoginString ¶
func (user *UserIdentity) LoginString() string
LoginString returns matched identity in user@host format It matches the login user.
func (*UserIdentity) Restore ¶
func (user *UserIdentity) Restore(ctx *format.RestoreCtx) error
Restore implements Node interface.
func (*UserIdentity) String ¶
func (user *UserIdentity) String() string
String converts UserIdentity to the format user@host. It defaults to providing the AuthIdentity (the matching entry in priv tables) To use the actual identity use LoginString()