mariadb/plugin/auth_gssapi/mysql-test/auth_gssapi/groups.test

source include/windows.inc;
--replace_regex /name '[^']+'/name 'localhost'/
INSTALL SONAME 'auth_gssapi';


# Invalid group name
CREATE USER 'nosuchgroup' IDENTIFIED WITH gssapi AS 'GROUP:nosuchgroup';
replace_result $MASTER_MYSOCK MASTER_MYSOCK $MASTER_MYPORT MASTER_MYPORT;
error ER_ACCESS_DENIED_ERROR;
connect (con1,localhost,nosuchuser,,);
DROP USER nosuchgroup;

# Group with no members, NULL SID
CREATE USER 'nullsid' IDENTIFIED WITH gssapi AS 'SID:S-1-0-0';
replace_result $MASTER_MYSOCK MASTER_MYSOCK $MASTER_MYPORT MASTER_MYPORT;
error ER_ACCESS_DENIED_ERROR;
connect (con1,localhost,nullsid,,);
DROP USER nullsid;


# Anonymous
CREATE USER 'anonymous' IDENTIFIED WITH gssapi AS 'SID:AN';
replace_result $MASTER_MYSOCK MASTER_MYSOCK $MASTER_MYPORT MASTER_MYPORT;
error ER_ACCESS_DENIED_ERROR;
connect (con1,localhost,anonymous,,);
DROP USER anonymous;


# Positive tests

# Everyone group
CREATE USER 'group_everyone' IDENTIFIED WITH gssapi AS 'GROUP:Everyone';
replace_result $MASTER_MYSOCK MASTER_MYSOCK $MASTER_MYPORT MASTER_MYPORT;
connect (con1,localhost,group_everyone,,);
disconnect con1;
connection default;
DROP USER group_everyone;

# Everyone AS well-known SID name
CREATE USER 'sid_wd' IDENTIFIED WITH gssapi AS 'SID:WD';
replace_result $MASTER_MYSOCK MASTER_MYSOCK $MASTER_MYPORT MASTER_MYPORT;
connect (con1,localhost,sid_wd,,);
disconnect con1;
connection default;
DROP USER sid_wd;

# Everyone AS SID S-1-1-0
CREATE USER 'S_1_1_0' IDENTIFIED WITH gssapi AS 'SID:S-1-1-0';
replace_result $MASTER_MYSOCK MASTER_MYSOCK $MASTER_MYPORT MASTER_MYPORT;
connect (con1,localhost,S_1_1_0,,);
disconnect con1;
connection default;
DROP USER S_1_1_0;

replace_result $GSSAPI_SHORTNAME GSSAPI_SHORTNAME;
eval CREATE USER 'me_short' IDENTIFIED WITH gssapi AS 'GROUP:$GSSAPI_SHORTNAME';
replace_result $MASTER_MYSOCK MASTER_MYSOCK $MASTER_MYPORT MASTER_MYPORT;
connect (con1,localhost,me_short,,);
disconnect con1;
connection default;
DROP USER me_short;


replace_result $SID MY-SID;
eval CREATE USER 'me_sid' IDENTIFIED WITH gssapi AS 'SID:$SID';
replace_result $MASTER_MYSOCK MASTER_MYSOCK $MASTER_MYPORT MASTER_MYPORT;
connect (con1,localhost,me_sid,,);
disconnect con1;
connection default;
DROP USER me_sid;


UNINSTALL SONAME 'auth_gssapi';