func (m *Info) CheckUser(user string, auth []byte, salt []byte, db string) bool {
password, err := m.getPassword(user)
if err != nil {
return false
}
if isExist := bytes.Equal(auth, mysql.CalcPassword(salt, []byte(password))); !isExist {
glog.V(2).Infof("Password(!= %v) is nq", password)
return false
}
if db != "" {
_, err = m.Get(path.Join(UserInfo, user, DB, db), false, false)
if err != nil {
glog.Infof("Can not get Etcd user db error:%v", err)
return false
}
}
return true
}
func (c *Conn) writeAuthHandshake() error {
// Adjust client capability flags based on server support
capability := mysql.CLIENT_PROTOCOL_41 | mysql.CLIENT_SECURE_CONNECTION |
mysql.CLIENT_LONG_PASSWORD | mysql.CLIENT_TRANSACTIONS | mysql.CLIENT_LONG_FLAG
capability &= c.capability
//packet length
//capbility 4
//max-packet size 4
//charset 1
//reserved all[0] 23
length := 4 + 4 + 1 + 23
//username
length += len(c.user) + 1
//we only support secure connection
auth := mysql.CalcPassword(c.salt, []byte(c.password))
length += 1 + len(auth)
if len(c.db) > 0 {
capability |= mysql.CLIENT_CONNECT_WITH_DB
length += len(c.db) + 1
}
c.capability = capability
data := make([]byte, length+4)
//capability [32 bit]
data[4] = byte(capability)
data[5] = byte(capability >> 8)
data[6] = byte(capability >> 16)
data[7] = byte(capability >> 24)
//MaxPacketSize [32 bit] (none)
//data[8] = 0x00
//data[9] = 0x00
//data[10] = 0x00
//data[11] = 0x00
//Charset [1 byte]
data[12] = byte(c.collation)
//Filler [23 bytes] (all 0x00)
pos := 13 + 23
//User [null terminated string]
if len(c.user) > 0 {
pos += copy(data[pos:], c.user)
}
//data[pos] = 0x00
pos++
// auth [length encoded integer]
data[pos] = byte(len(auth))
pos += 1 + copy(data[pos+1:], auth)
// db [null terminated string]
if len(c.db) > 0 {
pos += copy(data[pos:], c.db)
//data[pos] = 0x00
}
return c.writePacket(data)
}