ruby-mysql 2.9.14 → 3.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 113de8c9b46c75bf18b833a65205517938daf47d
-  data.tar.gz: 675d64d8cc1185e7f394c4f201aa18f427b18f11
+SHA256:
+  metadata.gz: f95fb29b93c207b23bbc1378ce78b10ab297269f0cf24409116a69502cdf9ae8
+  data.tar.gz: 7979ccfd21194e81a4c98f90920b7dc3cdb1165201bdf7bc0d640d16fbe8ebea
 SHA512:
-  metadata.gz: 47b396bc40fa36e588d01899569f8b0cca6b256bb2d290fe2ce5ab44dc66a566c2b47d67f64cb8f4d2a8a0a62c352e878da681f88b89bc0a6811b12205754214
-  data.tar.gz: 2aa55a288ce9c5ca4f22be8b8a2c6750be23592a0e030b0077f622b43195691f81de20831a359098ce8a270050e3ffa4ab794439b039c267d803f0d23ad2330e
+  metadata.gz: '068b6f6008f4b77dc6d34b660c8f06b73db2c06e63fc98d69d5455ceb6ab61c3924d158de4398d6b897cc2fa44d460a879b60355dbb16ac90f0af666f750467d'
+  data.tar.gz: 769105fbd5f16a4b8ab9c55c4a1243c962db3a238f05baa16d970cb2cbaadba0f0487c2daf194b53ce0bfa48639aac37cb79527da02518607a4a0a861cdd6caf

data/CHANGELOG.md

@@ -0,0 +1,50 @@
+## [3.0.0] - 2021-11-16
+
+- `Mysql.new` no longer connect. use `Mysql.connect` or `Mysql#connect`.
+
+- `Mysql.init` is removed. use `Mysql.new` instead.
+
+- `Mysql.new`, `Mysql.conncet` and `Mysql#connect` takes URI object or URI string or Hash object.
+  example:
+      Mysql.connect('mysql://user:password@hostname:port/dbname?charset=ascii')
+      Mysql.connect('mysql://user:password@%2Ftmp%2Fmysql.sock/dbname?charset=ascii') # for UNIX socket
+      Mysql.connect('hostname', 'user', 'password', 'dbname')
+      Mysql.connect(host: 'hostname', username: 'user', password: 'password', database: 'dbname')
+
+- `Mysql.options` is removed. use `Mysql#param = value` instead.
+  For example:
+      m = Mysql.init
+      m.options(Mysql::OPT_LOCAL_INFILE, true)
+      m.connect(host, user, passwd)
+  change to
+      m = Mysql.new
+      m.local_infile = true
+      m.connect(host, user, passwd)
+  or
+      m = Mysql.connect(host, user, passwd, local_infile: true)
+
+- `Mysql::Time` is removed.
+  Instead, `Time` object is returned for the DATE, DATETIME, TIMESTAMP data,
+  and `Integer` object is returned for the TIME data.
+  If DATE, DATETIME, TIMESTAMP are invalid values for Time, nil is returned.
+
+- meaningless methods are removed:
+  * `bind_result`
+  * `client_info`
+  * `client_version`
+  * `get_proto_info`
+  * `get_server_info`
+  * `get_server_version`
+  * `proto_info`
+  * `query_with_result`
+
+- alias method are removed:
+  * `get_host_info`: use `host_info`
+  * `real_connect`: use `connect`
+  * `real_query`: use `query`
+
+- methods corresponding to deprecated APIs in MySQL are removed:
+  * `list_dbs`: use `SHOW DATABASES`
+  * `list_fields`: use `SHOW COLUMNS`
+  * `list_processes`: use `SHOW PROCESSLIST`
+  * `list_tables`: use `SHOW TABLES`

