5

Is it possible to intercept and change login information within a lua script for mysql-proxy.

for example, if a user were to hit the proxy like this:

mysql -h localhost -P 4040 -u bob -D orders -p

i would want the connection not only redirected to a backend server, but also the username/database name changed, so that the above command was the equivalent of this:

mysql -h production.server -P 3306 -u bob_production -D bob_orders -p

I notice that it seems that I can only get auth information in the script after the auth has been passed, and even if I could get it before, i don't see a way to easily inject it.

Does anyone have an idea on how this would be possible within mysql-proxy, or with some other solution?

jesse_galley
  • 1,676
  • 4
  • 18
  • 30

1 Answers1

3

It is possible. In the share/docs directory of the installation bundle have a look at the tutorial script tutorial-scramble.lua which is an example that validates a hashed password from a remote client and substitutes the authentication credentials required by the server.

The function used in the tutorial example is: read_auth()

You might also want to monitor the authentication response from the server which can be done with read_auth_result().

ClearCrescendo
  • 1,145
  • 11
  • 22