static
void OnServerAck(PACKET* pAck)
{
for (;;)
{
PACKET* p = Dequeue(QT_Ack);
if (p == NULL)
{
break;
}
if (p->Header.Id != pAck->Ack.PacketId)
{
DEBUG_PRINT("Mismatched packet ID, expecting %d, actual %d\n", p->Header.Id, pAck->Ack.PacketId);
PACKET_FREE(p);
continue;
}
else
{
DEBUG_PRINT("Packet %d acknowledged\n", p->Header.Id);
PACKET_FREE(p);
break;
}
}
uint_t timediff = abs((int64_t)OS_GetTime() - pAck->Header.Timestamp);
if (timediff > 10)
{
DEBUG_PRINT("System time incorrect, %08X, %08X, adjusting system time\n", OS_GetTime(), pAck->Header.Timestamp);
OS_SetTime(pAck->Header.Timestamp);
DEBUG_PRINT("System time after adjustment:%08X\n", OS_GetTime());
}
PACKET_FREE(pAck);
}
/* {{{ mysqlnd_res_meta::read_metadata */
static enum_func_status
MYSQLND_METHOD(mysqlnd_res_meta, read_metadata)(MYSQLND_RES_METADATA * const meta, MYSQLND_CONN_DATA * conn)
{
unsigned int i = 0;
MYSQLND_PACKET_RES_FIELD * field_packet;
DBG_ENTER("mysqlnd_res_meta::read_metadata");
field_packet = conn->payload_decoder_factory->m.get_result_field_packet(conn->payload_decoder_factory, FALSE);
if (!field_packet) {
SET_OOM_ERROR(conn->error_info);
DBG_RETURN(FAIL);
}
field_packet->persistent_alloc = meta->persistent;
for (;i < meta->field_count; i++) {
zend_ulong idx;
if (meta->fields[i].root) {
/* We re-read metadata for PS */
mnd_pefree(meta->fields[i].root, meta->persistent);
meta->fields[i].root = NULL;
}
field_packet->metadata = &(meta->fields[i]);
if (FAIL == PACKET_READ(field_packet)) {
PACKET_FREE(field_packet);
DBG_RETURN(FAIL);
}
if (field_packet->error_info.error_no) {
COPY_CLIENT_ERROR(conn->error_info, field_packet->error_info);
/* Return back from CONN_QUERY_SENT */
PACKET_FREE(field_packet);
DBG_RETURN(FAIL);
}
if (mysqlnd_ps_fetch_functions[meta->fields[i].type].func == NULL) {
DBG_ERR_FMT("Unknown type %u sent by the server. Please send a report to the developers", meta->fields[i].type);
php_error_docref(NULL, E_WARNING, "Unknown type %u sent by the server. Please send a report to the developers", meta->fields[i].type);
PACKET_FREE(field_packet);
DBG_RETURN(FAIL);
}
/* For BC we have to check whether the key is numeric and use it like this */
if ((meta->zend_hash_keys[i].is_numeric = ZEND_HANDLE_NUMERIC(field_packet->metadata->sname, idx))) {
meta->zend_hash_keys[i].key = idx;
}
}
PACKET_FREE(field_packet);
DBG_RETURN(PASS);
}
/* {{{ mysqlnd_command::statistics */
static enum_func_status
MYSQLND_METHOD(mysqlnd_command, statistics)(MYSQLND_CONN_DATA * const conn, zend_string ** message)
{
const func_mysqlnd_protocol_payload_decoder_factory__send_command send_command = conn->payload_decoder_factory->m.send_command;
enum_func_status ret = FAIL;
DBG_ENTER("mysqlnd_command::statistics");
ret = send_command(conn->payload_decoder_factory, COM_STATISTICS, NULL, 0, FALSE,
&conn->state,
conn->error_info,
conn->upsert_status,
conn->stats,
conn->m->send_close,
conn);
if (PASS == ret) {
MYSQLND_PACKET_STATS stats_header;
conn->payload_decoder_factory->m.init_stats_packet(&stats_header);
if (PASS == (ret = PACKET_READ(conn, &stats_header))) {
/* will be freed by Zend, thus don't use the mnd_ allocator */
*message = zend_string_init(stats_header.message.s, stats_header.message.l, 0);
DBG_INF(ZSTR_VAL(*message));
}
PACKET_FREE(&stats_header);
}
DBG_RETURN(ret);
}
/* {{{ mysqlnd_com_statistics_run */
static enum_func_status
mysqlnd_com_statistics_run(void *cmd)
{
struct st_mysqlnd_protocol_com_statistics_command * command = (struct st_mysqlnd_protocol_com_statistics_command *) cmd;
enum_func_status ret = FAIL;
MYSQLND_CONN_DATA * conn = command->context.conn;
zend_string **message = command->context.message;
func_mysqlnd_protocol_payload_decoder_factory__send_command send_command = conn->payload_decoder_factory->m.send_command;
DBG_ENTER("mysqlnd_com_statistics_run");
ret = send_command(conn->payload_decoder_factory, COM_STATISTICS, NULL, 0, FALSE,
&conn->state,
