public void AuthenticateClient() { bool continueProcessing = true; byte[] clientBlob = null; byte[] serverBlob = null; SECURITY_INTEGER lifetime = new SECURITY_INTEGER(0); int ss; #if !CF MySqlSecurityPermission.CreatePermissionSet(false).Assert(); #endif ss = AcquireCredentialsHandle(null, "Negotiate", SECPKG_CRED_OUTBOUND, IntPtr.Zero, IntPtr.Zero, 0, IntPtr.Zero, ref outboundCredentials, ref lifetime); if (ss != SEC_E_OK) { throw new MySqlException( "AcquireCredentialsHandle failed with errorcode" + ss); } try { while (continueProcessing) { InitializeClient(out clientBlob, serverBlob, out continueProcessing); if (clientBlob != null && clientBlob.Length > 0) { WriteData(clientBlob); if (continueProcessing) { serverBlob = ReadData(); } if (version.isAtLeast(5, 5, 16)) { // Treat properly prefix byte as per // https://bug.oraclecorp.com/pls/bug/webbug_print.show?c_rptno=12944747 // - 0x00 to acknowledge auth // - 0xff to deny auth // - 0xfe to switch auth // - 0x01 to return more auth data byte prefix = serverBlob[0]; byte[] buf = new byte[serverBlob.Length - 1]; Array.Copy(serverBlob, 1, buf, 0, buf.Length); serverBlob = buf; } } } } finally { FreeCredentialsHandle(ref outboundCredentials); DeleteSecurityContext(ref clientContext); } }
private void AssertPermissions() { if (this.Settings.IncludeSecurityAsserts) { PermissionSet permissionSet = new PermissionSet(PermissionState.None); permissionSet.AddPermission(new MySqlClientPermission(this.ConnectionString)); permissionSet.Demand(); MySqlSecurityPermission.CreatePermissionSet(true).Assert(); } }
static MySqlTrace() { MySqlSecurityPermission.CreatePermissionSet(true).Assert(); foreach (TraceListener listener in source.Listeners) { if (listener.GetType().ToString().Contains("MySql.EMTrace.EMTraceListener")) { qaEnabled = true; break; } } }
partial void AssertPermissions() { // Security Asserts can only be done when the assemblies // are put in the GAC as documented in // http://msdn.microsoft.com/en-us/library/ff648665.aspx if (this.Settings.IncludeSecurityAsserts) { PermissionSet set = new PermissionSet(PermissionState.None); set.AddPermission(new MySqlClientPermission(ConnectionString)); set.Demand(); MySqlSecurityPermission.CreatePermissionSet(true).Assert(); } }
object IServiceProvider.GetService(Type serviceType) { // DbProviderServices is the only service we offer up right now if (serviceType != DbServicesType) { return(null); } if (MySqlDbProviderServicesInstance == null) { return(null); } MySqlSecurityPermission.CreatePermissionSet(false).Assert(); return(MySqlDbProviderServicesInstance.GetValue(null)); }
public void Open() { try { this.baseStream = StreamCreator.GetStream(this.Settings); if (this.Settings.IncludeSecurityAsserts) { MySqlSecurityPermission.CreatePermissionSet(false).Assert(); } } catch (SecurityException) { throw; } catch (Exception inner) { throw new MySqlException(Resources.UnableToConnectToHost, 1042, inner); } if (this.baseStream == null) { throw new MySqlException(Resources.UnableToConnectToHost, 1042); } this.stream = new MySqlStream(this.baseStream, this.Encoding, false); this.stream.ResetTimeout((int)(this.Settings.ConnectionTimeout * 1000u)); this.packet = this.stream.ReadPacket(); this.packet.ReadByte(); string versionString = this.packet.ReadString(); this.version = DBVersion.Parse(versionString); if (!this.version.isAtLeast(5, 0, 0)) { throw new NotSupportedException(Resources.ServerTooOld); } this.threadId = this.packet.ReadInteger(4); this.encryptionSeed = this.packet.ReadString(); int num = 16777215; ClientFlags clientFlags = (ClientFlags)0uL; if (this.packet.HasMoreData) { clientFlags = (ClientFlags)((long)this.packet.ReadInteger(2)); } this.owner.ConnectionCharSetIndex = (int)this.packet.ReadByte(); this.serverStatus = (ServerStatusFlags)this.packet.ReadInteger(2); uint num2 = (uint)this.packet.ReadInteger(2); clientFlags |= (ClientFlags)(num2 << 16); this.packet.Position += 11; string str = this.packet.ReadString(); this.encryptionSeed += str; string