Revert "WL#11645: Backport caching_sha2_password to libmysql 5.7"

Broken build, missing file.

Author: dahlerlend

client/base/mysql_connection_options.cc

@@ -21,7 +21,6 @@
 #include "mysql_connection_options.h"
 #include "abstract_program.h"
 #include <mysys_err.h>
-#include "caching_sha2_passwordopt-vars.h"
 
 using Mysql::Tools::Base::Abstract_program;
 using namespace Mysql::Tools::Base::Options;
@@ -113,11 +112,6 @@ void Mysql_connection_options::create_options()
     "Directory for client-side plugins.");
   this->create_new_option(&this->m_default_auth, "default_auth",
     "Default authentication client-side plugin to use.");
-  this->create_new_option(&this->m_server_public_key, "server_public_key_path",
-                          "Path to file containing server public key");
-  this->create_new_option(&this->m_get_server_public_key,
-                          "get-server-public-key",
-                          "Get public key from server");
 }
 
 MYSQL* Mysql_connection_options::create_connection()
@@ -163,19 +157,6 @@ MYSQL* Mysql_connection_options::create_connection()
   mysql_options4(connection, MYSQL_OPT_CONNECT_ATTR_ADD,
                   "program_name", this->m_program->get_name().c_str());
 
-#if !defined(HAVE_YASSL)
-  if (this->m_server_public_key.has_value())
-  {
-    opt_server_public_key=
-      const_cast <char *> (this->m_server_public_key.value().c_str());
-  }
-
-  opt_get_server_public_key= this->m_get_server_public_key ? TRUE : FALSE;
-#endif /* !HAVE_YASSL */
-
-  set_server_public_key(connection);
-  set_get_server_public_key_option(connection);
-
   if (!mysql_real_connect(connection,
     this->get_null_or_string(this->m_host),
     this->get_null_or_string(this->m_user),

client/base/mysql_connection_options.h

@@ -137,8 +137,6 @@ class Mysql_connection_options
   Nullable<std::string> m_user;
   Nullable<std::string> m_password;
   Nullable<std::string> m_default_charset;
-  Nullable<std::string> m_server_public_key;
-  bool m_get_server_public_key;
 };
 
 }

client/check/mysqlcheck.cc

@@ -24,7 +24,6 @@
 #include <mysql_version.h>
 #include <mysqld_error.h>
 #include <sslopt-vars.h>
-#include <caching_sha2_passwordopt-vars.h>
 #include <welcome_copyright_notice.h> /* ORACLE_WELCOME_COPYRIGHT_NOTICE */
 
 using namespace Mysql::Tools::Check;
@@ -199,7 +198,6 @@ static struct my_option my_long_options[] =
    &opt_mysql_unix_port, &opt_mysql_unix_port, 0, GET_STR,
    REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
 #include <sslopt-longopts.h>
-#include <caching_sha2_passwordopt-longopts.h>
   {"tables", OPT_TABLES, "Overrides option --databases (-B).", 0, 0, 0,
    GET_NO_ARG, NO_ARG, 0, 0, 0, 0, 0, 0},
   {"use-frm", OPT_FRM,
@@ -490,10 +488,6 @@ static int dbConnect(char *host, char *user, char *passwd)
   mysql_options(&mysql_connection, MYSQL_OPT_CONNECT_ATTR_RESET, 0);
   mysql_options4(&mysql_connection, MYSQL_OPT_CONNECT_ATTR_ADD,
                  "program_name", "mysqlcheck");
-
-  set_server_public_key(&mysql_connection);
-  set_get_server_public_key_option(&mysql_connection);
-
   if (!(sock = mysql_real_connect(&mysql_connection, host, user, passwd,
          NULL, opt_mysql_port, opt_mysql_unix_port, 0)))
   {

client/mysql.cc

@@ -168,6 +168,9 @@ static STATUS status;
 static ulong select_limit,max_join_size,opt_connect_timeout=0;
 static char mysql_charsets_dir[FN_REFLEN+1];
 static char *opt_plugin_dir= 0, *opt_default_auth= 0;
+#if !defined(HAVE_YASSL)
+static char *opt_server_public_key= 0;
+#endif
 static const char *xmlmeta[] = {
   "&", "&",
   "<", "&lt;",
@@ -195,7 +198,6 @@ static char *shared_memory_base_name=0;
 static uint opt_protocol=0;
 static const CHARSET_INFO *charset_info= &my_charset_latin1;
 
