Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
apache
Shardingsphere
提交
4508c12e
Shardingsphere
项目概览
apache
/
Shardingsphere
通知
56
Star
3
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
Shardingsphere
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
4508c12e
编写于
6月 08, 2018
作者:
T
tristaZero
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
new function: proxy authority.
上级
ccd2e0b3
变更
9
隐藏空白更改
内联
并排
Showing
9 changed file
with
155 addition
and
13 deletion
+155
-13
pom.xml
pom.xml
+6
-0
sharding-core/src/main/java/io/shardingsphere/core/rule/ProxyAuthority.java
...main/java/io/shardingsphere/core/rule/ProxyAuthority.java
+37
-0
sharding-core/src/main/java/io/shardingsphere/core/yaml/proxy/YamlProxyConfiguration.java
...hardingsphere/core/yaml/proxy/YamlProxyConfiguration.java
+5
-2
sharding-proxy/pom.xml
sharding-proxy/pom.xml
+4
-0
sharding-proxy/src/main/java/io/shardingsphere/proxy/config/RuleRegistry.java
...ain/java/io/shardingsphere/proxy/config/RuleRegistry.java
+5
-2
sharding-proxy/src/main/java/io/shardingsphere/proxy/frontend/mysql/MySQLFrontendHandler.java
...dingsphere/proxy/frontend/mysql/MySQLFrontendHandler.java
+15
-8
sharding-proxy/src/main/java/io/shardingsphere/proxy/transport/mysql/packet/MySQLPacketPayload.java
...here/proxy/transport/mysql/packet/MySQLPacketPayload.java
+12
-0
sharding-proxy/src/main/java/io/shardingsphere/proxy/transport/mysql/packet/handshake/HandshakeResponse41Packet.java
...ort/mysql/packet/handshake/HandshakeResponse41Packet.java
+1
-1
sharding-proxy/src/main/java/io/shardingsphere/proxy/transport/mysql/packet/handshake/ProxyAuthorityHandler.java
...ansport/mysql/packet/handshake/ProxyAuthorityHandler.java
+70
-0
未找到文件。
pom.xml
浏览文件 @
4508c12e
...
...
@@ -78,6 +78,7 @@
<os-maven-plugin.version>
1.5.0.Final
</os-maven-plugin.version>
<coveralls-maven-plugin.version>
4.1.0
</coveralls-maven-plugin.version>
<docker-maven-plugin.version>
0.4.14
</docker-maven-plugin.version>
<commons-codec.version>
1.10
</commons-codec.version>
<javadocExecutable>
${java.home}/../bin/javadoc
</javadocExecutable>
</properties>
...
...
@@ -315,6 +316,11 @@
<version>
${opentracing.version}
</version>
<scope>
test
</scope>
</dependency>
<dependency>
<groupId>
commons-codec
</groupId>
<artifactId>
commons-codec
</artifactId>
<version>
${commons-codec.version}
</version>
</dependency>
</dependencies>
</dependencyManagement>
...
...
sharding-core/src/main/java/io/shardingsphere/core/rule/ProxyAuthority.java
0 → 100644
浏览文件 @
4508c12e
/*
* Copyright 2016-2018 shardingsphere.io.
* <p>
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
* </p>
*/
package
io.shardingsphere.core.rule
;
import
lombok.Getter
;
import
lombok.NoArgsConstructor
;
import
lombok.Setter
;
/**
* Yam proxy authority.
*
* @author panjuan
*/
@NoArgsConstructor
@Getter
@Setter
public
final
class
ProxyAuthority
{
private
String
username
;
private
String
password
;
}
sharding-core/src/main/java/io/shardingsphere/core/yaml/proxy/YamlProxyConfiguration.java
浏览文件 @
4508c12e
...
...