authMethod; if ((clientFlags & ClientFlags.PLUGIN_AUTH) != (ClientFlags)0uL) { authMethod = this.packet.ReadString(); } else { authMethod = "mysql_native_password"; } this.SetConnectionFlags(clientFlags); this.packet.Clear(); this.packet.WriteInteger((long)((int)this.connectionFlags), 4); if ((clientFlags & ClientFlags.SSL) == (ClientFlags)0uL) { if (this.Settings.SslMode != MySqlSslMode.None && this.Settings.SslMode != MySqlSslMode.Preferred) { string msg = string.Format(Resources.NoServerSSLSupport, this.Settings.Server); throw new MySqlException(msg); } } else { if (this.Settings.SslMode != MySqlSslMode.None) { this.stream.SendPacket(this.packet); this.StartSSL(); this.packet.Clear(); this.packet.WriteInteger((long)((int)this.connectionFlags), 4); } } this.packet.WriteInteger((long)num, 4); this.packet.WriteByte(8); this.packet.Write(new byte[23]); this.Authenticate(authMethod, false); if ((this.connectionFlags & ClientFlags.COMPRESS) != (ClientFlags)0uL) { this.stream = new MySqlStream(this.baseStream, this.Encoding, true); } this.packet.Version = this.version; this.stream.MaxBlockSize = num; }
public void Open() { // connect to one of our specified hosts try { baseStream = StreamCreator.GetStream(Settings); #if !CF && !WINDOWS_UWP if (Settings.IncludeSecurityAsserts) { MySqlSecurityPermission.CreatePermissionSet(false).Assert(); } #endif } catch (System.Security.SecurityException) { throw; } catch (Exception ex) { throw new MySqlException(Resources.UnableToConnectToHost, (int)MySqlErrorCode.UnableToConnectToHost, ex); } if (baseStream == null) { throw new MySqlException(Resources.UnableToConnectToHost, (int)MySqlErrorCode.UnableToConnectToHost); } int maxSinglePacket = 255 * 255 * 255; stream = new MySqlStream(baseStream, Encoding, false); stream.ResetTimeout((int)Settings.ConnectionTimeout * 1000); // read off the welcome packet and parse out it's values packet = stream.ReadPacket(); int protocol = packet.ReadByte(); string versionString = packet.ReadString(); owner.isFabric = versionString.EndsWith("fabric", StringComparison.OrdinalIgnoreCase); version = DBVersion.Parse(versionString); if (!owner.isFabric && !version.isAtLeast(5, 0, 0)) { throw new NotSupportedException(Resources.ServerTooOld); } threadId = packet.ReadInteger(4); byte[] seedPart1 = packet.ReadStringAsBytes(); maxSinglePacket = (256 * 256 * 256) - 1; // read in Server capabilities if they are provided ClientFlags serverCaps = 0; if (packet.HasMoreData) { serverCaps = (ClientFlags)packet.ReadInteger(2); } /* New protocol with 16 bytes to describe server characteristics */ owner.ConnectionCharSetIndex = (int)packet.ReadByte(); serverStatus = (ServerStatusFlags)packet.ReadInteger(2); // Since 5.5, high bits of server caps are stored after status. // Previously, it was part of reserved always 0x00 13-byte filler. uint serverCapsHigh = (uint)packet.ReadInteger(2); serverCaps |= (ClientFlags)(serverCapsHigh << 16); packet.Position += 11; byte[] seedPart2 = packet.ReadStringAsBytes(); encryptionSeed = new byte[seedPart1.Length + seedPart2.Length]; seedPart1.CopyTo(encryptionSeed, 0); seedPart2.CopyTo(encryptionSeed, seedPart1.Length); string authenticationMethod = ""; if ((serverCaps & ClientFlags.PLUGIN_AUTH) != 0) { authenticationMethod = packet.ReadString(); } else { // Some MySql versions like 5.1, don't give name of plugin, default to native password. authenticationMethod = "mysql_native_password"; } // based on our settings, set our connection flags SetConnectionFlags(serverCaps); packet.Clear(); packet.WriteInteger((int)connectionFlags, 4); packet.WriteInteger(maxSinglePacket, 4); packet.WriteByte(33); //character set utf-8 packet.Write(new byte[23]); #if !CF && !WINDOWS_UWP if ((serverCaps & ClientFlags.SSL) == 0) { if ((Settings.SslMode != MySqlSslMode.None) && (Settings.SslMode != MySqlSslMode.Preferred)) { // Client requires SSL connections. string message = String.Format(Resources.NoServerSSLSupport, Settings.Server); throw new MySqlException(message); } } else if (Settings.SslMode != MySqlSslMode.None) { stream.SendPacket(packet); StartSSL(); packet.Clear(); packet.WriteInteger((int)connectionFlags, 4); packet.WriteInteger(maxSinglePacket, 4); packet.WriteByte(33); //character set utf-8 packet.Write(new byte[23]); } #endif #if WINDOWS_UWP if (Settings.SslMode != MySqlSslMode.None) { throw new NotImplementedException("SSL not supported in this WinRT release."); } #endif Authenticate(authenticationMethod, false); // if we are using compression, then we use our CompressedStream class // to hide the ugliness of managing the compression if ((connectionFlags & ClientFlags.COMPRESS) != 0) { stream = new MySqlStream(baseStream, Encoding, true); } // give our stream the server version we are connected to. // We may have some fields that are read differently based // on the version of the server we are connected to. packet.Version = version; stream.MaxBlockSize = maxSinglePacket; }
public void Open() { // connect to one of our specified hosts try { #if !CF if (Settings.ConnectionProtocol == MySqlConnectionProtocol.SharedMemory) { SharedMemoryStream str = new SharedMemoryStream(Settings.SharedMemoryName); str.Open(Settings.ConnectionTimeout); baseStream = str; } else { #endif string pipeName = Settings.PipeName; if (Settings.ConnectionProtocol != MySqlConnectionProtocol.NamedPipe) { pipeName = null; } StreamCreator sc = new StreamCreator(Settings.Server, Settings.Port, pipeName, Settings.Keepalive, this.Version); #if !CF MySqlSecurityPermission.CreatePermissionSet(false).Assert(); #endif baseStream = sc.GetStream(Settings.ConnectionTimeout); #if !CF } #endif } catch (System.Security.SecurityException) { throw; } catch (Exception ex) { throw new MySqlException(Resources.UnableToConnectToHost, (int)MySqlErrorCode.UnableToConnectToHost, ex); } if (baseStream == null) { throw new MySqlException(Resources.UnableToConnectToHost, (int)MySqlErrorCode.UnableToConnectToHost); } int maxSinglePacket = 255 * 255 * 255; stream = new MySqlStream(baseStream, Encoding, false); stream.ResetTimeout((int)Settings.ConnectionTimeout * 1000); // read off the welcome packet and parse out it's values packet = stream.ReadPacket(); int protocol = packet.ReadByte(); string versionString = packet.ReadString(); version = DBVersion.Parse(versionString); if (!version.isAtLeast(5, 0, 0)) { throw new NotSupportedException(Resources.ServerTooOld); } threadId = packet.ReadInteger(4); encryptionSeed = packet.ReadString(); maxSinglePacket = (256 * 256 * 256) - 1; // read in Server capabilities if they are provided ClientFlags serverCaps = 0; if (packet.HasMoreData) { serverCaps = (ClientFlags)packet.ReadInteger(2); } /* New protocol with 16 bytes to describe server characteristics */ owner.ConnectionCharSetIndex = (int)packet.ReadByte(); serverStatus = (ServerStatusFlags)packet.ReadInteger(2); // Since 5.5, high bits of server caps are stored after status. // Previously, it was part of reserved always 0x00 13-byte filler. uint serverCapsHigh = (uint)packet.ReadInteger(2); serverCaps |= (ClientFlags)(serverCapsHigh << 16); packet.Position += 11; string seedPart2 = packet.ReadString(); encryptionSeed += seedPart2; string authenticationMethod = ""; if ((serverCaps & ClientFlags.PLUGIN_AUTH) != 0) { authenticationMethod = packet.ReadString(); } // based on our settings, set our connection flags SetConnectionFlags(serverCaps); packet.Clear(); packet.WriteInteger((int)connectionFlags, 4); #if !CF if ((serverCaps & ClientFlags.SSL) == 0) { if ((Settings.SslMode != MySqlSslMode.None) && (Settings.SslMode != MySqlSslMode.Preferred)) { // Client requires SSL connections. string message = String.Format(Resources.NoServerSSLSupport, Settings.Server); throw new MySqlException(message); } } else if (Settings.SslMode != MySqlSslMode.None) { stream.SendPacket(packet); StartSSL(); packet.Clear(); packet.WriteInteger((int)connectionFlags, 4); } #endif packet.WriteInteger(maxSinglePacket, 4); packet.WriteByte(8); packet.Write(new byte[23]); Authenticate(false); // if we are using compression, then we use our CompressedStream class // to hide the ugliness of managing the compression if ((connectionFlags & ClientFlags.COMPRESS) != 0) { stream = new MySqlStream(baseStream, Encoding, true); } // give our stream the server version we are connected to. // We may have some fields that are read differently based // on the version of the server we are connected to. packet.Version = version; stream.MaxBlockSize = maxSinglePacket; }
