mirror of
https://github.com/MariaDB/server.git
synced 2025-01-16 12:02:42 +01:00
0253ea7f22
Also fixes: MDEV-21487: Implement option for mysql_upgrade that allows root@localhost to be replaced MDEV-21486: Implement option for mysql_install_db that allows root@localhost to be replaced Add user mariadb.sys to be definer of user view (and has right on underlying table global_priv for required operation over global_priv (SELECT,UPDATE,DELETE)) Also changed definer of gis functions in case of creation, but they work with any definer so upgrade script do not try to push this change.
37 lines
1,017 B
Text
37 lines
1,017 B
Text
source include/not_embedded.inc;
|
|
|
|
#
|
|
# MDEV-3909 remote user enumeration
|
|
#
|
|
# verify that for some failed login attemps (with wrong user names)
|
|
# the server requests a plugin
|
|
#
|
|
create user foo identified via mysql_old_password;
|
|
create user bar identified via mysql_old_password;
|
|
create user baz identified via mysql_old_password;
|
|
|
|
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
|
|
--error ER_ACCESS_DENIED_ERROR
|
|
connect (fail,localhost,u1);
|
|
|
|
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
|
|
--error ER_SERVER_IS_IN_SECURE_AUTH_MODE
|
|
connect (fail,localhost,uu2);
|
|
|
|
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
|
|
--error ER_SERVER_IS_IN_SECURE_AUTH_MODE
|
|
connect (fail,localhost,uu2,password);
|
|
|
|
--error ER_ACCESS_DENIED_ERROR
|
|
change_user u1;
|
|
|
|
--error ER_SERVER_IS_IN_SECURE_AUTH_MODE
|
|
change_user uu2;
|
|
|
|
--error ER_SERVER_IS_IN_SECURE_AUTH_MODE
|
|
change_user uu2,password;
|
|
|
|
delete from mysql.user where plugin = 'mysql_old_password';
|
|
flush privileges;
|
|
|
|
|