def _auth_switch_request(self, username=None, password=None):
"""Handle second part of authentication
Raises NotSupportedError when we get the old, insecure password
reply back. Raises any error coming from MySQL.
"""
packet = yield from self._socket.recv()
if packet[4] == 254 and len(packet) == 5:
raise errors.NotSupportedError(
"Authentication with old (insecure) passwords "
"is not supported. For more information, lookup "
"Password Hashing in the latest MySQL manual")
elif packet[4] == 254:
# AuthSwitchRequest
(new_auth_plugin,
auth_data) = self._protocol.parse_auth_switch_request(packet)
auth = get_auth_plugin(new_auth_plugin)(
auth_data, password=password, ssl_enabled=self._ssl_active)
response = auth.auth_response()
yield from self._socket.drain()
if response == b'\x00':
self._socket.send(b'')
else:
self._socket.send(response)
packet = yield from self._socket.recv()
if packet[4] != 1:
return self._handle_ok(packet)
else:
auth_data = self._protocol.parse_auth_more_data(packet)
elif packet[4] == 255:
raise errors.get_exception(packet)
def test_get_auth_plugin(self):
self.assertRaises(mysql.connector.NotSupportedError,
authentication.get_auth_plugin, 'spam')
self.assertRaises(mysql.connector.NotSupportedError,
authentication.get_auth_plugin, '')
# Test using standard plugins
plugin_classes = {}
for name, obj in inspect.getmembers(authentication):
if inspect.isclass(obj) and hasattr(obj, 'plugin_name'):
if obj.plugin_name:
plugin_classes[obj.plugin_name] = obj
for plugin_name in _STANDARD_PLUGINS:
self.assertEqual(plugin_classes[plugin_name],
authentication.get_auth_plugin(plugin_name),
"Failed getting class for {0}".format(plugin_name))
def test_get_auth_plugin(self):
self.assertRaises(mysql.connector.NotSupportedError,
authentication.get_auth_plugin, 'spam')
self.assertRaises(mysql.connector.NotSupportedError,
authentication.get_auth_plugin, '')
# Test using standard plugins
plugin_classes = {}
for name, obj in inspect.getmembers(authentication):
if inspect.isclass(obj) and hasattr(obj, 'plugin_name'):
if obj.plugin_name:
plugin_classes[obj.plugin_name] = obj
for plugin_name in _STANDARD_PLUGINS:
self.assertEqual(plugin_classes[plugin_name],
authentication.get_auth_plugin(plugin_name),
"Failed getting class for {0}".format(plugin_name))
def _auth_response(self, client_flags, username, password, database,
auth_plugin, auth_data, ssl_enabled):
"""Prepare the authentication response"""
if not password:
return '\x00'
try:
auth = get_auth_plugin(auth_plugin)(auth_data,
username=username, password=password, database=database,
ssl_enabled=ssl_enabled)
plugin_auth_response = auth.auth_response()
except (TypeError, errors.InterfaceError) as exc:
raise errors.ProgrammingError(
"Failed authentication: {0}".format(str(exc)))
if client_flags & ClientFlag.SECURE_CONNECTION:
resplen = len(plugin_auth_response)
auth_response = struct.pack('<B', resplen) + plugin_auth_response
else:
auth_response = plugin_auth_response + '\x00'
return auth_response