conn->error_info,
conn->upsert_status,
conn->stats,
conn->m->send_close,
conn);
if (PASS == ret) {
MYSQLND_PACKET_STATS * stats_header = conn->payload_decoder_factory->m.get_stats_packet(conn->payload_decoder_factory, FALSE);
if (!stats_header) {
SET_OOM_ERROR(conn->error_info);
} else {
if (PASS == (ret = PACKET_READ(stats_header))) {
/* will be freed by Zend, thus don't use the mnd_ allocator */
*message = zend_string_init(stats_header->message.s, stats_header->message.l, 0);
DBG_INF(ZSTR_VAL(*message));
}
PACKET_FREE(stats_header);
}
}
DBG_RETURN(ret);
}
void OnServerPacket(PACKET* p)
{
switch (p->Header.Type)
{
case PT_ACKNOWLEDGE:
OnServerAck(p);
break;
default:
DEBUG_PRINT("Unexpected server packet type:%d\n", p->Header.Type);
PACKET_FREE(p);
break;
}
}
/* {{{ mysqlnd_command::handshake */
static enum_func_status
MYSQLND_METHOD(mysqlnd_command, handshake)(MYSQLND_CONN_DATA * const conn, const MYSQLND_CSTRING username, const MYSQLND_CSTRING password, const MYSQLND_CSTRING database, const size_t client_flags)
{
const char * const user = username.s;
const char * const passwd = password.s;
const size_t passwd_len = password.l;
const char * const db = database.s;
const size_t db_len = database.l;
const size_t mysql_flags = client_flags;
MYSQLND_PACKET_GREET greet_packet;
DBG_ENTER("mysqlnd_command::handshake");
DBG_INF_FMT("stream=%p", conn->vio->data->m.get_stream(conn->vio));
DBG_INF_FMT("[user=%s] [db=%s:%d] [flags=%llu]", user, db, db_len, mysql_flags);
conn->payload_decoder_factory->m.init_greet_packet(&greet_packet);
if (FAIL == PACKET_READ(conn, &greet_packet)) {
DBG_ERR("Error while reading greeting packet");
php_error_docref(NULL, E_WARNING, "Error while reading greeting packet. PID=%d", getpid());
goto err;
} else if (greet_packet.error_no) {
DBG_ERR_FMT("errorno=%u error=%s", greet_packet.error_no, greet_packet.error);
SET_CLIENT_ERROR(conn->error_info, greet_packet.error_no, greet_packet.sqlstate, greet_packet.error);
goto err;
} else if (greet_packet.pre41) {
DBG_ERR_FMT("Connecting to 3.22, 3.23 & 4.0 is not supported. Server is %-.32s", greet_packet.server_version);
php_error_docref(NULL, E_WARNING, "Connecting to 3.22, 3.23 & 4.0 "
" is not supported. Server is %-.32s", greet_packet.server_version);
SET_CLIENT_ERROR(conn->error_info, CR_NOT_IMPLEMENTED, UNKNOWN_SQLSTATE,
"Connecting to 3.22, 3.23 & 4.0 servers is not supported");
goto err;
}
conn->thread_id = greet_packet.thread_id;
conn->protocol_version = greet_packet.protocol_version;
conn->server_version = mnd_pestrdup(greet_packet.server_version, conn->persistent);
conn->greet_charset = mysqlnd_find_charset_nr(greet_packet.charset_no);
if (!conn->greet_charset) {
php_error_docref(NULL, E_WARNING,
"Server sent charset (%d) unknown to the client. Please, report to the developers", greet_packet.charset_no);
SET_CLIENT_ERROR(conn->error_info, CR_NOT_IMPLEMENTED, UNKNOWN_SQLSTATE,
"Server sent charset unknown to the client. Please, report to the developers");
goto err;
}
conn->server_capabilities = greet_packet.server_capabilities;
if (FAIL == mysqlnd_connect_run_authentication(conn, user, passwd, db, db_len, (size_t) passwd_len,
greet_packet.authentication_plugin_data, greet_packet.auth_protocol,
greet_packet.charset_no, greet_packet.server_capabilities,
conn->options, mysql_flags))
{
goto err;
}
UPSERT_STATUS_RESET(conn->upsert_status);
UPSERT_STATUS_SET_SERVER_STATUS(conn->upsert_status, greet_packet.server_status);
PACKET_FREE(&greet_packet);
DBG_RETURN(PASS);
err:
conn->server_capabilities = 0;
PACKET_FREE(&greet_packet);
DBG_RETURN(FAIL);
}
/* {{{ mysqlnd_command::enable_ssl */
static enum_func_status
MYSQLND_METHOD(mysqlnd_command, enable_ssl)(MYSQLND_CONN_DATA * const conn, const size_t client_capabilities, const size_t server_capabilities, const unsigned int charset_no)
{
enum_func_status ret = FAIL;
MYSQLND_PACKET_AUTH auth_packet;
