WL14110: Add support for SCRAM-SHA-1

The purpose of this Worklog is to add support for the SASL
authentication protocol using the SCRAM-SHA-1 authentication
method.

Author: isrgomez

cpydist/__init__.py

@@ -128,6 +128,7 @@ class BaseCommand(Command):
     build_base = None
     log = LOGGER
     vendor_folder = os.path.join("lib", "mysql", "vendor")
+    private_folder = os.path.join("lib", "mysql", "private")
 
     _mysql_info = {}
     _build_mysql_lib_dir = None
@@ -178,6 +179,9 @@ def remove_temp(self):
             vendor_folder = os.path.join(os.getcwd(), self.vendor_folder)
             if os.path.exists(vendor_folder):
                 remove_tree(vendor_folder)
+            private_folder = os.path.join(os.getcwd(), self.private_folder)
+            if os.path.exists(private_folder):
+                remove_tree(private_folder)
             elif os.name == "nt":
                 if ARCH == "64-bit":
                     libraries = ["libmysql.dll", "libssl-1_1-x64.dll",
@@ -210,6 +214,25 @@ def _copy_vendor_libraries(self):
             vendor_libs.append(
                 (self.with_openssl_lib_dir, [libssl, libcrypto]))
 
+        # Plugins
+        bundle_plugin_libs = False
+        if self.with_mysql_capi:
+            plugin_ext = "dll" if os.name == "nt" else "so"
+            plugin_path = os.path.join(self.with_mysql_capi, "lib", "plugin")
+            plugin_name = ("authentication_ldap_sasl_client.{}"
+                           "".format(plugin_ext))
+
+            if os.path.exists(plugin_name):
+                bundle_plugin_libs = True
+                vendor_libs.append(
+                    (plugin_path, [plugin_name]))
+
+            if bundle_plugin_libs and os.name == "nt":
+                sasl_libs_path = os.path.join(self.with_mysql_capi, "bin")
+                sasl_plugin_libs = ["libsasl.dll", "saslSCRAM.dll",
+                                    "libcrypto-1_1-x64.dll"]
+                vendor_libs.append((sasl_libs_path, sasl_plugin_libs))
+
         if not vendor_libs:
             return
 
@@ -219,13 +242,102 @@ def _copy_vendor_libraries(self):
         # Copy vendor libraries to 'mysql/vendor' folder
         self.log.info("Copying vendor libraries")
         for src_folder, files in vendor_libs:
+            self.log.info("Copying folder: %s", src_folder)
             for filename in files:
                 src = os.path.join(src_folder, filename)
                 dst = os.path.join(os.getcwd(), self.vendor_folder)
                 self.log.info("copying %s -> %s", src, dst)
                 shutil.copy(src, dst)
 
