Current Path : /home/usr.opt/mysql57/mysql-test/suite/binlog/t/ |
FreeBSD hs32.drive.ne.jp 9.1-RELEASE FreeBSD 9.1-RELEASE #1: Wed Jan 14 12:18:08 JST 2015 root@hs32.drive.ne.jp:/sys/amd64/compile/hs32 amd64 |
Current File : //home/usr.opt/mysql57/mysql-test/suite/binlog/t/binlog_grant_alter_user.test |
################### suite/binlog/t/binlog_grant_alter_user.test ################### # Replication Testing CREATE/ALTER/GRANT USER new syntax with New variable # # "log-builtin-as-identified-by-password" default value "OFF" # # # # Test for WL#6409 # # created :2015-01-02 # # Modified:2015-02-04 WL#6054 # # Author : Lalit Choudhary # # # ################################################################################### --source include/not_embedded.inc # Save the initial number of concurrent sessions --source include/count_sessions.inc --source include/master-slave.inc --connection master SHOW GLOBAL VARIABLES LIKE 'log_builtin_as_identified_by_password'; --echo # --echo # WL#6409: CREATE/ALTER USER --echo # --echo # CREATE USER --echo CREATE USER user1; query_vertical SELECT host,user,plugin,authentication_string FROM mysql.user WHERE user = 'user1'; --echo --error ER_PARSE_ERROR CREATE USER user3@%; # Sequence of the attributes. provide password first and auth_plugin later on --error ER_PARSE_ERROR CREATE USER user3@localhost BY 'auth_string' WITH 'mysql_native_password'; CREATE USER "user2"@'%'; query_vertical SELECT host,user,plugin,authentication_string FROM mysql.user WHERE user='user2'; --echo CREATE USER u1@localhost; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string FROM mysql.user WHERE USER='u1'; CREATE USER u2@localhost IDENTIFIED BY 'auth_string' ACCOUNT LOCK; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string FROM mysql.user WHERE USER='u2'; --echo --error ER_PARSE_ERROR CREATE USER user5@localhost IDENTIFIED AS 'auth_string'; CREATE USER u3@localhost IDENTIFIED WITH 'mysql_native_password'; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string FROM mysql.user WHERE USER='u3'; CREATE USER u4@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string'; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string FROM mysql.user WHERE USER='u4'; # Testing connection --connect(con1, localhost, u4,'auth_string') SELECT USER(); connection default; disconnect con1; --echo CREATE USER user4@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string'; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string FROM mysql.user WHERE USER='user4'; --echo CREATE USER user6@localhost IDENTIFIED WITH 'mysql_native_password'; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string FROM mysql.user WHERE USER='user6'; --echo CREATE USER user7@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string#%y' PASSWORD EXPIRE NEVER ACCOUNT UNLOCK; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string FROM mysql.user WHERE USER='user7'; --echo # Testing connection --connect(con1, localhost, user7, 'auth_string#%y') SELECT USER(); connection default; disconnect con1; CREATE USER user8@localhost IDENTIFIED WITH 'mysql_native_password' AS '*67092806AE91BFB6BE72DE6C7BE2B7CCA8CFA9DF'; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string FROM mysql.user WHERE USER='user8'; # Testing connection --connect(con1, localhost, user8,'auth_string') SELECT USER(); connection default; disconnect con1; # Tesing with mysql_native_password plugin. CREATE USER tu1@localhost IDENTIFIED WITH 'mysql_native_password'; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string,password_expired, password_expired FROM mysql.user WHERE USER='tu1'; CREATE USER tu2@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_@13*'; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string, password_expired FROM mysql.user WHERE USER='tu2'; --echo CREATE USER tu3@localhost IDENTIFIED WITH 'mysql_native_password' BY '%auth_O0s-tring'; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string,password_expired