@@ -20,8 +20,9 @@ package io.shardingsphere.core.yaml.proxy;
import
io.shardingsphere.core.api.config.MasterSlaveRuleConfiguration
;
import
io.shardingsphere.core.rule.MasterSlaveRule
;
import
io.shardingsphere.core.rule.ShardingRule
;
import
io.shardingsphere.core.rule.ProxyAuthority
;
import
io.shardingsphere.core.yaml.masterslave.YamlMasterSlaveRuleConfiguration
;
import
io.shardingsphere.core.
yaml.sharding
.DataSourceParameter
;
import
io.shardingsphere.core.
rule
.DataSourceParameter
;
import
io.shardingsphere.core.yaml.sharding.YamlShardingRuleConfiguration
;
import
lombok.Getter
;
import
lombok.Setter
;
...
...
@@ -47,7 +48,7 @@ import java.util.Map;
*/
@Getter
@Setter
public
class
YamlProxyConfiguration
{
public
final
class
YamlProxyConfiguration
{
private
Map
<
String
,
DataSourceParameter
>
dataSources
=
new
HashMap
<>();
...
...
@@ -55,6 +56,8 @@ public class YamlProxyConfiguration {
private
YamlShardingRuleConfiguration
shardingRule
=
new
YamlShardingRuleConfiguration
();
private
ProxyAuthority
proxyAuthority
=
new
ProxyAuthority
();
/**
* Unmarshal yaml sharding configuration from yaml file.
*
...
...
sharding-proxy/pom.xml
浏览文件 @
4508c12e
...
...
@@ -64,6 +64,10 @@
<groupId>
org.mockito
</groupId>
<artifactId>
mockito-core
</artifactId>
</dependency>
<dependency>
<groupId>
commons-codec
</groupId>
<artifactId>
commons-codec
</artifactId>
</dependency>
</dependencies>
<build>
...
...
sharding-proxy/src/main/java/io/shardingsphere/proxy/config/RuleRegistry.java
浏览文件 @
4508c12e
...
...
@@ -26,9 +26,10 @@ import io.shardingsphere.core.constant.ShardingPropertiesConstant;
import
io.shardingsphere.core.exception.ShardingException
;
import
io.shardingsphere.core.metadata.ShardingMetaData
;
import
io.shardingsphere.core.rule.MasterSlaveRule
;
import
io.shardingsphere.core.rule.ProxyAuthority
;
import
io.shardingsphere.core.rule.ShardingRule
;
import
io.shardingsphere.core.yaml.proxy.YamlProxyConfiguration
;
import
io.shardingsphere.core.
yaml.sharding
.DataSourceParameter
;
import
io.shardingsphere.core.
rule
.DataSourceParameter
;
import
io.shardingsphere.proxy.metadata.ProxyShardingMetaData
;
import
lombok.Getter
;
...
...
@@ -71,6 +72,8 @@ public final class RuleRegistry {
private
final
boolean
showSQL
;
private
final
ProxyAuthority
proxyAuthority
;
private
RuleRegistry
()
{
YamlProxyConfiguration
yamlProxyConfiguration
;
try
{
...
...
@@ -94,7 +97,7 @@ public final class RuleRegistry {
if
(!
isOnlyMasterSlave
)
{
shardingMetaData
.
init
(
shardingRule
);
}
proxyAuthority
=
yamlProxyConfiguration
.
getProxyAuthority
();
}
private
DataSource
getDataSource
(
final
DataSourceParameter
dataSourceParameter
)
{
...
...
sharding-proxy/src/main/java/io/shardingsphere/proxy/frontend/mysql/MySQLFrontendHandler.java
浏览文件 @
4508c12e
...
...
