diff options
author | Joel Kronqvist <work.joelkronqvist@pm.me> | 2022-03-11 20:46:06 +0200 |
---|---|---|
committer | Joel Kronqvist <work.joelkronqvist@pm.me> | 2022-03-11 20:46:06 +0200 |
commit | 080c5819d87b933816d724a83f3bf4f1686770a7 (patch) | |
tree | 4a2ccc68b27edf7d4cbc586c932cc7542b655e19 /node_modules/mysql2/lib/auth_plugins | |
parent | 5ac7049a9d30733165cc212dee308163c2a14644 (diff) | |
parent | d003b82235a9329f912522a2f70aa950dfce4998 (diff) | |
download | LYLLRuoka-080c5819d87b933816d724a83f3bf4f1686770a7.tar.gz LYLLRuoka-080c5819d87b933816d724a83f3bf4f1686770a7.zip |
Merge branch 'master' of https://github.com/JoelHMikael/FoodJS
Updating remote changes
Diffstat (limited to 'node_modules/mysql2/lib/auth_plugins')
5 files changed, 213 insertions, 0 deletions
diff --git a/node_modules/mysql2/lib/auth_plugins/caching_sha2_password.js b/node_modules/mysql2/lib/auth_plugins/caching_sha2_password.js new file mode 100644 index 0000000..50e8589 --- /dev/null +++ b/node_modules/mysql2/lib/auth_plugins/caching_sha2_password.js @@ -0,0 +1,103 @@ +'use strict'; + +// https://mysqlserverteam.com/mysql-8-0-4-new-default-authentication-plugin-caching_sha2_password/ + +const PLUGIN_NAME = 'caching_sha2_password'; +const crypto = require('crypto'); +const { xor, xorRotating } = require('../auth_41'); + +const REQUEST_SERVER_KEY_PACKET = Buffer.from([2]); +const FAST_AUTH_SUCCESS_PACKET = Buffer.from([3]); +const PERFORM_FULL_AUTHENTICATION_PACKET = Buffer.from([4]); + +const STATE_INITIAL = 0; +const STATE_TOKEN_SENT = 1; +const STATE_WAIT_SERVER_KEY = 2; +const STATE_FINAL = -1; + +function sha256(msg) { + const hash = crypto.createHash('sha256'); + hash.update(msg, 'binary'); + return hash.digest('binary'); +} + +function calculateToken(password, scramble) { + if (!password) { + return Buffer.alloc(0); + } + const stage1 = sha256(Buffer.from(password, 'utf8').toString('binary')); + const stage2 = sha256(stage1); + const stage3 = sha256(stage2 + scramble.toString('binary')); + return xor(stage1, stage3); +} + +function encrypt(password, scramble, key) { + const stage1 = xorRotating( + Buffer.from(`${password}\0`, 'utf8').toString('binary'), + scramble.toString('binary') + ); + return crypto.publicEncrypt(key, stage1); +} + +module.exports = (pluginOptions = {}) => ({ connection }) => { + let state = 0; + let scramble = null; + + const password = connection.config.password; + + const authWithKey = serverKey => { + const _password = encrypt(password, scramble, serverKey); + state = STATE_FINAL; + return _password; + }; + + return data => { + switch (state) { + case STATE_INITIAL: + scramble = data.slice(0, 20); + state = STATE_TOKEN_SENT; + return calculateToken(password, scramble); + + case STATE_TOKEN_SENT: + if (FAST_AUTH_SUCCESS_PACKET.equals(data)) { + state = STATE_FINAL; + return null; + } + + if (PERFORM_FULL_AUTHENTICATION_PACKET.equals(data)) { + const isSecureConnection = + typeof pluginOptions.overrideIsSecure === 'undefined' + ? connection.config.ssl || connection.config.socketPath + : pluginOptions.overrideIsSecure; + if (isSecureConnection) { + state = STATE_FINAL; + return Buffer.from(`${password}\0`, 'utf8'); + } + + // if client provides key we can save one extra roundrip on first connection + if (pluginOptions.serverPublicKey) { + return authWithKey(pluginOptions.serverPublicKey); + } + + state = STATE_WAIT_SERVER_KEY; + return REQUEST_SERVER_KEY_PACKET; + } + throw new Error( + `Invalid AuthMoreData packet received by ${PLUGIN_NAME} plugin in STATE_TOKEN_SENT state.` + ); + case STATE_WAIT_SERVER_KEY: + if (pluginOptions.onServerPublicKey) { + pluginOptions.onServerPublicKey(data); + } + return authWithKey(data); + case STATE_FINAL: + throw new Error( + `Unexpected data in AuthMoreData packet received by ${PLUGIN_NAME} plugin in STATE_FINAL state.