data/README.md

@@ -0,0 +1,28 @@
+# ruby-mysql
+
+## Description
+
+MySQL connector for Ruby.
+
+## Installation
+
+```
+gem install ruby-mysql
+```
+
+## Synopsis
+
+```ruby
+my = Mysql.connect('mysql://username:password@hostname:port/dbname?charset=utf8mb4')
+my.query("select col1, col2 from tblname").each do |col1, col2|
+  p col1, col2
+end
+stmt = my.prepare('insert into tblname (col1,col2) values (?,?)')
+stmt.execute 123, 'abc'
+```
+
+## Copyright
+
+* Author: TOMITA Masahiro <tommy@tmtm.org>
+* Copyright: Copyright 2008 TOMITA Masahiro
+* License: MIT

data/lib/mysql/authenticator/caching_sha2_password.rb

@@ -0,0 +1,62 @@
+require 'digest/sha2'
+
+class Mysql
+  class Authenticator
+    class CachingSha2Password
+      # @param protocol [Mysql::Protocol]
+      def initialize(protocol)
+        @protocol = protocol
+      end
+
+      # @return [String]
+      def name
+        'caching_sha2_password'
+      end
+
+      # @param passwd [String]
+      # @param scramble [String]
+      # @yield [String] hashed password
+      # @return [Mysql::Packet]
+      def authenticate(passwd, scramble)
+        yield hash_password(passwd, scramble)
+        pkt = @protocol.read
+        data = pkt.to_s
+        if data.size == 2 && data[0] == "\x01"
+          case data[1]
+          when "\x03"  # fast_auth_success
+            # OK
+          when "\x04"  # perform_full_authentication
+            if @protocol.client_flags & CLIENT_SSL != 0
+              @protocol.write passwd+"\0"
+            elsif !@protocol.get_server_public_key
+              raise 'Authentication requires secure connection'
+            else
+              @protocol.write "\2"  # request public key
+              pkt = @protocol.read
+              pkt.utiny # skip
+              pubkey = pkt.to_s
+              hash = (passwd+"\0").unpack("C*").zip(scramble.unpack("C*")).map{|a, b| a ^ b}.pack("C*")
+              enc = OpenSSL::PKey::RSA.new(pubkey).public_encrypt(hash, OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING)
+              @protocol.write enc
+            end
+          else
+            raise "invalid auth reply packet: #{data.inspect}"
+          end
+          pkt = @protocol.read
+        end
+        return pkt
+      end
+
+      # @param passwd [String]
+      # @param scramble [String]
+      # @return [String] hashed password
+      def hash_password(passwd, scramble)
+        return '' if passwd.nil? or passwd.empty?
+        hash1 = Digest::SHA256.digest(passwd)
+        hash2 = Digest::SHA256.digest(hash1)
+        hash3 = Digest::SHA256.digest(hash2 + scramble)
+        hash1.unpack("C*").zip(hash3.unpack("C*")).map{|a, b| a ^ b}.pack("C*")
+      end
+    end
+  end
+end

data/lib/mysql/authenticator/mysql_native_password.rb

@@ -0,0 +1,37 @@
+require 'digest/sha1'
+
+class Mysql
+  class Authenticator
+    class MysqlNativePassword
+      # @param protocol [Mysql::Protocol]
+      def initialize(protocol)
+        @protocol = protocol
+      end
+
+      # @return [String]
+      def name
+        'mysql_native_password'
+      end
+
+      # @param passwd [String]
+      # @param scramble [String]
+      # @yield [String] hashed password
+      # @return [Mysql::Packet]
+      def authenticate(passwd, scramble)
+        yield hash_password(passwd, scramble)
+        @protocol.read
+      end
+
+      # @param passwd [String]
+      # @param scramble [String]
+      # @return [String] hashed password
+      def hash_password(passwd, scramble)
+        return '' if passwd.nil? or passwd.empty?
+        hash1 = Digest::SHA1.digest(passwd)
+        hash2 = Digest::SHA1.digest(hash1)
+        hash3 = Digest::SHA1.digest(scramble + hash2)
+        hash1.unpack("C*").zip(hash3.unpack("C*")).map{|a, b| a ^ b}.pack("C*")
+      end
+    end
+  end
+end