FROM mysql.user WHERE USER='tu3'; --echo CREATE USER u5@localhost REQUIRE SSL; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string,ssl_type FROM mysql.user WHERE USER='u5'; CREATE USER u6@localhost IDENTIFIED BY 'auth_string' REQUIRE X509; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string,ssl_type FROM mysql.user WHERE USER='u6'; CREATE USER tu4@localhost IDENTIFIED WITH 'mysql_native_password' BY 'djgsj743$' REQUIRE SSL; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string,ssl_type FROM mysql.user WHERE USER='tu4'; CREATE USER tu5@localhost IDENTIFIED WITH 'mysql_native_password' BY 'dwh@#ghd$!' REQUIRE X509; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string,ssl_type FROM mysql.user WHERE USER='tu5'; CREATE USER u7@localhost IDENTIFIED WITH 'mysql_native_password' REQUIRE CIPHER 'cipher'; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string,ssl_type,ssl_cipher, x509_issuer,x509_subject FROM mysql.user WHERE USER='u7'; CREATE USER u8@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string' REQUIRE ISSUER '/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=CA'; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string,ssl_type,ssl_cipher, x509_issuer,x509_subject FROM mysql.user WHERE USER='u8'; CREATE USER u9@localhost REQUIRE SUBJECT 'sub'; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string,ssl_type,ssl_cipher, x509_issuer,x509_subject FROM mysql.user WHERE USER='u9'; CREATE USER u10@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string#y' REQUIRE CIPHER "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=Client" ISSUER "/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=CA"; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string,ssl_type,ssl_cipher, x509_issuer,x509_subject FROM mysql.user WHERE USER='u10'; # Testing connection --connect(con1, localhost, u10,'auth_string#y',,,,SSL) SELECT USER(); connection default; disconnect con1; CREATE USER tu6@localhost IDENTIFIED WITH 'mysql_native_password' BY '#hGrt0O6' REQUIRE CIPHER "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=Client" ISSUER "/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=CA" WITH MAX_QUERIES_PER_HOUR 2 MAX_USER_CONNECTIONS 2; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string,ssl_type,ssl_cipher,x509_issuer, x509_subject,max_questions,max_user_connections FROM mysql.user WHERE USER='tu6'; CREATE USER u11@localhost WITH MAX_QUERIES_PER_HOUR 2; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string,max_questions FROM mysql.user WHERE USER='u11'; CREATE USER u12@localhost IDENTIFIED BY 'auth_string' WITH MAX_QUERIES_PER_HOUR 2; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string,max_questions FROM mysql.user WHERE USER='u12'; CREATE USER u13@localhost IDENTIFIED WITH 'mysql_native_password' WITH MAX_CONNECTIONS_PER_HOUR 2; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string,max_connections FROM mysql.user WHERE USER='u13'; CREATE USER u14@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string' WITH MAX_USER_CONNECTIONS 2 ACCOUNT LOCK; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string,max_user_connections FROM mysql.user WHERE USER='u14'; CREATE USER u15@localhost, u16@localhost IDENTIFIED BY 'auth_string', u17@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string'; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string FROM mysql.user WHERE USER='u15'; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string FROM mysql.user WHERE USER='u16'; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string FROM mysql.user WHERE USER='u17'; CREATE USER u18@localhost, u19@localhost IDENTIFIED BY 'auth_string', u20@localhost IDENTIFIED WITH 'mysql_native_password', u21@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string', u22@localhost IDENTIFIED WITH 'mysql_native_password', u23@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_&string' REQUIRE SUBJECT '/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=Client' WITH