-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Use caching_sha2_password for proxy auth
Up until now, mysql_native_password was used for auth. This is however removed in MySQL 9.x and this is the default that Homebrew installs on MacOS. While we can also try to deal with installing older versions on MacOS, alternatively we update the auth for the proxy to caching_sha2_password. The one thing that this breaks is very old MySQL 5.7 clients. Anything older than MySQL 5.7.23 (released 2018-07-27) would break with this. We don't really support 5.7 for the proxy anyway though. Signed-off-by: Dirkjan Bussink <[email protected]>
- Loading branch information
Showing
2 changed files
with
44 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
package psdbproxy | ||
|
||
import ( | ||
"net" | ||
|
||
"vitess.io/vitess/go/mysql" | ||
querypb "vitess.io/vitess/go/vt/proto/query" | ||
) | ||
|
||
// authServerNone takes all comers. | ||
type authServerNone struct{} | ||
|
||
type noneGetter struct{} | ||
|
||
func (a *authServerNone) UserEntryWithPassword(conn *mysql.Conn, user string, password string, remoteAddr net.Addr) (mysql.Getter, error) { | ||
return &noneGetter{}, nil | ||
} | ||
|
||
func (a *authServerNone) UserEntryWithCacheHash(conn *mysql.Conn, salt []byte, user string, authResponse []byte, remoteAddr net.Addr) (mysql.Getter, mysql.CacheState, error) { | ||
return &noneGetter{}, mysql.AuthAccepted, nil | ||
} | ||
|
||
// AuthMethods returns the list of registered auth methods | ||
// implemented by this auth server. | ||
func (a *authServerNone) AuthMethods() []mysql.AuthMethod { | ||
return []mysql.AuthMethod{mysql.NewSha2CachingAuthMethod(a, a, a)} | ||
} | ||
|
||
// DefaultAuthMethodDescription returns MysqlNativePassword as the default | ||
// authentication method for the auth server implementation. | ||
func (a *authServerNone) DefaultAuthMethodDescription() mysql.AuthMethodDescription { | ||
return mysql.CachingSha2Password | ||
} | ||
|
||
// HandleUser validates if this user can use this auth method | ||
func (a *authServerNone) HandleUser(user string) bool { | ||
return true | ||
} | ||
|
||
// Get returns the empty string | ||
func (ng *noneGetter) Get() *querypb.VTGateCallerID { | ||
return &querypb.VTGateCallerID{Username: "userData1"} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters