Current Path : /usr/opt/mysql57/mysql-test/r/ |
FreeBSD hs32.drive.ne.jp 9.1-RELEASE FreeBSD 9.1-RELEASE #1: Wed Jan 14 12:18:08 JST 2015 root@hs32.drive.ne.jp:/sys/amd64/compile/hs32 amd64 |
Current File : //usr/opt/mysql57/mysql-test/r/plugin_auth.result |
CALL mtr.add_suppression("Plugin test_plugin_server reported: 'Wrong password supplied for plug_dest'"); SELECT PLUGIN_STATUS, PLUGIN_TYPE, PLUGIN_DESCRIPTION FROM INFORMATION_SCHEMA.PLUGINS WHERE PLUGIN_NAME='test_plugin_server'; PLUGIN_STATUS ACTIVE PLUGIN_TYPE AUTHENTICATION PLUGIN_DESCRIPTION plugin API test plugin SET @old_log_output= @@global.log_output; SET @old_general_log= @@global.general_log; SET GLOBAL log_output = 'TABLE'; SET GLOBAL general_log= 'ON'; CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; SELECT plugin,authentication_string FROM mysql.user WHERE User='plug'; plugin authentication_string test_plugin_server plug_dest ## test plugin auth ERROR 28000: Access denied for user 'plug'@'localhost' (using password: YES) GRANT PROXY ON plug_dest TO plug; test proxies_priv columns SELECT * FROM mysql.proxies_priv WHERE user !='root'; Host User Proxied_host Proxied_user With_grant Grantor Timestamp xx plug % plug_dest 0 root@localhost xx test mysql.proxies_priv; SHOW CREATE TABLE mysql.proxies_priv; Table Create Table proxies_priv CREATE TABLE `proxies_priv` ( `Host` char(60) COLLATE utf8_bin NOT NULL DEFAULT '', `User` char(32) COLLATE utf8_bin NOT NULL DEFAULT '', `Proxied_host` char(60) COLLATE utf8_bin NOT NULL DEFAULT '', `Proxied_user` char(32) COLLATE utf8_bin NOT NULL DEFAULT '', `With_grant` tinyint(1) NOT NULL DEFAULT '0', `Grantor` char(93) COLLATE utf8_bin NOT NULL DEFAULT '', `Timestamp` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, PRIMARY KEY (`Host`,`User`,`Proxied_host`,`Proxied_user`), KEY `Grantor` (`Grantor`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin COMMENT='User proxy privileges' select USER(),CURRENT_USER(); USER() CURRENT_USER() plug@localhost plug_dest@% ## test SET PASSWORD Setting password is allowed but it won't affect the authentication mechanism. SET PASSWORD = 'plug_dest'; Warnings: Note 1699 SET PASSWORD has no significance for user 'plug'@'%' as authentication plugin does not support it. ## test bad credentials ERROR 28000: Access denied for user 'plug'@'localhost' (using password: YES) ## test bad default plugin : should get CR_AUTH_PLUGIN_CANNOT_LOAD ## test correct default plugin select USER(),CURRENT_USER(); USER() CURRENT_USER() plug@localhost plug_dest@% ## test no_auto_create_user sql mode with plugin users SET @@sql_mode=no_auto_create_user; GRANT INSERT ON TEST.* TO grant_user IDENTIFIED WITH 'test_plugin_server'; ERROR 42000: Can't find any matching row in the user table GRANT INSERT ON TEST.* TO grant_user IDENTIFIED WITH 'test_plugin_server' BY '123'; Warnings: Warning 1287 Using GRANT for creating new user is deprecated and will be removed in future release. Create new user with CREATE USER statement. SET @@sql_mode=default; DROP USER grant_user; ## test utf-8 user name CREATE USER `Ÿ` IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; GRANT PROXY ON plug_dest TO `Ÿ`; select USER(),CURRENT_USER(); USER() CURRENT_USER() Ÿ@localhost plug_dest@% DROP USER `Ÿ`; ## test GRANT ... IDENTIFIED WITH/BY ... CREATE DATABASE test_grant_db; # create new user via GRANT WITH GRANT ALL PRIVILEGES ON test_grant_db.* TO new_grant_user IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; Warnings: Warning 1287 Using GRANT for creating new user is deprecated and will be removed in future release. Create new user with CREATE USER statement. GRANT PROXY ON plug_dest TO new_grant_user; select USER(),CURRENT_USER(); USER() CURRENT_USER() new_grant_user@localhost plug_dest@% USE test_grant_db; CREATE TABLE t1 (a INT); DROP TABLE t1; REVOKE ALL PRIVILEGES ON test_grant_db.* FROM new_grant_user; # try re-create existing user via GRANT IDENTIFIED BY GRANT ALL PRIVILEGES ON test_grant_db.