-#include "caching_sha2_passwordopt-vars.h"
 #include "sslopt-vars.h"
 
 const char *default_dbug_option="d:t:o,/tmp/mysql.trace";
@@ -1811,7 +1813,6 @@ static struct my_option my_long_options[] =
    &opt_mysql_unix_port, &opt_mysql_unix_port, 0, GET_STR_ALLOC,
    REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
 #include "sslopt-longopts.h"
-#include "caching_sha2_passwordopt-longopts.h"
   {"table", 't', "Output in table format.", &output_tables,
    &output_tables, 0, GET_BOOL, NO_ARG, 0, 0, 0, 0, 0, 0},
   {"tee", OPT_TEE,
@@ -1879,6 +1880,12 @@ static struct my_option my_long_options[] =
    "piped to mysql or loaded using the 'source' command). This is necessary "
    "when processing output from mysqlbinlog that may contain blobs.",
    &opt_binary_mode, &opt_binary_mode, 0, GET_BOOL, NO_ARG, 0, 0, 0, 0, 0, 0},
+#if !defined(HAVE_YASSL)
+  {"server-public-key-path", OPT_SERVER_PUBLIC_KEY,
+   "File path to the server public RSA key in PEM format.",
+   &opt_server_public_key, &opt_server_public_key, 0,
+   GET_STR, REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
+#endif
   {"connect-expired-password", 0,
    "Notify the server that this client is prepared to handle expired "
    "password sandbox mode.",
@@ -5153,8 +5160,10 @@ init_connection_options(MYSQL *mysql)
   if (opt_default_auth && *opt_default_auth)
     mysql_options(mysql, MYSQL_DEFAULT_AUTH, opt_default_auth);
 
-  set_server_public_key(mysql);
-  set_get_server_public_key_option(mysql);
+#if !defined(HAVE_YASSL)
+  if (opt_server_public_key && *opt_server_public_key)
+    mysql_options(mysql, MYSQL_SERVER_PUBLIC_KEY, opt_server_public_key);
+#endif
 
   if (using_opt_enable_cleartext_plugin)
     mysql_options(mysql, MYSQL_ENABLE_CLEARTEXT_PLUGIN,

client/mysqladmin.cc

@@ -70,7 +70,6 @@ static my_bool ex_status_printed = 0; /* First output is not relative. */
 static uint ex_var_count, max_var_length, max_val_length;
 
 #include <sslopt-vars.h>
-#include <caching_sha2_passwordopt-vars.h>
 
 static void print_version(void);
 static void usage(void);
@@ -211,7 +210,6 @@ static struct my_option my_long_options[] =
    &interval, &interval, 0, GET_INT, REQUIRED_ARG, 0, 0, 0, 0,
    0, 0},
 #include <sslopt-longopts.h>
-#include <caching_sha2_passwordopt-longopts.h>
   {"user", 'u', "User for login if not current user.", &user,
    &user, 0, GET_STR_ALLOC, REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
   {"verbose", 'v', "Write more information.", &opt_verbose,
@@ -418,9 +416,6 @@ int main(int argc,char *argv[])
   mysql_options(&mysql, MYSQL_OPT_CAN_HANDLE_EXPIRED_PASSWORDS,
                 &can_handle_passwords);
 
