mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-01-16 12:02:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
mariadb/mysql-test/main/set_password.test

176 lines
6 KiB
Text
Raw Normal View History

MDEV-9835 Valid password is not working after server restart On SET PASSWORD if the plugin is mysql_native_password or mysql_old_password, do reset plugin and auth_str fields.
2016-04-18 18:30:42 +02:00
#
# MDEV-9835 Valid password is not working after server restart.
#
# Various combinations of SET PASSWORD and not-empty mysql.user.plugin field
#
--source include/not_embedded.inc
MDEV-27691: make working view-protocol Update tests for version 10.4
2022-09-15 13:30:13 +02:00
#enable view protocol after fix MDEV-29542
--source include/no_view_protocol.inc
MDEV-9835 Valid password is not working after server restart On SET PASSWORD if the plugin is mysql_native_password or mysql_old_password, do reset plugin and auth_str fields.
2016-04-18 18:30:42 +02:00
--enable_connect_log
Merge branch '10.0' into 10.1
2016-05-04 15:23:26 +02:00
set global secure_auth=0;
MDEV-9835 Valid password is not working after server restart On SET PASSWORD if the plugin is mysql_native_password or mysql_old_password, do reset plugin and auth_str fields.
2016-04-18 18:30:42 +02:00
# The hash (old and new) is for 'test'
create user natauth@localhost identified via 'mysql_native_password' using '*94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29';
MDEV-22974: mysql_native_password make "invalid" valid Per b9f3f06857ac, mysql_system_tables_data.sql creates a mysql_native_password with a salted hash of "invalid" so that `set password` will detect a native password can be applied:. SHOW CREATE USER; diligently uses this value in its output generating the SQL: MariaDB [(none)]> show create user; +---------------------------------------------------------------------------------------------------+ | CREATE USER for dan@localhost | +---------------------------------------------------------------------------------------------------+ | CREATE USER `dan`@`localhost` IDENTIFIED VIA mysql_native_password USING 'invalid' OR unix_socket | +---------------------------------------------------------------------------------------------------+ Attempting to execute this before this patch results in: MariaDB [(none)]> CREATE USER `dan2`@`localhost` IDENTIFIED VIA mysql_native_password USING 'invalid' OR unix_socket; ERROR 1372 (HY000): Password hash should be a 41-digit hexadecimal number As such, deep the implementation of mysql_native_password we make "invalid" valid (pun intended) such that the above create user will succeed. We do this by storing "*THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE" (credit: Oracle MySQL), that is of an INCORRECT length for a scramble. In native_password_authenticate we check the length of this cached value and immediately fail if it is anything other than the scramble length. native_password_get_salt is only called in the context of set_user_salt, so all setting of native passwords to hashed content of 'invalid', quite literally create an invalid password. So other forms of "invalid" are valid SQL in creating invalid passwords: MariaDB [(none)]> set password = 'invalid'; Query OK, 0 rows affected (0.001 sec) MariaDB [(none)]> alter user dan@localhost IDENTIFIED BY PASSWORD 'invalid'; Query OK, 0 rows affected (0.000 sec) closes #1628 Reviewer: serg@mariadb.com
2020-07-16 08:31:59 +02:00
create user invalidauth@localhost identified via 'mysql_native_password' using 'invalid';
MDEV-9835 Valid password is not working after server restart On SET PASSWORD if the plugin is mysql_native_password or mysql_old_password, do reset plugin and auth_str fields.
