diff --git a/include/MySQL_Protocol.h b/include/MySQL_Protocol.h index 397c6b0b7..5ad860bef 100644 --- a/include/MySQL_Protocol.h +++ b/include/MySQL_Protocol.h @@ -166,7 +166,7 @@ class MySQL_Protocol { bool generate_pkt_field(bool send, void **ptr, unsigned int *len, uint8_t sequence_id, char *schema, char *table, char *org_table, char *name, char *org_name, uint16_t charset, uint32_t column_length, uint8_t type, uint16_t flags, uint8_t decimals, bool field_list, uint64_t defvalue_length, char *defvalue, MySQL_ResultSet *myrs=NULL); bool generate_pkt_row(bool send, void **ptr, unsigned int *len, uint8_t sequence_id, int colnums, unsigned long *fieldslen, char **fieldstxt); uint8_t generate_pkt_row3(MySQL_ResultSet *myrs, unsigned int *len, uint8_t sequence_id, int colnums, unsigned long *fieldslen, char **fieldstxt, unsigned long rl); - bool generate_pkt_initial_handshake(bool send, void **ptr, unsigned int *len, uint32_t *thread_id, bool deprecate_eof_active, int use_plugin_id = 0); + bool generate_pkt_initial_handshake(bool send, void **ptr, unsigned int *len, uint32_t *thread_id, bool deprecate_eof_active); // bool generate_statistics_response(MySQL_Data_Stream *myds, bool send, void **ptr, unsigned int *len); bool generate_statistics_response(bool send, void **ptr, unsigned int *len); diff --git a/include/MySQL_Thread.h b/include/MySQL_Thread.h index c64a25ff7..cde957c9b 100644 --- a/include/MySQL_Thread.h +++ b/include/MySQL_Thread.h @@ -486,8 +486,10 @@ class MySQL_Threads_Handler char *interfaces; char *server_version; char *keep_multiplexing_variables; + char *default_authentication_plugin; //unsigned int default_charset; // removed in 2.0.13 . Obsoleted previously using MySQL_Variables instead int handle_unknown_charset; + int default_authentication_plugin_int; bool servers_stats; bool commands_stats; bool query_digests; diff --git a/include/proxysql_structs.h b/include/proxysql_structs.h index 734ffc9f6..439ae1161 100644 --- a/include/proxysql_structs.h +++ b/include/proxysql_structs.h @@ -769,11 +769,13 @@ MySQL_HostGroups_Manager *MyHGM; __thread char *mysql_thread___default_schema; __thread char *mysql_thread___server_version; __thread char *mysql_thread___keep_multiplexing_variables; +__thread char *mysql_thread___default_authentication_plugin; __thread char *mysql_thread___init_connect; __thread char *mysql_thread___ldap_user_variable; __thread char *mysql_thread___default_tx_isolation; __thread char *mysql_thread___default_session_track_gtids; __thread char *mysql_thread___firewall_whitelist_errormsg; +__thread int mysql_thread___default_authentication_plugin_int; __thread int mysql_thread___max_allowed_packet; __thread bool mysql_thread___automatic_detect_sqli; __thread bool mysql_thread___firewall_whitelist_enabled; @@ -935,11 +937,13 @@ extern MySQL_HostGroups_Manager *MyHGM; extern __thread char *mysql_thread___default_schema; extern __thread char *mysql_thread___server_version; extern __thread char *mysql_thread___keep_multiplexing_variables; +extern __thread char *mysql_thread___default_authentication_plugin; extern __thread char *mysql_thread___init_connect; extern __thread char *mysql_thread___ldap_user_variable; extern __thread char *mysql_thread___default_tx_isolation; extern __thread char *mysql_thread___default_session_track_gtids; extern __thread char *mysql_thread___firewall_whitelist_errormsg; +extern __thread int mysql_thread___default_authentication_plugin_int; extern __thread int