* TO new_grant_user IDENTIFIED BY 'unused_password'; # make sure password doesn't take precendence ERROR 28000: Access denied for user 'new_grant_user'@'localhost' (using password: YES) #make sure plugin auth still available select USER(),CURRENT_USER(); USER() CURRENT_USER() new_grant_user@localhost plug_dest@% USE test_grant_db; CREATE TABLE t1 (a INT); DROP TABLE t1; DROP USER new_grant_user; REVOKE SELECT on test_grant_db.* FROM joro INDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'INDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'' at line 2 REVOKE SELECT on test_grant_db.* FROM joro INDENTIFIED BY 'plug_dest_passwd'; ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'INDENTIFIED BY 'plug_dest_passwd'' at line 2 REVOKE SELECT on test_grant_db.* FROM joro INDENTIFIED BY PASSWORD 'plug_dest_passwd'; ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'INDENTIFIED BY PASSWORD 'plug_dest_passwd'' at line 2 DROP DATABASE test_grant_db; ## GRANT PROXY tests SELECT @@global.check_proxy_users; @@global.check_proxy_users 0 SELECT @@global.mysql_native_password_proxy_users; @@global.mysql_native_password_proxy_users 0 SELECT @@global.sha256_password_proxy_users; @@global.sha256_password_proxy_users 0 SET @@global.check_proxy_users=ON; SET @@global.mysql_native_password_proxy_users=ON; SET @@global.sha256_password_proxy_users=ON; CREATE USER grant_plug IDENTIFIED WITH 'test_plugin_server' AS 'grant_plug_dest'; CREATE USER grant_plug_dest IDENTIFIED BY 'grant_plug_dest_passwd'; CREATE USER grant_plug_dest2 IDENTIFIED BY 'grant_plug_dest_passwd2'; # ALL PRIVILEGES doesn't include PROXY GRANT ALL PRIVILEGES ON *.* TO grant_plug; ERROR 28000: Access denied for user 'grant_plug'@'localhost' (using password: YES) GRANT ALL PRIVILEGES,PROXY ON grant_plug_dest TO grant_plug; ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'PROXY ON grant_plug_dest TO grant_plug' at line 1 this should fail : can't combine PROXY GRANT ALL SELECT,PROXY ON grant_plug_dest TO grant_plug; ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'SELECT,PROXY ON grant_plug_dest TO grant_plug' at line 1 # this should fail : no such grant REVOKE PROXY ON grant_plug_dest FROM grant_plug; ERROR 42000: There is no such grant defined for user 'grant_plug' on host '%' in grant_plug_dest_con ## testing what an ordinary user can grant this should fail : no rights to grant all GRANT PROXY ON ''@'' TO grant_plug; ERROR 28000: Access denied for user 'grant_plug_dest'@'localhost' this should fail : not the same user GRANT PROXY ON grant_plug TO grant_plug_dest; ERROR 28000: Access denied for user 'grant_plug_dest'@'localhost' This is a valid grant GRANT PROXY ON grant_plug_dest TO grant_plug; REVOKE PROXY ON grant_plug_dest FROM grant_plug; this should work : same user GRANT PROXY ON grant_plug_dest TO grant_plug_dest2; REVOKE PROXY ON grant_plug_dest FROM grant_plug_dest2; this should fail : not the same user GRANT PROXY ON grant_plug_dest@localhost TO grant_plug WITH GRANT OPTION; ERROR 28000: Access denied for user 'grant_plug_dest'@'localhost' this should fail : not the same user REVOKE PROXY ON grant_plug_dest@localhost FROM grant_plug; ERROR 28000: Access denied for user 'grant_plug_dest'@'localhost' this should fail : can't create users GRANT PROXY ON grant_plug_dest TO grant_plug@localhost; ERROR 42000: You are not allowed to create a user with GRANT in default connection # test what root can grant should work : root has PROXY to all users GRANT PROXY ON ''@'' TO grant_plug; REVOKE PROXY ON ''@'' FROM grant_plug; should work : root has PROXY to all users GRANT PROXY ON ''@'' TO proxy_admin IDENTIFIED BY 'test' WITH GRANT OPTION; Warnings: Warning 1287 Using GRANT for creating new user is deprecated and will be removed in future release. Create new user with CREATE USER statement. need USAGE : PROXY doesn't contain it. GRANT USAGE on *.* TO proxy_admin; in proxy_admin_con; should work : proxy_admin has proxy to ''@'' GRANT PROXY ON future_user TO grant_plug; in default connection SHOW GRANTS FOR grant_plug; Grants for grant_plug@% GRANT ALL PRIVILEGES ON *.* TO 'grant_plug'@'%' GRANT PROXY ON 'future_user'@'%' TO 'grant_plug'@'%' REVOKE PROXY ON future_user FROM grant_plug; SHOW GRANTS FOR grant_plug; Grants for grant_plug@% GRANT ALL PRIVILEGES ON *.