MAX_QUERIES_PER_HOUR 2 MAX_USER_CONNECTIONS 2 ACCOUNT UNLOCK; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string,ssl_type,ssl_cipher, x509_issuer,x509_subject,max_questions,max_user_connections FROM mysql.user WHERE USER='u18'; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string,ssl_type,ssl_cipher, x509_issuer,x509_subject,max_questions,max_user_connections FROM mysql.user WHERE USER='u19'; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string,ssl_type,ssl_cipher, x509_issuer,x509_subject,max_questions,max_user_connections FROM mysql.user WHERE USER='u20'; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string,ssl_type,ssl_cipher, x509_issuer,x509_subject,max_questions,max_user_connections FROM mysql.user WHERE USER='u22'; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string,ssl_type,ssl_cipher, x509_issuer,x509_subject,max_questions,max_user_connections FROM mysql.user WHERE USER='u23'; DROP USER tu1@localhost,tu2@localhost,tu3@localhost,tu4@localhost,tu5@localhost, tu6@localhost,user1@'%',user2@'%',user4@localhost,user6@localhost, user7@localhost,user8@localhost, u1@localhost,u2@localhost,u3@localhost, u4@localhost,u5@localhost,u6@localhost, u7@localhost, u8@localhost, u9@localhost, u10@localhost,u11@localhost, u12@localhost,u13@localhost, u14@localhost,u15@localhost,u16@localhost,u17@localhost,u18@localhost, u19@localhost, u20@localhost,u21@localhost,u22@localhost,u23@localhost; --echo # ALTER USER CREATE USER u1@localhost; --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u1'; --echo # Its a no op ALTER USER u1@localhost; --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u1'; CREATE USER u2@localhost IDENTIFIED BY 'password_string'; --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u2'; ALTER USER u2@localhost IDENTIFIED BY 'new_auth_string'; # Look for auth_string and password last changed field --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u2'; # Testing connection --connect(con1, localhost, u2, new_auth_string) SELECT USER(); connection default; disconnect con1; --echo CREATE USER u3@localhost IDENTIFIED WITH 'mysql_native_password' ACCOUNT LOCK; --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u3'; ALTER USER u3@localhost IDENTIFIED WITH 'mysql_native_password' AS '*67092806AE91BFB6BE72DE6C7BE2B7CCA8CFA9DF' PASSWORD EXPIRE NEVER ACCOUNT UNLOCK; # Look for plugin,auth_string and password expired field --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u3'; # Testing connection --connect(con1, localhost, u3, 'auth_string') SELECT USER(); connection default; disconnect con1; ALTER USER u3@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string'; --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u3'; ALTER USER u3@localhost REQUIRE SUBJECT '/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=Client' WITH MAX_QUERIES_PER_HOUR 2 MAX_USER_CONNECTIONS 2 PASSWORD EXPIRE NEVER; --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u3'; CREATE USER u4@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string' ACCOUNT LOCK PASSWORD EXPIRE DEFAULT; --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u4'; ALTER USER u4@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string' ACCOUNT UNLOCK; # Look for plugin,auth_string field --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u4'; CREATE USER u5@localhost REQUIRE SSL; --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u5'; ALTER USER u5@localhost IDENTIFIED WITH 'mysql_native_password'; # Look for plugin,auth_string, password expired field --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u5'; # Testing connection --connect(con1, localhost, u5,,,,,SSL) SET PASSWORD='new_auth_string'; SELECT USER(); connection default; disconnect con1; CREATE USER u6@localhost IDENTIFIED BY 'auth_string' REQUIRE X509 ACCOUNT UNLOCK ACCOUNT LOCK PASSWORD EXPIRE INTERVAL 80 DAY; --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u6'; ALTER USER