//=========================================================
//=========================================================
int main(int /*argc*/, char ** /*argv*/) {
TesterManager_SGL tm("SGL test");
DBG_INF("Manager '%s': start running tests...", tm.getName().c_str());
double dRez = tm.runTest();
DBG_INF("Manager '%s': finished with result %g", tm.getName().c_str(), dRez);
return 0;
}
/* {{{ mysqlnd_res_meta::free */
static void
MYSQLND_METHOD(mysqlnd_res_meta, free)(MYSQLND_RES_METADATA * meta)
{
int i;
MYSQLND_FIELD *fields;
DBG_ENTER("mysqlnd_res_meta::free");
DBG_INF_FMT("persistent=%u", meta->persistent);
if ((fields = meta->fields)) {
DBG_INF("Freeing fields metadata");
i = meta->field_count;
while (i--) {
php_mysqlnd_free_field_metadata(fields++, meta->persistent);
}
mnd_pefree(meta->fields, meta->persistent);
meta->fields = NULL;
}
if (meta->zend_hash_keys) {
DBG_INF("Freeing zend_hash_keys");
mnd_pefree(meta->zend_hash_keys, meta->persistent);
meta->zend_hash_keys = NULL;
}
DBG_INF("Freeing metadata structure");
mnd_pefree(meta, meta->persistent);
DBG_VOID_RETURN;
}
/* {{{ ps_fetch_string */
static
void ps_fetch_string(zval *zv, const MYSQLND_FIELD * const field,
unsigned int pack_len, zend_uchar **row,
zend_bool as_unicode TSRMLS_DC)
{
/*
For now just copy, before we make it possible
to write \0 to the row buffer
*/
unsigned long length = php_mysqlnd_net_field_length(row);
DBG_ENTER("ps_fetch_string");
DBG_INF_FMT("len = %lu", length);
#if PHP_MAJOR_VERSION < 6
DBG_INF("copying from the row buffer");
ZVAL_STRINGL(zv, (char *)*row, length, 1);
#else
if (field->charsetnr == MYSQLND_BINARY_CHARSET_NR) {
DBG_INF("Binary charset");
ZVAL_STRINGL(zv, (char *)*row, length, 1);
} else {
DBG_INF_FMT("copying from the row buffer");
ZVAL_UTF8_STRINGL(zv, (char*)*row, length, ZSTR_DUPLICATE);
}
#endif
(*row) += length;
DBG_VOID_RETURN;
}
/* {{{ mysqlnd_native_auth_get_auth_data */
static zend_uchar *
mysqlnd_caching_sha2_get_auth_data(struct st_mysqlnd_authentication_plugin * self,
size_t * auth_data_len,
MYSQLND_CONN_DATA * conn, const char * const user, const char * const passwd,
const size_t passwd_len, zend_uchar * auth_plugin_data, const size_t auth_plugin_data_len,
const MYSQLND_SESSION_OPTIONS * const session_options,
const MYSQLND_PFC_DATA * const pfc_data,
const zend_ulong mysql_flags
)
{
zend_uchar * ret = NULL;
DBG_ENTER("mysqlnd_caching_sha2_get_auth_data");
DBG_INF_FMT("salt(%d)=[%.*s]", auth_plugin_data_len, auth_plugin_data_len, auth_plugin_data);
*auth_data_len = 0;
DBG_INF("First auth step: send hashed password");
/* copy scrambled pass*/
if (passwd && passwd_len) {
ret = malloc(SHA256_LENGTH + 1);
*auth_data_len = SHA256_LENGTH;
php_mysqlnd_scramble_sha2((zend_uchar*)ret, auth_plugin_data, (zend_uchar*)passwd, passwd_len);
ret[SHA256_LENGTH] = '\0';
DBG_INF_FMT("hash(%d)=[%.*s]", *auth_data_len, *auth_data_len, ret);
}
DBG_RETURN(ret);
}
/* {{{ mysqlnd_command::statistics */
static enum_func_status
MYSQLND_METHOD(mysqlnd_command, statistics)(MYSQLND_CONN_DATA * const conn, zend_string ** message)
{
const func_mysqlnd_protocol_payload_decoder_factory__send_command send_command = conn->payload_decoder_factory->m.send_command;
enum_func_status ret = FAIL;
DBG_ENTER("mysqlnd_command::statistics");
ret = send_command(conn->payload_decoder_factory, COM_STATISTICS, NULL, 0, FALSE,
&conn->state,
conn->error_info,
conn->upsert_status,
conn->stats,
conn->m->send_close,
conn);
if (PASS == ret) {
MYSQLND_PACKET_STATS stats_header;
conn->payload_decoder_factory->m.init_stats_packet(&stats_header);
if (PASS == (ret = PACKET_READ(conn, &stats_header))) {
/* will be freed by Zend, thus don't use the mnd_ allocator */
*message = zend_string_init(stats_header.message.s, stats_header.message.l, 0);
DBG_INF(ZSTR_VAL(*message));
}
PACKET_FREE(&stats_header);
}
DBG_RETURN(ret);
}
/* {{{ mysqlnd_com_statistics_run */
static enum_func_status
mysqlnd_com_statistics_run(void *cmd)
{
struct st_mysqlnd_protocol_com_statistics_command * command = (struct st_mysqlnd_protocol_com_statistics_command *) cmd;
enum_func_status ret = FAIL;
MYSQLND_CONN_DATA * conn = command->context.conn;
zend_string **message = command->context.message;
func_mysqlnd_protocol_payload_decoder_factory__send_command send_command = conn->payload_decoder_factory->m.send_command;
DBG_ENTER("mysqlnd_com_statistics_run");
ret = send_command(conn->payload_decoder_factory, COM_STATISTICS, NULL, 0, FALSE,
&conn->state,
conn->error_info,
conn->upsert_status,
conn->stats,
conn->m->send_close,
conn);
if (PASS == ret) {
MYSQLND_PACKET_STATS * stats_header = conn->payload_decoder_factory->m.get_stats_packet(conn->payload_decoder_factory, FALSE);
if (!stats_header) {
SET_OOM_ERROR(conn->error_info);
} else {
if (PASS == (ret = PACKET_READ(stats_header))) {
/* will be freed by Zend, thus don't use the mnd_ allocator */
*message = zend_string_init(stats_header->message.s, stats_header->message.l, 0);
DBG_INF(ZSTR_VAL(*message));
}
PACKET_FREE(stats_header);
}
}
DBG_RETURN(ret);
}
/* {{{ mysqlnd_res_meta::free */
static void
MYSQLND_METHOD(mysqlnd_res_meta, free)(MYSQLND_RES_METADATA * meta)
{
int i;
MYSQLND_FIELD *fields;
DBG_ENTER("mysqlnd_res_meta::free");
if ((fields = meta->fields)) {
DBG_INF("Freeing fields metadata");
i = meta->field_count;
while (i--) {
php_mysqlnd_free_field_metadata(fields++);
}
meta->fields = NULL;
}
DBG_INF("Freeing metadata structure");
DBG_VOID_RETURN;
}
/* {{{ mysqlnd_sha256_auth_get_auth_data */
static zend_uchar *
mysqlnd_sha256_auth_get_auth_data(struct st_mysqlnd_authentication_plugin * self,
size_t * auth_data_len,
MYSQLND_CONN_DATA * conn, const char * const user, const char * const passwd,
const size_t passwd_len, zend_uchar * auth_plugin_data, size_t auth_plugin_data_len,
const MYSQLND_OPTIONS * const options,
const MYSQLND_NET_OPTIONS * const net_options,
zend_ulong mysql_flags
)
{
RSA * server_public_key;
zend_uchar * ret = NULL;
DBG_ENTER("mysqlnd_sha256_auth_get_auth_data");
DBG_INF_FMT("salt(%d)=[%.*s]", auth_plugin_data_len, auth_plugin_data_len, auth_plugin_data);
if (conn->net->data->ssl) {
DBG_INF("simple clear text under SSL");
/* clear text under SSL */
*auth_data_len = passwd_len;
ret = malloc(passwd_len);
memcpy(ret, passwd, passwd_len);
} else {
*auth_data_len = 0;
server_public_key = mysqlnd_sha256_get_rsa_key(conn, options, net_options);
if (server_public_key) {
int server_public_key_len;
char xor_str[passwd_len + 1];
memcpy(xor_str, passwd, passwd_len);
xor_str[passwd_len] = '\0';
mysqlnd_xor_string(xor_str, passwd_len, (char *) auth_plugin_data, auth_plugin_data_len);
server_public_key_len = RSA_size(server_public_key);
/*
Because RSA_PKCS1_OAEP_PADDING is used there is a restriction on the passwd_len.