-  set_server_public_key(&mysql);
-  set_get_server_public_key_option(&mysql);
-
   if (sql_connect(&mysql, option_wait))
   {
     /*

client/mysqlbinlog.cc

@@ -34,7 +34,6 @@
 #include "my_default.h"
 #include <my_time.h>
 #include <sslopt-vars.h>
-#include <caching_sha2_passwordopt-vars.h>
 /* That one is necessary for defines of OPTION_NO_FOREIGN_KEY_CHECKS etc */
 #include "query_options.h"
 #include <signal.h>
@@ -1871,7 +1870,6 @@ static struct my_option my_long_options[] =
    &sock, &sock, 0, GET_STR, REQUIRED_ARG, 0, 0, 0, 0,
    0, 0},
 #include <sslopt-longopts.h>
-#include <caching_sha2_passwordopt-longopts.h>
   {"start-datetime", OPT_START_DATETIME,
    "Start reading the binlog at first event having a datetime equal or "
    "posterior to the argument; the argument must be a date and time "
@@ -2286,9 +2284,6 @@ static Exit_status safe_connect()
   mysql_options4(mysql, MYSQL_OPT_CONNECT_ATTR_ADD,
                 "_client_role", "binary_log_listener");
 
-  set_server_public_key(mysql);
-  set_get_server_public_key_option(mysql);
-
   if (!mysql_real_connect(mysql, host, user, pass, 0, port, sock, 0))
   {
     error("Failed on connect: %s", mysql_error(mysql));

client/mysqldump.c

@@ -143,7 +143,6 @@ static char * opt_mysql_unix_port=0;
 static char *opt_bind_addr = NULL;
 static int   first_error=0;
 #include <sslopt-vars.h>
-#include <caching_sha2_passwordopt-vars.h>
 FILE *md_result_file= 0;
 FILE *stderror_file=0;
 
@@ -527,7 +526,6 @@ static struct my_option my_long_options[] =
     " uses old (pre-4.1.1) protocol. Deprecated. Always TRUE",
     &opt_secure_auth, &opt_secure_auth, 0, GET_BOOL, NO_ARG, 1, 0, 0, 0, 0, 0},
 #include <sslopt-longopts.h>
-#include <caching_sha2_passwordopt-longopts.h>
   {"tab",'T',
    "Create tab-separated textfile for each table to given path. (Create .sql "
    "and .txt files.) NOTE: This only works if mysqldump is run on the same "
@@ -1683,10 +1681,6 @@ static int connect_to_db(char *host, char *user,char *passwd)
   mysql_options(&mysql_connection, MYSQL_OPT_CONNECT_ATTR_RESET, 0);
   mysql_options4(&mysql_connection, MYSQL_OPT_CONNECT_ATTR_ADD,
                  "program_name", "mysqldump");
-
-  set_server_public_key(&mysql_connection);
-  set_get_server_public_key_option(&mysql_connection);
-
   if (!(mysql= mysql_real_connect(&mysql_connection,host,user,passwd,
                                   NULL,opt_mysql_port,opt_mysql_unix_port,
                                   0)))

client/mysqlimport.c

@@ -59,7 +59,6 @@ static char * opt_mysql_unix_port=0;
 static char *opt_plugin_dir= 0, *opt_default_auth= 0;
 static longlong opt_ignore_lines= -1;
 #include <sslopt-vars.h>
-#include <caching_sha2_passwordopt-vars.h>
 
 #if defined (_WIN32) && !defined (EMBEDDED_LIBRARY)
 static char *shared_memory_base_name=0;
@@ -188,7 +187,6 @@ static struct my_option my_long_options[] =
    &opt_mysql_unix_port, &opt_mysql_unix_port, 0, GET_STR,
    REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
 #include <sslopt-longopts.h>
-#include <caching_sha2_passwordopt-longopts.h>
   {"use-threads", OPT_USE_THREADS,
    "Load files in parallel. The argument is the number "
    "of threads to use for loading data.",
@@ -499,10 +497,6 @@ static MYSQL *db_connect(char *host, char *database,
   mysql_options(mysql, MYSQL_OPT_CONNECT_ATTR_RESET, 0);
   mysql_options4(mysql, MYSQL_OPT_CONNECT_ATTR_ADD,
                  "program_name", "mysqlimport");
-
-  set_server_public_key(mysql);
-  set_get_server_public_key_option(mysql);
-
   if (!(mysql_real_connect(mysql,host,user,passwd,
                            database,opt_mysql_port,opt_mysql_unix_port,
                            0)))

client/mysqlshow.c

@@ -28,7 +28,6 @@
 #include <signal.h>
 #include <stdarg.h>
 #include <sslopt-vars.h>
-#include <caching_sha2_passwordopt-vars.h>
 #include <welcome_copyright_notice.h>   /* ORACLE_WELCOME_COPYRIGHT_NOTICE */
 
