Database
Mysql Tutorial
A detailed introduction to the authentication package and code of the mysql protocol
A detailed introduction to the authentication package and code of the mysql protocol
git
https://github.com/sea-boat/mysql-protocol
Overview
Mysql client requires an interactive process to log in to the mysql server. First, the server sends an initial handshake packet to the client. After receiving the handshake packet, the client returns an authentication packet to the server. As follows, the authentication package is analyzed here.
client server |-------connect------>| | | |<-----handshake------| | | |---authentication--->| | |
mysql communication message structure
##PayloadAuthentication Package4 capability flags, CLIENT_PROTOCOL_41 always set
4 max-packet size
1 character set
string[23] reserved (all [0])
string[NUL] username
if capabilities & CLIENT_PLUGIN_AUTH_LENENC_CLIENT_DATA {
lenenc-int length of auth-response
string[n] auth-response
} else if capabilities & CLIENT_SECURE_CONNECTION {
1 length of auth-response
string[n] auth-response
} else {
string[NUL] auth-response
}
if capabilities & CLIENT_CONNECT_WITH_DB {
string[NUL] database
}
if capabilities & CLIENT_PLUGIN_AUTH {
string[NUL] auth plugin name
}
if capabilities & CLIENT_CONNECT_ATTRS {
lenenc-int length of all key-values
lenenc-str key
lenenc-str value
if-more data in 'length of all key-values', more keys and value pairs
}Copy after login
More details: http://dev.mysql.com/doc/internals/en/connection-phase-packets.html#packet-Protocol::HandshakeResponseAuthentication package operation1. Authentication package class4 capability flags, CLIENT_PROTOCOL_41 always set
4 max-packet size
1 character set
string[23] reserved (all [0])
string[NUL] username
if capabilities & CLIENT_PLUGIN_AUTH_LENENC_CLIENT_DATA {
lenenc-int length of auth-response
string[n] auth-response
} else if capabilities & CLIENT_SECURE_CONNECTION {
1 length of auth-response
string[n] auth-response
} else {
string[NUL] auth-response
}
if capabilities & CLIENT_CONNECT_WITH_DB {
string[NUL] database
}
if capabilities & CLIENT_PLUGIN_AUTH {
string[NUL] auth plugin name
}
if capabilities & CLIENT_CONNECT_ATTRS {
lenenc-int length of all key-values
lenenc-str key
lenenc-str value
if-more data in 'length of all key-values', more keys and value pairs
}/** * * @author seaboat * @date 2016-09-25 * @version 1.0 * <pre class="brush:php;toolbar:false"><b>email: </b>849586227@qq.com
<b>blog: </b>http://www.php.cn/;/pre>
* <p>mysql auth packet.</p>
*/public class AuthPacket extends MySQLPacket {
private static final byte[] FILLER = new byte[23];
public long clientFlags;
public long maxPacketSize;
public int charsetIndex;
public byte[] extra;
public String user;
public byte[] password;
public String database;
public void read(byte[] data) {
MySQLMessage mm = new MySQLMessage(data);
packetLength = mm.readUB3();
packetId = mm.read();
clientFlags = mm.readUB4();
maxPacketSize = mm.readUB4();
charsetIndex = (mm.read() & 0xff);
int current = mm.position();
int len = (int) mm.readLength();
if (len > 0 && len < FILLER.length) {
byte[] ab = new byte[len];
System.arraycopy(mm.bytes(), mm.position(), ab, 0, len);
this.extra = ab;
}
mm.position(current + FILLER.length);
user = mm.readStringWithNull();
password = mm.readBytesWithLength();
if (((clientFlags & Capabilities.CLIENT_CONNECT_WITH_DB) != 0)
&& mm.hasRemaining()) {
database = mm.readStringWithNull();
}
} public void write(ByteBuffer buffer) throws IOException {
BufferUtil.writeUB3(buffer, calcPacketSize());
buffer.put(packetId);
BufferUtil.writeUB4(buffer, clientFlags);
BufferUtil.writeUB4(buffer, maxPacketSize);
buffer.put((byte) charsetIndex);
buffer.put(FILLER); if (user == null) {
buffer.put((byte) 0);
} else {
BufferUtil.writeWithNull(buffer, user.getBytes());
} if (password == null) {
buffer.put((byte) 0);
} else {
BufferUtil.writeWithLength(buffer, password);
} if (database == null) {
buffer.put((byte) 0);
} else {
BufferUtil.writeWithNull(buffer, database.getBytes());
}
} @Override
public int calcPacketSize() {
int size = 32;// 4+4+1+23;
size += (user == null) ? 1 : user.length() + 1;
size += (password == null) ? 1 : BufferUtil.getLength(password);
size += (database == null) ? 1 : database.length() + 1;