@@ -26,38 +26,45 @@ import io.shardingsphere.proxy.transport.mysql.constant.StatusFlag;
import
io.shardingsphere.proxy.transport.mysql.packet.MySQLPacketPayload
;
import
io.shardingsphere.proxy.transport.mysql.packet.command.CommandPacket
;
import
io.shardingsphere.proxy.transport.mysql.packet.command.CommandPacketFactory
;
import
io.shardingsphere.proxy.transport.mysql.packet.generic.ErrPacket
;
import
io.shardingsphere.proxy.transport.mysql.packet.generic.OKPacket
;
import
io.shardingsphere.proxy.transport.mysql.packet.handshake.AuthPluginData
;
import
io.shardingsphere.proxy.transport.mysql.packet.handshake.ConnectionIdGenerator
;
import
io.shardingsphere.proxy.transport.mysql.packet.handshake.HandshakePacket
;
import
io.shardingsphere.proxy.transport.mysql.packet.handshake.HandshakeResponse41Packet
;
import
lombok.RequiredArgsConstructo
r
;
import
io.shardingsphere.proxy.transport.mysql.packet.handshake.ProxyAuthorityHandle
r
;
/**
* MySQL frontend handler.
*
* @author zhangliang
* @author panjuan
*/
@RequiredArgsConstructor
public
final
class
MySQLFrontendHandler
extends
FrontendHandler
{
private
final
EventLoopGroup
eventLoopGroup
;
private
AuthPluginData
authPluginData
;
private
final
ProxyAuthorityHandler
proxyAuthorityHandler
;
public
MySQLFrontendHandler
(
final
EventLoopGroup
eventLoopGroup
)
{
this
.
eventLoopGroup
=
eventLoopGroup
;
proxyAuthorityHandler
=
new
ProxyAuthorityHandler
();
}
@Override
protected
void
handshake
(
final
ChannelHandlerContext
context
)
{
authPluginData
=
new
AuthPluginData
();
context
.
writeAndFlush
(
new
HandshakePacket
(
ConnectionIdGenerator
.
getInstance
().
nextId
(),
authPluginData
));
context
.
writeAndFlush
(
new
HandshakePacket
(
ConnectionIdGenerator
.
getInstance
().
nextId
(),
proxyAuthorityHandler
.
getAuthPluginData
()));
}
@Override
protected
void
auth
(
final
ChannelHandlerContext
context
,
final
ByteBuf
message
)
{
MySQLPacketPayload
mysqlPacketPayload
=
new
MySQLPacketPayload
(
message
);
try
{
// TODO use authPluginData to auth
HandshakeResponse41Packet
response41
=
new
HandshakeResponse41Packet
(
mysqlPacketPayload
);
context
.
writeAndFlush
(
new
OKPacket
(
response41
.
getSequenceId
()
+
1
,
0L
,
0L
,
StatusFlag
.
SERVER_STATUS_AUTOCOMMIT
.
getValue
(),
0
,
""
));
if
(
proxyAuthorityHandler
.
isLegalForProxyLogin
(
response41
.
getUsername
(),
response41
.
getAuthResponse
()))
{
context
.
writeAndFlush
(
new
OKPacket
(
response41
.
getSequenceId
()
+
1
,
0L
,
0L
,
StatusFlag
.
SERVER_STATUS_AUTOCOMMIT
.
getValue
(),
0
,
""
));
}
else
{
context
.
writeAndFlush
(
new
ErrPacket
(
response41
.
getSequenceId
()
+
1
,
1045
,
""
,
""
,
"Access denied because of invalid username and password for Sharding Proxy."
));
}
}
finally
{
mysqlPacketPayload
.
getByteBuf
().
release
();
}
...
...
sharding-proxy/src/main/java/io/shardingsphere/proxy/transport/mysql/packet/MySQLPacketPayload.java
浏览文件 @
4508c12e
...
...
@@ -222,6 +222,18 @@ public final class MySQLPacketPayload {
return
new
String
(
result
);
}
/**
* Read fixed length string from byte buffers.
*
* @return fixed length bytes
*/
public
byte
[]
readStringLenencByBytes
()
{
int
length
=
(
int
)
readIntLenenc
();
byte
[]
result
=
new
byte
[
length
];
byteBuf
.
readBytes
(
result
);
return
result
;
}
/**
* Write fixed length string to byte buffers.
* @see <a href="https://dev.mysql.com/doc/internals/en/string.html#packet-Protocol::FixedLengthString">FixedLengthString</a>
...
