mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-10-10 09:49:16 +02:00
Code Issues Projects Releases Packages Wiki Activity
mariadb/mysql-test/main/max_password_errors.test
Dmitry Shulga eeb00ceffd MDEV-35617: DROP USER should leave no active session for that user 
Follow-up patch with adjustments of test files and updates of result
files for tests.

Some of tests were rewritten slighlty. Everywhere where common
pattern used:
-----
  CREATE USER userA;
  --connect con1 ... userA ...
   <sql statements...>
  --disconnect con1
  DROP USER userA;
-----
the DROP USER statement has been eclosed into the directive
--disable_warnings
--enable_warnings

This change is caused by the race conddition between --disconnect
and DROP USER since a number of currently running sessions
established on behalf the user being dropped is counted by
holding the rw_lock THD_list_iterator::lock that is not acquired on
execution the DROP USER statement but the lock is taken as the last
step on handling disconnection (when the client is already sending
the next statement). Therefore, for the cases where the command
 --disconnect precedes the DROP USER statement
we hide the possible warnings about presence of active sessions
for the user being deleted to make tests deterministic.
2025-06-09 18:24:28 +07:00

88 lines
3 KiB
Text
Raw Permalink Blame History

--source include/not_embedded.inc
set @old_max_password_errors=@@max_password_errors;
set global max_password_errors=2;
create user u identified by 'good_pass';
# Test that user is blocked after 'max_password_errors' bad passwords
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
error ER_ACCESS_DENIED_ERROR;
connect(con1, localhost, u, bas_pass);
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
error ER_ACCESS_DENIED_ERROR;
connect (con1, localhost, u, bad_pass);
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
error ER_USER_IS_BLOCKED;
connect(con1, localhost, u, good_pass);
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
error ER_USER_IS_BLOCKED;
connect(con1, localhost, u, bad_pass);
# Test that FLUSH PRIVILEGES clears the error
FLUSH PRIVILEGES;
connect (con1, localhost, u, good_pass);
disconnect con1;
# Test that good login clears the error
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
error ER_ACCESS_DENIED_ERROR;
connect (con1, localhost, u, bad_pass);
connect (con1, localhost, u, good_pass);
disconnect con1;
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
error ER_ACCESS_DENIED_ERROR;
connect (con1, localhost, u, bad_pass);
connect (con1, localhost, u, good_pass);
# Test the behavior of change_user
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
error ER_ACCESS_DENIED_ERROR;
change_user u,bad_pass;
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
error ER_ACCESS_DENIED_ERROR;
change_user u,bad_pass;
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
error ER_USER_IS_BLOCKED;
change_user u,good_pass;
disconnect con1;
connection default;
FLUSH PRIVILEGES;
#Test that root@localhost is not blocked, with password errors
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
error ER_ACCESS_DENIED_ERROR;
connect(con1, localhost, root, bas_pass);
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
error ER_ACCESS_DENIED_ERROR;
connect (con1, localhost, root, bad_pass);
connect (con1, localhost, u, good_pass);
disconnect con1;
connection default;
# Block u again
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
error ER_ACCESS_DENIED_ERROR;
connect(con1, localhost, u, bad_password);
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
error ER_ACCESS_DENIED_ERROR;
connect(con1, localhost, u, bad_password);
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
error ER_USER_IS_BLOCKED;
connect(con1, localhost, u, good_pass);
# Unblock foo
ALTER USER u ACCOUNT UNLOCK;
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
error ER_ACCESS_DENIED_ERROR;
connect(con1, localhost, u, bad_password);
connect(con1, localhost, u, good_pass);
disconnect con1;
connection default;
--disable_warnings
DROP USER u;
--enable_warnings
set global max_password_errors=@old_max_password_errors;
Reference in a new issue View git blame Copy permalink