Documentation
¶
Index ¶
- func CheckPassword(salt [4]byte, pwd, authentication string) bool
- func CheckScrambledPassword(salt, hpwd, auth []byte) bool
- func DecodePassword(pwd string) ([]byte, error)
- func DecodePasswordByMD5(pwd string) (string, error)
- func EncodePassword(pwd string) string
- func EncodePasswordByMD5(user string, pwd string) string
- func Sha1Hash(bs []byte) []byte
- type RoleIdentity
- type UserIdentity
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CheckPassword ¶
CheckPassword
SERVER: salt = create_random_salt() send(salt) CLIENT: recv(salt) md5_stage1 = md5Sum(password + user) md5_stage2 = md5Sum(md5_stage1 + salt) reply = "md5" + md5_stage2 SERVER: recv(reply) server_md5_stage1 = md5Sum(password + user) server_md5_stage2 = md5Sum(server_md5_stage1 + salt) check(reply == "md5" + server_md5_stage2))
The password saved by the server is "md5" + server_md5_stage1, so you can get server_md5_stage1 directly
func CheckScrambledPassword ¶
CheckScrambledPassword check scrambled password received from client. The new authentication is performed in following manner:
SERVER: public_seed=create_random_string()
send(public_seed)
CLIENT: recv(public_seed)
hash_stage1=sha1("password")
hash_stage2=sha1(hash_stage1)
reply=xor(hash_stage1, sha1(public_seed,hash_stage2)
// this three steps are done in scramble()
send(reply)
SERVER: recv(reply)
hash_stage1=xor(reply, sha1(public_seed,hash_stage2))
candidate_hash2=sha1(hash_stage1)
check(candidate_hash2==hash_stage2)
// this three steps are done in check_scramble()
func DecodePassword ¶
DecodePassword converts hex string password without prefix '*' to byte array.
func DecodePasswordByMD5 ¶
DecodePasswordByMD5 remove prefix "md5"
func EncodePassword ¶
EncodePassword converts plaintext password to hashed hex string.
func EncodePasswordByMD5 ¶
EncodePasswordByMD5 PostgreSQL encode password by md5
Types ¶
type RoleIdentity ¶
func (*RoleIdentity) Restore ¶
func (role *RoleIdentity) Restore(ctx *format.RestoreCtx) error
func (*RoleIdentity) String ¶
func (role *RoleIdentity) String() string
String converts UserIdentity to the format user@host.
type UserIdentity ¶
type UserIdentity struct {
Username string
Hostname string
CurrentUser bool
AuthUsername string // Username matched in privileges system
AuthHostname string // Match in privs system (i.e. could be a wildcard)
}
UserIdentity represents username and hostname.
func (*UserIdentity) AuthIdentityString ¶
func (user *UserIdentity) AuthIdentityString() string
AuthIdentityString returns matched identity in user@host format
func (*UserIdentity) Restore ¶
func (user *UserIdentity) Restore(ctx *format.RestoreCtx) error
Restore implements Node interface.
func (*UserIdentity) String ¶
func (user *UserIdentity) String() string
String converts UserIdentity to the format user@host.
Source Files