aboutsummaryrefslogtreecommitdiff
path: root/node_modules/mysql2/lib/auth_plugins
diff options
context:
space:
mode:
authorJoel Kronqvist <work.joelkronqvist@pm.me>2022-03-11 20:46:06 +0200
committerJoel Kronqvist <work.joelkronqvist@pm.me>2022-03-11 20:46:06 +0200
commit080c5819d87b933816d724a83f3bf4f1686770a7 (patch)
tree4a2ccc68b27edf7d4cbc586c932cc7542b655e19 /node_modules/mysql2/lib/auth_plugins
parent5ac7049a9d30733165cc212dee308163c2a14644 (diff)
parentd003b82235a9329f912522a2f70aa950dfce4998 (diff)
downloadLYLLRuoka-080c5819d87b933816d724a83f3bf4f1686770a7.tar.gz
LYLLRuoka-080c5819d87b933816d724a83f3bf4f1686770a7.zip
Merge branch 'master' of https://github.com/JoelHMikael/FoodJS
Updating remote changes
Diffstat (limited to 'node_modules/mysql2/lib/auth_plugins')
-rw-r--r--node_modules/mysql2/lib/auth_plugins/caching_sha2_password.js103
-rw-r--r--node_modules/mysql2/lib/auth_plugins/caching_sha2_password.md18
-rw-r--r--node_modules/mysql2/lib/auth_plugins/index.js0
-rw-r--r--node_modules/mysql2/lib/auth_plugins/mysql_native_password.js32
-rw-r--r--node_modules/mysql2/lib/auth_plugins/sha256_password.js60
5 files changed, 213 insertions, 0 deletions
diff --git a/node_modules/mysql2/lib/auth_plugins/caching_sha2_password.js b/node_modules/mysql2/lib/auth_plugins/caching_sha2_password.js
new file mode 100644
index 0000000..50e8589
--- /dev/null
+++ b/node_modules/mysql2/lib/auth_plugins/caching_sha2_password.js
@@ -0,0 +1,103 @@
+'use strict';
+
+// https://mysqlserverteam.com/mysql-8-0-4-new-default-authentication-plugin-caching_sha2_password/
+
+const PLUGIN_NAME = 'caching_sha2_password';
+const crypto = require('crypto');
+const { xor, xorRotating } = require('../auth_41');
+
+const REQUEST_SERVER_KEY_PACKET = Buffer.from([2]);
+const FAST_AUTH_SUCCESS_PACKET = Buffer.from([3]);
+const PERFORM_FULL_AUTHENTICATION_PACKET = Buffer.from([4]);
+
+const STATE_INITIAL = 0;
+const STATE_TOKEN_SENT = 1;
+const STATE_WAIT_SERVER_KEY = 2;
+const STATE_FINAL = -1;
+
+function sha256(msg) {
+ const hash = crypto.createHash('sha256');
+ hash.update(msg, 'binary');
+ return hash.digest('binary');
+}
+
+function calculateToken(password, scramble) {
+ if (!password) {
+ return Buffer.alloc(0);
+ }
+ const stage1 = sha256(Buffer.from(password, 'utf8').toString('binary'));
+ const stage2 = sha256(stage1);
+ const stage3 = sha256(stage2 + scramble.toString('binary'));
+ return xor(stage1, stage3);
+}
+
+function encrypt(password, scramble, key) {
+ const stage1 = xorRotating(
+ Buffer.from(`${password}\0`, 'utf8').toString('binary'),
+ scramble.toString('binary')
+ );
+ return crypto.publicEncrypt(key, stage1);
+}
+
+module.exports = (pluginOptions = {}) => ({ connection }) => {
+ let state = 0;
+ let scramble = null;
+
+ const password = connection.config.password;
+
+ const authWithKey = serverKey => {
+ const _password = encrypt(password, scramble, serverKey);
+ state = STATE_FINAL;
+ return _password;
+ };
+
+ return data => {
+ switch (state) {
+ case STATE_INITIAL:
+ scramble = data.slice(0, 20);
+ state = STATE_TOKEN_SENT;
+ return calculateToken(password, scramble);
+
+ case STATE_TOKEN_SENT:
+ if (FAST_AUTH_SUCCESS_PACKET.equals(data)) {
+ state = STATE_FINAL;
+ return null;
+ }
+
+ if (PERFORM_FULL_AUTHENTICATION_PACKET.equals(data)) {
+ const isSecureConnection =
+ typeof pluginOptions.overrideIsSecure === 'undefined'
+ ? connection.config.ssl || connection.config.socketPath
+ : pluginOptions.overrideIsSecure;
+ if (isSecureConnection) {
+ state = STATE_FINAL;
+ return Buffer.from(`${password}\0`, 'utf8');
+ }
+
+ // if client provides key we can save one extra roundrip on first connection
+ if (pluginOptions.serverPublicKey) {
+ return authWithKey(pluginOptions.serverPublicKey);
+ }
+
+ state = STATE_WAIT_SERVER_KEY;
+ return REQUEST_SERVER_KEY_PACKET;
+ }
+ throw new Error(
+ `Invalid AuthMoreData packet received by ${PLUGIN_NAME} plugin in STATE_TOKEN_SENT state.`
+ );
+ case STATE_WAIT_SERVER_KEY:
+ if (pluginOptions.onServerPublicKey) {
+ pluginOptions.onServerPublicKey(data);
+ }