u6@localhost IDENTIFIED WITH 'mysql_native_password' BY 'new_auth_string' REQUIRE SSL ACCOUNT UNLOCK; --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u6'; CREATE USER u7@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string' REQUIRE CIPHER 'DHE-RSA-AES256-SHA'; --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u7'; ALTER USER u7@localhost IDENTIFIED WITH 'mysql_native_password' BY 'new_auth_string' REQUIRE ISSUER '/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=CA' ACCOUNT UNLOCK; # Look for plugin,auth_string, password expired, SSL type field --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u7'; # Testing connection --connect(con1, localhost, u7,'new_auth_string',,,,SSL) SELECT USER(); connection default; disconnect con1; CREATE USER u8@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string' REQUIRE ISSUER '/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=CA'; --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u8'; ALTER USER u8@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string' REQUIRE CIPHER "DHE-RSA-AES256-SHA"; # Look for plugin,auth_string, password expired, SSL fields --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u8'; # Testing connection --connect(con1, localhost, u8,'auth_string',,,,SSL) SELECT USER(); connection default; disconnect con1; CREATE USER tu1@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string' REQUIRE ISSUER 'issuer'; --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='tu1'; ALTER USER tu1@localhost IDENTIFIED WITH 'mysql_native_password' REQUIRE CIPHER "DHE-RSA-AES256-SHA"; # Look for plugin,auth_string, password expired, SSL fields --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='tu1'; CREATE USER u9@localhost REQUIRE SUBJECT 'sub'; --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u9'; ALTER USER u9@localhost REQUIRE ISSUER "/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=CA"; --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u9'; ALTER USER u9@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string77hg' REQUIRE ISSUER "/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=CA"; --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u9'; CREATE USER u10@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string' REQUIRE CIPHER "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=Client" ISSUER "/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=CA"; --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u10'; ALTER USER u10@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string' REQUIRE SSL; --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u10'; # Testing connection --connect(con1, localhost, u10,'auth_string',,,,SSL) SELECT USER(); connection default; disconnect con1; CREATE USER u11@localhost WITH MAX_QUERIES_PER_HOUR 2; --replace_column 7 # 9 # query_vertical SELECT user,max_questions FROM mysql.user WHERE USER='u11'; ALTER USER u11@localhost WITH MAX_QUERIES_PER_HOUR 6; --replace_column 7 # 9 # query_vertical SELECT user,max_questions FROM mysql.user WHERE USER='u11'; CREATE USER u12@localhost IDENTIFIED BY 'auth_string' WITH MAX_QUERIES_PER_HOUR 2; --replace_column 7 # 9 # query_vertical SELECT user,max_questions FROM mysql.user WHERE USER='u12'; ALTER USER u12@localhost IDENTIFIED WITH 'mysql_native_password' WITH MAX_QUERIES_PER_HOUR 8; --replace_column 7 # 9 # query_vertical SELECT user,max_questions FROM mysql.user WHERE USER='u12'; ALTER USER u12@localhost IDENTIFIED WITH 'mysql_native_password' WITH MAX_QUERIES_PER_HOUR 1000; --replace_column 7 # 9 # query_vertical SELECT user,max_questions FROM mysql.user WHERE USER='u12'; CREATE USER u13@localhost IDENTIFIED WITH 'mysql_native_password' WITH MAX_CONNECTIONS_PER_HOUR 2; --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u13'; ALTER USER u13@localhost PASSWORD EXPIRE; --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u13'; CREATE USER u14@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string' WITH MAX_USER_CONNECTIONS 2; --replace_column 7 # 10 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired,max_user_connections, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u14'; ALTER USER u14@localhost WITH MAX_USER_CONNECTIONS 12 PASSWORD EXPIRE INTERVAL 365 DAY; --replace_column 7 # 10 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired,max_user_connections, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u14'; CREATE USER tu2@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string' WITH MAX_USER_CONNECTIONS 2 ; --replace_column 7 # 11 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired,max_user_connections,max_questions, password_last_changed,password_lifetime FROM mysql.user WHERE USER='tu2'; ALTER USER tu2@localhost WITH MAX_USER_CONNECTIONS 12 MAX_QUERIES_PER_HOUR 543 PASSWORD EXPIRE INTERVAL 365 DAY; --replace_column 7 # 11 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired,max_user_connections,max_questions, password_last_changed,password_lifetime FROM mysql.user WHERE USER='tu2'; # Testing connection --connect(con1, localhost, tu2,'auth_string') SELECT USER(); connection default; disconnect con1; CREATE USER u15@localhost, u16@localhost IDENTIFIED WITH 'mysql_native_password', u17@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string'; --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u15'; --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u16'; --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u17'; ALTER USER u15@localhost IDENTIFIED WITH 'mysql_native_password', u16@localhost, u17@localhost IDENTIFIED BY 'new_auth_string' PASSWORD EXPIRE DEFAULT; --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u15'; --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u16'; --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u17'; CREATE USER u18@localhost, u19@localhost IDENTIFIED BY 'auth_string', u20@localhost IDENTIFIED WITH 'mysql_native_password', u21@localhost IDENTIFIED WITH 'mysql_native_password' BY '!Y_TOdh6)', u22@localhost IDENTIFIED WITH 'mysql_native_password', u23@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_&string' REQUIRE SUBJECT '/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=Client' WITH MAX_QUERIES_PER_HOUR 2 MAX_USER_CONNECTIONS 2; --replace_column 7 # 11 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired,max_user_connections, max_questions,password_last_changed,password_lifetime FROM mysql.user WHERE USER='u18'; --replace_column 7 # 11 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired,max_user_connections, max_questions,password_last_changed,password_lifetime FROM mysql.user WHERE USER='u19'; --replace_column 7 # 11 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired,max_user_connections, max_questions,password_last_changed,password_lifetime FROM mysql.user WHERE USER='u20'; --replace_column 7 # 11 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired,max_user_connections, max_questions,password_last_changed,password_lifetime FROM mysql.user WHERE USER='u21'; --replace_column 7 # 11 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired,max_user_connections, max_questions,password_last_changed,password_lifetime FROM mysql.user WHERE USER='u22'; --replace_column 7 # 11 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired,max_user_connections, max_questions,password_last_changed,password_lifetime FROM mysql.user WHERE USER='u23'; ALTER USER u18@localhost, u19@localhost, u20@localhost, u21@localhost, u22@localhost, u23@localhost REQUIRE SUBJECT '/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=Client' WITH MAX_QUERIES_PER_HOUR 2 MAX_USER_CONNECTIONS 2 PASSWORD EXPIRE NEVER; --replace_column 7 # 11 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired,max_user_connections, max_questions,password_last_changed,password_lifetime FROM mysql.user WHERE USER='u18'; --replace_column 7 # 11 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired,max_user_connections, max_questions,password_last_changed,password_lifetime FROM mysql.user WHERE USER='u19'; --replace_column 7 # 11 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired,max_user_connections, max_questions,password_last_changed,password_lifetime FROM mysql.user WHERE USER='u20'; --replace_column 7 # 11 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired,max_user_connections, max_questions,password_last_changed,password_lifetime FROM mysql.user WHERE USER='u21'; --replace_column 7 # 11 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired,max_user_connections, max_questions,password_last_changed,password_lifetime FROM mysql.user WHERE USER='u22'; --replace_column 7 # 11 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired,max_user_connections, max_questions,password_last_changed,password_lifetime FROM mysql.user WHERE USER='u23'; DROP USER tu1@localhost,tu2@localhost,u1@localhost, u2@localhost, u3@localhost, u4@localhost,u5@localhost,u6@localhost, u7@localhost, u8@localhost, u9@localhost,u10@localhost,u11@localhost,u12@localhost,u13@localhost, u14@localhost,u15@localhost,u16@localhost,u17@localhost,u18@localhost, u19@localhost,u20@localhost,u21@localhost,u22@localhost,u23@localhost; --echo # ALTER USER with current user CREATE USER u1@localhost IDENTIFIED BY 'abc'; --connect(con1, localhost, u1, abc) SELECT USER(); connection default; ALTER USER u1@localhost PASSWORD EXPIRE; disconnect con1; --connect(con1, localhost, u1, abc) --error ER_MUST_CHANGE_PASSWORD SELECT USER(); --enable_warnings SET PASSWORD = 'def'; --disable_warnings disconnect con1; --enable_warnings --connect(con1, localhost, u1, def) SELECT USER(); connection default; ALTER USER u1@localhost PASSWORD EXPIRE; disconnect con1; --connect(con1, localhost, u1, def) --error ER_MUST_CHANGE_PASSWORD SELECT USER(); # Password set to current user --error ER_PARSE_ERROR ALTER USER IDENTIFIED BY 'npwd'; ALTER USER USER() IDENTIFIED BY 'abc'; disconnect con1; --connect(con1, localhost, u1, abc) SELECT USER(); connection default; ALTER USER u1@localhost PASSWORD EXPIRE; disconnect con1; --connect(con1, localhost, u1, abc) --error ER_MUST_CHANGE_PASSWORD SELECT USER(); connection default; ALTER USER u1@localhost IDENTIFIED BY 'def'; disconnect con1; --connect(con1, localhost, u1, def) SELECT USER(); connection default; DROP USER u1@localhost; disconnect con1; --echo # ALTER USER with current user is allowed to set only credential information CREATE USER u1@localhost, u2@localhost IDENTIFIED BY 'abc'; GRANT ALL ON *.* TO u2@localhost; --connect(con1, localhost, u2, abc) --error ER_PARSE_ERROR ALTER USER USER() IDENTIFIED WITH 'sha256_password'; --error ER_PARSE_ERROR ALTER USER USER() IDENTIFIED BY 'def', u2@localhost PASSWORD EXPIRE; --error ER_PARSE_ERROR ALTER USER USER() IDENTIFIED BY 'def' PASSWORD EXPIRE; --error ER_PARSE_ERROR ALTER USER ; ALTER USER u2@localhost IDENTIFIED BY 'auth_string' PASSWORD EXPIRE INTERVAL 45 DAY; --replace_column 7 # 9 # query_vertical SELECT user,ssl_type,ssl_cipher,x509_issuer,x509_subject, plugin,authentication_string,password_expired, password_last_changed,password_lifetime FROM mysql.user WHERE USER='u2'; connection default; disconnect con1; DROP USER u1@localhost, u2@localhost; --echo # SHOW CREATE USER CREATE USER u1@localhost; SHOW CREATE USER u1@localhost; CREATE USER u2@localhost IDENTIFIED BY 'auth_string'; SHOW CREATE USER u2@localhost; --echo # DDL output for SHOW CREATE USER u2@localhost and recreating user DROP USER u2@localhost; CREATE USER 'u2'@'localhost' IDENTIFIED WITH 'mysql_native_password' AS '*67092806AE91BFB6BE72DE6C7BE2B7CCA8CFA9DF' REQUIRE NONE; --connect(con1,localhost,u2,auth_string) SELECT USER(); connection default; disconnect con1; --echo CREATE USER u3@localhost IDENTIFIED WITH 'mysql_native_password'; SHOW CREATE USER u3@localhost; CREATE USER u4@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string'; --replace_regex /AS .* REQUIRE/AS '<non-deterministic-password-hash>' REQUIRE/ SHOW CREATE USER u4@localhost; CREATE USER user1@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string'; --replace_regex /AS .* REQUIRE/AS '<non-deterministic-password-hash>' REQUIRE/ SHOW CREATE USER user1@localhost; --echo CREATE USER user2@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string'; --replace_regex /AS .* REQUIRE/AS '<non-deterministic-password-hash>' REQUIRE/ SHOW CREATE USER user2@localhost; --echo CREATE USER u5@localhost REQUIRE SSL; SHOW CREATE USER u5@localhost; CREATE USER u6@localhost IDENTIFIED BY 'auth_string' REQUIRE X509; SHOW CREATE USER u6@localhost; CREATE USER u7@localhost IDENTIFIED WITH 'mysql_native_password' REQUIRE CIPHER 'cipher'; SHOW CREATE USER u7@localhost; CREATE USER u8@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string' REQUIRE ISSUER 'issuer'; --replace_regex /AS .* REQUIRE/AS '<non-deterministic-password-hash>' REQUIRE/ SHOW CREATE USER u8@localhost; CREATE USER u9@localhost REQUIRE SUBJECT 'sub'; SHOW CREATE USER u9@localhost; CREATE USER u10@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string' REQUIRE CIPHER "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=Client" ISSUER "/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=CA"; --replace_regex /AS .* REQUIRE/AS '<non-deterministic-password-hash>' REQUIRE/ SHOW CREATE USER u10@localhost; CREATE USER u11@localhost WITH MAX_QUERIES_PER_HOUR 2; SHOW CREATE USER u11@localhost; CREATE USER u12@localhost IDENTIFIED BY 'auth_string' WITH MAX_QUERIES_PER_HOUR 2; SHOW CREATE USER u12@localhost; CREATE USER u13@localhost IDENTIFIED WITH 'mysql_native_password' WITH MAX_CONNECTIONS_PER_HOUR 2; SHOW CREATE USER u13@localhost; CREATE USER u14@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string' WITH MAX_USER_CONNECTIONS 2; --replace_regex /AS .* WITH/AS '<non-deterministic-password-hash>' WITH/ SHOW CREATE USER u14@localhost; CREATE USER u15@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string' REQUIRE SUBJECT '/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=Client' ISSUER "/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=CA" CIPHER 'cipher' WITH MAX_QUERIES_PER_HOUR 2 MAX_USER_CONNECTIONS 2; --replace_regex /AS .* REQUIRE/AS '<non-deterministic-password-hash>' REQUIRE/ SHOW CREATE USER u15@localhost; DROP USER user1@localhost,u1@localhost,u2@localhost,u3@localhost,u4@localhost, u5@localhost,u6@localhost, u7@localhost, u8@localhost,u9@localhost, u10@localhost,u11@localhost,u12@localhost,u13@localhost,u14@localhost, u15@localhost; --echo --echo # GRANT --echo CREATE USER user1@localhost IDENTIFIED WITH 'mysql_native_password' AS '*67092806AE91BFB6BE72DE6C7BE2B7CCA8CFA9DF' REQUIRE SUBJECT '/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=Client' ISSUER "/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=CA" WITH MAX_CONNECTIONS_PER_HOUR 1000 MAX_USER_CONNECTIONS 20 MAX_QUERIES_PER_HOUR 60 MAX_UPDATES_PER_HOUR 100; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string,ssl_type,ssl_cipher, x509_issuer,x509_subject,max_user_connections, max_questions,max_updates,max_connections FROM mysql.user WHERE USER='user1'; --echo GRANT SELECT ON *.* TO user1@localhost; GRANT SELECT,INSERT,UPDATE ON mysql.* TO user1@localhost; --echo SHOW GRANTS FOR user1@localhost; --echo REVOKE INSERT,UPDATE ON mysql.* FROM user1@localhost; SHOW GRANTS FOR user1@localhost; --echo GRANT SELECT,INSERT,UPDATE ON *.* TO user2@localhost IDENTIFIED BY 'admin' REQUIRE SUBJECT '/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=Client' ISSUER "/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=CA" WITH MAX_CONNECTIONS_PER_HOUR 1000 MAX_USER_CONNECTIONS 20 MAX_QUERIES_PER_HOUR 60 MAX_UPDATES_PER_HOUR 100; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string,ssl_type,ssl_cipher, x509_issuer,x509_subject,max_user_connections, max_questions,max_updates,max_connections FROM mysql.user WHERE USER='user2'; CREATE USER user3@localhost IDENTIFIED BY 'auth_string'; GRANT SELECT ON mysql.