data/lib/mysql/authenticator/sha256_password.rb

@@ -0,0 +1,40 @@
+require 'openssl'
+
+class Mysql
+  class Authenticator
+    class Sha256Password
+      # @param protocol [Mysql::Protocol]
+      def initialize(protocol)
+        @protocol = protocol
+      end
+
+      # @return [String]
+      def name
+        'sha256_password'
+      end
+
+      # @param passwd [String]
+      # @param scramble [String]
+      # @yield [String] hashed password
+      # @return [Mysql::Packet]
+      def authenticate(passwd, scramble)
+        if @protocol.client_flags & CLIENT_SSL != 0
+          yield passwd+"\0"
+          return @protocol.read
+        end
+        yield "\x01"  # request public key
+        pkt = @protocol.read
+        data = pkt.to_s
+        if data[0] == "\x01"
+          pkt.utiny # skip
+          pubkey = pkt.to_s
+          hash = (passwd+"\0").unpack("C*").zip(scramble.unpack("C*")).map{|a, b| a ^ b}.pack("C*")
+          enc = OpenSSL::PKey::RSA.new(pubkey).public_encrypt(hash, OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING)
+          @protocol.write enc
+          pkt = @protocol.read
+        end
+        return pkt
+      end
+    end
+  end
+end

data/lib/mysql/authenticator.rb

@@ -0,0 +1,84 @@
+class Mysql
+  class Authenticator
+    @plugins = {}
+
+    # @param plugin [String]
+    def self.plugin_class(plugin)
+      return @plugins[plugin] if @plugins[plugin]
+
+      raise ClientError, "invalid plugin name: #{plugin}" unless plugin.match?(/\A\w+\z/)
+      begin
+        require_relative "authenticator/#{plugin}"
+      rescue LoadError
+        return nil
+      end
+      class_name = plugin.gsub(/(?:^|_)(.)/){$1.upcase}
+      raise ClientError, "#{class_name} is undefined" unless self.const_defined? class_name
+      klass = self.const_get(class_name)
+      @plugins[plugin] = klass
+      return klass
+    end
+
+    def initialize(protocol)
+      @protocol = protocol
+    end
+
+    # @param plugin [String]
+    def get(plugin)
+      self.class.plugin_class(plugin)
+    end
+
+    # @param plugin [String]
+    def get!(plugin)
+      get(plugin) or raise ClientError, "unknown plugin: #{plugin}"
+    end
+
+    def authenticate(user, passwd, db, scramble, plugin_name)
+      plugin = (get(plugin_name) || DummyPlugin).new(@protocol)
+      pkt = plugin.authenticate(passwd, scramble) do |hashed|
+        @protocol.write Protocol::AuthenticationPacket.serialize(@protocol.client_flags, 1024**3, @protocol.charset.number, user, hashed, db, plugin.name)
+      end
+      while true
+        res = Protocol::AuthenticationResultPacket.parse(pkt)
+        case res.result
+        when 0  # OK
+          break
+        when 2  # multi factor auth
+          raise ClientError, 'multi factor authentication is not supported'
+        when 254  # change auth plugin
+          plugin = get!(res.auth_plugin).new(@protocol)
+          pkt = plugin.authenticate(passwd, res.scramble) do |hashed|
+            if passwd.nil? || passwd.empty?
+              @protocol.write "\0"
+            else
+              @protocol.write hashed
+            end
+          end
+        else
+          raise ClientError, "invalid packet: #{pkt.to_s}"
+        end
+      end
+    end
+
+    class DummyPlugin
+      # @param protocol [Mysql::Protocol]
+      def initialize(protocol)
+        @protocol = protocol
+      end
+
+      # @return [String]
+      def name
+        ''
+      end
+
+      # @param passwd [String]
+      # @param scramble [String]
+      # @yield [String] hashed password
+      # @return [Mysql::Packet]
+      def authenticate(passwd, scramble)
+        yield ''
+        @protocol.read
+      end
+    end
+  end
+end