RSA_PKCS1_OAEP_PADDING is recommended for new applications. See more here:
http://www.openssl.org/docs/crypto/RSA_public_encrypt.html
*/
if ((size_t) server_public_key_len - 41 <= passwd_len) {
/* password message is to long */
SET_CLIENT_ERROR(*conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, "password is too long");
DBG_ERR("password is too long");
DBG_RETURN(NULL);
}
*auth_data_len = server_public_key_len;
ret = malloc(*auth_data_len);
RSA_public_encrypt(passwd_len + 1, (zend_uchar *) xor_str, ret, server_public_key, RSA_PKCS1_OAEP_PADDING);
}
}
DBG_RETURN(ret);
}
/* {{{ mysqlnd_native_auth_get_auth_data */
static void
mysqlnd_caching_sha2_handle_server_response(struct st_mysqlnd_authentication_plugin *self,
MYSQLND_CONN_DATA * conn,
const zend_uchar * auth_plugin_data, const size_t auth_plugin_data_len,
const char * const passwd,
const size_t passwd_len)
{
DBG_ENTER("mysqlnd_caching_sha2_handle_server_response");
MYSQLND_PACKET_CACHED_SHA2_RESULT result_packet;
conn->payload_decoder_factory->m.init_cached_sha2_result_packet(&result_packet);
if (FAIL == PACKET_READ(conn, &result_packet)) {
DBG_VOID_RETURN;
}
switch (result_packet.response_code) {
case 3:
DBG_INF("fast path succeeded");
DBG_VOID_RETURN;
case 4:
if (conn->vio->data->ssl || conn->unix_socket.s) {
DBG_INF("fast path failed, doing full auth via SSL");
result_packet.password = (zend_uchar *)passwd;
result_packet.password_len = passwd_len + 1;
PACKET_WRITE(conn, &result_packet);
} else {
DBG_INF("fast path failed, doing full auth without SSL");
result_packet.password_len = mysqlnd_caching_sha2_get_and_use_key(conn, auth_plugin_data, auth_plugin_data_len, &result_packet.password, passwd, passwd_len);
PACKET_WRITE(conn, &result_packet);
efree(result_packet.password);
}
DBG_VOID_RETURN;
case 2:
// The server tried to send a key, which we didn't expect
// fall-through
default:
php_error_docref(NULL, E_WARNING, "Unexpected server response while doing caching_sha2 auth: %i", result_packet.response_code);
}
DBG_VOID_RETURN;
}
/* {{{ mysqlnd_res_meta::fetch_field */
static const MYSQLND_FIELD *
MYSQLND_METHOD(mysqlnd_res_meta, fetch_field)(MYSQLND_RES_METADATA * const meta)
{
DBG_ENTER("mysqlnd_res_meta::fetch_field");
if (meta->current_field >= meta->field_count) {
DBG_INF("no more fields");
DBG_RETURN(NULL);
}
DBG_INF_FMT("name=%s max_length=%u",
meta->fields[meta->current_field].name? meta->fields[meta->current_field].name:"",
meta->fields[meta->current_field].max_length);
DBG_RETURN(&meta->fields[meta->current_field++]);
}
/* {{{ ps_fetch_string */
static void
ps_fetch_string(zval * zv, const MYSQLND_FIELD * const field, unsigned int pack_len, zend_uchar ** row)
{
/*
For now just copy, before we make it possible
to write \0 to the row buffer
*/
const zend_ulong length = php_mysqlnd_net_field_length(row);
DBG_ENTER("ps_fetch_string");
DBG_INF_FMT("len = %lu", length);
DBG_INF("copying from the row buffer");
ZVAL_STRINGL(zv, (char *)*row, length);
(*row) += length;
DBG_VOID_RETURN;
}
/* {{{ mysqlnd_net::dtor */
static void
MYSQLND_METHOD(mysqlnd_net, dtor)(MYSQLND_NET * const net, MYSQLND_STATS * const stats, MYSQLND_ERROR_INFO * const error_info)
{
DBG_ENTER("mysqlnd_net::dtor");
if (net) {
net->data->m.free_contents(net);
net->data->m.close_stream(net, stats, error_info);
if (net->cmd_buffer.buffer) {
DBG_INF("Freeing cmd buffer");
mnd_pefree(net->cmd_buffer.buffer, net->persistent);
net->cmd_buffer.buffer = NULL;
}
mnd_pefree(net->data, net->data->persistent);
mnd_pefree(net, net->persistent);
}
DBG_VOID_RETURN;
}
/* {{{ mysqlnd_vio::dtor */
static void
MYSQLND_METHOD(mysqlnd_vio, dtor)(MYSQLND_VIO * const vio, MYSQLND_STATS * const stats, MYSQLND_ERROR_INFO * const error_info)
{
DBG_ENTER("mysqlnd_vio::dtor");
if (vio) {
vio->data->m.free_contents(vio);
vio->data->m.close_stream(vio, stats, error_info);
if (vio->cmd_buffer.buffer) {
DBG_INF("Freeing cmd buffer");
mnd_pefree(vio->cmd_buffer.buffer, vio->persistent);
vio->cmd_buffer.buffer = NULL;
}
mnd_pefree(vio->data, vio->data->persistent);
mnd_pefree(vio, vio->persistent);
}
DBG_VOID_RETURN;
}
/* {{{ mysqlnd_vio::enable_ssl */
static enum_func_status
MYSQLND_METHOD(mysqlnd_vio, enable_ssl)(MYSQLND_VIO * const net)
{
#ifdef MYSQLND_SSL_SUPPORTED
php_stream_context * context = php_stream_context_alloc();
php_stream * net_stream = net->data->m.get_stream(net);
zend_bool any_flag = FALSE;
DBG_ENTER("mysqlnd_vio::enable_ssl");
if (!context) {
DBG_RETURN(FAIL);
}
if (net->data->options.ssl_key) {
zval key_zval;
ZVAL_STRING(&key_zval, net->data->options.ssl_key);