 static char * host=0, *opt_password=0, *user=0;
@@ -146,10 +145,6 @@ int main(int argc, char **argv)
   mysql_options(&mysql, MYSQL_OPT_CONNECT_ATTR_RESET, 0);
   mysql_options4(&mysql, MYSQL_OPT_CONNECT_ATTR_ADD,
                  "program_name", "mysqlshow");
-
-  set_server_public_key(&mysql);
-  set_get_server_public_key_option(&mysql);
-
   if (!(mysql_real_connect(&mysql,host,user,opt_password,
 			   (first_argument_uses_wildcards) ? "" :
                            argv[0],opt_mysql_port,opt_mysql_unix_port,
@@ -269,7 +264,6 @@ static struct my_option my_long_options[] =
    &opt_mysql_unix_port, &opt_mysql_unix_port, 0, GET_STR,
    REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
 #include <sslopt-longopts.h>
-#include <caching_sha2_passwordopt-longopts.h>
   {"user", 'u', "User for login if not current user.", &user,
    &user, 0, GET_STR, REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
   {"verbose", 'v',

client/mysqlslap.cc

@@ -87,7 +87,6 @@
 #include <signal.h>
 #include <stdarg.h>
 #include <sslopt-vars.h>
-#include <caching_sha2_passwordopt-vars.h>
 #include <sys/types.h>
 #ifdef HAVE_SYS_WAIT_H
 #include <sys/wait.h>
@@ -360,10 +359,6 @@ int main(int argc, char **argv)
   if (using_opt_enable_cleartext_plugin)
     mysql_options(&mysql, MYSQL_ENABLE_CLEARTEXT_PLUGIN, 
                   (char*) &opt_enable_cleartext_plugin);
-
-  set_server_public_key(&mysql);
-  set_get_server_public_key_option(&mysql);
-
   if (!opt_only_print) 
   {
     if (!(mysql_real_connect(&mysql, host, user, opt_password,
@@ -710,7 +705,6 @@ static struct my_option my_long_options[] =
   {"sql_mode", 0, "Specify sql-mode to run mysqlslap tool.", &sql_mode,
     &sql_mode, 0, GET_STR, REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
 #include <sslopt-longopts.h>
-#include <caching_sha2_passwordopt-longopts.h>
   {"user", 'u', "User for login if not current user.", &user,
     &user, 0, GET_STR, REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
   {"verbose", 'v',

client/mysqltest.cc

@@ -165,6 +165,9 @@ static my_bool is_windows= 0;
 static char **default_argv;
 static const char *load_default_groups[]= { "mysqltest", "client", 0 };
 static char line_buffer[MAX_DELIMITER_LENGTH], *line_buffer_pos= line_buffer;
+#if !defined(HAVE_YASSL)
+static const char *opt_server_public_key= 0;
+#endif
 static my_bool can_handle_expired_passwords= TRUE;
 
 /* Info on properties that can be set with --enable_X and --disable_X */
@@ -296,7 +299,6 @@ typedef Prealloced_array<st_command*, 1024> Q_lines;
 Q_lines *q_lines;
 
