mirror of
https://github.com/MariaDB/server.git
synced 2025-01-16 12:02:42 +01:00
37 lines
1,013 B
Text
37 lines
1,013 B
Text
source include/not_embedded.inc;
|
|
|
|
#
|
|
# MDEV-3909 remote user enumeration
|
|
#
|
|
# verify that for some failed login attemps (with wrong user names)
|
|
# the server requests a plugin
|
|
#
|
|
create user foo identified via mysql_old_password;
|
|
create user bar identified via mysql_old_password;
|
|
create user baz identified via mysql_old_password;
|
|
|
|
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
|
|
--error ER_ACCESS_DENIED_ERROR
|
|
connect (fail,localhost,u1);
|
|
|
|
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
|
|
--error ER_SERVER_IS_IN_SECURE_AUTH_MODE
|
|
connect (fail,localhost,u2);
|
|
|
|
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
|
|
--error ER_SERVER_IS_IN_SECURE_AUTH_MODE
|
|
connect (fail,localhost,u2,password);
|
|
|
|
--error ER_ACCESS_DENIED_ERROR
|
|
change_user u1;
|
|
|
|
--error ER_SERVER_IS_IN_SECURE_AUTH_MODE
|
|
change_user u2;
|
|
|
|
--error ER_SERVER_IS_IN_SECURE_AUTH_MODE
|
|
change_user u2,password;
|
|
|
|
delete from mysql.user where plugin = 'mysql_old_password';
|
|
flush privileges;
|
|
|
|
|