-        self.distribution.package_data = {"mysql": ["vendor/*"]}
+        if os.name == "nt":
+            self.distribution.package_data = {"mysql": ["vendor/*"]}
+            return
+        elif bundle_plugin_libs:
+            # Bundle SASL libs
+            sasl_libs_path = os.path.join(self.with_mysql_capi, "lib",
+                                          "private")
+            if not os.path.exists(sasl_libs_path):
+                self.log.info("sasl2 llibraries not found at %s",
+                              sasl_libs_path)
+                self.distribution.package_data = {
+                    "mysql": ["vendor/*"]}
+            sasl_libs = []
+            sasl_plugin_libs_w = [
+                "libsasl2.*.*", "libgssapi_krb5.*.*", "libgssapi_krb5.*.*",
+                "libkrb5.*.*", "libk5crypto.*.*", "libkrb5support.*.*",
+                "libcrypto.*.*.*", "libssl.*.*.*", "libcom_err.*.*"]
+            sasl_plugin_libs = []
+            for sasl_lib in sasl_plugin_libs_w:
+                lib_path_entries = glob(os.path.join(
+                    sasl_libs_path, sasl_lib))
+                for lib_path_entry in lib_path_entries:
+                    sasl_plugin_libs.append(os.path.basename(lib_path_entry))
+            sasl_libs.append((sasl_libs_path, sasl_plugin_libs))
+
+            if not os.path.exists(os.path.join(self.private_folder)):
+                mkpath(os.path.join(os.getcwd(), self.private_folder))
+
+            # Copy vendor libraries to 'mysql/private' folder
+            self.log.info("Copying vendor libraries")
+            for src_folder, files in sasl_libs:
+                self.log.info("Copying folder: %s", src_folder)
+                for filename in files:
+                    src = os.path.join(src_folder, filename)
+                    if not os.path.exists(src):
+                        self.log.warn("Library not found: %s", src)
+                        continue
+                    dst = os.path.join(os.getcwd(),
+                                       os.path.join(self.private_folder))
+                    self.log.info("copying %s -> %s", src, dst)
+                    shutil.copy(src, dst)
+
+            # include sasl2 libs
+            sasl2_libs = []
+            sasl2_libs_path = os.path.join(self.with_mysql_capi, "lib",
+                                           "private", "sasl2")
+            if not os.path.exists(sasl2_libs_path):
+                self.log.info("sasl2 llibraries not found at %s",
+                              sasl2_libs_path)
+                self.distribution.package_data = {
+                    "mysql": ["vendor/*", "private/*"]}
+                return
+            sasl2_libs_w = [
+                "libanonymous.*", "libcrammd5.*.*", "libdigestmd5.*.*.*.*",
+                "libgssapiv2.*", "libplain.*.*", "libscram.*.*.*.*",
+                "libanonymous.*.*", "libcrammd5.*.*.*.*", "libgs2.*",
+                "libgssapiv2.*.*", "libplain.*.*.*.*", "libanonymous.*.*.*.*",
+                "libdigestmd5.*", "libgs2.*.*", "libgssapiv2.*.*.*.*",
+                "libscram.*", "libcrammd5.*", "libdigestmd5.*.*",
+                "libgs2.*.*.*.*", "libplain.*", "libscram.*.*"]
+
+            sasl2_scram_libs = []
+            for sasl2_lib in sasl2_libs_w:
+                lib_path_entries = glob(os.path.join(
+                    sasl2_libs_path, sasl2_lib))
+                for lib_path_entry in lib_path_entries:
+                    sasl2_scram_libs.append(os.path.basename(lib_path_entry))
+
+            sasl2_libs.append((sasl2_libs_path, sasl2_scram_libs))
+
+            if not os.path.exists(os.path.join(self.private_folder, "sasl2")):
+                mkpath(os.path.join(os.getcwd(), self.private_folder, "sasl2"))
+
+            # Copy vendor libraries to 'mysql/vendor/sasl2' folder
+            self.log.info("Copying vendor libraries")
+            for src_folder, files in sasl2_libs:
+                self.log.info("Copying folder: %s", src_folder)
+                for filename in files:
+                    src = os.path.join(src_folder, filename)
+                    if not os.path.exists(src):
+                        self.log.warn("Library not found: %s", src)
+                        continue
+                    dst = os.path.join(os.getcwd(),
+                                       os.path.join(self.private_folder, "sasl2"))
+                    self.log.info("copying %s -> %s", src, dst)
+                    shutil.copy(src, dst)
+
+        self.distribution.package_data = {
+            "mysql": ["vendor/*", "private/*", "private/sasl2/*"]}
 
 
 class BuildExt(build_ext, BaseCommand):

cpydist/bdist_msi.py

@@ -389,6 +389,7 @@ def _create_msi(self, dry_run=0):
             params["CExtXPBName{}{}".format(*ver)] = \
                 "_mysqlxpb{}".format(pyd_ext)
             params["HaveCExt{}{}".format(*ver)] = 0
+            params["HaveLdapLibs{}{}".format(*ver)] = 0
 
             if py_ver in self.pyver_bdist_paths:
                 params["BDist{}{}".format(*ver)] = \
@@ -397,6 +398,11 @@ def _create_msi(self, dry_run=0):
                     os.path.join(self.pyver_bdist_paths[py_ver],
                                  params["CExtLibName{}{}".format(*ver)])):
                     params["HaveCExt{}{}".format(*ver)] = 1
+                if os.path.exists(
+                    os.path.join(self.pyver_bdist_paths[py_ver],
+                                 "mysql", "vendor",
+                                 "authentication_ldap_sasl_client.dll")):
+                    params["HaveLdapLibs{}{}".format(*ver)] = 1
 
         self.log.info("### wixer params:")
         for param in params:

cpydist/data/msi/PY35.wxs

@@ -136,6 +136,21 @@
       </Component>
     </DirectoryRef>
 
+    <DirectoryRef Id="VendorDir35">
+      <?if $(var.HaveLdapLibs38) = 1 ?>
+      <Component Id="Vendor35" Guid="9fe7ee59-be3b-11ea-9f7e-04ea56793316" Win64="$(var.Win64)">
+        <File Id="authentication_ldap_sasl_client35" Name="authentication_ldap_sasl_client.dll"
+         Source="$(var.BDist35)\mysql\vendor\authentication_ldap_sasl_client.dll" DiskId="1"/>
+        <File Id="libsasl35" Name="libsasl.dll"
+         Source="$(var.BDist35)\mysql\vendor\libsasl.dll" DiskId="1"/>
+        <File Id="libcrypto_1_135" Name="libcrypto-1_1-x64.dll"
+         Source="$(var.BDist35)\mysql\vendor\libcrypto-1_1-x64.dll" DiskId="1"/>
+        <File Id="saslSCRAM35" Name="saslSCRAM.dll"
+         Source="$(var.BDist35)\mysql\vendor\saslSCRAM.dll" DiskId="1"/>
+      </Component>
+      <?endif?>
+    </DirectoryRef>
+
     <DirectoryRef Id="ConnectorPackageDir35">
       <Component Id="ConnectorPackage35" Guid="279d4008-b5ea-45bb-b642-ba0e9a6886aa" Win64="$(var.Win64)">
         <File Id="initpy35" Name="__init__.$(var.PyExt)"

