123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128 |
- var Sequence = require('./Sequence');
- var Util = require('util');
- var Packets = require('../packets');
- var Auth = require('../Auth');
- var ClientConstants = require('../constants/client');
- module.exports = Handshake;
- Util.inherits(Handshake, Sequence);
- function Handshake(options, callback) {
- Sequence.call(this, options, callback);
- options = options || {};
- this._config = options.config;
- this._handshakeInitializationPacket = null;
- }
- Handshake.prototype.determinePacket = function determinePacket(firstByte, parser) {
- if (firstByte === 0xff) {
- return Packets.ErrorPacket;
- }
- if (!this._handshakeInitializationPacket) {
- return Packets.HandshakeInitializationPacket;
- }
- if (firstByte === 0xfe) {
- return (parser.packetLength() === 1)
- ? Packets.UseOldPasswordPacket
- : Packets.AuthSwitchRequestPacket;
- }
- return undefined;
- };
- Handshake.prototype['AuthSwitchRequestPacket'] = function (packet) {
- if (packet.authMethodName === 'mysql_native_password') {
- var challenge = packet.authMethodData.slice(0, 20);
- this.emit('packet', new Packets.AuthSwitchResponsePacket({
- data: Auth.token(this._config.password, challenge)
- }));
- } else {
- var err = new Error(
- 'MySQL is requesting the ' + packet.authMethodName + ' authentication method, which is not supported.'
- );
- err.code = 'UNSUPPORTED_AUTH_METHOD';
- err.fatal = true;
- this.end(err);
- }
- };
- Handshake.prototype['HandshakeInitializationPacket'] = function(packet) {
- this._handshakeInitializationPacket = packet;
- this._config.protocol41 = packet.protocol41;
- var serverSSLSupport = packet.serverCapabilities1 & ClientConstants.CLIENT_SSL;
- if (this._config.ssl) {
- if (!serverSSLSupport) {
- var err = new Error('Server does not support secure connection');
- err.code = 'HANDSHAKE_NO_SSL_SUPPORT';
- err.fatal = true;
- this.end(err);
- return;
- }
- this._config.clientFlags |= ClientConstants.CLIENT_SSL;
- this.emit('packet', new Packets.SSLRequestPacket({
- clientFlags : this._config.clientFlags,
- maxPacketSize : this._config.maxPacketSize,
- charsetNumber : this._config.charsetNumber
- }));
- this.emit('start-tls');
- } else {
- this._sendCredentials();
- }
- };
- Handshake.prototype._tlsUpgradeCompleteHandler = function() {
- this._sendCredentials();
- };
- Handshake.prototype._sendCredentials = function() {
- var packet = this._handshakeInitializationPacket;
- this.emit('packet', new Packets.ClientAuthenticationPacket({
- clientFlags : this._config.clientFlags,
- maxPacketSize : this._config.maxPacketSize,
- charsetNumber : this._config.charsetNumber,
- user : this._config.user,
- database : this._config.database,
- protocol41 : packet.protocol41,
- scrambleBuff : (packet.protocol41)
- ? Auth.token(this._config.password, packet.scrambleBuff())
- : Auth.scramble323(packet.scrambleBuff(), this._config.password)
- }));
- };
- Handshake.prototype['UseOldPasswordPacket'] = function() {
- if (!this._config.insecureAuth) {
- var err = new Error(
- 'MySQL server is requesting the old and insecure pre-4.1 auth mechanism. ' +
- 'Upgrade the user password or use the {insecureAuth: true} option.'
- );
- err.code = 'HANDSHAKE_INSECURE_AUTH';
- err.fatal = true;
- this.end(err);
- return;
- }
- this.emit('packet', new Packets.OldPasswordPacket({
- scrambleBuff: Auth.scramble323(this._handshakeInitializationPacket.scrambleBuff(), this._config.password)
- }));
- };
- Handshake.prototype['ErrorPacket'] = function(packet) {
- var err = this._packetToError(packet, true);
- err.fatal = true;
- this.end(err);
- };
|