+ return authWithKey(data);
+ case STATE_FINAL:
+ throw new Error(
+ `Unexpected data in AuthMoreData packet received by ${PLUGIN_NAME} plugin in STATE_FINAL state.`
+ );
+ }
+
+ throw new Error(
+ `Unexpected data in AuthMoreData packet received by ${PLUGIN_NAME} plugin in state ${state}`
+ );
+ };
+};
diff --git a/node_modules/mysql2/lib/auth_plugins/caching_sha2_password.md b/node_modules/mysql2/lib/auth_plugins/caching_sha2_password.md
new file mode 100644
index 0000000..8560e26
--- /dev/null
+++ b/node_modules/mysql2/lib/auth_plugins/caching_sha2_password.md
@@ -0,0 +1,18 @@
+##
+
+https://mysqlserverteam.com/mysql-8-0-4-new-default-authentication-plugin-caching_sha2_password/
+
+```js
+const mysql = require('mysql');
+mysql.createConnection({
+ authPlugins: {
+ caching_sha2_password: mysql.authPlugins.caching_sha2_password({
+ onServerPublikKey: function(key) {
+ console.log(key);
+ },
+ serverPublicKey: 'xxxyyy',
+ overrideIsSecure: true //
+ })
+ }
+});
+```
diff --git a/node_modules/mysql2/lib/auth_plugins/index.js b/node_modules/mysql2/lib/auth_plugins/index.js
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/node_modules/mysql2/lib/auth_plugins/index.js
diff --git a/node_modules/mysql2/lib/auth_plugins/mysql_native_password.js b/node_modules/mysql2/lib/auth_plugins/mysql_native_password.js
new file mode 100644
index 0000000..83d2618
--- /dev/null
+++ b/node_modules/mysql2/lib/auth_plugins/mysql_native_password.js
@@ -0,0 +1,32 @@
+'use strict';
+
+//const PLUGIN_NAME = 'mysql_native_password';
+const auth41 = require('../auth_41.js');
+
+module.exports = pluginOptions => ({ connection, command }) => {
+ const password =
+ command.password || pluginOptions.password || connection.config.password;
+ const passwordSha1 =
+ command.passwordSha1 ||
+ pluginOptions.passwordSha1 ||
+ connection.config.passwordSha1;
+ return data => {
+ const authPluginData1 = data.slice(0, 8);
+ const authPluginData2 = data.slice(8, 20);
+ let authToken;
+ if (passwordSha1) {
+ authToken = auth41.calculateTokenFromPasswordSha(
+ passwordSha1,
+ authPluginData1,
+ authPluginData2
+ );
+ } else {
+ authToken = auth41.calculateToken(
+ password,
+ authPluginData1,
+ authPluginData2
+ );
+ }
+ return authToken;
+ };
+};
diff --git a/node_modules/mysql2/lib/auth_plugins/sha256_password.js b/node_modules/mysql2/lib/auth_plugins/sha256_password.js
new file mode 100644
index 0000000..08a41bb
--- /dev/null
+++ b/node_modules/mysql2/lib/auth_plugins/sha256_password.js
@@ -0,0 +1,60 @@
+'use strict';
+
+const PLUGIN_NAME = 'sha256_password';
+const crypto = require('crypto');
+const { xor } = require('../auth_41');
+
+const REQUEST_SERVER_KEY_PACKET = Buffer.from([1]);
+
+const STATE_INITIAL = 0;
+const STATE_WAIT_SERVER_KEY = 1;
+const STATE_FINAL = -1;
+
+function encrypt(password, scramble, key) {
+ const stage1 = xor(
+ Buffer.from(`${password}\0`, 'utf8').toString('binary'),
+ scramble.toString('binary')
+ );
+ return crypto.publicEncrypt(key, stage1);
+}
+
+module.exports = (pluginOptions = {}) => ({ connection }) => {
+ let state = 0;
+ let scramble = null;
+
+ const password = connection.config.password;
+
+ const authWithKey = serverKey => {
+ const _password = encrypt(password, scramble, serverKey);
+ state = STATE_FINAL;
+ return _password;
+ };
+
+ return data => {
+ switch (state) {
+ case STATE_INITIAL:
+ scramble = data.slice(0, 20);
+ // if client provides key we can save one extra roundrip on first connection
+ if (pluginOptions.serverPublicKey) {
+ return authWithKey(pluginOptions.serverPublicKey);
+ }
+
+ state = STATE_WAIT_SERVER_KEY;
+ return REQUEST_SERVER_KEY_PACKET;
+
+ case STATE_WAIT_SERVER_KEY:
+ if (pluginOptions.onServerPublicKey) {
+ pluginOptions.onServerPublicKey(data);
+ }
+ return authWithKey(data);
+ case STATE_FINAL:
+ throw new Error(
+ `Unexpected data in AuthMoreData packet received by ${PLUGIN_NAME} plugin in STATE_FINAL state.`
+ );
+ }
+
+ throw new Error(
+ `Unexpected data in AuthMoreData packet received by ${PLUGIN_NAME} plugin in state ${state}`
+ );
+ };
+};