Hi, Roberto! On May 16, Roberto Spadim wrote: > just some questions about dialog_example.c, just to check if i understood > the source > > the three_attempts, request 3 times the password, if it's all wrong > return CR_ERROR, and user is 'disconnected'?
Yes. > the two_questions, request the password, if wrong, disconnect > with CR_ERROR, send the second question, and if it's not == to "yes, of > course", return CR_ERROR, else, user is connected? Yes. > the info->auth_string, is the password of mysql.users table? No, in the CREATE USER xxx IDENTIFIED WITH yyy USING zzz; auth_string is the "zzz" part. > there's more examples where i could get the user, and check some value > inside a mysql.* table? Check the our knowledge base, MySQL manual, and the documentation in the include/mysql/plugin_auth*.h files > i'm thinking about OTP passwords like google auth See also my talk on the MySQL UC 2010, that includes the code for the S/Key authentication plugin (S/Key is an old one-time passwod system): http://en.oreilly.com/mysql2010/public/schedule/detail/13143 And this my blog post, that shows how to use Google Authenticator with MariaDB: http://blog.mariadb.org/security-with-two-step-verification/ Regards, Sergei _______________________________________________ Mailing list: https://launchpad.net/~maria-developers Post to : [email protected] Unsubscribe : https://launchpad.net/~maria-developers More help : https://help.launchpad.net/ListHelp
