/* {{{ mysqlnd_object_factory::get_connection */ static MYSQLND * MYSQLND_METHOD(mysqlnd_object_factory, get_connection)(zend_bool persistent TSRMLS_DC) { size_t alloc_size_ret = sizeof(MYSQLND) + mysqlnd_plugin_count() * sizeof(void *); size_t alloc_size_ret_data = sizeof(MYSQLND_CONN_DATA) + mysqlnd_plugin_count() * sizeof(void *); MYSQLND * new_object; MYSQLND_CONN_DATA * data; DBG_ENTER("mysqlnd_driver::get_connection"); DBG_INF_FMT("persistent=%u", persistent); new_object = mnd_pecalloc(1, alloc_size_ret, persistent); if (!new_object) { DBG_RETURN(NULL); } new_object->data = mnd_pecalloc(1, alloc_size_ret_data, persistent); if (!new_object->data) { mnd_pefree(new_object, persistent); DBG_RETURN(NULL); } new_object->persistent = persistent; new_object->m = mysqlnd_conn_get_methods(); data = new_object->data; data->error_info = &(data->error_info_impl); data->options = &(data->options_impl); data->upsert_status = &(data->upsert_status_impl); data->persistent = persistent; data->m = mysqlnd_conn_data_get_methods(); CONN_SET_STATE(data, CONN_ALLOCED); data->m->get_reference(data TSRMLS_CC); if (PASS != data->m->init(data TSRMLS_CC)) { new_object->m->dtor(new_object TSRMLS_CC); DBG_RETURN(NULL); } data->error_info->error_list = mnd_pecalloc(1, sizeof(zend_llist), persistent); if (!data->error_info->error_list) { new_object->m->dtor(new_object TSRMLS_CC); DBG_RETURN(NULL); } else { zend_llist_init(data->error_info->error_list, sizeof(MYSQLND_ERROR_LIST_ELEMENT), (llist_dtor_func_t)mysqlnd_error_list_pdtor, persistent); } DBG_RETURN(new_object); }
/* {{{ mysqlnd_sha256_get_rsa_key */ static RSA * mysqlnd_sha256_get_rsa_key(MYSQLND_CONN_DATA * conn, const MYSQLND_OPTIONS * const options, const MYSQLND_NET_OPTIONS * const net_options ) { RSA * ret = NULL; const char * fname = (net_options->sha256_server_public_key && net_options->sha256_server_public_key[0] != '\0')? net_options->sha256_server_public_key: MYSQLND_G(sha256_server_public_key); php_stream * stream; DBG_ENTER("mysqlnd_sha256_get_rsa_key"); DBG_INF_FMT("options_s256_pk=[%s] MYSQLND_G(sha256_server_public_key)=[%s]", net_options->sha256_server_public_key? net_options->sha256_server_public_key:"n/a", MYSQLND_G(sha256_server_public_key)? MYSQLND_G(sha256_server_public_key):"n/a"); if (!fname || fname[0] == '\0') { MYSQLND_PACKET_SHA256_PK_REQUEST * pk_req_packet = NULL; MYSQLND_PACKET_SHA256_PK_REQUEST_RESPONSE * pk_resp_packet = NULL; do { DBG_INF("requesting the public key from the server"); pk_req_packet = conn->protocol->m.get_sha256_pk_request_packet(conn->protocol, FALSE); if (!pk_req_packet) { SET_OOM_ERROR(*conn->error_info); break; } pk_resp_packet = conn->protocol->m.get_sha256_pk_request_response_packet(conn->protocol, FALSE); if (!pk_resp_packet) { SET_OOM_ERROR(*conn->error_info); PACKET_FREE(pk_req_packet); break; } if (! PACKET_WRITE(pk_req_packet, conn)) { DBG_ERR_FMT("Error while sending public key request packet"); php_error(E_WARNING, "Error while sending public key request packet. PID=%d", getpid()); CONN_SET_STATE(conn, CONN_QUIT_SENT); break; } if (FAIL == PACKET_READ(pk_resp_packet, conn) || NULL == pk_resp_packet->public_key) { DBG_ERR_FMT("Error while receiving public key"); php_error(E_WARNING, "Error while receiving public key. PID=%d", getpid()); CONN_SET_STATE(conn, CONN_QUIT_SENT); break; } DBG_INF_FMT("Public key(%d):\n%s", pk_resp_packet->public_key_len, pk_resp_packet->public_key); /* now