mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-01-17 12:32:27 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
196387 commits 2784 branches 343 tags 1.6 GiB
Commit graph

6 commits

Author SHA1 Message Date
Brandon Nesterenko
b6cfb2961e MDEV-14974: --port ignored for --host=localhost 
Problem:
=======
MariaDB's command line utilities (e.g., mysql,
mysqldump, etc) silently ignore connection
property options (e.g., --port and --socket)
when protocol is not explicitly set via the
command-line for localhost connections.

Fix:
===
If connection properties are specified without a
protocol, override the protocol to be consistent.
For example, if --port is specified, automatically
set protocol=tcp.

Caveats:
=======
 * When multiple connection properties are
specified, nothing is overridden
 * If protocol is is set via the command-line,
its value is used

Reviewers:
========
Sergei Golubchik <serg@mariadb.com>
Vladislav Vaintroub <wlad@mariadb.com>
 2021-05-11 11:50:41 -06:00
Sergei Golubchik
fd00c449e3 bugfix: PROXY privilege matched usernames incorrectly 
username can be empty, meaning anybody, or must match literally.
only db and host names are matched with wildcards.
 2019-06-17 12:26:25 +02:00
Sergei Golubchik
c94ec9fc67 MDEV-17950 SHOW GRANTS FOR does not work for a user identified with non-existing plugin 
Revert the side effect of 7c40996cc8.
Do not convert password hash to its binary representation when a user
entry is loaded. Do it lazily on the first authenticatation attempt.

As a collateral - force all authentication plugins to follow the
protocol and read_packet at least once before accessing info->username
(username is not available before first client handshake packet is read).

Fix PAM and GSSAPI plugins to behave.
 2019-02-04 15:54:10 +01:00
Sergei Golubchik
4abb8216a0 MDEV-17658 change the structure of mysql.user table 
Implement User_table_json.
Fix scripts to use mysql.global_priv.
Fix tests.
 2018-12-12 00:31:44 +01:00
Sergei Golubchik
7c40996cc8 MDEV-12321 authentication plugin: SET PASSWORD support 
Support SET PASSWORD for authentication plugins.

Authentication plugin API is extended with two optional methods:
* hash_password() is used to compute a password hash (or digest)
  from the plain-text password. This digest will be stored in mysql.user
  table
* preprocess_hash() is used to convert this digest into some memory
  representation that can be later used to authenticate a user.
  Build-in plugins convert the hash from hexadecimal or base64 to binary,
  to avoid doing it on every authentication attempt.

Note a change in behavior: when loading privileges (on startup or on
FLUSH PRIVILEGES) an account with an unknown plugin was loaded with a
warning (e.g. "Plugin 'foo' is not loaded"). But such an account could
not be used for authentication until the plugin is installed. Now an
account like that will not be loaded at all (with a warning, still).
Indeed, without plugin's preprocess_hash() method the server cannot know
how to load an account. Thus, if a new authentication plugin is
installed run-time, one might need FLUSH PRIVILEGES to activate all
existing accounts that were using this new plugin.
 2018-10-31 16:06:16 +01:00
Michael Widenius
a7abddeffa Create 'main' test directory and move 't' and 'r' there 2018-03-29 13:59:44 +03:00
Renamed from mysql-test/t/plugin_auth_qa_1.test (Browse further)