DBG_ENTER("mysqlnd_command::enable_ssl");
DBG_INF_FMT("client_capability_flags=%lu", client_capabilities);
DBG_INF_FMT("CLIENT_LONG_PASSWORD= %d", client_capabilities & CLIENT_LONG_PASSWORD? 1:0);
DBG_INF_FMT("CLIENT_FOUND_ROWS= %d", client_capabilities & CLIENT_FOUND_ROWS? 1:0);
DBG_INF_FMT("CLIENT_LONG_FLAG= %d", client_capabilities & CLIENT_LONG_FLAG? 1:0);
DBG_INF_FMT("CLIENT_NO_SCHEMA= %d", client_capabilities & CLIENT_NO_SCHEMA? 1:0);
DBG_INF_FMT("CLIENT_COMPRESS= %d", client_capabilities & CLIENT_COMPRESS? 1:0);
DBG_INF_FMT("CLIENT_ODBC= %d", client_capabilities & CLIENT_ODBC? 1:0);
DBG_INF_FMT("CLIENT_LOCAL_FILES= %d", client_capabilities & CLIENT_LOCAL_FILES? 1:0);
DBG_INF_FMT("CLIENT_IGNORE_SPACE= %d", client_capabilities & CLIENT_IGNORE_SPACE? 1:0);
DBG_INF_FMT("CLIENT_PROTOCOL_41= %d", client_capabilities & CLIENT_PROTOCOL_41? 1:0);
DBG_INF_FMT("CLIENT_INTERACTIVE= %d", client_capabilities & CLIENT_INTERACTIVE? 1:0);
DBG_INF_FMT("CLIENT_SSL= %d", client_capabilities & CLIENT_SSL? 1:0);
DBG_INF_FMT("CLIENT_IGNORE_SIGPIPE= %d", client_capabilities & CLIENT_IGNORE_SIGPIPE? 1:0);
DBG_INF_FMT("CLIENT_TRANSACTIONS= %d", client_capabilities & CLIENT_TRANSACTIONS? 1:0);
DBG_INF_FMT("CLIENT_RESERVED= %d", client_capabilities & CLIENT_RESERVED? 1:0);
DBG_INF_FMT("CLIENT_SECURE_CONNECTION=%d", client_capabilities & CLIENT_SECURE_CONNECTION? 1:0);
DBG_INF_FMT("CLIENT_MULTI_STATEMENTS=%d", client_capabilities & CLIENT_MULTI_STATEMENTS? 1:0);
DBG_INF_FMT("CLIENT_MULTI_RESULTS= %d", client_capabilities & CLIENT_MULTI_RESULTS? 1:0);
DBG_INF_FMT("CLIENT_PS_MULTI_RESULTS=%d", client_capabilities & CLIENT_PS_MULTI_RESULTS? 1:0);
DBG_INF_FMT("CLIENT_CONNECT_ATTRS= %d", client_capabilities & CLIENT_PLUGIN_AUTH? 1:0);
DBG_INF_FMT("CLIENT_PLUGIN_AUTH_LENENC_CLIENT_DATA= %d", client_capabilities & CLIENT_PLUGIN_AUTH_LENENC_CLIENT_DATA? 1:0);
DBG_INF_FMT("CLIENT_CAN_HANDLE_EXPIRED_PASSWORDS= %d", client_capabilities & CLIENT_CAN_HANDLE_EXPIRED_PASSWORDS? 1:0);
DBG_INF_FMT("CLIENT_SESSION_TRACK= %d", client_capabilities & CLIENT_SESSION_TRACK? 1:0);
DBG_INF_FMT("CLIENT_SSL_VERIFY_SERVER_CERT= %d", client_capabilities & CLIENT_SSL_VERIFY_SERVER_CERT? 1:0);
DBG_INF_FMT("CLIENT_REMEMBER_OPTIONS= %d", client_capabilities & CLIENT_REMEMBER_OPTIONS? 1:0);
conn->payload_decoder_factory->m.init_auth_packet(&auth_packet);
auth_packet.client_flags = client_capabilities;
auth_packet.max_packet_size = MYSQLND_ASSEMBLED_PACKET_MAX_SIZE;
auth_packet.charset_no = charset_no;
#ifdef MYSQLND_SSL_SUPPORTED
if (client_capabilities & CLIENT_SSL) {
const zend_bool server_has_ssl = (server_capabilities & CLIENT_SSL)? TRUE:FALSE;
if (server_has_ssl == FALSE) {
goto close_conn;
} else {
enum mysqlnd_ssl_peer verify = client_capabilities & CLIENT_SSL_VERIFY_SERVER_CERT?
MYSQLND_SSL_PEER_VERIFY:
(client_capabilities & CLIENT_SSL_DONT_VERIFY_SERVER_CERT?
MYSQLND_SSL_PEER_DONT_VERIFY:
MYSQLND_SSL_PEER_DEFAULT);
DBG_INF("Switching to SSL");
if (!PACKET_WRITE(conn, &auth_packet)) {
goto close_conn;
}
conn->vio->data->m.set_client_option(conn->vio, MYSQL_OPT_SSL_VERIFY_SERVER_CERT, (const char *) &verify);
if (FAIL == conn->vio->data->m.enable_ssl(conn->vio)) {
goto end;
}
}
}
#else
auth_packet.client_flags &= ~CLIENT_SSL;
if (!PACKET_WRITE(conn, &auth_packet)) {
goto close_conn;
}
#endif
ret = PASS;
end:
PACKET_FREE(&auth_packet);
DBG_RETURN(ret);
close_conn:
SET_CONNECTION_STATE(&conn->state, CONN_QUIT_SENT);
conn->m->send_close(conn);
SET_CLIENT_ERROR(conn->error_info, CR_SERVER_GONE_ERROR, UNKNOWN_SQLSTATE, mysqlnd_server_gone);
PACKET_FREE(&auth_packet);
DBG_RETURN(ret);
}
/* {{{ mysqlnd_sha256_get_rsa_key */
static RSA *
mysqlnd_sha256_get_rsa_key(MYSQLND_CONN_DATA * conn,
const MYSQLND_OPTIONS * const options,
const MYSQLND_NET_OPTIONS * const net_options
)
{
RSA * ret = NULL;
const char * fname = (net_options->sha256_server_public_key && net_options->sha256_server_public_key[0] != '\0')?
net_options->sha256_server_public_key:
MYSQLND_G(sha256_server_public_key);
php_stream * stream;
DBG_ENTER("mysqlnd_sha256_get_rsa_key");
DBG_INF_FMT("options_s256_pk=[%s] MYSQLND_G(sha256_server_public_key)=[%s]",
net_options->sha256_server_public_key? net_options->sha256_server_public_key:"n/a",
MYSQLND_G(sha256_server_public_key)? MYSQLND_G(sha256_server_public_key):"n/a");
if (!fname || fname[0] == '\0') {
MYSQLND_PACKET_SHA256_PK_REQUEST * pk_req_packet = NULL;
MYSQLND_PACKET_SHA256_PK_REQUEST_RESPONSE * pk_resp_packet = NULL;
do {
DBG_INF("requesting the public key from the server");
pk_req_packet = conn->protocol->m.get_sha256_pk_request_packet(conn->protocol, FALSE);
if (!pk_req_packet) {
SET_OOM_ERROR(*conn->error_info);
break;
}
pk_resp_packet = conn->protocol->m.get_sha256_pk_request_response_packet(conn->protocol, FALSE);
if (!pk_resp_packet) {
SET_OOM_ERROR(*conn->error_info);
PACKET_FREE(pk_req_packet);
break;
}
if (! PACKET_WRITE(pk_req_packet, conn)) {
DBG_ERR_FMT("Error while sending public key request packet");
php_error(E_WARNING, "Error while sending public key request packet. PID=%d", getpid());
CONN_SET_STATE(conn, CONN_QUIT_SENT);
break;
}
if (FAIL == PACKET_READ(pk_resp_packet, conn) || NULL == pk_resp_packet->public_key) {
DBG_ERR_FMT("Error while receiving public key");
php_error(E_WARNING, "Error while receiving public key. PID=%d", getpid());
CONN_SET_STATE(conn, CONN_QUIT_SENT);
break;
}
DBG_INF_FMT("Public key(%d):\n%s", pk_resp_packet->public_key_len, pk_resp_packet->public_key);
/* now extract the public key */
{
BIO * bio = BIO_new_mem_buf(pk_resp_packet->public_key, pk_resp_packet->public_key_len);
ret = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL);
BIO_free(bio);
}
} while (0);
PACKET_FREE(pk_req_packet);
PACKET_FREE(pk_resp_packet);
DBG_INF_FMT("ret=%p", ret);
DBG_RETURN(ret);
SET_CLIENT_ERROR(*conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE,
"sha256_server_public_key is not set for the connection or as mysqlnd.sha256_server_public_key");
DBG_ERR("server_public_key is not set");
DBG_RETURN(NULL);
} else {
zend_string * key_str;
DBG_INF_FMT("Key in a file. [%s]", fname);
stream = php_stream_open_wrapper((char *) fname, "rb", REPORT_ERRORS, NULL);
if (stream) {
if ((key_str = php_stream_copy_to_mem(stream, PHP_STREAM_COPY_ALL, 0)) != NULL) {
BIO * bio = BIO_new_mem_buf(key_str->val, key_str->len);
ret = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL);
BIO_free(bio);
DBG_INF("Successfully loaded");
DBG_INF_FMT("Public key:%*.s", key_str->len, key_str->val);
zend_string_release(key_str);
}
php_stream_free(stream, PHP_STREAM_FREE_CLOSE);
}
}
DBG_RETURN(ret);
}
/* {{{ mysqlnd_auth_handshake */
enum_func_status
mysqlnd_auth_handshake(MYSQLND_CONN_DATA * conn,
const char * const user,
const char * const passwd,
const size_t passwd_len,
const char * const db,
const size_t db_len,
const MYSQLND_OPTIONS * const options,
zend_ulong mysql_flags,
unsigned int server_charset_no,
zend_bool use_full_blown_auth_packet,
const char * const auth_protocol,
const zend_uchar * const auth_plugin_data,
const size_t auth_plugin_data_len,
char ** switch_to_auth_protocol,
size_t * switch_to_auth_protocol_len,
zend_uchar ** switch_to_auth_protocol_data,
size_t * switch_to_auth_protocol_data_len
)
{
enum_func_status ret = FAIL;
const MYSQLND_CHARSET * charset = NULL;
MYSQLND_PACKET_CHANGE_AUTH_RESPONSE * change_auth_resp_packet = NULL;
MYSQLND_PACKET_AUTH_RESPONSE * auth_resp_packet = NULL;
MYSQLND_PACKET_AUTH * auth_packet = NULL;
DBG_ENTER("mysqlnd_auth_handshake");
auth_resp_packet = conn->protocol->m.get_auth_response_packet(conn->protocol, FALSE);
if (!auth_resp_packet) {
SET_OOM_ERROR(*conn->error_info);
goto end;
}
if (use_full_blown_auth_packet != TRUE) {
change_auth_resp_packet = conn->protocol->m.get_change_auth_response_packet(conn->protocol, FALSE);
if (!change_auth_resp_packet) {
SET_OOM_ERROR(*conn->error_info);
goto end;
}
change_auth_resp_packet->auth_data = auth_plugin_data;
change_auth_resp_packet->auth_data_len = auth_plugin_data_len;
if (!PACKET_WRITE(change_auth_resp_packet, conn)) {
CONN_SET_STATE(conn, CONN_QUIT_SENT);
SET_CLIENT_ERROR(*conn->error_info, CR_SERVER_GONE_ERROR, UNKNOWN_SQLSTATE, mysqlnd_server_gone);
goto end;
}
} else {
auth_packet = conn->protocol->m.get_auth_packet(conn->protocol, FALSE);
auth_packet->client_flags = mysql_flags;
auth_packet->max_packet_size = options->max_allowed_packet;
if (options->charset_name && (charset = mysqlnd_find_charset_name(options->charset_name))) {
auth_packet->charset_no = charset->nr;
} else {
auth_packet->charset_no = server_charset_no;
}
auth_packet->send_auth_data = TRUE;
auth_packet->user = user;
auth_packet->db = db;
auth_packet->db_len = db_len;
auth_packet->auth_data = auth_plugin_data;
auth_packet->auth_data_len = auth_plugin_data_len;
auth_packet->auth_plugin_name = auth_protocol;
if (conn->server_capabilities & CLIENT_CONNECT_ATTRS) {
auth_packet->connect_attr = conn->options->connect_attr;
}
if (!PACKET_WRITE(auth_packet, conn)) {
goto end;
}
}
if (use_full_blown_auth_packet == TRUE) {