cpydist/data/msi/PY36.wxs

@@ -136,6 +136,21 @@
       </Component>
     </DirectoryRef>
 
+    <DirectoryRef Id="VendorDir36">
+      <?if $(var.HaveLdapLibs36) = 1 ?>
+      <Component Id="Vendor36" Guid="3fdebba4-be39-11ea-b0cc-04ea56793316" Win64="$(var.Win64)">
+        <File Id="authentication_ldap_sasl_client36" Name="authentication_ldap_sasl_client.dll"
+         Source="$(var.BDist36)\mysql\vendor\authentication_ldap_sasl_client.dll" DiskId="1"/>
+        <File Id="libsasl36" Name="libsasl.dll"
+         Source="$(var.BDist36)\mysql\vendor\libsasl.dll" DiskId="1"/>
+        <File Id="libcrypto_1_136" Name="libcrypto-1_1-x64.dll"
+         Source="$(var.BDist36)\mysql\vendor\libcrypto-1_1-x64.dll" DiskId="1"/>
+        <File Id="saslSCRAM36" Name="saslSCRAM.dll"
+         Source="$(var.BDist36)\mysql\vendor\saslSCRAM.dll" DiskId="1"/>
+      </Component>
+      <?endif?>
+    </DirectoryRef>
+
     <DirectoryRef Id="ConnectorPackageDir36">
       <Component Id="ConnectorPackage36" Guid="412d7a24-a28e-4d08-a9f8-bf059ea4a802" Win64="$(var.Win64)">
         <File Id="initpy36" Name="__init__.$(var.PyExt)"

cpydist/data/msi/PY37.wxs

@@ -136,6 +136,21 @@
       </Component>
     </DirectoryRef>
 
+    <DirectoryRef Id="VendorDir37">
+      <?if $(var.HaveLdapLibs37) = 1 ?>
+      <Component Id="Vendor37" Guid="103f2914-be39-11ea-98b1-04ea56793316" Win64="$(var.Win64)">
+        <File Id="authentication_ldap_sasl_client37" Name="authentication_ldap_sasl_client.dll"
+         Source="$(var.BDist37)\mysql\vendor\authentication_ldap_sasl_client.dll" DiskId="1"/>
+        <File Id="libsasl37" Name="libsasl.dll"
+         Source="$(var.BDist37)\mysql\vendor\libsasl.dll" DiskId="1"/>
+        <File Id="libcrypto_1_137" Name="libcrypto-1_1-x64.dll"
+         Source="$(var.BDist37)\mysql\vendor\libcrypto-1_1-x64.dll" DiskId="1"/>
+        <File Id="saslSCRAM37" Name="saslSCRAM.dll"
+         Source="$(var.BDist37)\mysql\vendor\saslSCRAM.dll" DiskId="1"/>
+      </Component>
+      <?endif?>
+    </DirectoryRef>
+
     <DirectoryRef Id="ConnectorPackageDir37">
       <Component Id="ConnectorPackage37" Guid="d74397aa-96b6-4e0d-9db8-6873b296489e" Win64="$(var.Win64)">
         <File Id="initpy37" Name="__init__.$(var.PyExt)"

cpydist/data/msi/PY38.wxs

@@ -136,6 +136,21 @@
       </Component>
     </DirectoryRef>
 
+    <DirectoryRef Id="VendorDir38">
+      <?if $(var.HaveLdapLibs38) = 1 ?>
+      <Component Id="Vendor38" Guid="681a48cd-be38-11ea-84eb-04ea56793316" Win64="$(var.Win64)">
+        <File Id="authenticationldapsaslclient38" Name="authentication_ldap_sasl_client.dll"
+         Source="$(var.BDist38)\mysql\vendor\authentication_ldap_sasl_client.dll" DiskId="1"/>
+        <File Id="libsasl38" Name="libsasl.dll"
+         Source="$(var.BDist38)\mysql\vendor\libsasl.dll" DiskId="1"/>
+        <File Id="libcrypto_1_138" Name="libcrypto-1_1-x64.dll"
+         Source="$(var.BDist38)\mysql\vendor\libcrypto-1_1-x64.dll" DiskId="1"/>
+        <File Id="saslSCRAM38" Name="saslSCRAM.dll"
+         Source="$(var.BDist38)\mysql\vendor\saslSCRAM.dll" DiskId="1"/>
+      </Component>
+      <?endif?>
+    </DirectoryRef>
+
     <DirectoryRef Id="ConnectorPackageDir38">
       <Component Id="ConnectorPackage38" Guid="9915296f-c91c-4df0-b6bf-2e0686fedc3a" Win64="$(var.Win64)">
         <File Id="initpy38" Name="__init__.$(var.PyExt)"