* TO user3@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string' REQUIRE SUBJECT '/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=Client' ISSUER "/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=CA" WITH MAX_CONNECTIONS_PER_HOUR 1000 MAX_USER_CONNECTIONS 20 MAX_QUERIES_PER_HOUR 60 MAX_UPDATES_PER_HOUR 100; --echo # Cleanup DROP USER user1@localhost,user2@localhost,user3@localhost; --echo --echo # SET PASSWORD Tests --echo CREATE USER user1@localhost IDENTIFIED BY 'auth_string'; CREATE USER user2@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string1'; SELECT PASSWORD('plaintext_pwd'); SET PASSWORD FOR user1@localhost=PASSWORD('auth_xyz@'); SET PASSWORD FOR user2@localhost=PASSWORD('gd636@gj'); --echo CREATE USER user4@localhost; ALTER USER user4@localhost PASSWORD EXPIRE; SET PASSWORD FOR user4@localhost=''; CREATE USER user3@localhost IDENTIFIED BY 'auth_string'; CREATE USER user5@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string1'; SET PASSWORD FOR user3@localhost='auth_abc'; GRANT SELECT ON *.* TO user3@localhost; --connect(con1, localhost, user3, auth_abc) SELECT USER(); SET PASSWORD='auth_xyz'; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string,ssl_type,password_expired, password_lifetime FROM mysql.user WHERE user='user3'; connection default; disconnect con1; --echo SET PASSWORD FOR user4@localhost='auth_xyz'; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string,ssl_type,password_expired, password_lifetime FROM mysql.user WHERE user='user4'; --echo SET PASSWORD FOR user5@localhost='auth_dhsga5'; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string,ssl_type,password_expired, password_lifetime FROM mysql.user WHERE user='user5'; --echo CREATE USER user6@localhost IDENTIFIED BY 'auth_string'; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string,password_expired FROM mysql.user WHERE USER='user6'; ALTER USER user6@localhost IDENTIFIED WITH 'mysql_native_password'; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string,password_expired FROM mysql.user WHERE USER='user6'; SET PASSWORD FOR user6@localhost='plaintext_password'; --replace_column 3 # query_vertical SELECT user,plugin,authentication_string FROM mysql.user WHERE USER='user6'; # Testing connection --connect(con1, localhost, user6, 'plaintext_password') SELECT USER(); connection default; disconnect con1; --echo --echo # Cleanup DROP USER user1@localhost,user2@localhost,user3@localhost, user4@localhost,user5@localhost,user6@localhost; --echo --echo # Testing log_builtin_as_identified_by_password variable scope GLOBAL Dynamic # log_builtin_as_identified_by_password variable change dynamically SHOW GLOBAL VARIABLES LIKE 'log_builtin_as_identified_by_password'; --echo SET GLOBAL log_builtin_as_identified_by_password = ON; SHOW GLOBAL VARIABLES LIKE 'log_builtin_as_identified_by_password'; --echo SET GLOBAL log_builtin_as_identified_by_password = OFF; SHOW GLOBAL VARIABLES LIKE 'log_builtin_as_identified_by_password'; --echo --error ER_GLOBAL_VARIABLE SET SESSION log_builtin_as_identified_by_password = ON; SHOW VARIABLES LIKE 'log_builtin_as_identified_by_password'; --echo --error ER_GLOBAL_VARIABLE SET @@log_builtin_as_identified_by_password = OFF; SHOW VARIABLES LIKE 'log_builtin_as_identified_by_password'; --echo SET @@global.log_builtin_as_identified_by_password = ON; SHOW GLOBAL VARIABLES LIKE 'log_builtin_as_identified_by_password'; --echo --error ER_GLOBAL_VARIABLE SET @@session.log_builtin_as_identified_by_password = ON; --echo # GLOBAL variable value SHOW GLOBAL VARIABLES LIKE 'log_builtin_as_identified_by_password'; SET GLOBAL log_builtin_as_identified_by_password=OFF; SHOW VARIABLES LIKE 'log_builtin_as_identified_by_password'; --source include/sync_slave_sql_with_master.inc --echo [On Slave] --source include/show_binlog_events.inc --source include/rpl_end.inc --echo --echo End of 5.7 tests! --echo