mirror of
https://github.com/MariaDB/server.git
synced 2025-01-16 20:12:31 +01:00
f77895ebf3
sorting them by usernames first, and then by get_sort() value. Search functions now use binary search to find the the first entry with given name. Then, linear search is done, until the first match.
37 lines
1 KiB
Text
37 lines
1 KiB
Text
source include/not_embedded.inc;
|
|
|
|
#
|
|
# MDEV-3909 remote user enumeration
|
|
#
|
|
# verify that for some failed login attemps (with wrong user names)
|
|
# the server requests a plugin
|
|
#
|
|
optimize table mysql.user;
|
|
insert ignore mysql.user (user,plugin) values ('foo','mysql_old_password'),('bar','mysql_old_password'),('baz','mysql_old_password');
|
|
flush privileges;
|
|
|
|
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
|
|
--error ER_ACCESS_DENIED_ERROR
|
|
connect (fail,localhost,u1);
|
|
|
|
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
|
|
--error ER_SERVER_IS_IN_SECURE_AUTH_MODE
|
|
connect (fail,localhost,u2);
|
|
|
|
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
|
|
--error ER_SERVER_IS_IN_SECURE_AUTH_MODE
|
|
connect (fail,localhost,u2,password);
|
|
|
|
--error ER_ACCESS_DENIED_ERROR
|
|
change_user u1;
|
|
|
|
--error ER_SERVER_IS_IN_SECURE_AUTH_MODE
|
|
change_user u2;
|
|
|
|
--error ER_SERVER_IS_IN_SECURE_AUTH_MODE
|
|
change_user u2,password;
|
|
|
|
delete from mysql.user where plugin = 'mysql_old_password';
|
|
flush privileges;
|
|
|
|
|