conn->charset = mysqlnd_find_charset_nr(auth_packet->charset_no);
}
if (FAIL == PACKET_READ(auth_resp_packet, conn) || auth_resp_packet->response_code >= 0xFE) {
if (auth_resp_packet->response_code == 0xFE) {
/* old authentication with new server !*/
if (!auth_resp_packet->new_auth_protocol) {
DBG_ERR(mysqlnd_old_passwd);
SET_CLIENT_ERROR(*conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, mysqlnd_old_passwd);
} else {
*switch_to_auth_protocol = mnd_pestrndup(auth_resp_packet->new_auth_protocol, auth_resp_packet->new_auth_protocol_len, FALSE);
*switch_to_auth_protocol_len = auth_resp_packet->new_auth_protocol_len;
if (auth_resp_packet->new_auth_protocol_data) {
*switch_to_auth_protocol_data_len = auth_resp_packet->new_auth_protocol_data_len;
*switch_to_auth_protocol_data = mnd_emalloc(*switch_to_auth_protocol_data_len);
memcpy(*switch_to_auth_protocol_data, auth_resp_packet->new_auth_protocol_data, *switch_to_auth_protocol_data_len);
} else {
*switch_to_auth_protocol_data = NULL;
*switch_to_auth_protocol_data_len = 0;
}
}
} else if (auth_resp_packet->response_code == 0xFF) {
if (auth_resp_packet->sqlstate[0]) {
strlcpy(conn->error_info->sqlstate, auth_resp_packet->sqlstate, sizeof(conn->error_info->sqlstate));
DBG_ERR_FMT("ERROR:%u [SQLSTATE:%s] %s", auth_resp_packet->error_no, auth_resp_packet->sqlstate, auth_resp_packet->error);
}
SET_CLIENT_ERROR(*conn->error_info, auth_resp_packet->error_no, UNKNOWN_SQLSTATE, auth_resp_packet->error);
}
goto end;
}
SET_NEW_MESSAGE(conn->last_message, conn->last_message_len, auth_resp_packet->message, auth_resp_packet->message_len, conn->persistent);
ret = PASS;
end:
PACKET_FREE(change_auth_resp_packet);
PACKET_FREE(auth_packet);
PACKET_FREE(auth_resp_packet);
DBG_RETURN(ret);
}
/* {{{ mysqlnd_auth_change_user */
enum_func_status
mysqlnd_auth_change_user(MYSQLND_CONN_DATA * const conn,
const char * const user,
const size_t user_len,
const char * const passwd,
const size_t passwd_len,
const char * const db,
const size_t db_len,
const zend_bool silent,
zend_bool use_full_blown_auth_packet,
const char * const auth_protocol,
zend_uchar * auth_plugin_data,
size_t auth_plugin_data_len,
char ** switch_to_auth_protocol,
size_t * switch_to_auth_protocol_len,
zend_uchar ** switch_to_auth_protocol_data,
size_t * switch_to_auth_protocol_data_len
)
{
enum_func_status ret = FAIL;
const MYSQLND_CHARSET * old_cs = conn->charset;
MYSQLND_PACKET_CHANGE_AUTH_RESPONSE * change_auth_resp_packet = NULL;
MYSQLND_PACKET_CHG_USER_RESPONSE * chg_user_resp = NULL;
MYSQLND_PACKET_AUTH * auth_packet = NULL;
DBG_ENTER("mysqlnd_auth_change_user");
chg_user_resp = conn->protocol->m.get_change_user_response_packet(conn->protocol, FALSE);
if (!chg_user_resp) {
SET_OOM_ERROR(*conn->error_info);
goto end;
}
if (use_full_blown_auth_packet != TRUE) {
change_auth_resp_packet = conn->protocol->m.get_change_auth_response_packet(conn->protocol, FALSE);
if (!change_auth_resp_packet) {
SET_OOM_ERROR(*conn->error_info);
goto end;
}
change_auth_resp_packet->auth_data = auth_plugin_data;
change_auth_resp_packet->auth_data_len = auth_plugin_data_len;
if (!PACKET_WRITE(change_auth_resp_packet, conn)) {
CONN_SET_STATE(conn, CONN_QUIT_SENT);
SET_CLIENT_ERROR(*conn->error_info, CR_SERVER_GONE_ERROR, UNKNOWN_SQLSTATE, mysqlnd_server_gone);
goto end;
}
} else {
auth_packet = conn->protocol->m.get_auth_packet(conn->protocol, FALSE);
if (!auth_packet) {
SET_OOM_ERROR(*conn->error_info);
goto end;
}
auth_packet->is_change_user_packet = TRUE;
auth_packet->user = user;
auth_packet->db = db;
auth_packet->db_len = db_len;
auth_packet->silent = silent;
auth_packet->auth_data = auth_plugin_data;
auth_packet->auth_data_len = auth_plugin_data_len;
auth_packet->auth_plugin_name = auth_protocol;
if (conn->m->get_server_version(conn) >= 50123) {
auth_packet->charset_no = conn->charset->nr;
}
if (!PACKET_WRITE(auth_packet, conn)) {
CONN_SET_STATE(conn, CONN_QUIT_SENT);
SET_CLIENT_ERROR(*conn->error_info, CR_SERVER_GONE_ERROR, UNKNOWN_SQLSTATE, mysqlnd_server_gone);
goto end;
}
}
ret = PACKET_READ(chg_user_resp, conn);
COPY_CLIENT_ERROR(*conn->error_info, chg_user_resp->error_info);
if (0xFE == chg_user_resp->response_code) {
ret = FAIL;
if (!chg_user_resp->new_auth_protocol) {
DBG_ERR(mysqlnd_old_passwd);
SET_CLIENT_ERROR(*conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, mysqlnd_old_passwd);
} else {
*switch_to_auth_protocol = mnd_pestrndup(chg_user_resp->new_auth_protocol, chg_user_resp->new_auth_protocol_len, FALSE);
*switch_to_auth_protocol_len = chg_user_resp->new_auth_protocol_len;
if (chg_user_resp->new_auth_protocol_data) {
*switch_to_auth_protocol_data_len = chg_user_resp->new_auth_protocol_data_len;
*switch_to_auth_protocol_data = mnd_emalloc(*switch_to_auth_protocol_data_len);
memcpy(*switch_to_auth_protocol_data, chg_user_resp->new_auth_protocol_data, *switch_to_auth_protocol_data_len);
} else {
*switch_to_auth_protocol_data = NULL;
*switch_to_auth_protocol_data_len = 0;
}
}
}
if (conn->error_info->error_no) {
ret = FAIL;
/*
COM_CHANGE_USER is broken in 5.1. At least in 5.1.15 and 5.1.14, 5.1.11 is immune.
