~drizzle-trunk/drizzle/development : contents of libdrizzle-2.0/pack.cc at revision 2471

~drizzle-trunk/drizzle/development : (revision 2471)

/*
 * Drizzle Client & Protocol Library
 *
 * Copyright (C) 2008 Eric Day (eday@oddments.org)
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are
 * met:
 *
 *     * Redistributions of source code must retain the above copyright
 * notice, this list of conditions and the following disclaimer.
 *
 *     * Redistributions in binary form must reproduce the above
 * copyright notice, this list of conditions and the following disclaimer
 * in the documentation and/or other materials provided with the
 * distribution.
 *
 *     * The names of its contributors may not be used to endorse or
 * promote products derived from this software without specific prior
 * written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 *
 */

/**
 * @file
 * @brief Packing definitions
 */

#include <libdrizzle-2.0/common.h>

/*
 * Private declarations
 */

/**
 * @addtogroup drizzle_pack_private Private Packing Functions
 * @ingroup drizzle_pack
 * @{
 */

/**
 * Compute hash from password and scramble.
 */
static drizzle_return_t _pack_scramble_hash(drizzle_con_st *con,
                                            uint8_t *buffer);

/** @} */

/*
 * Public definitions
 */

uint8_t *drizzle_pack_length(uint64_t number, uint8_t *ptr)
{
  if (number < 251)
  {
    ptr[0]= (uint8_t)number;
    ptr++;
  }
  else if (number < 65536)
  {
    ptr[0]= 252;
    ptr++;
    drizzle_set_byte2(ptr, number);
    ptr+= 2;
  }
  else if (number < 16777216)
  {
    ptr[0]= 253;
    ptr++;
    drizzle_set_byte3(ptr, number);
    ptr+= 3;
  }
  else
  {
    ptr[0]= 254;
    ptr++;
    drizzle_set_byte8(ptr, number);
    ptr+= 8;
  }

  return ptr;
}

uint64_t drizzle_unpack_length(drizzle_con_st *con, drizzle_return_t *ret_ptr)
{
  uint64_t length;
  uint8_t bytes;

  if (con->buffer_ptr[0] < 251)
  {
    length= (uint64_t)(con->buffer_ptr[0]);
    bytes= 1;
  }
  else if (con->buffer_ptr[0] == 251)
  {
    con->buffer_ptr++;
    con->buffer_size--;
    con->packet_size--;

    *ret_ptr= DRIZZLE_RETURN_NULL_SIZE;
    return 0;
  }
  else if (con->buffer_ptr[0] == 252 && con->buffer_size > 2)
  {
    length= drizzle_get_byte2(con->buffer_ptr + 1);
    bytes= 3;
  }
  else if (con->buffer_ptr[0] == 253 && con->buffer_size > 3)
  {
    length= drizzle_get_byte3(con->buffer_ptr + 1);
    bytes= 4;
  }
  else if (con->buffer_size > 8)
  {
    length= drizzle_get_byte8(con->buffer_ptr + 1);
    bytes= 9;
  }
  else
  {
    *ret_ptr= DRIZZLE_RETURN_IO_WAIT;
    return 0;
  }

  con->buffer_ptr+= bytes;
  con->buffer_size-= bytes;
  con->packet_size-= bytes;

  *ret_ptr= DRIZZLE_RETURN_OK;
  return length;
}

uint8_t *drizzle_pack_string(char *string, uint8_t *ptr)
{
  if (string == NULL)
  {
    return NULL;
  }

  uint64_t size= strlen(string);

  ptr= drizzle_pack_length(size, ptr);
  if (size > 0)
  {
    memcpy(ptr, string, (size_t)size);
    ptr+= size;
  }

  return ptr;
}

drizzle_return_t drizzle_unpack_string(drizzle_con_st *con, char *buffer,
                                       uint64_t max_length)
{
  drizzle_return_t ret= DRIZZLE_RETURN_OK;
  uint64_t length;

