Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // ErrUserNotFound — the username from HandshakeResponse41 has no DBBat user. ErrUserNotFound = errors.New("user not found") // ErrDatabaseNotFound — no DBBat database matches the requested schema name. ErrDatabaseNotFound = errors.New("database not found") // ErrNoActiveGrant — the user has no current grant on the requested database. ErrNoActiveGrant = errors.New("no active grant") // ErrInvalidPassword — the supplied password failed Argon2id verification. ErrInvalidPassword = errors.New("invalid password") // ErrUnsupportedAuthPlugin — auth provider was asked for a plugin we don't implement. ErrUnsupportedAuthPlugin = errors.New("unsupported authentication plugin") // ErrSSLNotSupported — client sent SSL Request; v1 only supports plaintext. ErrSSLNotSupported = errors.New("TLS connections not supported by this proxy") // ErrUpstreamConnect — outbound connection to the upstream MySQL failed. ErrUpstreamConnect = errors.New("upstream connection failed") // ErrCommandNotPermitted — protocol-level command refused (admin/replication). ErrCommandNotPermitted = errors.New("command not permitted through dbbat") // ErrSwitchDatabaseDenied — COM_INIT_DB tried to change the session database. ErrSwitchDatabaseDenied = errors.New("switching database not permitted through dbbat") // ErrAPIKeyOwnerMismatch — the API key authenticates a different user than the handshake claimed. ErrAPIKeyOwnerMismatch = errors.New("API key does not belong to authenticating user") // ErrQueryLimitExceeded — the grant's max_query_count quota has been reached. ErrQueryLimitExceeded = errors.New("query count limit exceeded for this grant") // ErrDataLimitExceeded — the grant's max_bytes_transferred quota has been reached. ErrDataLimitExceeded = errors.New("data transfer limit exceeded for this grant") // ErrCachingSha2NeedsRSA — non-TLS caching_sha2 client tried full auth but no RSA key is configured. ErrCachingSha2NeedsRSA = errors.New("non-TLS caching_sha2_password requires an RSA key (configure mysql.tls or send password over TLS)") // ErrSaltFieldMissing — go-mysql library moved or removed the unexported Conn.salt field; readConnSalt cannot proceed. ErrSaltFieldMissing = errors.New("go-mysql Conn.salt field not found (library version mismatch?)") // ErrSaltFieldUnexpectedType — go-mysql library changed Conn.salt to a non-[]byte type. ErrSaltFieldUnexpectedType = errors.New("go-mysql Conn.salt field has unexpected type") )
Sentinel errors for the MySQL proxy session lifecycle.
View Source
var ErrTLSConfigInvalid = errors.New("mysql tls: cert_file and key_file must both be set or both empty")
ErrTLSConfigInvalid is returned when only one of cert/key files is set.
Functions ¶
This section is empty.
Types ¶
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
Server is the MySQL proxy server. It accepts MySQL client connections, authenticates them against the DBBat user store, and proxies commands to the upstream MySQL database configured for the requested schema.
func NewServer ¶
func NewServer( dataStore *store.Store, encryptionKey []byte, queryStorage config.QueryStorageConfig, dumpConfig config.DumpConfig, authCache *cache.AuthCache, mysqlConfig config.MySQLConfig, logger *slog.Logger, ) (*Server, error)
NewServer creates a new MySQL proxy server.
func (*Server) Addr ¶
Addr returns the listener's bound address, or nil if the server has not started accepting connections yet. Useful in tests that pass ":0" for the listen address and need to discover the OS-assigned port.
type Session ¶
type Session struct {
// contains filtered or unexported fields
}
Session is a single client connection through the MySQL proxy.
Source Files
Click to show internal directories.
Click to hide internal directories.