php_stream_context_set_option(context, "ssl", "local_pk", &key_zval);
zval_ptr_dtor(&key_zval);
any_flag = TRUE;
}
if (net->data->options.ssl_cert) {
zval cert_zval;
ZVAL_STRING(&cert_zval, net->data->options.ssl_cert);
php_stream_context_set_option(context, "ssl", "local_cert", &cert_zval);
if (!net->data->options.ssl_key) {
php_stream_context_set_option(context, "ssl", "local_pk", &cert_zval);
}
zval_ptr_dtor(&cert_zval);
any_flag = TRUE;
}
if (net->data->options.ssl_ca) {
zval cafile_zval;
ZVAL_STRING(&cafile_zval, net->data->options.ssl_ca);
php_stream_context_set_option(context, "ssl", "cafile", &cafile_zval);
any_flag = TRUE;
}
if (net->data->options.ssl_capath) {
zval capath_zval;
ZVAL_STRING(&capath_zval, net->data->options.ssl_capath);
php_stream_context_set_option(context, "ssl", "capath", &capath_zval);
zval_ptr_dtor(&capath_zval);
any_flag = TRUE;
}
if (net->data->options.ssl_passphrase) {
zval passphrase_zval;
ZVAL_STRING(&passphrase_zval, net->data->options.ssl_passphrase);
php_stream_context_set_option(context, "ssl", "passphrase", &passphrase_zval);
zval_ptr_dtor(&passphrase_zval);
any_flag = TRUE;
}
if (net->data->options.ssl_cipher) {
zval cipher_zval;
ZVAL_STRING(&cipher_zval, net->data->options.ssl_cipher);
php_stream_context_set_option(context, "ssl", "ciphers", &cipher_zval);
zval_ptr_dtor(&cipher_zval);
any_flag = TRUE;
}
{
zval verify_peer_zval;
zend_bool verify;
if (net->data->options.ssl_verify_peer == MYSQLND_SSL_PEER_DEFAULT) {
net->data->options.ssl_verify_peer = any_flag? MYSQLND_SSL_PEER_DEFAULT_ACTION:MYSQLND_SSL_PEER_DONT_VERIFY;
}
verify = net->data->options.ssl_verify_peer == MYSQLND_SSL_PEER_VERIFY? TRUE:FALSE;
DBG_INF_FMT("VERIFY=%d", verify);
ZVAL_BOOL(&verify_peer_zval, verify);
php_stream_context_set_option(context, "ssl", "verify_peer", &verify_peer_zval);
php_stream_context_set_option(context, "ssl", "verify_peer_name", &verify_peer_zval);
if (net->data->options.ssl_verify_peer == MYSQLND_SSL_PEER_DONT_VERIFY) {
ZVAL_TRUE(&verify_peer_zval);
php_stream_context_set_option(context, "ssl", "allow_self_signed", &verify_peer_zval);
}
}
#if PHP_API_VERSION >= 20131106
php_stream_context_set(net_stream, context);
#else
php_stream_context_set(net_stream, context);
#endif
if (php_stream_xport_crypto_setup(net_stream, STREAM_CRYPTO_METHOD_TLS_CLIENT, NULL) < 0 ||
php_stream_xport_crypto_enable(net_stream, 1) < 0)
{
DBG_ERR("Cannot connect to MySQL by using SSL");
php_error_docref(NULL, E_WARNING, "Cannot connect to MySQL by using SSL");
DBG_RETURN(FAIL);
}
net->data->ssl = TRUE;
/*
get rid of the context. we are persistent and if this is a real pconn used by mysql/mysqli,
then the context would not survive cleaning of EG(regular_list), where it is registered, as a
resource. What happens is that after this destruction any use of the network will mean usage
of the context, which means usage of already freed memory, bad. Actually we don't need this
context anymore after we have enabled SSL on the connection. Thus it is very simple, we remove it.
*/
#if PHP_API_VERSION >= 20131106
php_stream_context_set(net_stream, NULL);
#else
php_stream_context_set(net_stream, NULL);
#endif
if (net->data->options.timeout_read) {
struct timeval tv;
DBG_INF_FMT("setting %u as PHP_STREAM_OPTION_READ_TIMEOUT", net->data->options.timeout_read);
tv.tv_sec = net->data->options.timeout_read;
tv.tv_usec = 0;
php_stream_set_option(net_stream, PHP_STREAM_OPTION_READ_TIMEOUT, 0, &tv);
}
DBG_RETURN(PASS);
#else
DBG_ENTER("mysqlnd_vio::enable_ssl");
DBG_INF("MYSQLND_SSL_SUPPORTED is not defined");
DBG_RETURN(PASS);
#endif
}
/* {{{ mysqlnd_run_authentication */
enum_func_status
mysqlnd_run_authentication(
MYSQLND_CONN_DATA * conn,
const char * const user,
const char * const passwd,
const size_t passwd_len,
const char * const db,
const size_t db_len,
const MYSQLND_STRING auth_plugin_data,
const char * const auth_protocol,
unsigned int charset_no,
const MYSQLND_SESSION_OPTIONS * const session_options,
zend_ulong mysql_flags,
zend_bool silent,
zend_bool is_change_user
)
{
enum_func_status ret = FAIL;
zend_bool first_call = TRUE;
char * switch_to_auth_protocol = NULL;
size_t switch_to_auth_protocol_len = 0;
char * requested_protocol = NULL;
zend_uchar * plugin_data;
size_t plugin_data_len;
DBG_ENTER("mysqlnd_run_authentication");
plugin_data_len = auth_plugin_data.l;
plugin_data = mnd_emalloc(plugin_data_len + 1);
if (!plugin_data) {
goto end;
}
memcpy(plugin_data, auth_plugin_data.s, plugin_data_len);
plugin_data[plugin_data_len] = '\0';
requested_protocol = mnd_pestrdup(auth_protocol? auth_protocol : MYSQLND_DEFAULT_AUTH_PROTOCOL, FALSE);
