mysql auth module

.gitignore

@@ -0,0 +1,4 @@
+
+*.o
+*.so
+

LDAPReader.h

@@ -0,0 +1,7 @@
+#include "interfaces.h"
+
+class LDAPReader: public ILDAPReader
+{
+    public:
+};
+

Makefile

@@ -0,0 +1,25 @@
+
+SRC=	ldap-auth.cpp	\
+		MySQLLDAPAuthModule.cpp
+
+OBJ=	$(SRC:.cpp=.o)
+
+NAME=	ldap-auth.so
+
+CXXFLAGS+=-O2 -I/usr/include/mysql/server -fPIC -DMYSQL_DYNAMIC_PLUGIN
+
+$(NAME): all
+
+all: $(OBJ)
+	$(CC) $(OBJ) -o $(NAME) -shared
+
+clean:
+	$(RM) $(OBJ)
+
+fclean: clean
+	$(RM) $(NAME)
+
+re: fclean all
+
+.PHONY: all clean fclean re
+

MySQLLDAPAuthModule.cpp

@@ -0,0 +1,11 @@
+#include "MySQLLDAPAuthModule.h"
+
+MySQLLDAPAuthModule::MySQLLDAPAuthModule(std::unique_ptr<ILDAPReader>&& _reader):
+    ldapReader(std::move(_reader))
+{}
+
+bool MySQLLDAPAuthModule::Authenticate(const std::string& username, const std::string& password)
+{
+    return username == "isundil" && password == "test";
+}
+

MySQLLDAPAuthModule.h

@@ -0,0 +1,15 @@
+#pragma once
+
+#include <memory>
+#include "interfaces.h"
+
+class MySQLLDAPAuthModule: public IMySQLLDAPAuthModule
+{
+    public:
+        MySQLLDAPAuthModule(std::unique_ptr<ILDAPReader>&& ldapReader);
+        bool Authenticate(const std::string& username, const std::string& password) override;
+
+    private:
+        std::unique_ptr<ILDAPReader> ldapReader;
+};
+

interfaces.h

@@ -0,0 +1,17 @@
+#pragma once
+
+#include <string>
+
+class ILDAPReader
+{
+    public:
+        virtual ~ILDAPReader() {};
+};
+
+class IMySQLLDAPAuthModule
+{
+    public:
+        virtual ~IMySQLLDAPAuthModule() {};
+        virtual bool Authenticate(const std::string& username, const std::string& password) =0;
+};
+

ldap-auth.cpp

@@ -0,0 +1,91 @@
+
+#include <string.h>
+
+#include <mysql.h>
+#include <mysql/plugin_auth.h>
+#include <mysql/client_plugin.h>
+
+#include "interfaces.h"
+#include "MySQLLDAPAuthModule.h"
+#include "LDAPReader.h"
+
+static IMySQLLDAPAuthModule* _module;
+
+static int authenticateUser(MYSQL_PLUGIN_VIO *vio, MYSQL_SERVER_AUTH_INFO *info)
+{
+    char *pkt;
+    int pkt_len;
+
+    /* read the password as null-terminated string, fail on error */
+    if ((pkt_len= vio->read_packet(vio, (unsigned char**) &pkt)) < 0)
+        return CR_ERROR;
+
+    /* fail on empty password */
+    if (!pkt_len || *pkt == '\0')
+    {
+        info->password_used= PASSWORD_USED_NO;
+        return CR_ERROR;
+    }
+
+    info->password_used= PASSWORD_USED_YES;
+    return _module->Authenticate(info->user_name, pkt) ? CR_OK : CR_ERROR;
+}
+
+static int auth_simple_client (MYSQL_PLUGIN_VIO *vio, MYSQL *mysql)
+{
+    return vio->write_packet(vio, (const unsigned char *)mysql->passwd, strlen(mysql->passwd) + 1) ?
+        CR_ERROR : CR_OK;
+}
+
+static struct st_mysql_auth auth_ldap_handler =
+{
+    MYSQL_AUTHENTICATION_INTERFACE_VERSION,
+    "auth_ldap",
+    authenticateUser,
+    NULL,
+    NULL
+};
+
+int initModule(void*)
+{
+    _module = new MySQLLDAPAuthModule(std::make_unique<LDAPReader>());
+    return 0;
+}
+
+int destroyModule(void*)
+{
+    delete _module;
+    _module = nullptr;
+    return 0;
+}
+
+mysql_declare_plugin(auth_ldap)
+{
+    MYSQL_AUTHENTICATION_PLUGIN,
+    &auth_ldap_handler,
+    "auth_ldap",
+    "isundil",
+    "LDAP authentication plugin",
+    PLUGIN_LICENSE_GPL,
+    initModule,
+    destroyModule,
+    0x0100,
+    NULL,
+    NULL,
+    NULL,
+    0
+} mysql_declare_plugin_end;
+
+mysql_declare_client_plugin(AUTHENTICATION)
+  "auth_ldap",
+  "isundil",
+  "LDAP Authentication plugin",
+  {1,0,0},
+  "GPL",
+  NULL,
+  NULL,
+  NULL,
+  NULL,
+  auth_simple_client
+mysql_end_client_plugin;
+