extract the public key */ { BIO * bio = BIO_new_mem_buf(pk_resp_packet->public_key, pk_resp_packet->public_key_len); ret = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL); BIO_free(bio); } } while (0); PACKET_FREE(pk_req_packet); PACKET_FREE(pk_resp_packet); DBG_INF_FMT("ret=%p", ret); DBG_RETURN(ret); SET_CLIENT_ERROR(*conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, "sha256_server_public_key is not set for the connection or as mysqlnd.sha256_server_public_key"); DBG_ERR("server_public_key is not set"); DBG_RETURN(NULL); } else { zend_string * key_str; DBG_INF_FMT("Key in a file. [%s]", fname); stream = php_stream_open_wrapper((char *) fname, "rb", REPORT_ERRORS, NULL); if (stream) { if ((key_str = php_stream_copy_to_mem(stream, PHP_STREAM_COPY_ALL, 0)) != NULL) { BIO * bio = BIO_new_mem_buf(key_str->val, key_str->len); ret = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL); BIO_free(bio); DBG_INF("Successfully loaded"); DBG_INF_FMT("Public key:%*.s", key_str->len, key_str->val); zend_string_release(key_str); } php_stream_free(stream, PHP_STREAM_FREE_CLOSE); } } DBG_RETURN(ret); }
/* {{{ mysqlnd_auth_handshake */ enum_func_status mysqlnd_auth_handshake(MYSQLND_CONN_DATA * conn, const char * const user, const char * const passwd, const size_t passwd_len, const char * const db, const size_t db_len, const MYSQLND_OPTIONS * const options, zend_ulong mysql_flags, unsigned int server_charset_no, zend_bool use_full_blown_auth_packet, const char * const auth_protocol, const zend_uchar * const auth_plugin_data, const size_t auth_plugin_data_len, char ** switch_to_auth_protocol, size_t * switch_to_auth_protocol_len, zend_uchar ** switch_to_auth_protocol_data, size_t * switch_to_auth_protocol_data_len ) { enum_func_status ret = FAIL; const MYSQLND_CHARSET * charset = NULL; MYSQLND_PACKET_CHANGE_AUTH_RESPONSE * change_auth_resp_packet = NULL; MYSQLND_PACKET_AUTH_RESPONSE * auth_resp_packet = NULL; MYSQLND_PACKET_AUTH * auth_packet = NULL; DBG_ENTER("mysqlnd_auth_handshake"); auth_resp_packet = conn->protocol->m.get_auth_response_packet(conn->protocol, FALSE); if (!auth_resp_packet) { SET_OOM_ERROR(*conn->error_info); goto end; } if (use_full_blown_auth_packet != TRUE) { change_auth_resp_packet = conn->protocol->m.get_change_auth_response_packet(conn->protocol, FALSE); if (!change_auth_resp_packet) { SET_OOM_ERROR(*conn->error_info); goto end; } change_auth_resp_packet->auth_data = auth_plugin_data; change_auth_resp_packet->auth_data_len = auth_plugin_data_len; if (!PACKET_WRITE(change_auth_resp_packet, conn)) { CONN_SET_STATE(conn, CONN_QUIT_SENT); SET_CLIENT_ERROR(*conn->error_info, CR_SERVER_GONE_ERROR, UNKNOWN_SQLSTATE, mysqlnd_server_gone); goto end; } } else { auth_packet = conn->protocol->m.get_auth_packet(conn->protocol, FALSE); auth_packet->client_flags = mysql_flags; auth_packet->max_packet_size = options->max_allowed_packet; if (options->charset_name && (charset = mysqlnd_find_charset_name(options->charset_name))) { auth_packet->charset_no = charset->nr; } else { auth_packet->charset_no = server_charset_no; } auth_packet->send_auth_data = TRUE; auth_packet->user = user; auth_packet->db = db; auth_packet->db_len = db_len; auth_packet->auth_data = auth_plugin_data; auth_packet->auth_data_len = auth_plugin_data_len; auth_packet->auth_plugin_name = auth_protocol; if (conn->server_capabilities & CLIENT_CONNECT_ATTRS) { auth_packet->connect_attr = conn->options->connect_attr; } if (!PACKET_WRITE(auth_packet, conn)) { goto end; } } if (use_full_blown_auth_packet == TRUE) { conn->charset = mysqlnd_find_charset_nr(auth_packet->charset_no); } if (FAIL == PACKET_READ(auth_resp_packet, conn) || auth_resp_packet->response_code >= 0xFE) { if (auth_resp_packet->response_code == 0xFE) { /* old authentication with new server !