return size;
} @Override
protected String getPacketInfo() {
return "MySQL Authentication Packet";
}
}- Encryption and decryption tool
/** * * @author seaboat * @date 2016-09-25 * @version 1.0 * <pre class="brush:php;toolbar:false"><b>email: </b>849586227@qq.com
<b>blog: </b>http://www.php.cn/;/pre>
* <p>a security util .</p>
*/public class SecurityUtil {
public static final byte[] scramble411(byte[] pass, byte[] seed)
throws NoSuchAlgorithmException {
MessageDigest md = MessageDigest.getInstance("SHA-1");
byte[] pass1 = md.digest(pass);
md.reset();
byte[] pass2 = md.digest(pass1);
md.reset();
md.update(seed);
byte[] pass3 = md.digest(pass2);
for (int i = 0; i < pass3.length; i++) {
pass3[i] = (byte) (pass3[i] ^ pass1[i]);
} return pass3;
} public static final String scramble323(String pass, String seed) {
if ((pass == null) || (pass.length() == 0)) {
return pass;
}
byte b;
double d;
long[] pw = hash(seed);
long[] msg = hash(pass);
long max = 0x3fffffffL;
long seed1 = (pw[0] ^ msg[0]) % max;
long seed2 = (pw[1] ^ msg[1]) % max;
char[] chars = new char[seed.length()];
for (int i = 0; i < seed.length(); i++) {
seed1 = ((seed1 * 3) + seed2) % max;
seed2 = (seed1 + seed2 + 33) % max;
d = (double) seed1 / (double) max;
b = (byte) java.lang.Math.floor((d * 31) + 64);
chars[i] = (char) b;
}
seed1 = ((seed1 * 3) + seed2) % max;
seed2 = (seed1 + seed2 + 33) % max;
d = (double) seed1 / (double) max;
b = (byte) java.lang.Math.floor(d * 31);
for (int i = 0; i < seed.length(); i++) {
chars[i] ^= (char) b;
} return new String(chars);
} private static long[] hash(String src) {
long nr = 1345345333L;
long add = 7;
long nr2 = 0x12345671L;
long tmp;
for (int i = 0; i < src.length(); ++i) {
switch (src.charAt(i)) {
case ' ':
case '\t':
continue;
default:
tmp = (0xff & src.charAt(i));
nr ^= ((((nr & 63) + add) * tmp) + (nr << 8));
nr2 += ((nr2 << 8) ^ nr);
add += tmp;
}
}
long[] result = new long[2];
result[0] = nr & 0x7fffffffL;
result[1] = nr2 & 0x7fffffffL;
return result;
}
}- Test class
/** * * @author seaboat * @date 2016-09-25 * @version 1.0 * <pre class="brush:php;toolbar:false"><b>email: </b>849586227@qq.com
<b>blog: </b>http://www.php.cn/;/pre>
* <p>test auth packet.</p>
*/public class AuthPacketTest {
@Test
public void produce() {
// handshake packet's rand1 and rand2
byte[] rand1 = RandomUtil.randomBytes(8);
byte[] rand2 = RandomUtil.randomBytes(12);
byte[] seed = new byte[rand1.length + rand2.length];
System.arraycopy(rand1, 0, seed, 0, rand1.length);
System.arraycopy(rand2, 0, seed, rand1.length, rand2.length);
AuthPacket auth = new AuthPacket();
auth.packetId = 0;
auth.clientFlags = getClientCapabilities();
auth.maxPacketSize = 1024 * 1024 * 16;
auth.user = "seaboat"; try {
auth.password = SecurityUtil
.scramble411("seaboat".getBytes(), seed);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
auth.database = "test";
ByteBuffer buffer = ByteBuffer.allocate(256);
auth.write(buffer);
buffer.flip(); byte[] bytes = new byte[buffer.remaining()];
buffer.get(bytes, 0, bytes.length);
String result = HexUtil.Bytes2HexString(bytes);
System.out.println(result);
assertTrue(Integer.valueOf(result.substring(0, 2), 16) == result
.length() / 2 - 4);
AuthPacket auth2 = new AuthPacket();
auth2.read(bytes);
assertTrue(auth2.database.equals("test"));
} protected int getClientCapabilities() {
int flag = 0;
flag |= Capabilities.CLIENT_LONG_PASSWORD;
flag |= Capabilities.CLIENT_FOUND_ROWS;
flag |= Capabilities.CLIENT_LONG_FLAG;
flag |= Capabilities.CLIENT_CONNECT_WITH_DB;
flag |= Capabilities.CLIENT_ODBC;
flag |= Capabilities.CLIENT_IGNORE_SPACE;
flag |= Capabilities.CLIENT_PROTOCOL_41;
flag |= Capabilities.CLIENT_INTERACTIVE;
flag |= Capabilities.CLIENT_IGNORE_SIGPIPE;
flag |= Capabilities.CLIENT_TRANSACTIONS;
flag |= Capabilities.CLIENT_SECURE_CONNECTION;
return flag;
}
}The above is the detailed content of A detailed introduction to the authentication package and code of the mysql protocol. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1387
52
How to open phpmyadmin
Apr 10, 2025 pm 10:51 PM
You can open phpMyAdmin through the following steps: 1. Log in to the website control panel; 2. Find and click the phpMyAdmin icon; 3. Enter MySQL credentials; 4. Click "Login".
