Table of Contents
Advertisement
15.7.4.4. Examining the Handshake with
Handshake information is sent by the server to the client after the initial connection (through
connect_server()) has been made. The handshake information contains details about the MySQL
version, the ID of the thread that will handle the connection information, and the IP address of the client
and server. This information is exposed through the
• proxy.connection.server.mysqld_version: The version of the MySQL server.
• proxy.connection.server.thread_id: The thread ID.
• proxy.connection.server.scramble_buffer: The password scramble buffer.
• proxy.connection.server.dst.name: The IP address of the server.
• proxy.connection.client.src.name: The IP address of the client.
For example, you can print out the handshake data and refuse clients by IP address with the following
function:
function read_handshake()
print("<-- let's send him some information about us")
print("
print("
print("
print("
print("
if not proxy.connection.client.src.name:match("^127.0.0.1:") then
end
end
Note that you must return an error packet to the client by using proxy.PROXY_SEND_RESULT.
15.7.4.5. Examining the Authentication Credentials with
The
read_auth()
the execution sequence,
selection has already been made, but the connection and authorization information has not yet been
provided to the backend server.
You can obtain the authentication information by examining the
structure. For more information, see
For example, you can print the user name and password supplied during authorization using:
function read_auth()
print("
print("
end
You can interrupt the authentication process within this function and return an error packet back to the
client by constructing a new packet and returning proxy.PROXY_SEND_RESULT:
proxy.response.type = proxy.MYSQLD_PACKET_ERR
proxy.response.errmsg = "Logins are not allowed"
return proxy.PROXY_SEND_RESULT
15.7.4.6. Accessing Authentication Information with
The return packet from the server during authentication is captured by read_auth_result(). The
only argument to this function is the authentication packet returned by the server. As the packet is a
MySQL Proxy Scripting
read_handshake()
mysqld-version: " .. proxy.connection.server.mysqld_version)
thread-id
: " .. proxy.connection.server.thread_id)
scramble-buf
: " .. string.format("%q",proxy.connection.server.scramble_buffer))
server-addr
: " .. proxy.connection.server.dst.name)
client-addr
: " .. proxy.connection.client.dst.name)
proxy.response.type = proxy.MYSQLD_PACKET_ERR
proxy.response.errmsg = "only local connects are allowed"
print("we don't like this client");
return proxy.PROXY_SEND_RESULT
function is triggered when an authentication handshake is initiated by the client. In
occurs immediately after read_handshake(), so the server
read_auth()
proxy.connection
username
: " .. proxy.connection.client.username)
password
: " .. string.format("%q", proxy.connection.client.scrambled_password)
proxy.connection
read_auth()
proxy.connection.client
[1410].
read_auth_result()
1417
structure.
Advertisement
Chapters
Table of Contents
Troubleshooting