  if (con == NULL)
  {
    return DRIZZLE_RETURN_INVALID_ARGUMENT;
  }

  length= drizzle_unpack_length(con, &ret);
  if (ret != DRIZZLE_RETURN_OK)
  {
    if (ret == DRIZZLE_RETURN_NULL_SIZE)
    {
      drizzle_set_error(con->drizzle, "drizzle_unpack_string",
                        "unexpected NULL length");
    }

    return ret;
  }

  if (length < max_length)
  {
    if (length > 0)
    {
      memcpy(buffer, con->buffer_ptr, (size_t)length);
    }

    buffer[length]= 0;
  }
  else
  {
    memcpy(buffer, con->buffer_ptr, (size_t)(max_length - 1));
    buffer[max_length - 1]= 0;
  }
  
  con->buffer_ptr+= length;
  con->buffer_size-= (size_t)length;
  con->packet_size-= (size_t)length;

  return DRIZZLE_RETURN_OK;
}

uint8_t *drizzle_pack_auth(drizzle_con_st *con, uint8_t *ptr, drizzle_return_t *ret_ptr)
{
  if (con == NULL)
  {
    return NULL;
  }

  drizzle_return_t unused;
  if (ret_ptr == NULL)
  {
    ret_ptr= &unused;
  }

  if (con->user[0] != 0)
  {
    memcpy(ptr, con->user, strlen(con->user));
    ptr+= strlen(con->user);
  }

  ptr[0]= 0;
  ptr++;

  if (con->options & DRIZZLE_CON_RAW_SCRAMBLE && con->scramble != NULL)
  {
    ptr[0]= DRIZZLE_MAX_SCRAMBLE_SIZE;
    ptr++;

    memcpy(ptr, con->scramble, DRIZZLE_MAX_SCRAMBLE_SIZE);
    ptr+= DRIZZLE_MAX_SCRAMBLE_SIZE;
  }
  else if (con->password[0] == 0)
  {
    ptr[0]= 0;
    ptr++;
    con->packet_size-= DRIZZLE_MAX_SCRAMBLE_SIZE;
  }
  else
  {
    ptr[0]= DRIZZLE_MAX_SCRAMBLE_SIZE;
    ptr++;

    if (con->options & DRIZZLE_CON_MYSQL && con->options & DRIZZLE_CON_AUTH_PLUGIN)
    {
      snprintf((char *)ptr, DRIZZLE_MAX_SCRAMBLE_SIZE, "%s", con->password);
      ptr[DRIZZLE_MAX_SCRAMBLE_SIZE-1]= 0;
    }
    else if (con->options & DRIZZLE_CON_MYSQL)
    {
      *ret_ptr= _pack_scramble_hash(con, ptr);
      if (*ret_ptr != DRIZZLE_RETURN_OK)
      {
        return ptr;
      }
    }
    else // We assume Drizzle
    {
      snprintf((char *)ptr, DRIZZLE_MAX_SCRAMBLE_SIZE, "%s", con->password);
      ptr[DRIZZLE_MAX_SCRAMBLE_SIZE-1]= 0;
    }

    ptr+= DRIZZLE_MAX_SCRAMBLE_SIZE;
  }

  if (con->schema[0] != 0)
  {
    memcpy(ptr, con->schema, strlen(con->schema));
    ptr+= strlen(con->schema);
  }

  ptr[0]= 0;
  ptr++;

  *ret_ptr= DRIZZLE_RETURN_OK;

  return ptr;
}

/*
 * Private definitions
 */

static drizzle_return_t _pack_scramble_hash(drizzle_con_st *con,
                                            uint8_t *buffer)
{
  SHA1_CTX ctx;
  uint8_t hash_tmp1[SHA1_DIGEST_LENGTH];
  uint8_t hash_tmp2[SHA1_DIGEST_LENGTH];

  if (SHA1_DIGEST_LENGTH != DRIZZLE_MAX_SCRAMBLE_SIZE)
  {
    drizzle_set_error(con->drizzle, "_pack_scramble_hash",
                      "SHA1 hash size mismatch:%u:%u", SHA1_DIGEST_LENGTH,
                      DRIZZLE_MAX_SCRAMBLE_SIZE);
    return DRIZZLE_RETURN_INTERNAL_ERROR;
  }

  if (con->scramble == NULL)
  {
    drizzle_set_error(con->drizzle, "_pack_scramble_hash",
                      "no scramble buffer");
    return DRIZZLE_RETURN_NO_SCRAMBLE;
  }

  /* First hash the password. */
  SHA1Init(&ctx);
  SHA1Update(&ctx, (uint8_t *)(con->password), strlen(con->password));
  SHA1Final(hash_tmp1, &ctx);

  /* Second, hash the password hash. */
  SHA1Init(&ctx);
  SHA1Update(&ctx, hash_tmp1, SHA1_DIGEST_LENGTH);
  SHA1Final(hash_tmp2, &ctx);

  /* Third, hash the scramble and the double password hash. */
  SHA1Init(&ctx);
  SHA1Update(&ctx, con->scramble, SHA1_DIGEST_LENGTH);
  SHA1Update(&ctx, hash_tmp2, SHA1_DIGEST_LENGTH);
  SHA1Final(buffer, &ctx);

  /* Fourth, xor the last hash against the first password hash. */
  for (uint32_t x= 0; x < SHA1_DIGEST_LENGTH; x++)
  {
    buffer[x]= buffer[x] ^ hash_tmp1[x];
  }

  return DRIZZLE_RETURN_OK;
}

2244.1.1 by Monty Taylor Split libdrizzle into 1.0 and 2.0. Applied the C++ changes to 2.0 branch.	1	/*
	2	* Drizzle Client & Protocol Library
	3	*
	4	* Copyright (C) 2008 Eric Day (eday@oddments.org)
	5	* All rights reserved.
	6	*
	7	* Redistribution and use in source and binary forms, with or without
	8	* modification, are permitted provided that the following conditions are
	9	* met:
	10	*
	11	* * Redistributions of source code must retain the above copyright
	12	* notice, this list of conditions and the following disclaimer.
	13	*
	14	* * Redistributions in binary form must reproduce the above
	15	* copyright notice, this list of conditions and the following disclaimer
	16	* in the documentation and/or other materials provided with the
	17	* distribution.
	18	*
	19	* * The names of its contributors may not be used to endorse or
	20	* promote products derived from this software without specific prior
	21	* written permission.
	22	*
	23	* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
	24	* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
	25	* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
	26	* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
	27	* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	28	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
	29	* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	30	* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
	31	* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	32	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
	33	* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	34	*
	35	*/
	36
	37	/**
	38	* @file
	39	* @brief Packing definitions
	40	*/
	41
2449.1.2 by Brian Aker Additional fixes for libdrizzle.	42	#include <libdrizzle-2.0/common.h>
2244.1.1 by Monty Taylor Split libdrizzle into 1.0 and 2.0. Applied the C++ changes to 2.0 branch.	43
	44	/*
	45	* Private declarations
	46	*/
	47
	48	/**
	49	* @addtogroup drizzle_pack_private Private Packing Functions
	50	* @ingroup drizzle_pack
	51	* @{
	52	*/
	53
	54	/**
	55	* Compute hash from password and scramble.
	56	*/
	57	static drizzle_return_t _pack_scramble_hash(drizzle_con_st *con,
	58	uint8_t *buffer);
	59
	60	/** @} */
	61
	62	/*
	63	* Public definitions
	64	*/
	65
	66	uint8_t drizzle_pack_length(uint64_t number, uint8_t ptr)
	67	{
	68	if (number < 251)
	69	{
	70	ptr[0]= (uint8_t)number;
	71	ptr++;
	72	}
	73	else if (number < 65536)
	74	{
	75	ptr[0]= 252;
	76	ptr++;
	77	drizzle_set_byte2(ptr, number);
	78	ptr+= 2;
	79	}
	80	else if (number < 16777216)
	81	{
	82	ptr[0]= 253;
	83	ptr++;
	84	drizzle_set_byte3(ptr, number);
	85	ptr+= 3;
	86	}
	87	else
	88	{
	89	ptr[0]= 254;
	90	ptr++;
	91	drizzle_set_byte8(ptr, number);
	92	ptr+= 8;
	93	}
	94
	95	return ptr;
	96	}
	97
	98	uint64_t drizzle_unpack_length(drizzle_con_st con, drizzle_return_t ret_ptr)
	99	{
	100	uint64_t length;
	101	uint8_t bytes;
	102
	103	if (con->buffer_ptr[0] < 251)
	104	{
	105	length= (uint64_t)(con->buffer_ptr[0]);
	106	bytes= 1;
107	}
108	else if (con->buffer_ptr[0] == 251)
109	{
110	con->buffer_ptr++;
111	con->buffer_size--;
112	con->packet_size--;
113
114	*ret_ptr= DRIZZLE_RETURN_NULL_SIZE;
115	return 0;
116	}
117	else if (con->buffer_ptr[0] == 252 && con->buffer_size > 2)
118	{
119	length= drizzle_get_byte2(con->buffer_ptr + 1);
120	bytes= 3;
121	}
122	else if (con->buffer_ptr[0] == 253 && con->buffer_size > 3)
123	{
124	length= drizzle_get_byte3(con->buffer_ptr + 1);
125	bytes= 4;
126	}
127	else if (con->buffer_size > 8)
128	{
129	length= drizzle_get_byte8(con->buffer_ptr + 1);
130	bytes= 9;
131	}
132	else
133	{
134	*ret_ptr= DRIZZLE_RETURN_IO_WAIT;
135	return 0;
136	}
137
138	con->buffer_ptr+= bytes;
139	con->buffer_size-= bytes;
140	con->packet_size-= bytes;
141
142	*ret_ptr= DRIZZLE_RETURN_OK;
143	return length;
144	}
145
146	uint8_t drizzle_pack_string(char string, uint8_t *ptr)
147	{
2461.1.1 by Brian Aker Fix safety issues around calling API with no check for NULL	148	if (string == NULL)
	149	{
	150	return NULL;
	151	}
	152
2244.1.1 by Monty Taylor Split libdrizzle into 1.0 and 2.0. Applied the C++ changes to 2.0 branch.	153	uint64_t size= strlen(string);
	154
	155	ptr= drizzle_pack_length(size, ptr);
	156	if (size > 0)
	157	{
	158	memcpy(ptr, string, (size_t)size);
	159	ptr+= size;
	160	}
	161
	162	return ptr;
	163	}
	164
	165	drizzle_return_t drizzle_unpack_string(drizzle_con_st con, char buffer,
	166	uint64_t max_length)
	167	{
	168	drizzle_return_t ret= DRIZZLE_RETURN_OK;
	169	uint64_t length;
	170
2461.1.1 by Brian Aker Fix safety issues around calling API with no check for NULL	171	if (con == NULL)
	172	{
	173	return DRIZZLE_RETURN_INVALID_ARGUMENT;
	174	}
	175
2244.1.1 by Monty Taylor Split libdrizzle into 1.0 and 2.0. Applied the C++ changes to 2.0 branch.	176	length= drizzle_unpack_length(con, &ret);
	177	if (ret != DRIZZLE_RETURN_OK)
	178	{
	179	if (ret == DRIZZLE_RETURN_NULL_SIZE)
	180	{
	181	drizzle_set_error(con->drizzle, "drizzle_unpack_string",
	182	"unexpected NULL length");
	183	}
	184
	185	return ret;
	186	}
	187
	188	if (length < max_length)
	189	{
	190	if (length > 0)
2461.1.1 by Brian Aker Fix safety issues around calling API with no check for NULL	191	{
2244.1.1 by Monty Taylor Split libdrizzle into 1.0 and 2.0. Applied the C++ changes to 2.0 branch.	192	memcpy(buffer, con->buffer_ptr, (size_t)length);
2461.1.1 by Brian Aker Fix safety issues around calling API with no check for NULL	193	}
2244.1.1 by Monty Taylor Split libdrizzle into 1.0 and 2.0. Applied the C++ changes to 2.0 branch.	194
	195	buffer[length]= 0;
	196	}
	197	else
	198	{
	199	memcpy(buffer, con->buffer_ptr, (size_t)(max_length - 1));
	200	buffer[max_length - 1]= 0;
	201	}
	202
	203	con->buffer_ptr+= length;
	204	con->buffer_size-= (size_t)length;
	205	con->packet_size-= (size_t)length;
	206
	207	return DRIZZLE_RETURN_OK;
	208	}
	209
2461.1.1 by Brian Aker Fix safety issues around calling API with no check for NULL	210	uint8_t drizzle_pack_auth(drizzle_con_st con, uint8_t ptr, drizzle_return_t ret_ptr)
2244.1.1 by Monty Taylor Split libdrizzle into 1.0 and 2.0. Applied the C++ changes to 2.0 branch.	211	{
2461.1.1 by Brian Aker Fix safety issues around calling API with no check for NULL	212	if (con == NULL)
	213	{
	214	return NULL;
	215	}
	216
	217	drizzle_return_t unused;
	218	if (ret_ptr == NULL)
	219	{
	220	ret_ptr= &unused;
	221	}
	222
2244.1.1 by Monty Taylor Split libdrizzle into 1.0 and 2.0. Applied the C++ changes to 2.0 branch.	223	if (con->user[0] != 0)
	224	{
	225	memcpy(ptr, con->user, strlen(con->user));
	226	ptr+= strlen(con->user);
	227	}
	228
	229	ptr[0]= 0;
	230	ptr++;
	231
	232	if (con->options & DRIZZLE_CON_RAW_SCRAMBLE && con->scramble != NULL)
	233	{
	234	ptr[0]= DRIZZLE_MAX_SCRAMBLE_SIZE;
	235	ptr++;
	236
	237	memcpy(ptr, con->scramble, DRIZZLE_MAX_SCRAMBLE_SIZE);
	238	ptr+= DRIZZLE_MAX_SCRAMBLE_SIZE;
	239	}
	240	else if (con->password[0] == 0)
	241	{
	242	ptr[0]= 0;
	243	ptr++;
	244	con->packet_size-= DRIZZLE_MAX_SCRAMBLE_SIZE;
	245	}
	246	else
	247	{
	248	ptr[0]= DRIZZLE_MAX_SCRAMBLE_SIZE;
	249	ptr++;
	250
	251	if (con->options & DRIZZLE_CON_MYSQL && con->options & DRIZZLE_CON_AUTH_PLUGIN)
	252	{
	253	snprintf((char *)ptr, DRIZZLE_MAX_SCRAMBLE_SIZE, "%s", con->password);
2269.2.1 by Marc Isambart Various libdrizzle Windows fixes, including closesocket() instead of close(), snprintf handling and WSAECONNREFUSED mapping	254	ptr[DRIZZLE_MAX_SCRAMBLE_SIZE-1]= 0;
2244.1.1 by Monty Taylor Split libdrizzle into 1.0 and 2.0. Applied the C++ changes to 2.0 branch.	255	}
	256	else if (con->options & DRIZZLE_CON_MYSQL)
	257	{
	258	*ret_ptr= _pack_scramble_hash(con, ptr);
	259	if (*ret_ptr != DRIZZLE_RETURN_OK)
2461.1.1 by Brian Aker Fix safety issues around calling API with no check for NULL	260	{
2244.1.1 by Monty Taylor Split libdrizzle into 1.0 and 2.0. Applied the C++ changes to 2.0 branch.	261	return ptr;
2461.1.1 by Brian Aker Fix safety issues around calling API with no check for NULL	262	}
2244.1.1 by Monty Taylor Split libdrizzle into 1.0 and 2.0. Applied the C++ changes to 2.0 branch.	263	}
	264	else // We assume Drizzle
	265	{
	266	snprintf((char *)ptr, DRIZZLE_MAX_SCRAMBLE_SIZE, "%s", con->password);