bug#25371 mysql_change_user() triggers "packets out of sync"
When it gets fixed, there should be one more check here
*/
if (conn->m->get_server_version(conn) > 50113L &&conn->m->get_server_version(conn) < 50118L) {
MYSQLND_PACKET_OK * redundant_error_packet = conn->protocol->m.get_ok_packet(conn->protocol, FALSE);
if (redundant_error_packet) {
PACKET_READ(redundant_error_packet, conn);
PACKET_FREE(redundant_error_packet);
DBG_INF_FMT("Server is %u, buggy, sends two ERR messages", conn->m->get_server_version(conn));
} else {
SET_OOM_ERROR(*conn->error_info);
}
}
}
if (ret == PASS) {
char * tmp = NULL;
/* if we get conn->user as parameter and then we first free it, then estrndup it, we will crash */
tmp = mnd_pestrndup(user, user_len, conn->persistent);
if (conn->user) {
mnd_pefree(conn->user, conn->persistent);
}
conn->user = tmp;
tmp = mnd_pestrdup(passwd, conn->persistent);
if (conn->passwd) {
mnd_pefree(conn->passwd, conn->persistent);
}
conn->passwd = tmp;
if (conn->last_message) {
mnd_pefree(conn->last_message, conn->persistent);
conn->last_message = NULL;
}
memset(conn->upsert_status, 0, sizeof(*conn->upsert_status));
/* set charset for old servers */
if (conn->m->get_server_version(conn) < 50123) {
ret = conn->m->set_charset(conn, old_cs->name);
}
} else if (ret == FAIL && chg_user_resp->server_asked_323_auth == TRUE) {
/* old authentication with new server !*/
DBG_ERR(mysqlnd_old_passwd);
SET_CLIENT_ERROR(*conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, mysqlnd_old_passwd);
}
end:
PACKET_FREE(change_auth_resp_packet);
PACKET_FREE(auth_packet);
PACKET_FREE(chg_user_resp);
DBG_RETURN(ret);
}
/* {{{ mysqlnd_sha256_get_rsa_key */
static RSA *
mysqlnd_sha256_get_rsa_key(MYSQLND_CONN_DATA * conn,
const MYSQLND_SESSION_OPTIONS * const session_options,
const MYSQLND_PFC_DATA * const pfc_data
)
{
RSA * ret = NULL;
const char * fname = (pfc_data->sha256_server_public_key && pfc_data->sha256_server_public_key[0] != '\0')?
pfc_data->sha256_server_public_key:
MYSQLND_G(sha256_server_public_key);
php_stream * stream;
DBG_ENTER("mysqlnd_sha256_get_rsa_key");
DBG_INF_FMT("options_s256_pk=[%s] MYSQLND_G(sha256_server_public_key)=[%s]",
pfc_data->sha256_server_public_key? pfc_data->sha256_server_public_key:"n/a",
MYSQLND_G(sha256_server_public_key)? MYSQLND_G(sha256_server_public_key):"n/a");
if (!fname || fname[0] == '\0') {
MYSQLND_PACKET_SHA256_PK_REQUEST pk_req_packet;
MYSQLND_PACKET_SHA256_PK_REQUEST_RESPONSE pk_resp_packet;
do {
DBG_INF("requesting the public key from the server");
conn->payload_decoder_factory->m.init_sha256_pk_request_packet(&pk_req_packet);
conn->payload_decoder_factory->m.init_sha256_pk_request_response_packet(&pk_resp_packet);
if (! PACKET_WRITE(conn, &pk_req_packet)) {
DBG_ERR_FMT("Error while sending public key request packet");
php_error(E_WARNING, "Error while sending public key request packet. PID=%d", getpid());
SET_CONNECTION_STATE(&conn->state, CONN_QUIT_SENT);
break;
}
if (FAIL == PACKET_READ(conn, &pk_resp_packet) || NULL == pk_resp_packet.public_key) {
DBG_ERR_FMT("Error while receiving public key");
php_error(E_WARNING, "Error while receiving public key. PID=%d", getpid());
SET_CONNECTION_STATE(&conn->state, CONN_QUIT_SENT);
break;
}
DBG_INF_FMT("Public key(%d):\n%s", pk_resp_packet.public_key_len, pk_resp_packet.public_key);
/* now extract the public key */
{
BIO * bio = BIO_new_mem_buf(pk_resp_packet.public_key, pk_resp_packet.public_key_len);
ret = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL);
BIO_free(bio);
}
} while (0);
PACKET_FREE(&pk_req_packet);
PACKET_FREE(&pk_resp_packet);
DBG_INF_FMT("ret=%p", ret);
DBG_RETURN(ret);
SET_CLIENT_ERROR(conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE,
"sha256_server_public_key is not set for the connection or as mysqlnd.sha256_server_public_key");
DBG_ERR("server_public_key is not set");
DBG_RETURN(NULL);
} else {
zend_string * key_str;
DBG_INF_FMT("Key in a file. [%s]", fname);
stream = php_stream_open_wrapper((char *) fname, "rb", REPORT_ERRORS, NULL);
if (stream) {
if ((key_str = php_stream_copy_to_mem(stream, PHP_STREAM_COPY_ALL, 0)) != NULL) {
BIO * bio = BIO_new_mem_buf(ZSTR_VAL(key_str), ZSTR_LEN(key_str));
ret = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL);
BIO_free(bio);
DBG_INF("Successfully loaded");
DBG_INF_FMT("Public key:%*.s", ZSTR_LEN(key_str), ZSTR_VAL(key_str));
zend_string_release(key_str);
}
php_stream_close(stream);
}
}
DBG_RETURN(ret);
}
/* {{{ mysqlnd_res_meta::read_metadata */
static enum_func_status
MYSQLND_METHOD(mysqlnd_res_meta, read_metadata)(MYSQLND_RES_METADATA * const meta, MYSQLND_CONN_DATA * conn)
{
unsigned int i = 0;
MYSQLND_PACKET_RES_FIELD * field_packet;
DBG_ENTER("mysqlnd_res_meta::read_metadata");