mysql_thread___max_allowed_packet; extern __thread bool mysql_thread___automatic_detect_sqli; extern __thread bool mysql_thread___firewall_whitelist_enabled; diff --git a/lib/MySQL_Protocol.cpp b/lib/MySQL_Protocol.cpp index c2eebcc1d..c85b36444 100644 --- a/lib/MySQL_Protocol.cpp +++ b/lib/MySQL_Protocol.cpp @@ -1178,7 +1178,8 @@ bool MySQL_Protocol::generate_pkt_auth_switch_request(bool send, void **ptr, uns return true; } -bool MySQL_Protocol::generate_pkt_initial_handshake(bool send, void **ptr, unsigned int *len, uint32_t *_thread_id, bool deprecate_eof_active, int use_plugin_id) { +bool MySQL_Protocol::generate_pkt_initial_handshake(bool send, void **ptr, unsigned int *len, uint32_t *_thread_id, bool deprecate_eof_active) { + int use_plugin_id = mysql_thread___default_authentication_plugin_int; proxy_debug(PROXY_DEBUG_MYSQL_CONNECTION, 7, "Generating handshake pkt\n"); assert(use_plugin_id == 0 || use_plugin_id == 2 ); // mysql_native_password or caching_sha2_password mysql_hdr myhdr; diff --git a/lib/MySQL_Thread.cpp b/lib/MySQL_Thread.cpp index c70024fb7..cf07af816 100644 --- a/lib/MySQL_Thread.cpp +++ b/lib/MySQL_Thread.cpp @@ -538,6 +538,7 @@ static char * mysql_thread_variables_names[]= { (char *)"server_capabilities", (char *)"server_version", (char *)"keep_multiplexing_variables", + (char *)"default_authentication_plugin", (char *)"kill_backend_connection_when_disconnect", (char *)"client_session_track_gtid", (char *)"sessions_sort", @@ -1189,6 +1190,8 @@ MySQL_Threads_Handler::MySQL_Threads_Handler() { variables.ssl_p2s_crl=NULL; variables.ssl_p2s_crlpath=NULL; variables.keep_multiplexing_variables=strdup((char *)"tx_isolation,transaction_isolation,version"); + variables.default_authentication_plugin=strdup((char *)"mysql_native_password"); + variables.default_authentication_plugin_int = 0; // mysql_native_password #ifdef DEBUG variables.session_debug=true; #endif /*debug */ @@ -1409,6 +1412,7 @@ char * MySQL_Threads_Handler::get_variable_string(char *name) { if (!strcmp(name,"auditlog_filename")) return strdup(variables.auditlog_filename); if (!strcmp(name,"interfaces")) return strdup(variables.interfaces); if (!strcmp(name,"keep_multiplexing_variables")) return strdup(variables.keep_multiplexing_variables); + if (!strcmp(name,"default_authentication_plugin")) return strdup(variables.default_authentication_plugin); // LCOV_EXCL_START proxy_error("Not existing variable: %s\n", name); assert(0); return NULL; @@ -1543,6 +1547,7 @@ char * MySQL_Threads_Handler::get_variable(char *name) { // this is the public f if (!strcasecmp(name,"eventslog_filename")) return strdup(variables.eventslog_filename); if (!strcasecmp(name,"default_schema")) return strdup(variables.default_schema); if (!strcasecmp(name,"keep_multiplexing_variables")) return strdup(variables.keep_multiplexing_variables); + if (!strcasecmp(name,"default_authentication_plugin")) return strdup(variables.default_authentication_plugin); if (!strcasecmp(name,"interfaces")) return strdup(variables.interfaces); if (!strcasecmp(name,"server_capabilities")) { // FIXME : make it human readable @@ -1895,6 +1900,25 @@ bool MySQL_Threads_Handler::set_variable(char *name, const char *value) { // thi return true; } } + if (!strcasecmp(name,"default_authentication_plugin")) { + if (vallen) { + const char * valids[2] = { "mysql_native_password", "caching_sha2_password" }; + for (int i=0; i < sizeof(valids)/sizeof(char *) ; i++) { + if (strcmp(valids[i],value)==0) { + free(variables.default_authentication_plugin); + variables.default_authentication_plugin=strdup(value); + if (i==0) variables.default_authentication_plugin_int = 0; + if (i==1) variables.default_authentication_plugin_int = 2; + return true; + } + // not found + proxy_error("%s is an invalid value for default_authentication_plugin\n", value); + return false; + } + } else { + return false; + } + } } @@ -2653,6 +2677,7 @@ MySQL_Threads_Handler::~MySQL_Threads_Handler() { if (variables.interfaces) free(variables.interfaces); if (variables.server_version) free(variables.server_version); if (variables.keep_multiplexing_variables) free(variables.keep_multiplexing_variables); + if (variables.default_authentication_plugin) free(variables.default_authentication_plugin); if (variables.firewall_whitelist_errormsg) free(variables.firewall_whitelist_errormsg); if (variables.init_connect) free(variables.init_connect); if (variables.ldap_user_variable) free(variables.ldap_user_variable); @@ -2784,6 +2809,7 @@ MySQL_Thread::~MySQL_Thread() { if (mysql_thread___default_schema) { free(mysql_thread___default_schema); mysql_thread___default_schema=NULL; } if (mysql_thread___server_version) { free(mysql_thread___server_version); mysql_thread___server_version=NULL; } if (mysql_thread___keep_multiplexing_variables) { free(mysql_thread___keep_multiplexing_variables); mysql_thread___keep_multiplexing_variables=NULL; } + if (mysql_thread___default_authentication_plugin) { free(mysql_thread___default_authentication_plugin); mysql_thread___default_authentication_plugin=NULL; } if (mysql_thread___firewall_whitelist_errormsg) { free(mysql_thread___firewall_whitelist_errormsg); mysql_thread___firewall_whitelist_errormsg=NULL; } if (mysql_thread___init_connect) { free(mysql_thread___init_connect); mysql_thread___init_connect=NULL; } if (mysql_thread___ldap_user_variable) { free(mysql_thread___ldap_user_variable); mysql_thread___ldap_user_variable=NULL; } @@ -4096,6 +4122,9 @@ void MySQL_Thread::refresh_variables() { mysql_thread___default_schema=GloMTH->get_variable_string((char *)"default_schema"); if (mysql_thread___keep_multiplexing_variables) free(mysql_thread___keep_multiplexing_variables); mysql_thread___keep_multiplexing_variables=GloMTH->get_variable_string((char *)"keep_multiplexing_variables"); + if (mysql_thread___default_authentication_plugin) free(mysql_thread___default_authentication_plugin); + mysql_thread___default_authentication_plugin=GloMTH->get_variable_string((char *)"default_authentication_plugin"); + mysql_thread___default_authentication_plugin_int = GloMTH->variables.default_authentication_plugin_int; mysql_thread___server_capabilities=GloMTH->get_variable_uint16((char *)"server_capabilities"); mysql_thread___handle_unknown_charset=GloMTH->get_variable_int((char *)"handle_unknown_charset"); mysql_thread___poll_timeout=GloMTH->get_variable_int((char *)"poll_timeout"); diff --git a/lib/ProxySQL_Admin.cpp b/lib/ProxySQL_Admin.cpp index 2d383d0ec..0f72c3e5b 100644 --- a/lib/ProxySQL_Admin.cpp +++ b/lib/ProxySQL_Admin.cpp @@ -5430,7 +5430,7 @@ void *child_mysql(void *arg) { fds[0].events=POLLIN|POLLOUT; //free(arg->addr); // do not free free(arg); - sess->client_myds->myprot.generate_pkt_initial_handshake(true,NULL,NULL, &sess->thread_session_id, false, 0); + sess->client_myds->myprot.generate_pkt_initial_handshake(true,NULL,NULL, &sess->thread_session_id, false); while (__sync_fetch_and_add(&glovars.shutdown,0)==0) { if (myds->available_data_out()) {