WIP

authenticated-unix-socket/lib.rs

@@ -0,0 +1,11 @@
+
+// TODO:
+// On responding to an incoming client request, the following should happen:
+// 1. Before intializing it's request, the client should open an "authentication" socket with permissions 644.
+// 2. Client opens a request to the server on the "normal" socket where the server is listening.
+// 2. Server receives the request with auth socket address, a uid and a secret from the client.
+// 3. Server validates that the owner of the auth socket address is the same as the uid.
+// 4. Server connects to the auth socket address and receives the same secret.
+// 5. Server validates that the secret is the same as the one it originally received.
+// 6. Client closes the authentication socket. Normal socket is used for communication.
+//    (because the auth socket was readable globally)

src/client_server_protocol.rs

@@ -0,0 +1,13 @@
+use serde::{Deserialize, Serialize};
+
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
+pub enum Command {
+    CreateDatabase,
+    DropDatabase,
+    ListDatabases,
+}
+
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
+pub enum Response {
+
+}

src/main.rs

@@ -10,6 +10,9 @@ use crate::cli::mysql_admutils_compatibility::{mysql_dbadm, mysql_useradm};
 
 use clap::Parser;
 
+mod client_server_protocol;
+mod server;
+
 mod cli;
 mod core;
 

src/server.rs

@@ -0,0 +1 @@
+mod entrypoint;