2016-04-18 18:30:42 +02:00
create user newpass@localhost identified by password '*94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29';
MDEV-22974: mysql_native_password make "invalid" valid Per b9f3f06857ac, mysql_system_tables_data.sql creates a mysql_native_password with a salted hash of "invalid" so that `set password` will detect a native password can be applied:. SHOW CREATE USER; diligently uses this value in its output generating the SQL: MariaDB [(none)]> show create user; +---------------------------------------------------------------------------------------------------+ | CREATE USER for dan@localhost | +---------------------------------------------------------------------------------------------------+ | CREATE USER `dan`@`localhost` IDENTIFIED VIA mysql_native_password USING 'invalid' OR unix_socket | +---------------------------------------------------------------------------------------------------+ Attempting to execute this before this patch results in: MariaDB [(none)]> CREATE USER `dan2`@`localhost` IDENTIFIED VIA mysql_native_password USING 'invalid' OR unix_socket; ERROR 1372 (HY000): Password hash should be a 41-digit hexadecimal number As such, deep the implementation of mysql_native_password we make "invalid" valid (pun intended) such that the above create user will succeed. We do this by storing "*THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE" (credit: Oracle MySQL), that is of an INCORRECT length for a scramble. In native_password_authenticate we check the length of this cached value and immediately fail if it is anything other than the scramble length. native_password_get_salt is only called in the context of set_user_salt, so all setting of native passwords to hashed content of 'invalid', quite literally create an invalid password. So other forms of "invalid" are valid SQL in creating invalid passwords: MariaDB [(none)]> set password = 'invalid'; Query OK, 0 rows affected (0.001 sec) MariaDB [(none)]> alter user dan@localhost IDENTIFIED BY PASSWORD 'invalid'; Query OK, 0 rows affected (0.000 sec) closes #1628 Reviewer: serg@mariadb.com
2020-07-16 08:31:59 +02:00
create user invalidpass@localhost identified by password 'invalid';
MDEV-9835 Valid password is not working after server restart On SET PASSWORD if the plugin is mysql_native_password or mysql_old_password, do reset plugin and auth_str fields.
2016-04-18 18:30:42 +02:00
create user newpassnat@localhost identified via 'mysql_native_password';
set password for newpassnat@localhost = '*94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29';
MDEV-22974: mysql_native_password make "invalid" valid Per b9f3f06857ac, mysql_system_tables_data.sql creates a mysql_native_password with a salted hash of "invalid" so that `set password` will detect a native password can be applied:. SHOW CREATE USER; diligently uses this value in its output generating the SQL: MariaDB [(none)]> show create user; +---------------------------------------------------------------------------------------------------+ | CREATE USER for dan@localhost | +---------------------------------------------------------------------------------------------------+ | CREATE USER `dan`@`localhost` IDENTIFIED VIA mysql_native_password USING 'invalid' OR unix_socket | +---------------------------------------------------------------------------------------------------+ Attempting to execute this before this patch results in: MariaDB [(none)]> CREATE USER `dan2`@`localhost` IDENTIFIED VIA mysql_native_password USING 'invalid' OR unix_socket; ERROR 1372 (HY000): Password hash should be a 41-digit hexadecimal number As such, deep the implementation of mysql_native_password we make "invalid" valid (pun intended) such that the above create user will succeed. We do this by storing "*THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE" (credit: Oracle MySQL), that is of an INCORRECT length for a scramble. In native_password_authenticate we check the length of this cached value and immediately fail if it is anything other than the scramble length. native_password_get_salt is only called in the context of set_user_salt, so all setting of native passwords to hashed content of 'invalid', quite literally create an invalid password. So other forms of "invalid" are valid SQL in creating invalid passwords: MariaDB [(none)]> set password = 'invalid'; Query OK, 0 rows affected (0.001 sec) MariaDB [(none)]> alter user dan@localhost IDENTIFIED BY PASSWORD 'invalid'; Query OK, 0 rows affected (0.000 sec) closes #1628 Reviewer: serg@mariadb.com
2020-07-16 08:31:59 +02:00
create user invalidpassnat@localhost identified by password 'invalid';
set password for invalidpassnat@localhost = 'invalid';
MDEV-9835 Valid password is not working after server restart On SET PASSWORD if the plugin is mysql_native_password or mysql_old_password, do reset plugin and auth_str fields.