if (!requested_protocol) {
goto end;
}
do {
struct st_mysqlnd_authentication_plugin * auth_plugin = conn->m->fetch_auth_plugin_by_name(requested_protocol);
if (!auth_plugin) {
php_error_docref(NULL, E_WARNING, "The server requested authentication method unknown to the client [%s]", requested_protocol);
SET_CLIENT_ERROR(conn->error_info, CR_NOT_IMPLEMENTED, UNKNOWN_SQLSTATE, "The server requested authentication method unknown to the client");
goto end;
}
DBG_INF("plugin found");
{
zend_uchar * switch_to_auth_protocol_data = NULL;
size_t switch_to_auth_protocol_data_len = 0;
zend_uchar * scrambled_data = NULL;
size_t scrambled_data_len = 0;
switch_to_auth_protocol = NULL;
switch_to_auth_protocol_len = 0;
if (conn->authentication_plugin_data.s) {
mnd_pefree(conn->authentication_plugin_data.s, conn->persistent);
conn->authentication_plugin_data.s = NULL;
}
conn->authentication_plugin_data.l = plugin_data_len;
conn->authentication_plugin_data.s = mnd_pemalloc(conn->authentication_plugin_data.l, conn->persistent);
if (!conn->authentication_plugin_data.s) {
SET_OOM_ERROR(conn->error_info);
goto end;
}
memcpy(conn->authentication_plugin_data.s, plugin_data, plugin_data_len);
DBG_INF_FMT("salt(%d)=[%.*s]", plugin_data_len, plugin_data_len, plugin_data);
/* The data should be allocated with malloc() */
scrambled_data =
auth_plugin->methods.get_auth_data(NULL, &scrambled_data_len, conn, user, passwd, passwd_len,
plugin_data, plugin_data_len, session_options,
conn->protocol_frame_codec->data, mysql_flags);
if (conn->error_info->error_no) {
goto end;
}
if (FALSE == is_change_user) {
ret = mysqlnd_auth_handshake(conn, user, passwd, passwd_len, db, db_len, session_options, mysql_flags,
charset_no,
first_call,
requested_protocol,
scrambled_data, scrambled_data_len,
&switch_to_auth_protocol, &switch_to_auth_protocol_len,
&switch_to_auth_protocol_data, &switch_to_auth_protocol_data_len
);
} else {
ret = mysqlnd_auth_change_user(conn, user, strlen(user), passwd, passwd_len, db, db_len, silent,
first_call,
requested_protocol,
scrambled_data, scrambled_data_len,
&switch_to_auth_protocol, &switch_to_auth_protocol_len,
&switch_to_auth_protocol_data, &switch_to_auth_protocol_data_len
);
}
first_call = FALSE;
free(scrambled_data);
DBG_INF_FMT("switch_to_auth_protocol=%s", switch_to_auth_protocol? switch_to_auth_protocol:"n/a");
if (requested_protocol && switch_to_auth_protocol) {
mnd_efree(requested_protocol);
requested_protocol = switch_to_auth_protocol;
}
if (plugin_data) {
mnd_efree(plugin_data);
}
plugin_data_len = switch_to_auth_protocol_data_len;
plugin_data = switch_to_auth_protocol_data;
}
DBG_INF_FMT("conn->error_info->error_no = %d", conn->error_info->error_no);
} while (ret == FAIL && conn->error_info->error_no == 0 && switch_to_auth_protocol != NULL);
if (ret == PASS) {
DBG_INF_FMT("saving requested_protocol=%s", requested_protocol);
conn->m->set_client_option(conn, MYSQLND_OPT_AUTH_PROTOCOL, requested_protocol);
}
end:
if (plugin_data) {
mnd_efree(plugin_data);
}
if (requested_protocol) {
mnd_efree(requested_protocol);
}
DBG_RETURN(ret);
}
/* {{{ ps_fetch_from_1_to_8_bytes */
void ps_fetch_from_1_to_8_bytes(zval *zv, const MYSQLND_FIELD * const field,
unsigned int pack_len, zend_uchar **row, zend_bool as_unicode,
unsigned int byte_count TSRMLS_DC)
{
char tmp[22];
size_t tmp_len = 0;
zend_bool is_bit = field->type == MYSQL_TYPE_BIT;
DBG_ENTER("ps_fetch_from_1_to_8_bytes");
DBG_INF_FMT("zv=%p byte_count=%d", zv, byte_count);
if (field->flags & UNSIGNED_FLAG) {
uint64_t uval = 0;
switch (byte_count) {
case 8:uval = is_bit? (uint64_t) bit_uint8korr(*row):(uint64_t) uint8korr(*row);break;
case 7:uval = bit_uint7korr(*row);break;
case 6:uval = bit_uint6korr(*row);break;
case 5:uval = bit_uint5korr(*row);break;
case 4:uval = is_bit? (uint64_t) bit_uint4korr(*row):(uint64_t) uint4korr(*row);break;
case 3:uval = is_bit? (uint64_t) bit_uint3korr(*row):(uint64_t) uint3korr(*row);break;
case 2:uval = is_bit? (uint64_t) bit_uint2korr(*row):(uint64_t) uint2korr(*row);break;
case 1:uval = (uint64_t) uint1korr(*row);break;
}
#if SIZEOF_LONG==4
if (uval > INT_MAX) {
DBG_INF("stringify");
tmp_len = sprintf((char *)&tmp, MYSQLND_LLU_SPEC, uval);
} else
#endif /* #if SIZEOF_LONG==4 */
{
if (byte_count < 8 || uval <= L64(9223372036854775807)) {
ZVAL_LONG(zv, uval);
} else {
DBG_INF("stringify");
tmp_len = sprintf((char *)&tmp, MYSQLND_LLU_SPEC, uval);
}
}
} else {
/* SIGNED */
int64_t lval = 0;
switch (byte_count) {
case 8:lval = (int64_t) sint8korr(*row);break;
/*
7, 6 and 5 are not possible.