...
sharding-proxy/src/main/java/io/shardingsphere/proxy/transport/mysql/packet/handshake/HandshakeResponse41Packet.java
浏览文件 @
4508c12e
...
...
@@ -56,7 +56,7 @@ public final class HandshakeResponse41Packet extends MySQLPacket {
private
void
readAuthResponse
(
final
MySQLPacketPayload
mysqlPacketPayload
)
{
if
(
0
!=
(
capabilityFlags
&
CapabilityFlag
.
CLIENT_PLUGIN_AUTH_LENENC_CLIENT_DATA
.
getValue
()))
{
authResponse
=
mysqlPacketPayload
.
readStringLenenc
().
get
Bytes
();
authResponse
=
mysqlPacketPayload
.
readStringLenenc
By
Bytes
();
}
else
if
(
0
!=
(
capabilityFlags
&
CapabilityFlag
.
CLIENT_SECURE_CONNECTION
.
getValue
()))
{
int
length
=
mysqlPacketPayload
.
readInt1
();
authResponse
=
mysqlPacketPayload
.
readStringFix
(
length
).
getBytes
();
...
...
sharding-proxy/src/main/java/io/shardingsphere/proxy/transport/mysql/packet/handshake/ProxyAuthorityHandler.java
0 → 100644
浏览文件 @
4508c12e
/*
* Copyright 2016-2018 shardingsphere.io.
* <p>
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
* </p>
*/
package
io.shardingsphere.proxy.transport.mysql.packet.handshake
;
import
io.shardingsphere.proxy.config.RuleRegistry
;
import
lombok.Getter
;
import
org.apache.commons.codec.digest.DigestUtils
;
import
java.util.Arrays
;
/**
* Check authority of user.
*
* @author panjuan
*/
@Getter
public
class
ProxyAuthorityHandler
{
private
final
AuthPluginData
authPluginData
;
public
ProxyAuthorityHandler
()
{
authPluginData
=
new
AuthPluginData
();
}
/**
* Judege whether it is legal to login into Proxy.
*
* @param username connection username.
* @param authResponse connection auth response.
* @return legal or illegal.
*/
public
boolean
isLegalForProxyLogin
(
final
String
username
,
final
byte
[]
authResponse
)
{
byte
[]
configAuthResponse
=
getAuthCipherBytes
(
RuleRegistry
.
getInstance
().
getProxyAuthority
().
getPassword
());
String
configUsername
=
RuleRegistry
.
getInstance
().
getProxyAuthority
().
getUsername
();
return
configUsername
.
equals
(
username
)
&&
Arrays
.
equals
(
configAuthResponse
,
authResponse
);
}
private
byte
[]
getAuthCipherBytes
(
final
String
password
)
{
byte
[]
sha1Password
=
DigestUtils
.
sha1
(
password
);
byte
[]
doubleSha1Password
=
DigestUtils
.
sha1
(
sha1Password
);
byte
[]
concatBytes
=
new
byte
[
authPluginData
.
getAuthPluginData
().
length
+
doubleSha1Password
.
length
];
System
.
arraycopy
(
authPluginData
.
getAuthPluginData
(),
0
,
concatBytes
,
0
,
authPluginData
.
getAuthPluginData
().
length
);
System
.
arraycopy
(
doubleSha1Password
,
0
,
concatBytes
,
authPluginData
.
getAuthPluginData
().
length
,
doubleSha1Password
.
length
);
byte
[]
sha1ConcatBytes
=
DigestUtils
.
sha1
(
concatBytes
);
return
xor
(
sha1Password
,
sha1ConcatBytes
);
}
private
byte
[]
xor
(
final
byte
[]
input
,
final
byte
[]
secret
)
{
final
byte
[]
result
=
new
byte
[
input
.
length
];
for
(
int
i
=
0
;
i
<
input
.
length
;
++
i
)
{
result
[
i
]
=
(
byte
)
(
input
[
i
]
^
secret
[
i
]);
}
return
result
;
}
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录