107 lines
4.0 KiB
Plaintext
107 lines
4.0 KiB
Plaintext
--source include/mysql_upgrade_preparation.inc
|
|
--source include/allowed_ciphers.inc
|
|
|
|
# This test will intentionally generate errors in the server error log
|
|
# when a broken password is inserted into the mysql.user table.
|
|
# The below suppression is to clear those errors.
|
|
--disable_query_log
|
|
call mtr.add_suppression(".*Password salt for user.*");
|
|
call mtr.add_suppression("Found invalid password for user:*");
|
|
--enable_query_log
|
|
|
|
CREATE USER 'kristofer' IDENTIFIED WITH 'sha256_password';
|
|
ALTER USER 'kristofer' IDENTIFIED BY 'secret';
|
|
SELECT user, plugin FROM mysql.user ORDER BY user;
|
|
connect(con1,localhost,kristofer,secret,,);
|
|
connection con1;
|
|
SELECT USER(),CURRENT_USER();
|
|
connection default;
|
|
disconnect con1;
|
|
# Make sure authentication also works if client default_auth is changed and that
|
|
# it possible to select a local public key fil using client options.
|
|
DROP USER 'kristofer';
|
|
|
|
CREATE USER 'kristofer'@'localhost' IDENTIFIED WITH 'sha256_password' BY '123';
|
|
CREATE USER 'kristofer2'@'localhost' IDENTIFIED WITH 'sha256_password' BY '123';
|
|
ALTER USER 'kristofer'@'localhost' IDENTIFIED BY 'secret2';
|
|
ALTER USER 'kristofer2'@'localhost' IDENTIFIED BY 'secret2';
|
|
--disable_query_log
|
|
--error ER_ACCESS_DENIED_ERROR
|
|
connect(con2,localhost,kristofer,badpassword,,);
|
|
--enable_query_log
|
|
connect(con2,localhost,kristofer,secret2,,);
|
|
connection con2;
|
|
SELECT USER(),CURRENT_USER();
|
|
--replace_regex /AS .*$/AS '<non-deterministic-password-hash>'/
|
|
SHOW CREATE USER 'kristofer'@'localhost';
|
|
|
|
--echo Change user (should succeed)
|
|
change_user kristofer2,secret2;
|
|
SELECT USER(),CURRENT_USER();
|
|
|
|
connection default;
|
|
disconnect con2;
|
|
--echo **** Client default_auth=sha_256_password and server default auth=native
|
|
--exec $MYSQL -ukristofer -psecret2 --default_auth=sha256_password -e "select user(), current_user()"
|
|
--echo **** Client default_auth=native and server default auth=native
|
|
--exec $MYSQL -ukristofer -psecret2 --default_auth=mysql_native_password -e "select user(), current_user()"
|
|
--echo **** Client default_auth=sha_256_password + public key on file.
|
|
--exec $MYSQL -ukristofer -psecret2 --default_auth=sha256_password --server_public_key_path=$MYSQL_TEST_DIR/std_data/rsa_public_key.pem -e "select user(), current_user()"
|
|
DROP USER 'kristofer'@'localhost';
|
|
DROP USER 'kristofer2'@'localhost';
|
|
|
|
CREATE USER 'kristofer'@'localhost' IDENTIFIED WITH 'sha256_password' BY '123';
|
|
ALTER USER 'kristofer'@'localhost' IDENTIFIED BY '';
|
|
--disable_query_log
|
|
--error ER_ACCESS_DENIED_ERROR
|
|
connect(con3,localhost,kristofer,wrongpass,,);
|
|
--enable_query_log
|
|
connect(con3,localhost,kristofer,,,);
|
|
connection con3;
|
|
SELECT USER(),CURRENT_USER();
|
|
--replace_regex /AS .*$/AS '<non-deterministic-password-hash>'/
|
|
SHOW CREATE USER 'kristofer'@'localhost';
|
|
connection default;
|
|
disconnect con3;
|
|
DROP USER 'kristofer'@'localhost';
|
|
|
|
CREATE USER 'kristofer'@'33.33.33.33' IDENTIFIED WITH 'sha256_password' BY '123';
|
|
ALTER USER 'kristofer'@'33.33.33.33' IDENTIFIED BY '';
|
|
--echo Connection should fail for localhost
|
|
--replace_result $MASTER_MYSOCK MASTER_MYSOCK
|
|
--disable_query_log
|
|
--error ER_ACCESS_DENIED_ERROR
|
|
connect(con4,127.0.0.1,kristofer,,,);
|
|
--enable_query_log
|
|
DROP USER 'kristofer'@'33.33.33.33';
|
|
|
|
#
|
|
# test bad password formats
|
|
#
|
|
CREATE USER 'kristofer' IDENTIFIED WITH 'sha256_password';
|
|
ALTER USER 'kristofer' IDENTIFIED BY 'secret';
|
|
SELECT user, plugin FROM mysql.user ORDER BY user;
|
|
--disable_query_log
|
|
connect(con1,localhost,kristofer,secret);
|
|
--enable_query_log
|
|
connection con1;
|
|
SELECT USER(),CURRENT_USER();
|
|
connection default;
|
|
disconnect con1;
|
|
UPDATE mysql.user SET authentication_string= '$' WHERE user='kristofer';
|
|
FLUSH PRIVILEGES;
|
|
SELECT user,authentication_string,plugin FROM mysql.user WHERE user='kristofer';
|
|
--disable_query_log
|
|
--error ER_ACCESS_DENIED_ERROR
|
|
connect(con1,localhost,kristofer,secret);
|
|
--enable_query_log
|
|
|
|
UPDATE mysql.user SET authentication_string= '$5$asd' WHERE user='kristofer';
|
|
FLUSH PRIVILEGES;
|
|
SELECT user,authentication_string,plugin FROM mysql.user WHERE user='kristofer';
|
|
--disable_query_log
|
|
--error ER_ACCESS_DENIED_ERROR
|
|
connect(con1,localhost,kristofer,secret);
|
|
--enable_query_log
|
|
DROP USER kristofer;
|