BIT is only unsigned, thus only uint5|6|7 macroses exist
*/
case 4:lval = (int64_t) sint4korr(*row);break;
case 3:lval = (int64_t) sint3korr(*row);break;
case 2:lval = (int64_t) sint2korr(*row);break;
case 1:lval = (int64_t) *(int8_t*)*row;break;
}
#if SIZEOF_LONG==4
if ((L64(2147483647) < (int64_t) lval) || (L64(-2147483648) > (int64_t) lval)) {
DBG_INF("stringify");
tmp_len = sprintf((char *)&tmp, MYSQLND_LL_SPEC, lval);
} else
#endif /* SIZEOF */
{
ZVAL_LONG(zv, lval);
}
}
if (tmp_len) {
#if PHP_MAJOR_VERSION >= 6
if (as_unicode) {
DBG_INF("stringify");
ZVAL_UTF8_STRINGL(zv, tmp, tmp_len, ZSTR_DUPLICATE);
} else
#endif
{
DBG_INF("stringify");
ZVAL_STRINGL(zv, tmp, tmp_len, 1);
}
}
(*row)+= byte_count;
DBG_VOID_RETURN;
}
/* {{{ mysqlnd_vio::set_client_option */
static enum_func_status
MYSQLND_METHOD(mysqlnd_vio, set_client_option)(MYSQLND_VIO * const net, enum_mysqlnd_client_option option, const char * const value)
{
DBG_ENTER("mysqlnd_vio::set_client_option");
DBG_INF_FMT("option=%u", option);
switch (option) {
case MYSQLND_OPT_NET_CMD_BUFFER_SIZE:
DBG_INF("MYSQLND_OPT_NET_CMD_BUFFER_SIZE");
if (*(unsigned int*) value < MYSQLND_NET_CMD_BUFFER_MIN_SIZE) {
DBG_RETURN(FAIL);
}
net->cmd_buffer.length = *(unsigned int*) value;
DBG_INF_FMT("new_length="MYSQLND_SZ_T_SPEC, net->cmd_buffer.length);
if (!net->cmd_buffer.buffer) {
net->cmd_buffer.buffer = mnd_pemalloc(net->cmd_buffer.length, net->persistent);
} else {
net->cmd_buffer.buffer = mnd_perealloc(net->cmd_buffer.buffer, net->cmd_buffer.length, net->persistent);
}
break;
case MYSQLND_OPT_NET_READ_BUFFER_SIZE:
DBG_INF("MYSQLND_OPT_NET_READ_BUFFER_SIZE");
net->data->options.net_read_buffer_size = *(unsigned int*) value;
DBG_INF_FMT("new_length="MYSQLND_SZ_T_SPEC, net->data->options.net_read_buffer_size);
break;
case MYSQL_OPT_CONNECT_TIMEOUT:
DBG_INF("MYSQL_OPT_CONNECT_TIMEOUT");
net->data->options.timeout_connect = *(unsigned int*) value;
break;
case MYSQLND_OPT_SSL_KEY:
{
zend_bool pers = net->persistent;
if (net->data->options.ssl_key) {
mnd_pefree(net->data->options.ssl_key, pers);
}
net->data->options.ssl_key = value? mnd_pestrdup(value, pers) : NULL;
break;
}
case MYSQLND_OPT_SSL_CERT:
{
zend_bool pers = net->persistent;
if (net->data->options.ssl_cert) {
mnd_pefree(net->data->options.ssl_cert, pers);
}
net->data->options.ssl_cert = value? mnd_pestrdup(value, pers) : NULL;
break;
}
case MYSQLND_OPT_SSL_CA:
{
zend_bool pers = net->persistent;
if (net->data->options.ssl_ca) {
mnd_pefree(net->data->options.ssl_ca, pers);
}
net->data->options.ssl_ca = value? mnd_pestrdup(value, pers) : NULL;
break;
}
case MYSQLND_OPT_SSL_CAPATH:
{
zend_bool pers = net->persistent;
if (net->data->options.ssl_capath) {
mnd_pefree(net->data->options.ssl_capath, pers);
}
net->data->options.ssl_capath = value? mnd_pestrdup(value, pers) : NULL;
break;
}
case MYSQLND_OPT_SSL_CIPHER:
{
zend_bool pers = net->persistent;
if (net->data->options.ssl_cipher) {
mnd_pefree(net->data->options.ssl_cipher, pers);
}
net->data->options.ssl_cipher = value? mnd_pestrdup(value, pers) : NULL;
break;
}
case MYSQLND_OPT_SSL_PASSPHRASE:
{
zend_bool pers = net->persistent;
if (net->data->options.ssl_passphrase) {
mnd_pefree(net->data->options.ssl_passphrase, pers);
}
net->data->options.ssl_passphrase = value? mnd_pestrdup(value, pers) : NULL;
break;
}
case MYSQL_OPT_SSL_VERIFY_SERVER_CERT:
{
enum mysqlnd_ssl_peer val = *((enum mysqlnd_ssl_peer *)value);
switch (val) {
case MYSQLND_SSL_PEER_VERIFY:
DBG_INF("MYSQLND_SSL_PEER_VERIFY");
break;
case MYSQLND_SSL_PEER_DONT_VERIFY:
DBG_INF("MYSQLND_SSL_PEER_DONT_VERIFY");
break;
case MYSQLND_SSL_PEER_DEFAULT:
DBG_INF("MYSQLND_SSL_PEER_DEFAULT");
val = MYSQLND_SSL_PEER_DEFAULT;
break;
default:
DBG_INF("default = MYSQLND_SSL_PEER_DEFAULT_ACTION");
val = MYSQLND_SSL_PEER_DEFAULT;
break;
}
net->data->options.ssl_verify_peer = val;
break;
}
case MYSQL_OPT_READ_TIMEOUT:
net->data->options.timeout_read = *(unsigned int*) value;
break;
#ifdef WHEN_SUPPORTED_BY_MYSQLI
case MYSQL_OPT_WRITE_TIMEOUT:
net->data->options.timeout_write = *(unsigned int*) value;
break;
#endif
default:
DBG_RETURN(FAIL);
}
DBG_RETURN(PASS);
}
/*
IMPORTANT : It's expected that buffer has place in the beginning for MYSQLND_HEADER_SIZE !!!!
This is done for performance reasons in the caller of this function.
Otherwise we will have to do send two TCP packets, or do new alloc and memcpy.
Neither are quick, thus the clients of this function are obligated to do
what they are asked for.
`count` is actually the length of the payload data. Thus :
count + MYSQLND_HEADER_SIZE = sizeof(buffer) (not the pointer but the actual buffer)
*/
static size_t
MYSQLND_METHOD(mysqlnd_net, send_ex)(MYSQLND_NET * const net, zend_uchar * const buffer, const size_t count,
MYSQLND_STATS * const conn_stats, MYSQLND_ERROR_INFO * const error_info)
{
zend_uchar safe_buf[((MYSQLND_HEADER_SIZE) + (sizeof(zend_uchar)) - 1) / (sizeof(zend_uchar))];
zend_uchar * safe_storage = safe_buf;
size_t bytes_sent, packets_sent = 1;
size_t left = count;
zend_uchar * p = (zend_uchar *) buffer;
zend_uchar * compress_buf = NULL;
size_t to_be_sent;
DBG_ENTER("mysqlnd_net::send_ex");
DBG_INF_FMT("count=" MYSQLND_SZ_T_SPEC " compression=%u", count, net->data->compressed);
if (net->data->compressed == TRUE) {
