Mysql-proxy中的lua脚本编程(一)

在为mysql-proxy编写lua脚步的时候，需要知道一下几个入口函数，通过这几个入口函数我们可以控制mysql-proxy的一些行为。

• connect_server()          当代理服务器接受到客户端连接请求时(tcp中的握手)会调用该函数
• read_handshake()        当mysql服务器返回握手相应时会被调用
• read_auth()　　           当客户端发送认证信息(username,password,port,database)时会被调用
• read_auth_result(aut)  当mysql返回认证结果时会被调用
• read_query(packet)      当客户端提交一个sql语句时会被调用
• read_query_result(inj)　当mysql返回查询结果时会被调用

1.connect_server使用

---

function read_handshake( )
    local con = proxy.connection

    print("<-- let's send him some information about us")
    print("    server-addr   : " .. con.server.dst.name)
    print("    client-addr   : " .. con.client.src.name)

-- lets deny clients from !127.0.0.1
 　　if con.client.src.address ~= "127.0.0.1" then
  　　　　proxy.response.type = proxy.MYSQLD_PACKET_ERR
  　　　　proxy.response.errmsg = "only local connects are allowed"

　　　　　print("we don't like this client");

　　　　return proxy.PROXY_SEND_RESULT
 　　end

end

获取代理的链接对象，这个对象是全局的，可以在函数中直接拿来使用。从连接对象中我们可以拿到客户端名称和服务器名称，通过也能获得客户端的ip地址，上面的代码就是禁止非本机ip登录mysql。

2、read_auth使用

---

读取用户的认证信息包括用户名、密码、所要连接的数据库。其中的proxy.MYSQLD_PACKET_ERR是mysql-proxy中自带的常量。

function read_auth( )
    local con = proxy.connection

    print("--> there, look, the client is responding to the server auth packet")
    print("    username      : " .. con.client.username)
    print("    password      : " .. string.format("%q", con.client.scrambled_password))
    print("    default_db    : " .. con.client.default_db)

    if con.client.username == "evil" then
        proxy.response.type = proxy.MYSQLD_PACKET_ERR
        proxy.response.errmsg = "evil logins are not allowed"

        return proxy.PROXY_SEND_RESULT
    end
end

3.read_auth_result使用

---

通过该方法我们可以获得mysql数据库的认证结果，认证结果由auth对象持有，我们可以访问其packet属性(字符串类型)，可以查看返回结果。字符串的第一个字符是对结果的标识。

function read_auth_result( auth )
    local state = auth.packet:byte()  //获取第一个字符并将其转为整型

    if state == proxy.MYSQLD_PACKET_OK then
        print("<-- auth ok");
    elseif state == proxy.MYSQLD_PACKET_ERR then
        print("<-- auth failed");
    else
        print("<-- auth ... don't know: " .. string.format("%q", auth.packet));
    end
end

4.read_query的使用

---

packet中就存放着客户请求的SQL语句，类型为字符串类型。起始第一个字符同上，为标识符。这里判断是不是一个查询语句，是的话就从第二个字符开始输出查询语句。

function read_query( packet )
    print("--> someone sent us a query")
    if packet:byte() == proxy.COM_QUERY then
        print("    query: " .. packet:sub())

        if packet:sub() == "SELECT 1" then
            proxy.queries:append(, packet)
        end
    end

end

5、read_query_result使用

---

其实我们该函数和read_query函数时是希望对SQL语句进行处理，但是由于时间有限，不能对mysql-proxy提供的sql处理继续研究，这里先就先贴出来。

function read_query_result( inj )
    print("<-- ... ok, this only gets called when read_query() told us")

    proxy.response = {
        type = proxy.MYSQLD_PACKET_RAW,
        packets = {
            "\255" ..
              "\255\004" .. -- errno
              "#" ..
              "12S23" ..
              "raw, raw, raw"
        }
    }

    return proxy.PROXY_SEND_RESULT
end

--[[ $%BEGINLICENSE%$
 Copyright (c) 2007, 2008, Oracle and/or its affiliates. All rights reserved.

 This program is free software; you can redistribute it and/or
 modify it under the terms of the GNU General Public License as
 published by the Free Software Foundation; version 2 of the
 License.

 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 GNU General Public License for more details.

 You should have received a copy of the GNU General Public License
 along with this program; if not, write to the Free Software
 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
 02110-1301  USA

 $%ENDLICENSE%$ --]]

local proto = require("mysql.proto")

local prep_stmts = { }

function read_query( packet )
    local cmd_type = packet:byte()
    if cmd_type == proxy.COM_STMT_PREPARE then
        proxy.queries:append(, packet, { resultset_is_needed = true } )
        return proxy.PROXY_SEND_QUERY
    elseif cmd_type == proxy.COM_STMT_EXECUTE then
        proxy.queries:append(, packet, { resultset_is_needed = true } )
        return proxy.PROXY_SEND_QUERY
    elseif cmd_type == proxy.COM_STMT_CLOSE then
        proxy.queries:append(, packet, { resultset_is_needed = true } )
        return proxy.PROXY_SEND_QUERY
    end
end

function read_query_result(inj)
    if inj.id ==  then
        -- print the query we sent
        local stmt_prepare = assert(proto.from_stmt_prepare_packet(inj.query))
        print(("> PREPARE: %s"):format(stmt_prepare.stmt_text))

        -- and the stmt-id we got for it
        if inj.resultset.raw:byte() ==  then
            local stmt_prepare_ok = assert(proto.from_stmt_prepare_ok_packet(inj.resultset.raw))
            print(("< PREPARE: stmt-id = %d (resultset-cols = %d, params = %d)"):format(
                stmt_prepare_ok.stmt_id,
                stmt_prepare_ok.num_columns,
                stmt_prepare_ok.num_params))

            prep_stmts[stmt_prepare_ok.stmt_id] = {
                num_columns = stmt_prepare_ok.num_columns,
                num_params = stmt_prepare_ok.num_params,
            }
        end
    elseif inj.id ==  then
        local stmt_id = assert(proto.stmt_id_from_stmt_execute_packet(inj.query))
        local stmt_execute = assert(proto.from_stmt_execute_packet(inj.query, prep_stmts[stmt_id].num_params))
        print(("> EXECUTE: stmt-id = %d"):format(stmt_execute.stmt_id))
        if stmt_execute.new_params_bound then
            for ndx, v in ipairs(stmt_execute.params) do
                print((" [%d] %s (type = %d)"):format(ndx, tostring(v.value), v.type))
            end
        end
    elseif inj.id ==  then
        local stmt_close = assert(proto.from_stmt_close_packet(inj.query))
        print(("> CLOSE: stmt-id = %d"):format(stmt_close.stmt_id))

        prep_stmts[stmt_close.stmt_id] = nil -- cleanup
    end
end

这里使用了MySQL新的接口stmt,对其不了解可以查看下面的连接。

戳我