2016-04-18 18:30:42 +02:00
create user oldauth@localhost identified with 'mysql_old_password' using '378b243e220ca493';
create user oldpass@localhost identified by password '378b243e220ca493';
create user oldpassold@localhost identified with 'mysql_old_password';
set password for oldpassold@localhost = '378b243e220ca493';
MDEV-24207: recognise mysql forms of invalid password for mysql_native_password The main goal of this patch is to prevent MariaDB's native_password_plugin from "parsing" the hex (or non hex) authentication_string. Due to how the current code is written, we convert any string (within native_password_get_salt) that has the appropriate length to a "binary" representation, that can potentially match a real password. More specifically, "*THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE" produces the same results as "*d13c3c78dafa52d9bce09bdd1adcb7befced1ebe". The length indicator is the main indicator of an invalid password. We use use same trick with "invalid" to change its internal representation. The "parsing" mentioned is by get_salt_from_password down to char_val() and because if where it is, its effectively a static plugin API that cannot change. In supporting these, we support the SHOW CREATE USER from MySQL may have the hashed password string: *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE. Obviously this isn't a hash because it contains non-hex characters. After this patch we do however recognise the pattern; [any char, notionally *]{40 chars not all are hex} as a pattern for an invalid password. This was determined to be the general pattern that MySQL used. Reviewers: Sergei G, Vicentiu
2020-10-24 12:01:07 +02:00
create user invalidmysql57auth@localhost identified via 'mysql_native_password' using '*THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE';
MDEV-9835 Valid password is not working after server restart On SET PASSWORD if the plugin is mysql_native_password or mysql_old_password, do reset plugin and auth_str fields.
2016-04-18 18:30:42 +02:00
--sorted_result
select user, host, password, plugin, authentication_string from mysql.user where user != 'root';
--connect(con,localhost,natauth,test,)
select current_user();
--disconnect con
--connect(con,localhost,newpass,test,)
select current_user();
--disconnect con
--connect(con,localhost,newpassnat,test,)
select current_user();
--disconnect con
mysqltest: support MARIADB_OPT_RESTRICTED_AUTH C/C 3.4 disables mysql_old_password by default, so add an option for the `connect` command to support specifying allowed authentication plugins (MARIADB_OPT_RESTRICTED_AUTH). use it to enable mysql_old_password when needed for testing
2024-03-15 18:42:06 +01:00
--connect(con,localhost,oldauth,test,,,,auth=mysql_old_password:mysql_native_password)
MDEV-9835 Valid password is not working after server restart On SET PASSWORD if the plugin is mysql_native_password or mysql_old_password, do reset plugin and auth_str fields.
2016-04-18 18:30:42 +02:00
select current_user();
--disconnect con
mysqltest: support MARIADB_OPT_RESTRICTED_AUTH C/C 3.4 disables mysql_old_password by default, so add an option for the `connect` command to support specifying allowed authentication plugins (MARIADB_OPT_RESTRICTED_AUTH). use it to enable mysql_old_password when needed for testing
2024-03-15 18:42:06 +01:00
--connect(con,localhost,oldpass,test,,,,auth=mysql_old_password:mysql_native_password)
MDEV-9835 Valid password is not working after server restart On SET PASSWORD if the plugin is mysql_native_password or mysql_old_password, do reset plugin and auth_str fields.
2016-04-18 18:30:42 +02:00
select current_user();
--disconnect con
mysqltest: support MARIADB_OPT_RESTRICTED_AUTH C/C 3.4 disables mysql_old_password by default, so add an option for the `connect` command to support specifying allowed authentication plugins (MARIADB_OPT_RESTRICTED_AUTH). use it to enable mysql_old_password when needed for testing
2024-03-15 18:42:06 +01:00
--connect(con,localhost,oldpassold,test,,,,auth=mysql_old_password:mysql_native_password)
MDEV-9835 Valid password is not working after server restart On SET PASSWORD if the plugin is mysql_native_password or mysql_old_password, do reset plugin and auth_str fields.
2016-04-18 18:30:42 +02:00
select current_user();
--disconnect con
--connection default
flush privileges;
--connect(con,localhost,natauth,test,)
select current_user();
--disconnect con
--connect(con,localhost,newpass,test,)
select current_user();
--disconnect con
--connect(con,localhost,newpassnat,test,)
select current_user();
--disconnect con
mysqltest: support MARIADB_OPT_RESTRICTED_AUTH C/C 3.4 disables mysql_old_password by default, so add an option for the `connect` command to support specifying allowed authentication plugins (MARIADB_OPT_RESTRICTED_AUTH). use it to enable mysql_old_password when needed for testing
2024-03-15 18:42:06 +01:00
--connect(con,localhost,oldauth,test,,,,auth=mysql_old_password:mysql_native_password)
MDEV-9835 Valid password is not working after server restart On SET PASSWORD if the plugin is mysql_native_password or mysql_old_password, do reset plugin and auth_str fields.
2016-04-18 18:30:42 +02:00
select current_user();
--disconnect con
mysqltest: support MARIADB_OPT_RESTRICTED_AUTH C/C 3.4 disables mysql_old_password by default, so add an option for the `connect` command to support specifying allowed authentication plugins (MARIADB_OPT_RESTRICTED_AUTH). use it to enable mysql_old_password when needed for testing
2024-03-15 18:42:06 +01:00
--connect(con,localhost,oldpass,test,,,,auth=mysql_old_password:mysql_native_password)
MDEV-9835 Valid password is not working after server restart On SET PASSWORD if the plugin is mysql_native_password or mysql_old_password, do reset plugin and auth_str fields.
2016-04-18 18:30:42 +02:00
select current_user();
--disconnect con
mysqltest: support MARIADB_OPT_RESTRICTED_AUTH C/C 3.4 disables mysql_old_password by default, so add an option for the `connect` command to support specifying allowed authentication plugins (MARIADB_OPT_RESTRICTED_AUTH). use it to enable mysql_old_password when needed for testing
2024-03-15 18:42:06 +01:00
--connect(con,localhost,oldpassold,test,,,,auth=mysql_old_password:mysql_native_password)
MDEV-9835 Valid password is not working after server restart On SET PASSWORD if the plugin is mysql_native_password or mysql_old_password, do reset plugin and auth_str fields.
2016-04-18 18:30:42 +02:00
select current_user();
--disconnect con
--connection default
# changing to the NEW password hash
set password for natauth@localhost = PASSWORD('test2');
set password for newpass@localhost = PASSWORD('test2');
set password for newpassnat@localhost = PASSWORD('test2');
set password for oldauth@localhost = PASSWORD('test2');
set password for oldpass@localhost = PASSWORD('test2');
set password for oldpassold@localhost = PASSWORD('test2');
--sorted_result
select user, host, password, plugin, authentication_string from mysql.user where user != 'root';
--connect(con,localhost,natauth,test2,)
select current_user();
--disconnect con
--connect(con,localhost,newpass,test2,)
select current_user();
--disconnect con
--connect(con,localhost,newpassnat,test2,)
select current_user();
--disconnect con
--connect(con,localhost,oldauth,test2,)
select current_user();
--disconnect con
--connect(con,localhost,oldpass,test2,)
select current_user();
--disconnect con
--connect(con,localhost,oldpassold,test2,)
select current_user();
--disconnect con
--connection default
flush privileges;
--connect(con,localhost,natauth,test2,)
select current_user();
--disconnect con
--connect(con,localhost,newpass,test2,)
select current_user();
--disconnect con
--connect(con,localhost,newpassnat,test2,)
select current_user();
--disconnect con
MDEV-22974: mysql_native_password make "invalid" valid Per b9f3f06857ac, mysql_system_tables_data.sql creates a mysql_native_password with a salted hash of "invalid" so that `set password` will detect a native password can be applied:. SHOW CREATE USER; diligently uses this value in its output generating the SQL: MariaDB [(none)]> show create user; +---------------------------------------------------------------------------------------------------+ | CREATE USER for dan@localhost | +---------------------------------------------------------------------------------------------------+ | CREATE USER `dan`@`localhost` IDENTIFIED VIA mysql_native_password USING 'invalid' OR unix_socket | +---------------------------------------------------------------------------------------------------+ Attempting to execute this before this patch results in: MariaDB [(none)]> CREATE USER `dan2`@`localhost` IDENTIFIED VIA mysql_native_password USING 'invalid' OR unix_socket; ERROR 1372 (HY000): Password hash should be a 41-digit hexadecimal number As such, deep the implementation of mysql_native_password we make "invalid" valid (pun intended) such that the above create user will succeed. We do this by storing "*THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE" (credit: Oracle MySQL), that is of an INCORRECT length for a scramble. In native_password_authenticate we check the length of this cached value and immediately fail if it is anything other than the scramble length. native_password_get_salt is only called in the context of set_user_salt, so all setting of native passwords to hashed content of 'invalid', quite literally create an invalid password. So other forms of "invalid" are valid SQL in creating invalid passwords: MariaDB [(none)]> set password = 'invalid'; Query OK, 0 rows affected (0.001 sec) MariaDB [(none)]> alter user dan@localhost IDENTIFIED BY PASSWORD 'invalid'; Query OK, 0 rows affected (0.000 sec) closes #1628 Reviewer: serg@mariadb.com
2020-07-16 08:31:59 +02:00
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
--error ER_ACCESS_DENIED_ERROR
--connect(con,localhost,invalidauth,invalid,)
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
--error ER_ACCESS_DENIED_ERROR
--connect(con,localhost,invalidpass,invalid,)
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
--error ER_ACCESS_DENIED_ERROR
--connect(con,localhost,invalidpassnat,invalid,)
MDEV-24207: recognise mysql forms of invalid password for mysql_native_password The main goal of this patch is to prevent MariaDB's native_password_plugin from "parsing" the hex (or non hex) authentication_string. Due to how the current code is written, we convert any string (within native_password_get_salt) that has the appropriate length to a "binary" representation, that can potentially match a real password. More specifically, "*THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE" produces the same results as "*d13c3c78dafa52d9bce09bdd1adcb7befced1ebe". The length indicator is the main indicator of an invalid password. We use use same trick with "invalid" to change its internal representation. The "parsing" mentioned is by get_salt_from_password down to char_val() and because if where it is, its effectively a static plugin API that cannot change. In supporting these, we support the SHOW CREATE USER from MySQL may have the hashed password string: *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE. Obviously this isn't a hash because it contains non-hex characters. After this patch we do however recognise the pattern; [any char, notionally *]{40 chars not all are hex} as a pattern for an invalid password. This was determined to be the general pattern that MySQL used. Reviewers: Sergei G, Vicentiu
2020-10-24 12:01:07 +02:00
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
--error ER_ACCESS_DENIED_ERROR
--connect(con,localhost,invalidmysql57auth,invalid,)
MDEV-22974: mysql_native_password make "invalid" valid Per b9f3f06857ac, mysql_system_tables_data.sql creates a mysql_native_password with a salted hash of "invalid" so that `set password` will detect a native password can be applied:. SHOW CREATE USER; diligently uses this value in its output generating the SQL: MariaDB [(none)]> show create user; +---------------------------------------------------------------------------------------------------+ | CREATE USER for dan@localhost | +---------------------------------------------------------------------------------------------------+ | CREATE USER `dan`@`localhost` IDENTIFIED VIA mysql_native_password USING 'invalid' OR unix_socket | +---------------------------------------------------------------------------------------------------+ Attempting to execute this before this patch results in: MariaDB [(none)]> CREATE USER `dan2`@`localhost` IDENTIFIED VIA mysql_native_password USING 'invalid' OR unix_socket; ERROR 1372 (HY000): Password hash should be a 41-digit hexadecimal number As such, deep the implementation of mysql_native_password we make "invalid" valid (pun intended) such that the above create user will succeed. We do this by storing "*THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE" (credit: Oracle MySQL), that is of an INCORRECT length for a scramble. In native_password_authenticate we check the length of this cached value and immediately fail if it is anything other than the scramble length. native_password_get_salt is only called in the context of set_user_salt, so all setting of native passwords to hashed content of 'invalid', quite literally create an invalid password. So other forms of "invalid" are valid SQL in creating invalid passwords: MariaDB [(none)]> set password = 'invalid'; Query OK, 0 rows affected (0.001 sec) MariaDB [(none)]> alter user dan@localhost IDENTIFIED BY PASSWORD 'invalid'; Query OK, 0 rows affected (0.000 sec) closes #1628 Reviewer: serg@mariadb.com
2020-07-16 08:31:59 +02:00
MDEV-9835 Valid password is not working after server restart On SET PASSWORD if the plugin is mysql_native_password or mysql_old_password, do reset plugin and auth_str fields.
2016-04-18 18:30:42 +02:00
--connect(con,localhost,oldauth,test2,)
select current_user();
--disconnect con
--connect(con,localhost,oldpass,test2,)
select current_user();
--disconnect con
--connect(con,localhost,oldpassold,test2,)
select current_user();
--disconnect con
--connection default
drop user natauth@localhost, newpass@localhost, newpassnat@localhost;
MDEV-24207: recognise mysql forms of invalid password for mysql_native_password The main goal of this patch is to prevent MariaDB's native_password_plugin from "parsing" the hex (or non hex) authentication_string. Due to how the current code is written, we convert any string (within native_password_get_salt) that has the appropriate length to a "binary" representation, that can potentially match a real password. More specifically, "*THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE" produces the same results as "*d13c3c78dafa52d9bce09bdd1adcb7befced1ebe". The length indicator is the main indicator of an invalid password. We use use same trick with "invalid" to change its internal representation. The "parsing" mentioned is by get_salt_from_password down to char_val() and because if where it is, its effectively a static plugin API that cannot change. In supporting these, we support the SHOW CREATE USER from MySQL may have the hashed password string: *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE. Obviously this isn't a hash because it contains non-hex characters. After this patch we do however recognise the pattern; [any char, notionally *]{40 chars not all are hex} as a pattern for an invalid password. This was determined to be the general pattern that MySQL used. Reviewers: Sergei G, Vicentiu
2020-10-24 12:01:07 +02:00
drop user invalidauth@localhost, invalidpass@localhost, invalidpassnat@localhost,invalidmysql57auth@localhost;
MDEV-9835 Valid password is not working after server restart On SET PASSWORD if the plugin is mysql_native_password or mysql_old_password, do reset plugin and auth_str fields.
2016-04-18 18:30:42 +02:00
drop user oldauth@localhost, oldpass@localhost, oldpassold@localhost;
Merge branch '10.0' into 10.1
2016-05-04 15:23:26 +02:00
set global secure_auth=default;
MDEV-9835 Valid password is not working after server restart On SET PASSWORD if the plugin is mysql_native_password or mysql_old_password, do reset plugin and auth_str fields.
2016-04-18 18:30:42 +02:00
MDEV-16238 root/localhost authn prioritizes authentication_string over Password Don't let SET PASSWORD to set the password, if auth_string is set. Now SET PASSWORD always sets the plugin/auth_string fields and clears the password field (on pre-plugin mysql.user table it works as before).
2018-06-18 21:00:25 +02:00
#
# MDEV-16238 root/localhost authn prioritizes authentication_string over Password
#
MDEV-17658 change the structure of mysql.user table Implement User_table_json. Fix scripts to use mysql.global_priv. Fix tests.
2018-11-24 14:13:41 +01:00
--source include/switch_to_mysql_user.inc
MDEV-16238 root/localhost authn prioritizes authentication_string over Password Don't let SET PASSWORD to set the password, if auth_string is set. Now SET PASSWORD always sets the plugin/auth_string fields and clears the password field (on pre-plugin mysql.user table it works as before).
2018-06-18 21:00:25 +02:00
create user foo@localhost identified with mysql_native_password;
update mysql.user set authentication_string=password('foo'), plugin='mysql_native_password' where user='foo' and host='localhost';
set password for 'foo'@'localhost' = password('bar');
flush privileges;
--connect foo, localhost, foo, bar
select user(), current_user();
show grants;
--disconnect foo
--connection default
select user,host,password,plugin,authentication_string from mysql.user where user='foo';
empty password is a valid password, don't crash
2018-06-18 21:28:27 +02:00
set password for 'foo'@'localhost' = '';
select user,host,password,plugin,authentication_string from mysql.user where user='foo';
MDEV-16238 root/localhost authn prioritizes authentication_string over Password Don't let SET PASSWORD to set the password, if auth_string is set. Now SET PASSWORD always sets the plugin/auth_string fields and clears the password field (on pre-plugin mysql.user table it works as before).
2018-06-18 21:00:25 +02:00
drop user foo@localhost;
MDEV-17658 change the structure of mysql.user table Implement User_table_json. Fix scripts to use mysql.global_priv. Fix tests.
2018-11-24 14:13:41 +01:00
--source include/switch_to_mysql_global_priv.inc
Reference in a new issue Copy permalink