private void SetTypeFromValue() { if (paramValue == null || paramValue == DBNull.Value) { return; } if (paramValue is Guid) { DbType = DbType.Guid; } else if (paramValue is TimeSpan) { DbType = DbType.Time; } else if (paramValue is bool) { DbType = DbType.Byte; } else { #if !CF MySqlSecurityPermission.CreatePermissionSet(true).Assert(); #endif var tc = Type.GetTypeCode(paramValue.GetType()); switch (tc) { case TypeCode.SByte: DbType = DbType.SByte; break; case TypeCode.Byte: DbType = DbType.Byte; break; case TypeCode.Int16: DbType = DbType.Int16; break; case TypeCode.UInt16: DbType = DbType.UInt16; break; case TypeCode.Int32: DbType = DbType.Int32; break; case TypeCode.UInt32: DbType = DbType.UInt32; break; case TypeCode.Int64: DbType = DbType.Int64; break; case TypeCode.UInt64: DbType = DbType.UInt64; break; case TypeCode.DateTime: DbType = DbType.DateTime; break; case TypeCode.String: DbType = DbType.String; break; case TypeCode.Single: DbType = DbType.Single; break; case TypeCode.Double: DbType = DbType.Double; break; case TypeCode.Decimal: DbType = DbType.Decimal; break; case TypeCode.Object: default: DbType = DbType.Object; break; } } }
public void Open() { //try //{ // this.baseStream = StreamCreator.GetStream(this.Settings); // if (this.Settings.IncludeSecurityAsserts) // { // MySqlSecurityPermission.CreatePermissionSet(false).Assert(); // } //} //catch (SecurityException) //{ // throw; //} //catch (Exception inner) //{ // throw new MySqlException(Resources.UnableToConnectToHost, 1042, inner); //} //if (this.baseStream == null) //{ // throw new MySqlException(Resources.UnableToConnectToHost, 1042); //} //this.stream = new MySqlStream(this.baseStream, this.Encoding, false); //this.stream.ResetTimeout((int)(this.Settings.ConnectionTimeout * 1000u)); //this.packet = this.stream.ReadPacket(); //this.packet.ReadByte(); //string text = this.packet.ReadString(); //this.owner.isFabric = text.EndsWith("fabric", StringComparison.OrdinalIgnoreCase); //this.isEnterprise = text.ToLowerInvariant().Contains("-enterprise-"); //this.version = DBVersion.Parse(text); //if (!this.owner.isFabric && !this.version.isAtLeast(5, 0, 0)) //{ // throw new NotSupportedException(Resources.ServerTooOld); //} //this.threadId = this.packet.ReadInteger(4); //byte[] array = this.packet.ReadStringAsBytes(); //int num = 16777215; //ClientFlags clientFlags = (ClientFlags)0uL; //if (this.packet.HasMoreData) //{ // clientFlags = (ClientFlags)((long)this.packet.ReadInteger(2)); //} //this.owner.ConnectionCharSetIndex = (int)this.packet.ReadByte(); //this.serverStatus = (ServerStatusFlags)this.packet.ReadInteger(2); //uint num2 = (uint)this.packet.ReadInteger(2); //clientFlags |= (ClientFlags)(num2 << 16); //this.packet.Position += 11; //byte[] array2 = this.packet.ReadStringAsBytes(); //this.encryptionSeed = new byte[array.Length + array2.Length]; //array.CopyTo(this.encryptionSeed, 0); //array2.CopyTo(this.encryptionSeed, array.Length); //string authMethod; //if ((clientFlags & ClientFlags.PLUGIN_AUTH) != (ClientFlags)0uL) //{ // authMethod = this.packet.ReadString(); //} //else //{ // authMethod = "mysql_native_password"; //} //this.SetConnectionFlags(clientFlags); //this.packet.Clear(); //this.packet.WriteInteger((long)((int)this.connectionFlags), 4); //this.packet.WriteInteger((long)num, 4); //this.packet.WriteByte(33); //this.packet.Write(new byte[23]); //if ((clientFlags & ClientFlags.SSL) == (ClientFlags)0uL) //{ // if (this.Settings.SslMode != MySqlSslMode.None && this.Settings.SslMode != MySqlSslMode.Preferred) // { // throw new