MySQL: An Introduction to the World's Most Popular Database
Apr 12, 2025 am 12:18 AM
MySQL is an open source relational database management system, mainly used to store and retrieve data quickly and reliably. Its working principle includes client requests, query resolution, execution of queries and return results. Examples of usage include creating tables, inserting and querying data, and advanced features such as JOIN operations. Common errors involve SQL syntax, data types, and permissions, and optimization suggestions include the use of indexes, optimized queries, and partitioning of tables.
How to use single threaded redis
Apr 10, 2025 pm 07:12 PM
Redis uses a single threaded architecture to provide high performance, simplicity, and consistency. It utilizes I/O multiplexing, event loops, non-blocking I/O, and shared memory to improve concurrency, but with limitations of concurrency limitations, single point of failure, and unsuitable for write-intensive workloads.
MySQL's Place: Databases and Programming
Apr 13, 2025 am 12:18 AM
MySQL's position in databases and programming is very important. It is an open source relational database management system that is widely used in various application scenarios. 1) MySQL provides efficient data storage, organization and retrieval functions, supporting Web, mobile and enterprise-level systems. 2) It uses a client-server architecture, supports multiple storage engines and index optimization. 3) Basic usages include creating tables and inserting data, and advanced usages involve multi-table JOINs and complex queries. 4) Frequently asked questions such as SQL syntax errors and performance issues can be debugged through the EXPLAIN command and slow query log. 5) Performance optimization methods include rational use of indexes, optimized query and use of caches. Best practices include using transactions and PreparedStatemen
Why Use MySQL? Benefits and Advantages
Apr 12, 2025 am 12:17 AM
MySQL is chosen for its performance, reliability, ease of use, and community support. 1.MySQL provides efficient data storage and retrieval functions, supporting multiple data types and advanced query operations. 2. Adopt client-server architecture and multiple storage engines to support transaction and query optimization. 3. Easy to use, supports a variety of operating systems and programming languages. 4. Have strong community support and provide rich resources and solutions.
Monitor Redis Droplet with Redis Exporter Service
Apr 10, 2025 pm 01:36 PM
Effective monitoring of Redis databases is critical to maintaining optimal performance, identifying potential bottlenecks, and ensuring overall system reliability. Redis Exporter Service is a powerful utility designed to monitor Redis databases using Prometheus. This tutorial will guide you through the complete setup and configuration of Redis Exporter Service, ensuring you seamlessly build monitoring solutions. By studying this tutorial, you will achieve fully operational monitoring settings
How to view sql database error
Apr 10, 2025 pm 12:09 PM
The methods for viewing SQL database errors are: 1. View error messages directly; 2. Use SHOW ERRORS and SHOW WARNINGS commands; 3. Access the error log; 4. Use error codes to find the cause of the error; 5. Check the database connection and query syntax; 6. Use debugging tools.
How to connect to the database of apache
Apr 13, 2025 pm 01:03 PM
Apache connects to a database requires the following steps: Install the database driver. Configure the web.xml file to create a connection pool. Create a JDBC data source and specify the connection settings. Use the JDBC API to access the database from Java code, including getting connections, creating statements, binding parameters, executing queries or updates, and processing results.