` + ); + } + + throw new Error( + `Unexpected data in AuthMoreData packet received by ${PLUGIN_NAME} plugin in state ${state}` + ); + }; +}; diff --git a/node_modules/mysql2/lib/auth_plugins/caching_sha2_password.md b/node_modules/mysql2/lib/auth_plugins/caching_sha2_password.md new file mode 100644 index 0000000..8560e26 --- /dev/null +++ b/node_modules/mysql2/lib/auth_plugins/caching_sha2_password.md @@ -0,0 +1,18 @@ +## + +https://mysqlserverteam.com/mysql-8-0-4-new-default-authentication-plugin-caching_sha2_password/ + +```js +const mysql = require('mysql'); +mysql.createConnection({ + authPlugins: { + caching_sha2_password: mysql.authPlugins.caching_sha2_password({ + onServerPublikKey: function(key) { + console.log(key); + }, + serverPublicKey: 'xxxyyy', + overrideIsSecure: true // + }) + } +}); +``` diff --git a/node_modules/mysql2/lib/auth_plugins/index.js b/node_modules/mysql2/lib/auth_plugins/index.js new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/node_modules/mysql2/lib/auth_plugins/index.js diff --git a/node_modules/mysql2/lib/auth_plugins/mysql_native_password.js b/node_modules/mysql2/lib/auth_plugins/mysql_native_password.js new file mode 100644 index 0000000..83d2618 --- /dev/null +++ b/node_modules/mysql2/lib/auth_plugins/mysql_native_password.js @@ -0,0 +1,32 @@ +'use strict'; + +//const PLUGIN_NAME = 'mysql_native_password'; +const auth41 = require('../auth_41.js'); + +module.exports = pluginOptions => ({ connection, command }) => { + const password = + command.password || pluginOptions.password || connection.config.password; + const passwordSha1 = + command.passwordSha1 || + pluginOptions.passwordSha1 || + connection.config.passwordSha1; + return data => { + const authPluginData1 = data.slice(0, 8); + const authPluginData2 = data.slice(8, 20); + let authToken; + if (passwordSha1) { + authToken = auth41.calculateTokenFromPasswordSha( + passwordSha1, + authPluginData1, + authPluginData2 + ); + } else { + authToken = auth41.calculateToken( + password, + authPluginData1, + authPluginData2 + ); + } + return authToken; + }; +}; diff --git a/node_modules/mysql2/lib/auth_plugins/sha256_password.js b/node_modules/mysql2/lib/auth_plugins/sha256_password.js new file mode 100644 index 0000000..08a41bb --- /dev/null +++ b/node_modules/mysql2/lib/auth_plugins/sha256_password.js @@ -0,0 +1,60 @@ +'use strict'; + +const PLUGIN_NAME = 'sha256_password'; +const crypto = require('crypto'); +const { xor } = require('../auth_41'); + +const REQUEST_SERVER_KEY_PACKET = Buffer.from([1]); + +const STATE_INITIAL = 0; +const STATE_WAIT_SERVER_KEY = 1; +const STATE_FINAL = -1; + +function encrypt(password, scramble, key) { + const stage1 = xor( + Buffer.from(`${password}\0`, 'utf8').toString('binary'), + scramble.toString('binary') + ); + return crypto.publicEncrypt(key, stage1); +} + +module.exports = (pluginOptions = {}) => ({ connection }) => { + let state = 0; + let scramble = null; + + const password = connection.config.password; + + const authWithKey = serverKey => { + const _password = encrypt(password, scramble, serverKey); + state = STATE_FINAL; + return _password; + }; + + return data => { + switch (state) { + case STATE_INITIAL: + scramble = data.slice(0, 20); + // if client provides key we can save one extra roundrip on first connection + if (pluginOptions.serverPublicKey) { + return authWithKey(pluginOptions.serverPublicKey); + } + + state = STATE_WAIT_SERVER_KEY; + return REQUEST_SERVER_KEY_PACKET; + + case STATE_WAIT_SERVER_KEY: + if (pluginOptions.onServerPublicKey) { + pluginOptions.onServerPublicKey(data); + } + return authWithKey(data); + case STATE_FINAL: + throw new Error( + `Unexpected data in AuthMoreData packet received by ${PLUGIN_NAME} plugin in STATE_FINAL state.` + ); + } + + throw new Error( + `Unexpected data in AuthMoreData packet received by ${PLUGIN_NAME} plugin in state ${state}` + ); + }; +}; |