mirror of
https://github.com/MariaDB/server.git
synced 2025-10-30 18:36:12 +01:00
a34b989f0c
mysqladmin's presumption about the cause of an error by looking at the error code was presumptious. Server knows best, so pass the error along. Avoid returning -1 as a exit code, Linux makes this 255 and Windows keeps this as -1.
170 lines
5 KiB
Text
170 lines
5 KiB
Text
--source include/not_embedded.inc
|
|
|
|
if (!$SIMPLE_PASSWORD_CHECK_SO) {
|
|
skip No SIMPLE_PASSWORD_CHECK plugin;
|
|
}
|
|
|
|
install soname "simple_password_check";
|
|
|
|
--vertical_results
|
|
--replace_result .dll .so
|
|
select * from information_schema.plugins where plugin_name='simple_password_check';
|
|
|
|
select * from information_schema.system_variables where variable_name like 'simple_password_check%' order by 1;
|
|
--horizontal_results
|
|
|
|
--error ER_NOT_VALID_PASSWORD
|
|
create user foo1 identified by 'pwd';
|
|
show warnings;
|
|
|
|
# Create user with no password.
|
|
--error ER_NOT_VALID_PASSWORD
|
|
create user foo1;
|
|
show warnings;
|
|
|
|
--error ER_NOT_VALID_PASSWORD
|
|
grant select on *.* to foo1 identified by 'pwd';
|
|
show warnings;
|
|
|
|
--error ER_NOT_VALID_PASSWORD
|
|
grant select on *.* to `FooBar1!` identified by 'FooBar1!';
|
|
show warnings;
|
|
|
|
grant select on *.* to `BarFoo1!` identified by 'FooBar1!';
|
|
drop user `BarFoo1!`;
|
|
|
|
create user foo1 identified by 'aA.12345';
|
|
grant select on *.* to foo1;
|
|
drop user foo1;
|
|
|
|
set global simple_password_check_digits=3;
|
|
set global simple_password_check_letters_same_case=3;
|
|
set global simple_password_check_other_characters=3;
|
|
show variables like 'simple_password_check_%';
|
|
|
|
create user foo1 identified by '123:qwe:ASD!';
|
|
drop user foo1;
|
|
|
|
--error ER_NOT_VALID_PASSWORD
|
|
create user foo1 identified by '-23:qwe:ASD!';
|
|
show warnings;
|
|
|
|
--error ER_NOT_VALID_PASSWORD
|
|
create user foo1 identified by '123:4we:ASD!';
|
|
show warnings;
|
|
|
|
--error ER_NOT_VALID_PASSWORD
|
|
create user foo1 identified by '123:qwe:4SD!';
|
|
show warnings;
|
|
|
|
--error ER_NOT_VALID_PASSWORD
|
|
create user foo1 identified by '123:qwe:ASD4';
|
|
show warnings;
|
|
|
|
create user foo1 identified by '123:qwe:ASD!';
|
|
--error ER_NOT_VALID_PASSWORD
|
|
set password for foo1 = password('qwe:-23:ASD!');
|
|
show warnings;
|
|
--error ER_NOT_VALID_PASSWORD
|
|
set password for foo1 = old_password('4we:123:ASD!');
|
|
--error ER_NOT_VALID_PASSWORD
|
|
set password for foo1 = password('qwe:123:4SD!');
|
|
show warnings;
|
|
--error ER_NOT_VALID_PASSWORD
|
|
set password for foo1 = old_password('qwe:123:ASD4');
|
|
show warnings;
|
|
set password for foo1 = password('qwe:123:ASD!');
|
|
|
|
# now, strict_password_validation
|
|
select @@strict_password_validation;
|
|
|
|
--error ER_NOT_VALID_PASSWORD
|
|
set password for foo1 = '';
|
|
show warnings;
|
|
--error ER_OPTION_PREVENTS_STATEMENT
|
|
set password for foo1 = '2222222222222222';
|
|
--error ER_OPTION_PREVENTS_STATEMENT
|
|
set password for foo1 = '11111111111111111111111111111111111111111';
|
|
--error ER_OPTION_PREVENTS_STATEMENT
|
|
create user foo2 identified by password '11111111111111111111111111111111111111111';
|
|
--error ER_OPTION_PREVENTS_STATEMENT
|
|
grant select on *.* to foo2 identified by password '2222222222222222';
|
|
--error ER_OPTION_PREVENTS_STATEMENT
|
|
create user foo2 identified with mysql_native_password using '11111111111111111111111111111111111111111';
|
|
--error ER_OPTION_PREVENTS_STATEMENT
|
|
grant select on *.* to foo2 identified with mysql_old_password using '2222222222222222';
|
|
--error ER_NOT_VALID_PASSWORD
|
|
create user foo2 identified with mysql_native_password using '';
|
|
show warnings;
|
|
--error ER_NOT_VALID_PASSWORD
|
|
grant select on *.* to foo2 identified with mysql_old_password using '';
|
|
--error ER_NOT_VALID_PASSWORD
|
|
grant select on *.* to foo2 identified with mysql_old_password;
|
|
|
|
# direct updates are not protected
|
|
update mysql.global_priv set priv=json_set(priv, '$.authentication_string', 'xxx') where user='foo1';
|
|
|
|
set global strict_password_validation=0;
|
|
|
|
--error ER_NOT_VALID_PASSWORD
|
|
set password for foo1 = '';
|
|
show warnings;
|
|
set password for foo1 = '2222222222222222';
|
|
set password for foo1 = '11111111111111111111111111111111111111111';
|
|
create user foo2 identified by password '11111111111111111111111111111111111111111';
|
|
drop user foo2;
|
|
grant select on *.* to foo2 identified by password '2222222222222222';
|
|
drop user foo2;
|
|
create user foo2 identified with mysql_native_password using '11111111111111111111111111111111111111111';
|
|
drop user foo2;
|
|
grant select on *.* to foo2 identified with mysql_old_password using '2222222222222222';
|
|
drop user foo2;
|
|
|
|
set global strict_password_validation=1;
|
|
drop user foo1;
|
|
|
|
#
|
|
# MDEV-9940 CREATE ROLE blocked by password validation plugin
|
|
#
|
|
create role r1;
|
|
drop role r1;
|
|
|
|
flush privileges;
|
|
|
|
uninstall plugin simple_password_check;
|
|
|
|
create user foo1 identified by 'pwd';
|
|
drop user foo1;
|
|
|
|
--echo #
|
|
--echo # MDEV-26650: Failed ALTER USER/GRANT statement removes the
|
|
--echo # password from the cache
|
|
--echo #
|
|
create user foo1@localhost identified by '<GDFH:3ghj';
|
|
show grants for foo1@localhost;
|
|
install soname "simple_password_check";
|
|
--error ER_CANNOT_USER
|
|
ALTER USER foo1@localhost identified by 'foo1';
|
|
show grants for foo1@localhost;
|
|
flush privileges;
|
|
show grants for foo1@localhost;
|
|
drop user foo1@localhost;
|
|
uninstall plugin simple_password_check;
|
|
|
|
|
|
--echo #
|
|
--echo # MDEV-22418 mysqladmin wrong error with simple_password_check
|
|
--echo #
|
|
|
|
install soname "simple_password_check";
|
|
|
|
--replace_regex /.*[\/\\]// /(mysqladmin|mariadb-admin)(\.exe)?/MARIADB-ADMIN/
|
|
--error 1
|
|
--exec $MYSQLADMIN -uroot password foo 2>&1
|
|
|
|
--echo # All done
|
|
uninstall plugin simple_password_check;
|
|
|
|
--echo #
|
|
--echo # End of 10.4 tests
|
|
--echo #
|