field_packet = conn->payload_decoder_factory->m.get_result_field_packet(conn->payload_decoder_factory, FALSE);
if (!field_packet) {
SET_OOM_ERROR(conn->error_info);
DBG_RETURN(FAIL);
}
field_packet->persistent_alloc = meta->persistent;
for (;i < meta->field_count; i++) {
zend_ulong idx;
if (meta->fields[i].root) {
/* We re-read metadata for PS */
mnd_pefree(meta->fields[i].root, meta->persistent);
meta->fields[i].root = NULL;
}
field_packet->metadata = &(meta->fields[i]);
if (FAIL == PACKET_READ(field_packet)) {
PACKET_FREE(field_packet);
DBG_RETURN(FAIL);
}
if (field_packet->error_info.error_no) {
COPY_CLIENT_ERROR(conn->error_info, field_packet->error_info);
/* Return back from CONN_QUERY_SENT */
PACKET_FREE(field_packet);
DBG_RETURN(FAIL);
}
if (mysqlnd_ps_fetch_functions[meta->fields[i].type].func == NULL) {
DBG_ERR_FMT("Unknown type %u sent by the server. Please send a report to the developers", meta->fields[i].type);
php_error_docref(NULL, E_WARNING, "Unknown type %u sent by the server. Please send a report to the developers", meta->fields[i].type);
PACKET_FREE(field_packet);
DBG_RETURN(FAIL);
}
if (meta->fields[i].type == MYSQL_TYPE_BIT) {
size_t field_len;
DBG_INF("BIT");
++meta->bit_fields_count;
/* .length is in bits */
field_len = meta->fields[i].length / 8;
/*
If there is rest, add one byte :
8 bits = 1 byte but 9 bits = 2 bytes
*/
if (meta->fields[i].length % 8) {
++field_len;
}
switch (field_len) {
case 8:
case 7:
case 6:
case 5:
meta->bit_fields_total_len += 20;/* 21 digis, no sign*/
break;
case 4:
meta->bit_fields_total_len += 10;/* 2 000 000 000*/
break;
case 3:
meta->bit_fields_total_len += 8;/* 12 000 000*/
break;
case 2:
meta->bit_fields_total_len += 5;/* 32 500 */
break;
case 1:
meta->bit_fields_total_len += 3;/* 120 */
break;
}
}
/* For BC we have to check whether the key is numeric and use it like this */
if ((meta->zend_hash_keys[i].is_numeric = ZEND_HANDLE_NUMERIC(field_packet->metadata->sname, idx))) {
meta->zend_hash_keys[i].key = idx;
}
}
PACKET_FREE(field_packet);
DBG_RETURN(PASS);
}
/* {{{ mysqlnd_com_handshake_run */
static enum_func_status
mysqlnd_com_handshake_run(void *cmd)
{
struct st_mysqlnd_protocol_com_handshake_command * command = (struct st_mysqlnd_protocol_com_handshake_command *) cmd;
const char * user = command->context.user.s;
const char * passwd = command->context.passwd.s;
size_t passwd_len = command->context.passwd.l;
const char * db = command->context.database.s;
size_t db_len = command->context.database.l;
size_t mysql_flags = command->context.client_flags;
MYSQLND_CONN_DATA * conn = command->context.conn;
MYSQLND_PACKET_GREET * greet_packet;
DBG_ENTER("mysqlnd_conn_data::connect_handshake");
DBG_INF_FMT("stream=%p", conn->vio->data->m.get_stream(conn->vio));
DBG_INF_FMT("[user=%s] [db=%s:%d] [flags=%llu]", user, db, db_len, mysql_flags);
greet_packet = conn->payload_decoder_factory->m.get_greet_packet(conn->payload_decoder_factory, FALSE);
if (!greet_packet) {
SET_OOM_ERROR(conn->error_info);
DBG_RETURN(FAIL); /* OOM */
}
if (FAIL == PACKET_READ(greet_packet)) {
DBG_ERR("Error while reading greeting packet");
php_error_docref(NULL, E_WARNING, "Error while reading greeting packet. PID=%d", getpid());
goto err;
} else if (greet_packet->error_no) {
DBG_ERR_FMT("errorno=%u error=%s", greet_packet->error_no, greet_packet->error);
SET_CLIENT_ERROR(conn->error_info, greet_packet->error_no, greet_packet->sqlstate, greet_packet->error);
goto err;
} else if (greet_packet->pre41) {
DBG_ERR_FMT("Connecting to 3.22, 3.23 & 4.0 is not supported. Server is %-.32s", greet_packet->server_version);
php_error_docref(NULL, E_WARNING, "Connecting to 3.22, 3.23 & 4.0 "
" is not supported. Server is %-.32s", greet_packet->server_version);
SET_CLIENT_ERROR(conn->error_info, CR_NOT_IMPLEMENTED, UNKNOWN_SQLSTATE,
"Connecting to 3.22, 3.23 & 4.0 servers is not supported");
goto err;
}
conn->thread_id = greet_packet->thread_id;
conn->protocol_version = greet_packet->protocol_version;
conn->server_version = mnd_pestrdup(greet_packet->server_version, conn->persistent);
conn->greet_charset = mysqlnd_find_charset_nr(greet_packet->charset_no);
if (!conn->greet_charset) {
php_error_docref(NULL, E_WARNING,
"Server sent charset (%d) unknown to the client. Please, report to the developers", greet_packet->charset_no);
SET_CLIENT_ERROR(conn->error_info, CR_NOT_IMPLEMENTED, UNKNOWN_SQLSTATE,
"Server sent charset unknown to the client. Please, report to the developers");
goto err;
}
conn->server_capabilities = greet_packet->server_capabilities;
if (FAIL == mysqlnd_connect_run_authentication(conn, user, passwd, db, db_len, (size_t) passwd_len,
greet_packet->authentication_plugin_data, greet_packet->auth_protocol,
greet_packet->charset_no, greet_packet->server_capabilities,
