mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-01-16 12:02:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
mariadb/mysql-test/suite/plugins/t/pam.test
Oleksandr Byelkin cf63eecef4 Merge branch '10.4' into 10.5
2022-02-01 20:33:04 +01:00

126 lines
3.4 KiB
Text
Raw Blame History

let $PAM_PLUGIN_VERSION= $AUTH_PAM_SO;
--source pam_init.inc
--write_file $MYSQLTEST_VARDIR/tmp/pam_good.txt
not very secret challenge
9225
select user(), current_user(), database();
EOF
--write_file $MYSQLTEST_VARDIR/tmp/pam_bad.txt
not very secret challenge
9224
select user(), current_user(), database();
EOF
--write_file $MYSQLTEST_VARDIR/tmp/pam_ugly.txt
crash pam module
616
select user(), current_user(), database();
EOF
--write_file $MYSQLTEST_VARDIR/tmp/pam_good2.txt
9212
select user(), current_user(), database();
EOF
--echo #
--echo # athentication is successful, challenge/pin are ok
--echo # note that current_user() differs from user()
--echo #
--exec $MYSQL_TEST -u test_pam < $MYSQLTEST_VARDIR/tmp/pam_good.txt
--echo #
--echo # athentication is unsuccessful
--echo #
--error 1
--exec $MYSQL_TEST -u test_pam < $MYSQLTEST_VARDIR/tmp/pam_bad.txt
--echo #
--echo # athentication is unsuccessful
--echo #
--error 1
--exec $MYSQL_TEST -u test_pam < $MYSQLTEST_VARDIR/tmp/pam_ugly.txt
--echo #
--echo # athentication is successful
--echo #
--exec $MYSQL_TEST -u test_pam -pgoodpassword < $MYSQLTEST_VARDIR/tmp/pam_good2.txt
--echo #
--echo # athentication is unsuccessful
--echo #
--error 1
--exec $MYSQL_TEST -u test_pam -pbadpassword < $MYSQLTEST_VARDIR/tmp/pam_good2.txt
--echo #
--echo # MDEV-26339 Account specifics to be handled before proxying
--echo #
# one can connect if the proxy account is locked
alter user pam_test account lock;
alter user pam_test require subject 'foobar';
alter user pam_test password expire;
--error 0
--exec $MYSQL_TEST -u test_pam -pgoodpassword < $MYSQLTEST_VARDIR/tmp/pam_good2.txt
alter user pam_test account unlock;
alter user pam_test require none;
alter user pam_test identified by '';
show create user pam_test;
#one cannot connect if the proxied account is locked
alter user test_pam account lock;
--error 1
--exec $MYSQL_TEST -u test_pam -pgoodpassword < $MYSQLTEST_VARDIR/tmp/pam_good2.txt
alter user test_pam account unlock;
alter user test_pam require subject 'foobar';
--error 1
--exec $MYSQL_TEST -u test_pam -pgoodpassword < $MYSQLTEST_VARDIR/tmp/pam_good2.txt
alter user test_pam require none;
alter user test_pam password expire;
--error 1
--exec $MYSQL_TEST -u test_pam -pgoodpassword < $MYSQLTEST_VARDIR/tmp/pam_good2.txt
drop user test_pam;
drop user pam_test;
create user PAM_TEST identified via pam using 'mariadb_mtr';
--echo #
--echo # athentication is unsuccessful
--echo #
--error 1
--exec $MYSQL_TEST -u PAM_TEST < $MYSQLTEST_VARDIR/tmp/pam_good.txt
set global pam_winbind_workaround=1;
--echo #
--echo # athentication is successful
--echo #
--exec $MYSQL_TEST -u PAM_TEST < $MYSQLTEST_VARDIR/tmp/pam_good.txt
--remove_file $MYSQLTEST_VARDIR/tmp/pam_good.txt
--remove_file $MYSQLTEST_VARDIR/tmp/pam_good2.txt
--remove_file $MYSQLTEST_VARDIR/tmp/pam_bad.txt
--remove_file $MYSQLTEST_VARDIR/tmp/pam_ugly.txt
drop user PAM_TEST;
--echo #
--echo # MDEV-27341 Use SET PASSWORD to change PAM service
--echo #
create user pam_test identified via pam using 'mariadb_mtr';
--write_file $MYSQLTEST_VARDIR/tmp/setpwd.txt
not very secret challenge
9225
select user(), current_user(), database();
error ER_SET_PASSWORD_AUTH_PLUGIN;
set password='foo';
show create user;
EOF
--exec $MYSQL_TEST -u pam_test < $MYSQLTEST_VARDIR/tmp/setpwd.txt
--remove_file $MYSQLTEST_VARDIR/tmp/setpwd.txt
drop user pam_test;
let $count_sessions= 1;
--source include/wait_until_count_sessions.inc
uninstall plugin pam;
Reference in a new issue View git blame Copy permalink