| Server IP : 172.67.216.182 / Your IP : 162.158.107.19 Web Server : Apache System : Linux krdc-ubuntu-s-2vcpu-4gb-amd-blr1-01.localdomain 5.15.0-142-generic #152-Ubuntu SMP Mon May 19 10:54:31 UTC 2025 x86_64 User : www ( 1000) PHP Version : 7.4.33 Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /www/server/mysql/src/plugin/innodb_memcached/daemon_memcached/daemon/ |
Upload File : |
/* -*- Mode: C; tab-width: 4; c-basic-offset: 4; indent-tabs-mode: nil -*- */
#include "config.h"
#include "memcached.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#ifdef ENABLE_MEMCACHED_SASL
#ifdef HAVE_SASL_CB_GETCONF
/* The locations we may search for a SASL config file if the user didn't
* specify one in the environment variable SASL_CONF_PATH
*/
const char * const locations[] = {
"/etc/sasl/memcached.conf",
"/etc/sasl2/memcached.conf",
NULL
};
#endif
#ifdef ENABLE_SASL_PWDB
#define MAX_ENTRY_LEN 256
static const char *memcached_sasl_pwdb;
static int sasl_server_userdb_checkpass(sasl_conn_t *conn,
void *context,
const char *user,
const char *pass,
unsigned passlen,
struct propctx *propctx)
{
size_t unmlen = strlen(user);
if ((passlen + unmlen) > (MAX_ENTRY_LEN - 4)) {
settings.extensions.logger->log(EXTENSION_LOG_WARNING, NULL,
"WARNING: Failed to authenticate <%s> due to too long password (%d)",
user, passlen);
return SASL_NOAUTHZ;
}
FILE *pwfile = fopen(memcached_sasl_pwdb, "r");
if (pwfile == NULL) {
if (settings.verbose) {
/* "errno" not always defined
settings.extensions.logger->log(EXTENSION_LOG_WARNING, NULL,
"WARNING: Failed to open sasl database <%s>: %s",
memcached_sasl_pwdb, strerror(errno)); */
}
return SASL_NOAUTHZ;
}
char buffer[MAX_ENTRY_LEN];
bool ok = false;
while ((fgets(buffer, sizeof(buffer), pwfile)) != NULL) {
if (memcmp(user, buffer, unmlen) == 0 && buffer[unmlen] == ':') {
/* This is the correct user */
++unmlen;
if (memcmp(pass, buffer + unmlen, passlen) == 0 &&
(buffer[unmlen + passlen] == ':' || /* Additional tokens */
buffer[unmlen + passlen] == '\n' || /* end of line */
buffer[unmlen + passlen] == '\r'|| /* dos format? */
buffer[unmlen + passlen] == '\0')) { /* line truncated */
ok = true;
}
break;
}
}
(void)fclose(pwfile);
if (ok) {
return SASL_OK;
}
if (settings.verbose) {
settings.extensions.logger->log(EXTENSION_LOG_INFO, NULL,
"INFO: User <%s> failed to authenticate",
user);
}
return SASL_NOAUTHZ;
}
#endif
#ifdef HAVE_SASL_CB_GETCONF
static int sasl_getconf(void *context, const char **path)
{
*path = getenv("SASL_CONF_PATH");
if (*path == NULL) {
for (int i = 0; locations[i] != NULL; ++i) {
if (access(locations[i], F_OK) == 0) {
*path = locations[i];
break;
}
}
}
if (settings.verbose) {
if (*path != NULL) {
settings.extensions.logger->log(EXTENSION_LOG_INFO, NULL,
"Reading configuration from: <%s>", *path);
} else {
settings.extensions.logger->log(EXTENSION_LOG_INFO, NULL,
"Failed to locate a config path");
}
}
return (*path != NULL) ? SASL_OK : SASL_FAIL;
}
#endif
#ifdef ENABLE_SASL
static int sasl_log(void *context, int level, const char *message)
{
EXTENSION_LOG_LEVEL lvl = EXTENSION_LOG_DETAIL;
switch (level) {
case SASL_LOG_NONE:
break;
case SASL_LOG_PASS:
case SASL_LOG_TRACE:
case SASL_LOG_DEBUG:
case SASL_LOG_NOTE:
lvl = EXTENSION_LOG_DEBUG;
break;
case SASL_LOG_WARN:
case SASL_LOG_FAIL:
lvl = EXTENSION_LOG_INFO;
break;
default:
/* This is an error */
;
}
settings.extensions.logger->log(lvl, NULL,
"SASL (severity %d): %s", level, message);
return SASL_OK;
}
#endif
static sasl_callback_t sasl_callbacks[] = {
#ifdef ENABLE_SASL_PWDB
{ SASL_CB_SERVER_USERDB_CHECKPASS, sasl_server_userdb_checkpass, NULL },
#endif
#ifdef ENABLE_SASL
{ SASL_CB_LOG, sasl_log, NULL },
#endif
#ifdef HAVE_SASL_CB_GETCONF
{ SASL_CB_GETCONF, sasl_getconf, NULL },
#endif
{ SASL_CB_LIST_END, NULL, NULL }
};
void init_sasl(void) {
#ifdef ENABLE_SASL_PWDB
memcached_sasl_pwdb = getenv("MEMCACHED_SASL_PWDB");
if (memcached_sasl_pwdb == NULL) {
if (settings.verbose) {
settings.extensions.logger->log(EXTENSION_LOG_INFO, NULL,
"INFO: MEMCACHED_SASL_PWDB not specified. "
"Internal passwd database disabled.");
}
sasl_callbacks[0].id = SASL_CB_LIST_END;
sasl_callbacks[0].proc = NULL;
}
#endif
if (sasl_server_init(sasl_callbacks, "memcached") != SASL_OK) {
settings.extensions.logger->log(EXTENSION_LOG_WARNING, NULL,
"Error initializing sasl.");
exit(EXIT_FAILURE);
} else {
#ifdef SASL_TESTING
conn c;
int result=sasl_server_new("memcached",
NULL, NULL, NULL, NULL,
NULL, 0, &c.sasl_conn);
if (!result) {
sasl_dispose(&c.sasl_conn);
}
#endif /* SASL_TESTING */
if (settings.verbose) {
settings.extensions.logger->log(EXTENSION_LOG_INFO, NULL,
"Initialized SASL.");
}
}
}
#endif /* ENABLE_MEMCACHED_SASL */