mirror of
https://github.com/MariaDB/server.git
synced 2025-01-16 03:52:35 +01:00
3f9182126c
C/C 3.4 disables mysql_old_password by default, so add an option for the `connect` command to support specifying allowed authentication plugins (MARIADB_OPT_RESTRICTED_AUTH). use it to enable mysql_old_password when needed for testing
175 lines
6 KiB
Text
175 lines
6 KiB
Text
#
|
|
# MDEV-9835 Valid password is not working after server restart.
|
|
#
|
|
# Various combinations of SET PASSWORD and not-empty mysql.user.plugin field
|
|
#
|
|
--source include/not_embedded.inc
|
|
#enable view protocol after fix MDEV-29542
|
|
--source include/no_view_protocol.inc
|
|
|
|
--enable_connect_log
|
|
|
|
set global secure_auth=0;
|
|
|
|
# The hash (old and new) is for 'test'
|
|
create user natauth@localhost identified via 'mysql_native_password' using '*94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29';
|
|
|
|
create user invalidauth@localhost identified via 'mysql_native_password' using 'invalid';
|
|
|
|
create user newpass@localhost identified by password '*94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29';
|
|
|
|
create user invalidpass@localhost identified by password 'invalid';
|
|
|
|
create user newpassnat@localhost identified via 'mysql_native_password';
|
|
set password for newpassnat@localhost = '*94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29';
|
|
|
|
create user invalidpassnat@localhost identified by password 'invalid';
|
|
set password for invalidpassnat@localhost = 'invalid';
|
|
|
|
create user oldauth@localhost identified with 'mysql_old_password' using '378b243e220ca493';
|
|
|
|
create user oldpass@localhost identified by password '378b243e220ca493';
|
|
|
|
create user oldpassold@localhost identified with 'mysql_old_password';
|
|
set password for oldpassold@localhost = '378b243e220ca493';
|
|
|
|
create user invalidmysql57auth@localhost identified via 'mysql_native_password' using '*THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE';
|
|
|
|
--sorted_result
|
|
select user, host, password, plugin, authentication_string from mysql.user where user != 'root';
|
|
|
|
--connect(con,localhost,natauth,test,)
|
|
select current_user();
|
|
--disconnect con
|
|
--connect(con,localhost,newpass,test,)
|
|
select current_user();
|
|
--disconnect con
|
|
--connect(con,localhost,newpassnat,test,)
|
|
select current_user();
|
|
--disconnect con
|
|
--connect(con,localhost,oldauth,test,,,,auth=mysql_old_password:mysql_native_password)
|
|
select current_user();
|
|
--disconnect con
|
|
--connect(con,localhost,oldpass,test,,,,auth=mysql_old_password:mysql_native_password)
|
|
select current_user();
|
|
--disconnect con
|
|
--connect(con,localhost,oldpassold,test,,,,auth=mysql_old_password:mysql_native_password)
|
|
select current_user();
|
|
--disconnect con
|
|
|
|
--connection default
|
|
|
|
flush privileges;
|
|
|
|
--connect(con,localhost,natauth,test,)
|
|
select current_user();
|
|
--disconnect con
|
|
--connect(con,localhost,newpass,test,)
|
|
select current_user();
|
|
--disconnect con
|
|
--connect(con,localhost,newpassnat,test,)
|
|
select current_user();
|
|
--disconnect con
|
|
--connect(con,localhost,oldauth,test,,,,auth=mysql_old_password:mysql_native_password)
|
|
select current_user();
|
|
--disconnect con
|
|
--connect(con,localhost,oldpass,test,,,,auth=mysql_old_password:mysql_native_password)
|
|
select current_user();
|
|
--disconnect con
|
|
--connect(con,localhost,oldpassold,test,,,,auth=mysql_old_password:mysql_native_password)
|
|
select current_user();
