24 #include <drizzled/plugin/authentication.h>
25 #include <drizzled/identifier.h>
26 #include <drizzled/util/convert.h>
36 static const char *scrambled_password=
"2C5A870CEFF02BA3B0A927D7956B3FEB4D59CF21";
42 plugin::Authentication(name_arg)
45 virtual bool authenticate(
const identifier::User &sctx,
const string &password)
48 if (sctx.username() ==
"root" && password.empty())
52 if (sctx.username() ==
"password_ok" && !password.empty())
56 if (sctx.username() ==
"no_password_ok" && password.empty())
60 if (sctx.username() ==
"scramble_ok" &&
61 sctx.getPasswordType() == identifier::User::MYSQL_HASH &&
62 sctx.getPasswordContext().size() == SHA1_DIGEST_LENGTH &&
63 password.size() == SHA1_DIGEST_LENGTH)
66 uint8_t scrambled_password_hash[SHA1_DIGEST_LENGTH];
67 uint8_t temp_hash[SHA1_DIGEST_LENGTH];
68 uint8_t scrambled_password_check[SHA1_DIGEST_LENGTH];
71 drizzled_hex_to_string(reinterpret_cast<char*>(scrambled_password_hash),
72 scrambled_password, SHA1_DIGEST_LENGTH * 2);
76 SHA1Update(&ctx, reinterpret_cast<const uint8_t*>(sctx.getPasswordContext().c_str()), SHA1_DIGEST_LENGTH);
77 SHA1Update(&ctx, scrambled_password_hash, SHA1_DIGEST_LENGTH);
78 SHA1Final(temp_hash, &ctx);
82 for (
int x= 0; x < SHA1_DIGEST_LENGTH; x++)
83 temp_hash[x]= temp_hash[x] ^ password[x];
87 SHA1Update(&ctx, temp_hash, SHA1_DIGEST_LENGTH);
88 SHA1Final(scrambled_password_check, &ctx);
91 return memcmp(scrambled_password_hash, scrambled_password_check, SHA1_DIGEST_LENGTH) == 0;
102 auth_test=
new AuthTest(
"auth_test");
103 context.add(auth_test);
109 DRIZZLE_DECLARE_PLUGIN
115 N_(
"Authentication module for testing"),
121 DRIZZLE_DECLARE_PLUGIN_END;
A set of Session members describing the current authenticated user.
TODO: Rename this file - func.h is stupid.