conn->options, mysql_flags))
{
goto err;
}
UPSERT_STATUS_RESET(conn->upsert_status);
UPSERT_STATUS_SET_SERVER_STATUS(conn->upsert_status, greet_packet->server_status);
PACKET_FREE(greet_packet);
DBG_RETURN(PASS);
err:
conn->server_capabilities = 0;
PACKET_FREE(greet_packet);
DBG_RETURN(FAIL);
}
/* {{{ mysqlnd_auth_handshake */
enum_func_status
mysqlnd_auth_handshake(MYSQLND_CONN_DATA * conn,
const char * const user,
const char * const passwd,
const size_t passwd_len,
const char * const db,
const size_t db_len,
const MYSQLND_SESSION_OPTIONS * const session_options,
const zend_ulong mysql_flags,
const unsigned int server_charset_no,
const zend_bool use_full_blown_auth_packet,
const char * const auth_protocol,
struct st_mysqlnd_authentication_plugin * auth_plugin,
const zend_uchar * const orig_auth_plugin_data,
const size_t orig_auth_plugin_data_len,
const zend_uchar * const auth_plugin_data,
const size_t auth_plugin_data_len,
char ** switch_to_auth_protocol,
size_t * const switch_to_auth_protocol_len,
zend_uchar ** switch_to_auth_protocol_data,
size_t * const switch_to_auth_protocol_data_len
)
{
enum_func_status ret = FAIL;
const MYSQLND_CHARSET * charset = NULL;
MYSQLND_PACKET_AUTH_RESPONSE auth_resp_packet;
DBG_ENTER("mysqlnd_auth_handshake");
conn->payload_decoder_factory->m.init_auth_response_packet(&auth_resp_packet);
if (use_full_blown_auth_packet != TRUE) {
MYSQLND_PACKET_CHANGE_AUTH_RESPONSE change_auth_resp_packet;
conn->payload_decoder_factory->m.init_change_auth_response_packet(&change_auth_resp_packet);
change_auth_resp_packet.auth_data = auth_plugin_data;
change_auth_resp_packet.auth_data_len = auth_plugin_data_len;
if (!PACKET_WRITE(conn, &change_auth_resp_packet)) {
SET_CONNECTION_STATE(&conn->state, CONN_QUIT_SENT);
SET_CLIENT_ERROR(conn->error_info, CR_SERVER_GONE_ERROR, UNKNOWN_SQLSTATE, mysqlnd_server_gone);
PACKET_FREE(&change_auth_resp_packet);
goto end;
}
PACKET_FREE(&change_auth_resp_packet);
} else {
MYSQLND_PACKET_AUTH auth_packet;
conn->payload_decoder_factory->m.init_auth_packet(&auth_packet);
auth_packet.client_flags = mysql_flags;
auth_packet.max_packet_size = session_options->max_allowed_packet;
if (session_options->charset_name && (charset = mysqlnd_find_charset_name(session_options->charset_name))) {
auth_packet.charset_no = charset->nr;
} else {
auth_packet.charset_no = server_charset_no;
}
auth_packet.send_auth_data = TRUE;
auth_packet.user = user;
auth_packet.db = db;
auth_packet.db_len = db_len;
auth_packet.auth_data = auth_plugin_data;
auth_packet.auth_data_len = auth_plugin_data_len;
auth_packet.auth_plugin_name = auth_protocol;
if (conn->server_capabilities & CLIENT_CONNECT_ATTRS) {
auth_packet.connect_attr = conn->options->connect_attr;
}
if (!PACKET_WRITE(conn, &auth_packet)) {
PACKET_FREE(&auth_packet);
goto end;
}
if (use_full_blown_auth_packet == TRUE) {
conn->charset = mysqlnd_find_charset_nr(auth_packet.charset_no);
}
PACKET_FREE(&auth_packet);
}
if (auth_plugin && auth_plugin->methods.handle_server_response) {
auth_plugin->methods.handle_server_response(auth_plugin, conn,
orig_auth_plugin_data, orig_auth_plugin_data_len, passwd, passwd_len);
}
if (FAIL == PACKET_READ(conn, &auth_resp_packet) || auth_resp_packet.response_code >= 0xFE) {
if (auth_resp_packet.response_code == 0xFE) {
/* old authentication with new server !*/
if (!auth_resp_packet.new_auth_protocol) {
DBG_ERR(mysqlnd_old_passwd);
SET_CLIENT_ERROR(conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, mysqlnd_old_passwd);
} else {
*switch_to_auth_protocol = mnd_pestrndup(auth_resp_packet.new_auth_protocol, auth_resp_packet.new_auth_protocol_len, FALSE);
*switch_to_auth_protocol_len = auth_resp_packet.new_auth_protocol_len;
if (auth_resp_packet.new_auth_protocol_data) {
*switch_to_auth_protocol_data_len = auth_resp_packet.new_auth_protocol_data_len;
*switch_to_auth_protocol_data = mnd_emalloc(*switch_to_auth_protocol_data_len);
memcpy(*switch_to_auth_protocol_data, auth_resp_packet.new_auth_protocol_data, *switch_to_auth_protocol_data_len);
} else {
*switch_to_auth_protocol_data = NULL;
*switch_to_auth_protocol_data_len = 0;
}
}
} else if (auth_resp_packet.response_code == 0xFF) {
if (auth_resp_packet.sqlstate[0]) {
strlcpy(conn->error_info->sqlstate, auth_resp_packet.sqlstate, sizeof(conn->error_info->sqlstate));
DBG_ERR_FMT("ERROR:%u [SQLSTATE:%s] %s", auth_resp_packet.error_no, auth_resp_packet.sqlstate, auth_resp_packet.error);
}
SET_CLIENT_ERROR(conn->error_info, auth_resp_packet.error_no, UNKNOWN_SQLSTATE, auth_resp_packet.error);
}
goto end;
}
SET_NEW_MESSAGE(conn->last_message.s, conn->last_message.l, auth_resp_packet.message, auth_resp_packet.message_len);
ret = PASS;
end:
PACKET_FREE(&auth_resp_packet);
DBG_RETURN(ret);
}