MySqlException(string.Format(Resources.NoServerSSLSupport, this.Settings.Server)); // } //} //else if (this.Settings.SslMode != MySqlSslMode.None) //{ // this.stream.SendPacket(this.packet); // this.StartSSL(); // this.packet.Clear(); // this.packet.WriteInteger((long)((int)this.connectionFlags), 4); // this.packet.WriteInteger((long)num, 4); // this.packet.WriteByte(33); // this.packet.Write(new byte[23]); //} //this.Authenticate(authMethod, false); //if ((this.connectionFlags & ClientFlags.COMPRESS) != (ClientFlags)0uL) //{ // this.stream = new MySqlStream(this.baseStream, this.Encoding, true); //} //this.packet.Version = this.version; //this.stream.MaxBlockSize = num; try { baseStream = StreamCreator.GetStream(Settings); if (Settings.IncludeSecurityAsserts) { MySqlSecurityPermission.CreatePermissionSet(false).Assert(); } } catch (System.Security.SecurityException) { throw; } catch (Exception ex) { throw new MySqlException(Resources.UnableToConnectToHost, 1042, ex); } if (baseStream == null) { throw new MySqlException(Resources.UnableToConnectToHost, 1042); } int maxSinglePacket = 255 * 255 * 255; stream = new MySqlStream(baseStream, Encoding, false); stream.ResetTimeout((int)Settings.ConnectionTimeout * 1000); // read off the welcome packet and parse out it's values packet = stream.ReadPacket(); int protocol = packet.ReadByte(); string versionString = packet.ReadString(); owner.isFabric = versionString.EndsWith("fabric", StringComparison.OrdinalIgnoreCase); version = DBVersion.Parse(versionString); if (!owner.isFabric && !version.isAtLeast(5, 0, 0)) { throw new NotSupportedException(Resources.ServerTooOld); } threadId = packet.ReadInteger(4); byte[] array = this.packet.ReadStringAsBytes(); maxSinglePacket = (256 * 256 * 256) - 1; // read in Server capabilities if they are provided ClientFlags serverCaps = 0; if (packet.HasMoreData) { serverCaps = (ClientFlags)packet.ReadInteger(2); } /* New protocol with 16 bytes to describe server characteristics */ owner.ConnectionCharSetIndex = (int)packet.ReadByte(); serverStatus = (ServerStatusFlags)packet.ReadInteger(2); // Since 5.5, high bits of server caps are stored after status. // Previously, it was part of reserved always 0x00 13-byte filler. uint serverCapsHigh = (uint)packet.ReadInteger(2); serverCaps |= (ClientFlags)(serverCapsHigh << 16); packet.Position += 11; byte[] array2 = this.packet.ReadStringAsBytes(); this.encryptionSeed = new byte[array.Length + array2.Length]; array.CopyTo(this.encryptionSeed, 0); array2.CopyTo(this.encryptionSeed, array.Length); string authenticationMethod = ""; if ((serverCaps & ClientFlags.PLUGIN_AUTH) != 0) { authenticationMethod = packet.ReadString(); } else { // Some MyCat versions like 5.1, don't give name of plugin, default to native password. authenticationMethod = "mysql_native_password"; } // based on our settings, set our connection flags SetConnectionFlags(serverCaps); packet.Clear(); packet.WriteInteger((int)connectionFlags, 4); if ((serverCaps & ClientFlags.SSL) == 0) { if ((Settings.SslMode != MySqlSslMode.None) && (Settings.SslMode != MySqlSslMode.Preferred)) { // Client requires SSL connections. string message = String.Format(Resources.NoServerSSLSupport, Settings.Server); throw new MySqlException(message); } } else if (Settings.SslMode != MySqlSslMode.None) { stream.SendPacket(packet); StartSSL(); packet.Clear(); packet.WriteInteger((int)connectionFlags, 4); } packet.WriteInteger(maxSinglePacket, 4); packet.WriteByte(8); packet.Write(new byte[23]); Authenticate(authenticationMethod, false); // if we are using compression, then we use our CompressedStream class // to hide the ugliness of managing the compression if ((connectionFlags & ClientFlags.COMPRESS) != 0) { stream = new MySqlStream(baseStream, Encoding, true); } // give our stream the server version we are connected to. // We may have some fields that are read differently based // on the version of the server we are connected to. packet.Version = version; stream.MaxBlockSize = maxSinglePacket; }