|
|
--disconnect con
|
|
|
|
--connection default
|
|
|
|
# changing to the NEW password hash
|
|
set password for natauth@localhost = PASSWORD('test2');
|
|
set password for newpass@localhost = PASSWORD('test2');
|
|
set password for newpassnat@localhost = PASSWORD('test2');
|
|
set password for oldauth@localhost = PASSWORD('test2');
|
|
set password for oldpass@localhost = PASSWORD('test2');
|
|
set password for oldpassold@localhost = PASSWORD('test2');
|
|
|
|
--sorted_result
|
|
select user, host, password, plugin, authentication_string from mysql.user where user != 'root';
|
|
|
|
--connect(con,localhost,natauth,test2,)
|
|
select current_user();
|
|
--disconnect con
|
|
--connect(con,localhost,newpass,test2,)
|
|
select current_user();
|
|
--disconnect con
|
|
--connect(con,localhost,newpassnat,test2,)
|
|
select current_user();
|
|
--disconnect con
|
|
--connect(con,localhost,oldauth,test2,)
|
|
select current_user();
|
|
--disconnect con
|
|
--connect(con,localhost,oldpass,test2,)
|
|
select current_user();
|
|
--disconnect con
|
|
--connect(con,localhost,oldpassold,test2,)
|
|
select current_user();
|
|
--disconnect con
|
|
|
|
--connection default
|
|
|
|
flush privileges;
|
|
|
|
--connect(con,localhost,natauth,test2,)
|
|
select current_user();
|
|
--disconnect con
|
|
--connect(con,localhost,newpass,test2,)
|
|
select current_user();
|
|
--disconnect con
|
|
--connect(con,localhost,newpassnat,test2,)
|
|
select current_user();
|
|
--disconnect con
|
|
|
|
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
|
|
--error ER_ACCESS_DENIED_ERROR
|
|
--connect(con,localhost,invalidauth,invalid,)
|
|
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
|
|
--error ER_ACCESS_DENIED_ERROR
|
|
--connect(con,localhost,invalidpass,invalid,)
|
|
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
|
|
--error ER_ACCESS_DENIED_ERROR
|
|
--connect(con,localhost,invalidpassnat,invalid,)
|
|
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
|
|
--error ER_ACCESS_DENIED_ERROR
|
|
--connect(con,localhost,invalidmysql57auth,invalid,)
|
|
|
|
--connect(con,localhost,oldauth,test2,)
|
|
select current_user();
|
|
--disconnect con
|
|
--connect(con,localhost,oldpass,test2,)
|
|
select current_user();
|
|
--disconnect con
|
|
--connect(con,localhost,oldpassold,test2,)
|
|
select current_user();
|
|
--disconnect con
|
|
|
|
--connection default
|
|
drop user natauth@localhost, newpass@localhost, newpassnat@localhost;
|
|
drop user invalidauth@localhost, invalidpass@localhost, invalidpassnat@localhost,invalidmysql57auth@localhost;
|
|
drop user oldauth@localhost, oldpass@localhost, oldpassold@localhost;
|
|
set global secure_auth=default;
|
|
|
|
#
|
|
# MDEV-16238 root/localhost authn prioritizes authentication_string over Password
|
|
#
|
|
--source include/switch_to_mysql_user.inc
|
|
create user foo@localhost identified with mysql_native_password;
|
|
update mysql.user set authentication_string=password('foo'), plugin='mysql_native_password' where user='foo' and host='localhost';
|
|
set password for 'foo'@'localhost' = password('bar');
|
|
flush privileges;
|
|
--connect foo, localhost, foo, bar
|
|
select user(), current_user();
|
|
show grants;
|
|
--disconnect foo
|
|
--connection default
|
|
select user,host,password,plugin,authentication_string from mysql.user where user='foo';
|
|
set password for 'foo'@'localhost' = '';
|
|
select user,host,password,plugin,authentication_string from mysql.user where user='foo';
|
|
drop user foo@localhost;
|
|
--source include/switch_to_mysql_global_priv.inc
|