- 14.6.4 MySQL Proxy Scripting
- 14.6.4.1 Proxy Scripting Sequence During Query Injection
- 14.6.4.2 Internal Structures
- 14.6.4.3 Capturing a connection with connect_server()
- 14.6.4.4 Examining the handshake with read_handshake()
- 14.6.4.5 Examining the authentication credentials with read_auth()
- 14.6.4.6 Accessing authentication information with read_auth_result()
- 14.6.4.7 Manipulating Queries with read_query()
- 14.6.4.8 Manipulating Results with read_query_result()
The read_auth() function is triggered when
an authentication handshake is initiated by the client. In the
execution sequence, read_auth() occurs
immediately after read_handshake(), so the
server selection has already been made, but the connection and
authorization information has not yet been provided to the
backend server.
The function accepts a single argument, an Lua table containing the authorization information for the handshake process. The entries in the table are:
username— the user login for connecting to the server.password— the password, encrypted, to be used when connecting.default_db— the default database to be used once the connection has been made.
For example, you can print the user name and password supplied during authorization using:
function read_auth( auth )
print(" username : " .. auth.username)
print(" password : " .. string.format("%q", auth.password))
end
You can interrupt the authentication process within this
function and return an error packet back to the client by
constructing a new packet and returning
proxy.PROXY_SEND_RESULT:
proxy.response.type = proxy.MYSQLD_PACKET_ERR proxy.response.errmsg = "Logins are not allowed" return proxy.PROXY_SEND_RESULT
User Comments
Add your own comment.