 #include "sslopt-vars.h"
-#include <caching_sha2_passwordopt-vars.h>
 
 struct Parser
 {
@@ -5742,10 +5744,6 @@ void safe_connect(MYSQL* mysql, const char *name, const char *host,
                  "program_name", "mysqltest");
   mysql_options(mysql, MYSQL_OPT_CAN_HANDLE_EXPIRED_PASSWORDS,
                 &can_handle_expired_passwords);
-
-  set_server_public_key(mysql);
-  set_get_server_public_key_option(mysql);
-
   while(!mysql_real_connect(mysql, host,user, pass, db, port, sock,
                             CLIENT_MULTI_STATEMENTS | CLIENT_REMEMBER_OPTIONS))
   {
@@ -5851,10 +5849,6 @@ int connect_n_handle_errors(struct st_command *command,
   mysql_options4(con, MYSQL_OPT_CONNECT_ATTR_ADD, "program_name", "mysqltest");
   mysql_options(con, MYSQL_OPT_CAN_HANDLE_EXPIRED_PASSWORDS,
                 &can_handle_expired_passwords);
-
-  set_server_public_key(con);
-  set_get_server_public_key_option(con);
-
   while (!mysql_real_connect(con, host, user, pass, db, port, sock ? sock: 0,
                           CLIENT_MULTI_STATEMENTS))
   {
@@ -7108,7 +7102,6 @@ static struct my_option my_long_options[] =
    &sp_protocol, &sp_protocol, 0,
    GET_BOOL, NO_ARG, 0, 0, 0, 0, 0, 0},
 #include "sslopt-longopts.h"
-#include <caching_sha2_passwordopt-longopts.h>
   {"tail-lines", OPT_TAIL_LINES,
    "Number of lines of the result to include in a failure report.",
    &opt_tail_lines, &opt_tail_lines, 0,

include/mysql.h

@@ -166,8 +166,7 @@ enum mysql_option
   MYSQL_OPT_SSL_ENFORCE,
   MYSQL_OPT_MAX_ALLOWED_PACKET, MYSQL_OPT_NET_BUFFER_LENGTH,
   MYSQL_OPT_TLS_VERSION,
-  MYSQL_OPT_SSL_MODE,
-  MYSQL_OPT_GET_SERVER_PUBLIC_KEY
+  MYSQL_OPT_SSL_MODE
 };
 
 /**

include/mysql.h.pp

@@ -180,9 +180,6 @@
 void get_salt_from_password(unsigned char *res, const char *password);
 void make_password_from_salt(char *to, const unsigned char *hash_stage2);
 char *octet2hex(char *to, const char *str, unsigned int len);
-my_bool generate_sha256_scramble(unsigned char *dst, size_t dst_size,
-                                 const char *src, size_t src_size, const char *rnd,
-                                 size_t rnd_size);
 char *get_tty_password(const char *opt_message);
 const char *mysql_errno_to_sqlstate(unsigned int mysql_errno);
 my_bool my_thread_init(void);
@@ -365,8 +362,7 @@
   MYSQL_OPT_SSL_ENFORCE,
   MYSQL_OPT_MAX_ALLOWED_PACKET, MYSQL_OPT_NET_BUFFER_LENGTH,
   MYSQL_OPT_TLS_VERSION,
-  MYSQL_OPT_SSL_MODE,
-  MYSQL_OPT_GET_SERVER_PUBLIC_KEY
+  MYSQL_OPT_SSL_MODE
 };
 struct st_mysql_options_extention;
 struct st_mysql_options {

include/mysql/client_authentication.h

@@ -22,9 +22,6 @@ C_MODE_START
 int sha256_password_auth_client(MYSQL_PLUGIN_VIO *vio, MYSQL *mysql);
 int sha256_password_init(char *, size_t, int, va_list);
 int sha256_password_deinit(void);
-int caching_sha2_password_auth_client(MYSQL_PLUGIN_VIO *vio, MYSQL *mysql);
-int caching_sha2_password_init(char *, size_t, int, va_list);
-int caching_sha2_password_deinit(void);
 C_MODE_END
 
 #endif

include/mysql_com.h

@@ -587,10 +587,6 @@ char *octet2hex(char *to, const char *str, unsigned int len);
 
 /* end of password.c */
 
-my_bool generate_sha256_scramble(unsigned char *dst, size_t dst_size,
-                                 const char *src, size_t src_size, const char *rnd,
-                                 size_t rnd_size);
-
 char *get_tty_password(const char *opt_message);
 const char *mysql_errno_to_sqlstate(unsigned int mysql_errno);
 

include/sql_common.h

@@ -103,7 +103,7 @@ struct st_mysql_options_extention {
   char *server_public_key_path;
   size_t connection_attributes_length;
   my_bool enable_cleartext_plugin;
-  my_bool get_server_public_key;
+  my_bool unused0;                              /* Former ssl_enforce */
   char *tls_version; /* TLS version option */
   long ssl_ctx_flags; /* SSL ctx options flag */
   unsigned int ssl_mode;