cpydist/data/msi/product.wxs

@@ -273,6 +273,7 @@
               </Directory>
             </Directory>
             <Directory Id="MySQLPackageDir35" Name="mysql">
+              <Directory Id="VendorDir35" Name="vendor"/>
               <Directory Id="ConnectorPackageDir35" Name="connector">
                 <Directory Id="DjangoDir35" Name="django"/>
                 <Directory Id="ConnectorLocalesDir35" Name="locales">
@@ -295,6 +296,7 @@
               </Directory>
             </Directory>
             <Directory Id="MySQLPackageDir36" Name="mysql">
+              <Directory Id="VendorDir36" Name="vendor"/>
               <Directory Id="ConnectorPackageDir36" Name="connector">
                 <Directory Id="DjangoDir36" Name="django"/>
                 <Directory Id="ConnectorLocalesDir36" Name="locales">
@@ -317,6 +319,7 @@
               </Directory>
             </Directory>
             <Directory Id="MySQLPackageDir37" Name="mysql">
+              <Directory Id="VendorDir37" Name="vendor"/>
               <Directory Id="ConnectorPackageDir37" Name="connector">
                 <Directory Id="DjangoDir37" Name="django"/>
                 <Directory Id="ConnectorLocalesDir37" Name="locales">
@@ -339,6 +342,7 @@
               </Directory>
             </Directory>
             <Directory Id="MySQLPackageDir38" Name="mysql">
+              <Directory Id="VendorDir38" Name="vendor"/>
               <Directory Id="ConnectorPackageDir38" Name="connector">
                 <Directory Id="DjangoDir38" Name="django"/>
                 <Directory Id="ConnectorLocalesDir38" Name="locales">
@@ -465,6 +469,9 @@
         <Condition Level='0'>Not PYTHON35INSTALLPATH_ALL AND Not PYTHON35INSTALLPATH_CURRENT AND Not Installed</Condition>
         <ComponentRef Id="EggInfo35"/>
         <ComponentRef Id="MySQLPackage35"/>
+        <?if $(var.HaveLdapLibs35) = 1 ?>
+        <ComponentRef Id="Vendor35"/>
+        <?endif?>
         <ComponentRef Id="ConnectorPackage35"/>
         <ComponentRef Id="ConnectorLocales35"/>
         <ComponentRef Id="LocalesEng35"/>
@@ -486,6 +493,9 @@
         <Condition Level='0'>Not PYTHON36INSTALLPATH_ALL AND Not PYTHON36INSTALLPATH_CURRENT AND Not Installed</Condition>
         <ComponentRef Id="EggInfo36"/>
         <ComponentRef Id="MySQLPackage36"/>
+        <?if $(var.HaveLdapLibs36) = 1 ?>
+        <ComponentRef Id="Vendor36"/>
+        <?endif?>
         <ComponentRef Id="ConnectorPackage36"/>
         <ComponentRef Id="ConnectorLocales36"/>
         <ComponentRef Id="LocalesEng36"/>
@@ -507,6 +517,9 @@
         <Condition Level='0'>Not PYTHON37INSTALLPATH_ALL AND Not PYTHON37INSTALLPATH_CURRENT AND Not Installed</Condition>
         <ComponentRef Id="EggInfo37"/>
         <ComponentRef Id="MySQLPackage37"/>
+        <?if $(var.HaveLdapLibs37) = 1 ?>
+        <ComponentRef Id="Vendor37"/>
+        <?endif?>
         <ComponentRef Id="ConnectorPackage37"/>
         <ComponentRef Id="ConnectorLocales37"/>
         <ComponentRef Id="LocalesEng37"/>
@@ -528,6 +541,9 @@
         <Condition Level='0'>Not PYTHON38INSTALLPATH_ALL AND Not PYTHON38INSTALLPATH_CURRENT AND Not Installed</Condition>
         <ComponentRef Id="EggInfo38"/>
         <ComponentRef Id="MySQLPackage38"/>
+        <?if $(var.HaveLdapLibs38) = 1 ?>
+        <ComponentRef Id="Vendor38"/>
+        <?endif?>
         <ComponentRef Id="ConnectorPackage38"/>
         <ComponentRef Id="ConnectorLocales38"/>
         <ComponentRef Id="LocalesEng38"/>