size_t comp_buf_size = MYSQLND_HEADER_SIZE + COMPRESSED_HEADER_SIZE + MYSQLND_HEADER_SIZE + MIN(left, MYSQLND_MAX_PACKET_SIZE);
DBG_INF_FMT("compress_buf_size="MYSQLND_SZ_T_SPEC, comp_buf_size);
compress_buf = mnd_emalloc(comp_buf_size);
}
do {
to_be_sent = MIN(left, MYSQLND_MAX_PACKET_SIZE);
DBG_INF_FMT("to_be_sent=%u", to_be_sent);
DBG_INF_FMT("packets_sent=%u", packets_sent);
DBG_INF_FMT("compressed_envelope_packet_no=%u", net->compressed_envelope_packet_no);
DBG_INF_FMT("packet_no=%u", net->packet_no);
#ifdef MYSQLND_COMPRESSION_ENABLED
if (net->data->compressed == TRUE) {
/* here we need to compress the data and then write it, first comes the compressed header */
size_t tmp_complen = to_be_sent;
size_t payload_size;
zend_uchar * uncompressed_payload = p; /* should include the header */
STORE_HEADER_SIZE(safe_storage, uncompressed_payload);
int3store(uncompressed_payload, to_be_sent);
int1store(uncompressed_payload + 3, net->packet_no);
if (PASS == net->data->m.encode((compress_buf + COMPRESSED_HEADER_SIZE + MYSQLND_HEADER_SIZE), &tmp_complen,
uncompressed_payload, to_be_sent + MYSQLND_HEADER_SIZE))
{
int3store(compress_buf + MYSQLND_HEADER_SIZE, to_be_sent + MYSQLND_HEADER_SIZE);
payload_size = tmp_complen;
} else {
int3store(compress_buf + MYSQLND_HEADER_SIZE, 0);
memcpy(compress_buf + MYSQLND_HEADER_SIZE + COMPRESSED_HEADER_SIZE, uncompressed_payload, to_be_sent + MYSQLND_HEADER_SIZE);
payload_size = to_be_sent + MYSQLND_HEADER_SIZE;
}
RESTORE_HEADER_SIZE(uncompressed_payload, safe_storage);
int3store(compress_buf, payload_size);
int1store(compress_buf + 3, net->packet_no);
DBG_INF_FMT("writing "MYSQLND_SZ_T_SPEC" bytes to the network", payload_size + MYSQLND_HEADER_SIZE + COMPRESSED_HEADER_SIZE);
bytes_sent = net->data->m.network_write_ex(net, compress_buf, payload_size + MYSQLND_HEADER_SIZE + COMPRESSED_HEADER_SIZE,
conn_stats, error_info);
net->compressed_envelope_packet_no++;
#if WHEN_WE_NEED_TO_CHECK_WHETHER_COMPRESSION_WORKS_CORRECTLY
if (res == Z_OK) {
size_t decompressed_size = left + MYSQLND_HEADER_SIZE;
zend_uchar * decompressed_data = mnd_malloc(decompressed_size);
int error = net->data->m.decode(decompressed_data, decompressed_size,
compress_buf + MYSQLND_HEADER_SIZE + COMPRESSED_HEADER_SIZE, payload_size);
if (error == Z_OK) {
int i;
DBG_INF("success decompressing");
for (i = 0 ; i < decompressed_size; i++) {
if (i && (i % 30 == 0)) {
printf("\n\t\t");
}
printf("%.2X ", (int)*((char*)&(decompressed_data[i])));
DBG_INF_FMT("%.2X ", (int)*((char*)&(decompressed_data[i])));
}
} else {
DBG_INF("error decompressing");
}
mnd_free(decompressed_data);
}
#endif /* WHEN_WE_NEED_TO_CHECK_WHETHER_COMPRESSION_WORKS_CORRECTLY */
} else
#endif /* MYSQLND_COMPRESSION_ENABLED */
{
DBG_INF("no compression");
STORE_HEADER_SIZE(safe_storage, p);
int3store(p, to_be_sent);
int1store(p + 3, net->packet_no);
bytes_sent = net->data->m.network_write_ex(net, p, to_be_sent + MYSQLND_HEADER_SIZE, conn_stats, error_info);
RESTORE_HEADER_SIZE(p, safe_storage);
net->compressed_envelope_packet_no++;
}
net->packet_no++;
p += to_be_sent;
left -= to_be_sent;
packets_sent++;
/*
if left is 0 then there is nothing more to send, but if the last packet was exactly
with the size MYSQLND_MAX_PACKET_SIZE we need to send additional packet, which has
empty payload. Thus if left == 0 we check for to_be_sent being the max size. If it is
indeed it then loop once more, then to_be_sent will become 0, left will stay 0. Empty
packet will be sent and this loop will end.
*/
} while (bytes_sent && (left > 0 || to_be_sent == MYSQLND_MAX_PACKET_SIZE));
DBG_INF_FMT("packet_size="MYSQLND_SZ_T_SPEC" packet_no=%u", left, net->packet_no);
MYSQLND_INC_CONN_STATISTIC_W_VALUE3(conn_stats,
STAT_BYTES_SENT, count + packets_sent * MYSQLND_HEADER_SIZE,
STAT_PROTOCOL_OVERHEAD_OUT, packets_sent * MYSQLND_HEADER_SIZE,
STAT_PACKETS_SENT, packets_sent);
if (compress_buf) {
mnd_efree(compress_buf);
}
/* Even for zero size payload we have to send a packet */
if (!bytes_sent) {
DBG_ERR_FMT("Can't %u send bytes", count);
SET_CLIENT_ERROR(*error_info, CR_SERVER_GONE_ERROR, UNKNOWN_SQLSTATE, mysqlnd_server_gone);
}
DBG_RETURN(bytes_sent);
}
/* {{{ mysqlnd_command::enable_ssl */
static enum_func_status
MYSQLND_METHOD(mysqlnd_command, enable_ssl)(MYSQLND_CONN_DATA * const conn, const size_t client_capabilities, const size_t server_capabilities, const unsigned int charset_no)
{
enum_func_status ret = FAIL;
MYSQLND_PACKET_AUTH auth_packet;
DBG_ENTER("mysqlnd_command::enable_ssl");
DBG_INF_FMT("client_capability_flags=%lu", client_capabilities);
DBG_INF_FMT("CLIENT_LONG_PASSWORD= %d", client_capabilities & CLIENT_LONG_PASSWORD? 1:0);
DBG_INF_FMT("CLIENT_FOUND_ROWS= %d", client_capabilities & CLIENT_FOUND_ROWS? 1:0);
DBG_INF_FMT("CLIENT_LONG_FLAG= %d", client_capabilities & CLIENT_LONG_FLAG? 1:0);
DBG_INF_FMT("CLIENT_NO_SCHEMA= %d", client_capabilities & CLIENT_NO_SCHEMA? 1:0);
DBG_INF_FMT("CLIENT_COMPRESS= %d", client_capabilities & CLIENT_COMPRESS? 1:0);
DBG_INF_FMT("CLIENT_ODBC= %d", client_capabilities & CLIENT_ODBC? 1:0);
DBG_INF_FMT("CLIENT_LOCAL_FILES= %d", client_capabilities & CLIENT_LOCAL_FILES? 1:0);
DBG_INF_FMT("CLIENT_IGNORE_SPACE= %d", client_capabilities & CLIENT_IGNORE_SPACE? 1:0);
DBG_INF_FMT("CLIENT_PROTOCOL_41= %d", client_capabilities & CLIENT_PROTOCOL_41? 1:0);
DBG_INF_FMT("CLIENT_INTERACTIVE= %d", client_capabilities & CLIENT_INTERACTIVE? 1:0);