*/ if (!auth_resp_packet->new_auth_protocol) { DBG_ERR(mysqlnd_old_passwd); SET_CLIENT_ERROR(*conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, mysqlnd_old_passwd); } else { *switch_to_auth_protocol = mnd_pestrndup(auth_resp_packet->new_auth_protocol, auth_resp_packet->new_auth_protocol_len, FALSE); *switch_to_auth_protocol_len = auth_resp_packet->new_auth_protocol_len; if (auth_resp_packet->new_auth_protocol_data) { *switch_to_auth_protocol_data_len = auth_resp_packet->new_auth_protocol_data_len; *switch_to_auth_protocol_data = mnd_emalloc(*switch_to_auth_protocol_data_len); memcpy(*switch_to_auth_protocol_data, auth_resp_packet->new_auth_protocol_data, *switch_to_auth_protocol_data_len); } else { *switch_to_auth_protocol_data = NULL; *switch_to_auth_protocol_data_len = 0; } } } else if (auth_resp_packet->response_code == 0xFF) { if (auth_resp_packet->sqlstate[0]) { strlcpy(conn->error_info->sqlstate, auth_resp_packet->sqlstate, sizeof(conn->error_info->sqlstate)); DBG_ERR_FMT("ERROR:%u [SQLSTATE:%s] %s", auth_resp_packet->error_no, auth_resp_packet->sqlstate, auth_resp_packet->error); } SET_CLIENT_ERROR(*conn->error_info, auth_resp_packet->error_no, UNKNOWN_SQLSTATE, auth_resp_packet->error); } goto end; } SET_NEW_MESSAGE(conn->last_message, conn->last_message_len, auth_resp_packet->message, auth_resp_packet->message_len, conn->persistent); ret = PASS; end: PACKET_FREE(change_auth_resp_packet); PACKET_FREE(auth_packet); PACKET_FREE(auth_resp_packet); DBG_RETURN(ret); }
/* {{{ mysqlnd_auth_change_user */ enum_func_status mysqlnd_auth_change_user(MYSQLND_CONN_DATA * const conn, const char * const user, const size_t user_len, const char * const passwd, const size_t passwd_len, const char * const db, const size_t db_len, const zend_bool silent, zend_bool use_full_blown_auth_packet, const char * const auth_protocol, zend_uchar * auth_plugin_data, size_t auth_plugin_data_len, char ** switch_to_auth_protocol, size_t * switch_to_auth_protocol_len, zend_uchar ** switch_to_auth_protocol_data, size_t * switch_to_auth_protocol_data_len ) { enum_func_status ret = FAIL; const MYSQLND_CHARSET * old_cs = conn->charset; MYSQLND_PACKET_CHANGE_AUTH_RESPONSE * change_auth_resp_packet = NULL; MYSQLND_PACKET_CHG_USER_RESPONSE * chg_user_resp = NULL; MYSQLND_PACKET_AUTH * auth_packet = NULL; DBG_ENTER("mysqlnd_auth_change_user"); chg_user_resp = conn->protocol->m.get_change_user_response_packet(conn->protocol, FALSE); if (!chg_user_resp) { SET_OOM_ERROR(*conn->error_info); goto end; } if (use_full_blown_auth_packet != TRUE) { change_auth_resp_packet = conn->protocol->m.get_change_auth_response_packet(conn->protocol, FALSE); if (!change_auth_resp_packet) { SET_OOM_ERROR(*conn->error_info); goto end; } change_auth_resp_packet->auth_data = auth_plugin_data; change_auth_resp_packet->auth_data_len = auth_plugin_data_len; if (!PACKET_WRITE(change_auth_resp_packet, conn)) { CONN_SET_STATE(conn, CONN_QUIT_SENT); SET_CLIENT_ERROR(*conn->error_info, CR_SERVER_GONE_ERROR, UNKNOWN_SQLSTATE, mysqlnd_server_gone); goto