2269.2.1 by Marc Isambart Various libdrizzle Windows fixes, including closesocket() instead of close(), snprintf handling and WSAECONNREFUSED mapping	267	ptr[DRIZZLE_MAX_SCRAMBLE_SIZE-1]= 0;
2244.1.1 by Monty Taylor Split libdrizzle into 1.0 and 2.0. Applied the C++ changes to 2.0 branch.	268	}
	269
	270	ptr+= DRIZZLE_MAX_SCRAMBLE_SIZE;
	271	}
	272
2461.1.1 by Brian Aker Fix safety issues around calling API with no check for NULL	273	if (con->schema[0] != 0)
2244.1.1 by Monty Taylor Split libdrizzle into 1.0 and 2.0. Applied the C++ changes to 2.0 branch.	274	{
2461.1.1 by Brian Aker Fix safety issues around calling API with no check for NULL	275	memcpy(ptr, con->schema, strlen(con->schema));
	276	ptr+= strlen(con->schema);
2244.1.1 by Monty Taylor Split libdrizzle into 1.0 and 2.0. Applied the C++ changes to 2.0 branch.	277	}
	278
	279	ptr[0]= 0;
	280	ptr++;
	281
	282	*ret_ptr= DRIZZLE_RETURN_OK;
2461.1.1 by Brian Aker Fix safety issues around calling API with no check for NULL	283
2244.1.1 by Monty Taylor Split libdrizzle into 1.0 and 2.0. Applied the C++ changes to 2.0 branch.	284	return ptr;
	285	}
	286
	287	/*
	288	* Private definitions
	289	*/
	290
	291	static drizzle_return_t _pack_scramble_hash(drizzle_con_st *con,
	292	uint8_t *buffer)
	293	{
	294	SHA1_CTX ctx;
	295	uint8_t hash_tmp1[SHA1_DIGEST_LENGTH];
	296	uint8_t hash_tmp2[SHA1_DIGEST_LENGTH];
	297
	298	if (SHA1_DIGEST_LENGTH != DRIZZLE_MAX_SCRAMBLE_SIZE)
	299	{
	300	drizzle_set_error(con->drizzle, "_pack_scramble_hash",
	301	"SHA1 hash size mismatch:%u:%u", SHA1_DIGEST_LENGTH,
	302	DRIZZLE_MAX_SCRAMBLE_SIZE);
	303	return DRIZZLE_RETURN_INTERNAL_ERROR;
	304	}
	305
	306	if (con->scramble == NULL)
	307	{
	308	drizzle_set_error(con->drizzle, "_pack_scramble_hash",
	309	"no scramble buffer");
	310	return DRIZZLE_RETURN_NO_SCRAMBLE;
	311	}
	312
	313	/* First hash the password. */
	314	SHA1Init(&ctx);
	315	SHA1Update(&ctx, (uint8_t *)(con->password), strlen(con->password));
	316	SHA1Final(hash_tmp1, &ctx);
	317
	318	/* Second, hash the password hash. */
	319	SHA1Init(&ctx);
	320	SHA1Update(&ctx, hash_tmp1, SHA1_DIGEST_LENGTH);
	321	SHA1Final(hash_tmp2, &ctx);
	322
	323	/* Third, hash the scramble and the double password hash. */
	324	SHA1Init(&ctx);
	325	SHA1Update(&ctx, con->scramble, SHA1_DIGEST_LENGTH);
	326	SHA1Update(&ctx, hash_tmp2, SHA1_DIGEST_LENGTH);
	327	SHA1Final(buffer, &ctx);
	328
	329	/* Fourth, xor the last hash against the first password hash. */
2461.1.1 by Brian Aker Fix safety issues around calling API with no check for NULL	330	for (uint32_t x= 0; x < SHA1_DIGEST_LENGTH; x++)
	331	{
2244.1.1 by Monty Taylor Split libdrizzle into 1.0 and 2.0. Applied the C++ changes to 2.0 branch.	332	buffer[x]= buffer[x] ^ hash_tmp1[x];
2461.1.1 by Brian Aker Fix safety issues around calling API with no check for NULL	333	}
2244.1.1 by Monty Taylor Split libdrizzle into 1.0 and 2.0. Applied the C++ changes to 2.0 branch.	334
	335	return DRIZZLE_RETURN_OK;
	336	}