DBG_INF_FMT("CLIENT_SSL= %d", client_capabilities & CLIENT_SSL? 1:0);
DBG_INF_FMT("CLIENT_IGNORE_SIGPIPE= %d", client_capabilities & CLIENT_IGNORE_SIGPIPE? 1:0);
DBG_INF_FMT("CLIENT_TRANSACTIONS= %d", client_capabilities & CLIENT_TRANSACTIONS? 1:0);
DBG_INF_FMT("CLIENT_RESERVED= %d", client_capabilities & CLIENT_RESERVED? 1:0);
DBG_INF_FMT("CLIENT_SECURE_CONNECTION=%d", client_capabilities & CLIENT_SECURE_CONNECTION? 1:0);
DBG_INF_FMT("CLIENT_MULTI_STATEMENTS=%d", client_capabilities & CLIENT_MULTI_STATEMENTS? 1:0);
DBG_INF_FMT("CLIENT_MULTI_RESULTS= %d", client_capabilities & CLIENT_MULTI_RESULTS? 1:0);
DBG_INF_FMT("CLIENT_PS_MULTI_RESULTS=%d", client_capabilities & CLIENT_PS_MULTI_RESULTS? 1:0);
DBG_INF_FMT("CLIENT_CONNECT_ATTRS= %d", client_capabilities & CLIENT_PLUGIN_AUTH? 1:0);
DBG_INF_FMT("CLIENT_PLUGIN_AUTH_LENENC_CLIENT_DATA= %d", client_capabilities & CLIENT_PLUGIN_AUTH_LENENC_CLIENT_DATA? 1:0);
DBG_INF_FMT("CLIENT_CAN_HANDLE_EXPIRED_PASSWORDS= %d", client_capabilities & CLIENT_CAN_HANDLE_EXPIRED_PASSWORDS? 1:0);
DBG_INF_FMT("CLIENT_SESSION_TRACK= %d", client_capabilities & CLIENT_SESSION_TRACK? 1:0);
DBG_INF_FMT("CLIENT_SSL_VERIFY_SERVER_CERT= %d", client_capabilities & CLIENT_SSL_VERIFY_SERVER_CERT? 1:0);
DBG_INF_FMT("CLIENT_REMEMBER_OPTIONS= %d", client_capabilities & CLIENT_REMEMBER_OPTIONS? 1:0);
conn->payload_decoder_factory->m.init_auth_packet(&auth_packet);
auth_packet.client_flags = client_capabilities;
auth_packet.max_packet_size = MYSQLND_ASSEMBLED_PACKET_MAX_SIZE;
auth_packet.charset_no = charset_no;
#ifdef MYSQLND_SSL_SUPPORTED
if (client_capabilities & CLIENT_SSL) {
const zend_bool server_has_ssl = (server_capabilities & CLIENT_SSL)? TRUE:FALSE;
if (server_has_ssl == FALSE) {
goto close_conn;
} else {
enum mysqlnd_ssl_peer verify = client_capabilities & CLIENT_SSL_VERIFY_SERVER_CERT?
MYSQLND_SSL_PEER_VERIFY:
(client_capabilities & CLIENT_SSL_DONT_VERIFY_SERVER_CERT?
MYSQLND_SSL_PEER_DONT_VERIFY:
MYSQLND_SSL_PEER_DEFAULT);
DBG_INF("Switching to SSL");
if (!PACKET_WRITE(conn, &auth_packet)) {
goto close_conn;
}
conn->vio->data->m.set_client_option(conn->vio, MYSQL_OPT_SSL_VERIFY_SERVER_CERT, (const char *) &verify);
if (FAIL == conn->vio->data->m.enable_ssl(conn->vio)) {
goto end;
}
}
}
#else
auth_packet.client_flags &= ~CLIENT_SSL;
if (!PACKET_WRITE(conn, &auth_packet)) {
goto close_conn;
}
#endif
ret = PASS;
end:
PACKET_FREE(&auth_packet);
DBG_RETURN(ret);
close_conn:
SET_CONNECTION_STATE(&conn->state, CONN_QUIT_SENT);
conn->m->send_close(conn);
SET_CLIENT_ERROR(conn->error_info, CR_SERVER_GONE_ERROR, UNKNOWN_SQLSTATE, mysqlnd_server_gone);
PACKET_FREE(&auth_packet);
DBG_RETURN(ret);
}
/* {{{ mysqlnd_res_meta::read_metadata */
static enum_func_status
MYSQLND_METHOD(mysqlnd_res_meta, read_metadata)(MYSQLND_RES_METADATA * const meta, MYSQLND_CONN_DATA * conn)
{
unsigned int i = 0;
MYSQLND_PACKET_RES_FIELD * field_packet;
DBG_ENTER("mysqlnd_res_meta::read_metadata");
field_packet = conn->payload_decoder_factory->m.get_result_field_packet(conn->payload_decoder_factory, FALSE);
if (!field_packet) {
SET_OOM_ERROR(conn->error_info);
DBG_RETURN(FAIL);
}
field_packet->persistent_alloc = meta->persistent;
for (;i < meta->field_count; i++) {
zend_ulong idx;
if (meta->fields[i].root) {
/* We re-read metadata for PS */
mnd_pefree(meta->fields[i].root, meta->persistent);
meta->fields[i].root = NULL;
}
field_packet->metadata = &(meta->fields[i]);
if (FAIL == PACKET_READ(field_packet)) {
PACKET_FREE(field_packet);
DBG_RETURN(FAIL);
}
if (field_packet->error_info.error_no) {
COPY_CLIENT_ERROR(conn->error_info, field_packet->error_info);
/* Return back from CONN_QUERY_SENT */
PACKET_FREE(field_packet);
DBG_RETURN(FAIL);
}
if (mysqlnd_ps_fetch_functions[meta->fields[i].type].func == NULL) {
DBG_ERR_FMT("Unknown type %u sent by the server. Please send a report to the developers", meta->fields[i].type);
php_error_docref(NULL, E_WARNING, "Unknown type %u sent by the server. Please send a report to the developers", meta->fields[i].type);
PACKET_FREE(field_packet);
DBG_RETURN(FAIL);
}
if (meta->fields[i].type == MYSQL_TYPE_BIT) {
size_t field_len;
DBG_INF("BIT");
++meta->bit_fields_count;
/* .length is in bits */
field_len = meta->fields[i].length / 8;
/*
If there is rest, add one byte :
8 bits = 1 byte but 9 bits = 2 bytes
*/
if (meta->fields[i].length % 8) {
++field_len;
}
switch (field_len) {
case 8:
case 7:
case 6:
case 5:
meta->bit_fields_total_len += 20;/* 21 digis, no sign*/
break;
case 4:
meta->bit_fields_total_len += 10;/* 2 000 000 000*/
break;
case 3:
meta->bit_fields_total_len += 8;/* 12 000 000*/
break;
case 2:
meta->bit_fields_total_len += 5;/* 32 500 */
break;
case 1:
meta->bit_fields_total_len += 3;/* 120 */
break;
}
}
/* For BC we have to check whether the key is numeric and use it like this */
if ((meta->zend_hash_keys[i].is_numeric = ZEND_HANDLE_NUMERIC(field_packet->metadata->sname, idx))) {
meta->zend_hash_keys[i].key = idx;
}
}
PACKET_FREE(field_packet);
DBG_RETURN(PASS);
}
/* {{{ mysqlnd_sha256_get_rsa_key */
static RSA *
mysqlnd_sha256_get_rsa_key(MYSQLND_CONN_DATA * conn,
const MYSQLND_SESSION_OPTIONS * const session_options,
const MYSQLND_PFC_DATA * const pfc_data
)
{
RSA * ret = NULL;
const char * fname = (pfc_data->sha256_server_public_key && pfc_data->sha256_server_public_key[0] != '\0')?
