auth

package
v0.0.0-...-cd81fdf Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 13, 2022 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// UserNameMaxLength is the max length of username.
	UserNameMaxLength = 32
	// HostNameMaxLength is the max length of host name.
	HostNameMaxLength = 255
)
View Source
const (
	// MIXCHARS is the number of characters to use in the mix
	MIXCHARS = 32
	// SALT_LENGTH is the length of the salt
	SALT_LENGTH = 20 //nolint: revive
	// ITERATION_MULTIPLIER is the number of iterations to use
	ITERATION_MULTIPLIER = 1000 //nolint: revive
)

Variables

This section is empty.

Functions

func CheckScrambledPassword

func CheckScrambledPassword(salt, hpwd, auth []byte) bool

CheckScrambledPassword check scrambled password received from client. The new authentication is performed in following manner:

SERVER:  public_seed=create_random_string()
         send(public_seed)
CLIENT:  recv(public_seed)
         hash_stage1=sha1("password")
         hash_stage2=sha1(hash_stage1)
         reply=xor(hash_stage1, sha1(public_seed,hash_stage2)
         // this three steps are done in scramble()
         send(reply)
SERVER:  recv(reply)
         hash_stage1=xor(reply, sha1(public_seed,hash_stage2))
         candidate_hash2=sha1(hash_stage1)
         check(candidate_hash2==hash_stage2)
         // this three steps are done in check_scramble()

func CheckShaPassword

func CheckShaPassword(pwhash []byte, password string) (bool, error)

CheckShaPassword is to checks if a MySQL style caching_sha2 authentication string matches a password

func DecodePassword

func DecodePassword(pwd string) ([]byte, error)

DecodePassword converts hex string password without prefix '*' to byte array.

func EncodePassword

func EncodePassword(pwd string) string

EncodePassword converts plaintext password(type is string) to hashed hex string.

func EncodePasswordBytes

func EncodePasswordBytes(pwd []byte) string

EncodePasswordBytes converts plaintext password(type is []byte) to hashed hex string.

func NewSha2Password

func NewSha2Password(pwd string) string

NewSha2Password creates a new MySQL style caching_sha2 password hash

func Sha1Hash

func Sha1Hash(bs []byte) []byte

Sha1Hash is an util function to calculate sha1 hash.

Types

type RoleIdentity

type RoleIdentity struct {
	Username string
	Hostname string
}

RoleIdentity represents a role name.

func (*RoleIdentity) Restore

func (role *RoleIdentity) Restore(ctx *format.RestoreCtx) error

Restore implements Node interface.

func (*RoleIdentity) String

func (role *RoleIdentity) String() string

String converts UserIdentity to the format user@host.

type UserIdentity

type UserIdentity struct {
	Username     string
	Hostname     string
	CurrentUser  bool
	AuthUsername string // Username matched in privileges system
	AuthHostname string // Match in privs system (i.e. could be a wildcard)
}

UserIdentity represents username and hostname.

func (*UserIdentity) LoginString

func (user *UserIdentity) LoginString() string

LoginString returns matched identity in user@host format It matches the login user.

func (*UserIdentity) Restore

func (user *UserIdentity) Restore(ctx *format.RestoreCtx) error

Restore implements Node interface.

func (*UserIdentity) String

func (user *UserIdentity) String() string

String converts UserIdentity to the format user@host. It defaults to providing the AuthIdentity (the matching entry in priv tables) To use the actual identity use LoginString()

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL