mirror of
https://github.com/MariaDB/server.git
synced 2025-02-12 00:15:35 +01:00
a5f78505d7
To prevent the problem of mixing user name and password and host name and user name we add length of the hostname and user name to the hash.
100 lines
2.5 KiB
Text
100 lines
2.5 KiB
Text
--source include/not_embedded.inc
|
|
|
|
if (!$PASSWORD_REUSE_CHECK_SO) {
|
|
skip No PASSWORD_REUSE_CHECK plugin;
|
|
}
|
|
|
|
install soname "password_reuse_check";
|
|
|
|
set global password_reuse_check_interval= 0;
|
|
|
|
--echo # Default value (sould be unlimited i.e. 0)
|
|
SHOW GLOBAL VARIABLES like "password_reuse_check%";
|
|
|
|
--echo # insert user
|
|
grant select on *.* to user_name@localhost identified by 'test_pwd';
|
|
|
|
--error ER_NOT_VALID_PASSWORD
|
|
grant select on *.* to user_name@localhost identified by 'test_pwd';
|
|
show warnings;
|
|
|
|
--error ER_CANNOT_USER
|
|
alter user user_name@localhost identified by 'test_pwd';
|
|
show warnings;
|
|
|
|
# Plugin does not work for it
|
|
#--error ER_NOT_VALID_PASSWORD
|
|
#SET PASSWORD FOR user_name@localhost = PASSWORD('test_pwd');
|
|
|
|
--echo # check exparation
|
|
|
|
set global password_reuse_check_interval= 10;
|
|
|
|
--error ER_CANNOT_USER
|
|
alter user user_name@localhost identified by 'test_pwd';
|
|
show warnings;
|
|
select hex(hash) from mysql.password_reuse_check_history;
|
|
|
|
--echo # emulate old password
|
|
update mysql.password_reuse_check_history set time= date_sub(now(), interval
|
|
11 day);
|
|
|
|
alter user user_name@localhost identified by 'test_pwd';
|
|
show warnings;
|
|
|
|
drop user user_name@localhost;
|
|
|
|
show create table mysql.password_reuse_check_history;
|
|
select count(*) from mysql.password_reuse_check_history;
|
|
|
|
drop table mysql.password_reuse_check_history;
|
|
|
|
--echo # test error messages
|
|
|
|
set global password_reuse_check_interval= 0;
|
|
|
|
drop table if exists mysql.password_reuse_check_history;
|
|
|
|
--echo # test error messages
|
|
|
|
create table mysql.password_reuse_check_history (wrong_structure int);
|
|
|
|
--error ER_NOT_VALID_PASSWORD
|
|
grant select on *.* to user_name@localhost identified by 'test_pwd';
|
|
show warnings;
|
|
|
|
set global password_reuse_check_interval= 10;
|
|
|
|
--error ER_NOT_VALID_PASSWORD
|
|
grant select on *.* to user_name@localhost identified by 'test_pwd';
|
|
show warnings;
|
|
|
|
drop table mysql.password_reuse_check_history;
|
|
|
|
--echo #
|
|
--echo # MDEV-28838: password_reuse_check plugin mixes username and password
|
|
--echo #
|
|
|
|
grant select on *.* to user_name@localhost identified by 'test_pwd';
|
|
|
|
grant select on *.* to user_nam@localhost identified by 'etest_pwd';
|
|
show warnings;
|
|
|
|
drop user user_name@localhost;
|
|
drop user user_nam@localhost;
|
|
drop table mysql.password_reuse_check_history;
|
|
|
|
grant select on *.* to user_name@localhost identified by 'test_pwd';
|
|
|
|
grant select on *.* to tuser_name@localhos identified by 'test_pwd';
|
|
show warnings;
|
|
|
|
drop user user_name@localhost;
|
|
drop user tuser_name@localhos;
|
|
|
|
--echo #
|
|
--echo # End of 10.7 tests
|
|
--echo #
|
|
|
|
drop table mysql.password_reuse_check_history;
|
|
uninstall plugin password_reuse_check;
|