pfc_data->sha256_server_public_key:
MYSQLND_G(sha256_server_public_key);
php_stream * stream;
DBG_ENTER("mysqlnd_sha256_get_rsa_key");
DBG_INF_FMT("options_s256_pk=[%s] MYSQLND_G(sha256_server_public_key)=[%s]",
pfc_data->sha256_server_public_key? pfc_data->sha256_server_public_key:"n/a",
MYSQLND_G(sha256_server_public_key)? MYSQLND_G(sha256_server_public_key):"n/a");
if (!fname || fname[0] == '\0') {
MYSQLND_PACKET_SHA256_PK_REQUEST pk_req_packet;
MYSQLND_PACKET_SHA256_PK_REQUEST_RESPONSE pk_resp_packet;
do {
DBG_INF("requesting the public key from the server");
conn->payload_decoder_factory->m.init_sha256_pk_request_packet(&pk_req_packet);
conn->payload_decoder_factory->m.init_sha256_pk_request_response_packet(&pk_resp_packet);
if (! PACKET_WRITE(conn, &pk_req_packet)) {
DBG_ERR_FMT("Error while sending public key request packet");
php_error(E_WARNING, "Error while sending public key request packet. PID=%d", getpid());
SET_CONNECTION_STATE(&conn->state, CONN_QUIT_SENT);
break;
}
if (FAIL == PACKET_READ(conn, &pk_resp_packet) || NULL == pk_resp_packet.public_key) {
DBG_ERR_FMT("Error while receiving public key");
php_error(E_WARNING, "Error while receiving public key. PID=%d", getpid());
SET_CONNECTION_STATE(&conn->state, CONN_QUIT_SENT);
break;
}
DBG_INF_FMT("Public key(%d):\n%s", pk_resp_packet.public_key_len, pk_resp_packet.public_key);
/* now extract the public key */
{
BIO * bio = BIO_new_mem_buf(pk_resp_packet.public_key, pk_resp_packet.public_key_len);
ret = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL);
BIO_free(bio);
}
} while (0);
PACKET_FREE(&pk_req_packet);
PACKET_FREE(&pk_resp_packet);
DBG_INF_FMT("ret=%p", ret);
DBG_RETURN(ret);
SET_CLIENT_ERROR(conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE,
"sha256_server_public_key is not set for the connection or as mysqlnd.sha256_server_public_key");
DBG_ERR("server_public_key is not set");
DBG_RETURN(NULL);
} else {
zend_string * key_str;
DBG_INF_FMT("Key in a file. [%s]", fname);
stream = php_stream_open_wrapper((char *) fname, "rb", REPORT_ERRORS, NULL);
if (stream) {
if ((key_str = php_stream_copy_to_mem(stream, PHP_STREAM_COPY_ALL, 0)) != NULL) {
BIO * bio = BIO_new_mem_buf(ZSTR_VAL(key_str), ZSTR_LEN(key_str));
ret = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL);
BIO_free(bio);
DBG_INF("Successfully loaded");
DBG_INF_FMT("Public key:%*.s", ZSTR_LEN(key_str), ZSTR_VAL(key_str));
zend_string_release(key_str);
}
php_stream_close(stream);
}
}
DBG_RETURN(ret);
}
/* {{{ mysqlnd_sha256_get_rsa_key */
static RSA *
mysqlnd_sha256_get_rsa_key(MYSQLND_CONN_DATA * conn,
const MYSQLND_OPTIONS * const options,
const MYSQLND_NET_OPTIONS * const net_options
)
{
RSA * ret = NULL;
const char * fname = (net_options->sha256_server_public_key && net_options->sha256_server_public_key[0] != '\0')?
net_options->sha256_server_public_key:
MYSQLND_G(sha256_server_public_key);
php_stream * stream;
DBG_ENTER("mysqlnd_sha256_get_rsa_key");
DBG_INF_FMT("options_s256_pk=[%s] MYSQLND_G(sha256_server_public_key)=[%s]",
net_options->sha256_server_public_key? net_options->sha256_server_public_key:"n/a",
MYSQLND_G(sha256_server_public_key)? MYSQLND_G(sha256_server_public_key):"n/a");
if (!fname || fname[0] == '\0') {
MYSQLND_PACKET_SHA256_PK_REQUEST * pk_req_packet = NULL;
MYSQLND_PACKET_SHA256_PK_REQUEST_RESPONSE * pk_resp_packet = NULL;
do {
DBG_INF("requesting the public key from the server");
pk_req_packet = conn->protocol->m.get_sha256_pk_request_packet(conn->protocol, FALSE);
if (!pk_req_packet) {
SET_OOM_ERROR(*conn->error_info);
break;
}
pk_resp_packet = conn->protocol->m.get_sha256_pk_request_response_packet(conn->protocol, FALSE);
if (!pk_resp_packet) {
SET_OOM_ERROR(*conn->error_info);
PACKET_FREE(pk_req_packet);
break;
}
if (! PACKET_WRITE(pk_req_packet, conn)) {
DBG_ERR_FMT("Error while sending public key request packet");
php_error(E_WARNING, "Error while sending public key request packet. PID=%d", getpid());
CONN_SET_STATE(conn, CONN_QUIT_SENT);
break;
}
if (FAIL == PACKET_READ(pk_resp_packet, conn) || NULL == pk_resp_packet->public_key) {
DBG_ERR_FMT("Error while receiving public key");
php_error(E_WARNING, "Error while receiving public key. PID=%d", getpid());
CONN_SET_STATE(conn, CONN_QUIT_SENT);
break;
}
DBG_INF_FMT("Public key(%d):\n%s", pk_resp_packet->public_key_len, pk_resp_packet->public_key);
/* now extract the public key */
{
BIO * bio = BIO_new_mem_buf(pk_resp_packet->public_key, pk_resp_packet->public_key_len);
ret = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL);
BIO_free(bio);
}
} while (0);
PACKET_FREE(pk_req_packet);
PACKET_FREE(pk_resp_packet);
DBG_INF_FMT("ret=%p", ret);
DBG_RETURN(ret);
SET_CLIENT_ERROR(*conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE,
"sha256_server_public_key is not set for the connection or as mysqlnd.sha256_server_public_key");
DBG_ERR("server_public_key is not set");
DBG_RETURN(NULL);
} else {
zend_string * key_str;
DBG_INF_FMT("Key in a file. [%s]", fname);
stream = php_stream_open_wrapper((char *) fname, "rb", REPORT_ERRORS, NULL);
if (stream) {
if ((key_str = php_stream_copy_to_mem(stream, PHP_STREAM_COPY_ALL, 0)) != NULL) {
BIO * bio = BIO_new_mem_buf(key_str->val, key_str->len);
ret = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL);
BIO_free(bio);
DBG_INF("Successfully loaded");
DBG_INF_FMT("Public key:%*.s", key_str->len, key_str->val);
zend_string_release(key_str);
}
php_stream_free(stream, PHP_STREAM_FREE_CLOSE);
}
}
DBG_RETURN(ret);
}