end; } } else { auth_packet = conn->protocol->m.get_auth_packet(conn->protocol, FALSE); if (!auth_packet) { SET_OOM_ERROR(*conn->error_info); goto end; } auth_packet->is_change_user_packet = TRUE; auth_packet->user = user; auth_packet->db = db; auth_packet->db_len = db_len; auth_packet->silent = silent; auth_packet->auth_data = auth_plugin_data; auth_packet->auth_data_len = auth_plugin_data_len; auth_packet->auth_plugin_name = auth_protocol; if (conn->m->get_server_version(conn) >= 50123) { auth_packet->charset_no = conn->charset->nr; } if (!PACKET_WRITE(auth_packet, conn)) { CONN_SET_STATE(conn, CONN_QUIT_SENT); SET_CLIENT_ERROR(*conn->error_info, CR_SERVER_GONE_ERROR, UNKNOWN_SQLSTATE, mysqlnd_server_gone); goto end; } } ret = PACKET_READ(chg_user_resp, conn); COPY_CLIENT_ERROR(*conn->error_info, chg_user_resp->error_info); if (0xFE == chg_user_resp->response_code) { ret = FAIL; if (!chg_user_resp->new_auth_protocol) { DBG_ERR(mysqlnd_old_passwd); SET_CLIENT_ERROR(*conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, mysqlnd_old_passwd); } else { *switch_to_auth_protocol = mnd_pestrndup(chg_user_resp->new_auth_protocol, chg_user_resp->new_auth_protocol_len, FALSE); *switch_to_auth_protocol_len = chg_user_resp->new_auth_protocol_len; if (chg_user_resp->new_auth_protocol_data) { *switch_to_auth_protocol_data_len = chg_user_resp->new_auth_protocol_data_len; *switch_to_auth_protocol_data = mnd_emalloc(*switch_to_auth_protocol_data_len); memcpy(*switch_to_auth_protocol_data, chg_user_resp->new_auth_protocol_data, *switch_to_auth_protocol_data_len); } else { *switch_to_auth_protocol_data = NULL; *switch_to_auth_protocol_data_len = 0; } } } if (conn->error_info->error_no) { ret = FAIL; /* COM_CHANGE_USER is broken in 5.1. At least in 5.1.15 and 5.1.14, 5.1.11 is immune. bug#25371 mysql_change_user() triggers "packets out of sync" When it gets fixed, there should be one more check here */ if (conn->m->get_server_version(conn) > 50113L &&conn->m->get_server_version(conn) < 50118L) { MYSQLND_PACKET_OK * redundant_error_packet = conn->protocol->m.get_ok_packet(conn->protocol, FALSE); if (redundant_error_packet) { PACKET_READ(redundant_error_packet, conn); PACKET_FREE(redundant_error_packet); DBG_INF_FMT("Server is %u, buggy, sends two ERR messages", conn->m->get_server_version(conn)); } else { SET_OOM_ERROR(*conn->error_info); } } } if (ret == PASS) { char * tmp = NULL; /* if we get conn->user as parameter and then we first free it, then estrndup it, we will crash */ tmp = mnd_pestrndup(user, user_len, conn->persistent); if (conn->user) { mnd_pefree(conn->user, conn->persistent); } conn->user = tmp; tmp = mnd_pestrdup(passwd, conn->persistent); if (conn->passwd) { mnd_pefree(conn->passwd, conn->persistent); } conn->passwd = tmp; if (conn->last_message) { mnd_pefree(conn->last_message, conn->persistent); conn->last_message = NULL; } memset(conn->upsert_status, 0, sizeof(*conn->upsert_status)); /* set charset for old servers */ if (conn->m->get_server_version(conn) < 50123) { ret = conn->m->set_charset(conn, old_cs->name); } } else if (ret == FAIL && chg_user_resp->server_asked_323_auth == TRUE) { /* old authentication with new server !*/ DBG_ERR(mysqlnd_old_passwd); SET_CLIENT_ERROR(*conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, mysqlnd_old_passwd); } end: PACKET_FREE(change_auth_resp_packet); PACKET_FREE(auth_packet); PACKET_FREE(chg_user_resp); DBG_RETURN(ret); }