* TO 'grant_plug'@'%' ## testing drop user CREATE USER test_drop@localhost; GRANT PROXY ON future_user TO test_drop@localhost; SHOW GRANTS FOR test_drop@localhost; Grants for test_drop@localhost GRANT USAGE ON *.* TO 'test_drop'@'localhost' GRANT PROXY ON 'future_user'@'%' TO 'test_drop'@'localhost' DROP USER test_drop@localhost; SELECT * FROM mysql.proxies_priv WHERE Host = 'test_drop' AND User = 'localhost'; Host User Proxied_host Proxied_user With_grant Grantor Timestamp DROP USER proxy_admin; DROP USER grant_plug,grant_plug_dest,grant_plug_dest2; ## END GRANT PROXY tests ## cleanup DROP USER plug; DROP USER plug_dest; ## @@proxy_user tests CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; GRANT PROXY ON plug_dest TO plug; SELECT USER(),CURRENT_USER(),@@LOCAL.proxy_user; USER() CURRENT_USER() @@LOCAL.proxy_user root@localhost root@localhost NULL SELECT @@GLOBAL.proxy_user; ERROR HY000: Variable 'proxy_user' is a SESSION variable SELECT @@LOCAL.proxy_user; @@LOCAL.proxy_user NULL SET GLOBAL proxy_user = 'test'; ERROR HY000: Variable 'proxy_user' is a read only variable SET LOCAL proxy_user = 'test'; ERROR HY000: Variable 'proxy_user' is a read only variable SELECT @@LOCAL.proxy_user; @@LOCAL.proxy_user NULL # in connection plug_con SELECT @@LOCAL.proxy_user; @@LOCAL.proxy_user 'plug'@'%' # in connection default SET @@global.check_proxy_users=0; SET @@global.mysql_native_password_proxy_users=0; SET @@global.sha256_password_proxy_users=0; ## cleanup DROP USER plug; DROP USER plug_dest; ## END @@proxy_user tests ## @@external_user tests CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; GRANT PROXY ON plug_dest TO plug; SELECT USER(),CURRENT_USER(),@@LOCAL.external_user; USER() CURRENT_USER() @@LOCAL.external_user root@localhost root@localhost NULL SELECT @@GLOBAL.external_user; ERROR HY000: Variable 'external_user' is a SESSION variable SELECT @@LOCAL.external_user; @@LOCAL.external_user NULL SET GLOBAL external_user = 'test'; ERROR HY000: Variable 'external_user' is a read only variable SET LOCAL external_user = 'test'; ERROR HY000: Variable 'external_user' is a read only variable SELECT @@LOCAL.external_user; @@LOCAL.external_user NULL # in connection plug_con SELECT @@LOCAL.external_user; @@LOCAL.external_user plug_dest # in connection default WL#5706 -- show the above got logged/rewritten correctly SELECT argument FROM mysql.general_log WHERE argument LIKE CONCAT('%IDENTIFIED ','WITH %'); argument CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest' CREATE USER 'plug_dest'@'%' IDENTIFIED WITH 'mysql_native_password' AS '<secret>' GRANT INSERT ON TEST.* TO grant_user IDENTIFIED WITH 'test_plugin_server' GRANT INSERT ON `TEST`.* TO 'grant_user'@'%' IDENTIFIED WITH 'test_plugin_server' AS '<secret>' CREATE USER `Ÿ` IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest' GRANT ALL PRIVILEGES ON test_grant_db.* TO new_grant_user IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest' GRANT ALL PRIVILEGES ON `test_grant_db`.* TO 'new_grant_user'@'%' IDENTIFIED WITH 'mysql_native_password' AS '<secret>' CREATE USER grant_plug IDENTIFIED WITH 'test_plugin_server' AS 'grant_plug_dest' CREATE USER 'grant_plug_dest'@'%' IDENTIFIED WITH 'mysql_native_password' AS '<secret>' CREATE USER 'grant_plug_dest2'@'%' IDENTIFIED WITH 'mysql_native_password' AS '<secret>' GRANT PROXY ON ''@'' TO 'proxy_admin'@'%' IDENTIFIED WITH 'mysql_native_password' AS '<secret>' WITH GRANT OPTION CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest' CREATE USER 'plug_dest'@'%' IDENTIFIED WITH 'mysql_native_password' AS '<secret>' CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest' CREATE USER 'plug_dest'@'%' IDENTIFIED WITH 'mysql_native_password' AS '<secret>' ## cleanup DROP USER plug; DROP USER plug_dest; SET GLOBAL log_output= @old_log_output; SET GLOBAL general_log= @old_general_log; ## END @@external_user tests # # Bug #56798 : Wrong credentials assigned when using a proxy user. # set @orig_sql_mode = @@sql_mode; set sql_mode=(select replace(@@sql_mode,'NO_AUTO_CREATE_USER','')); Warnings: Warning 3090 Changing sql mode 'NO_AUTO_CREATE_USER' is deprecated. It will be removed in a future release. GRANT ALL PRIVILEGES ON *.* TO power_user; Warnings: Warning 1287 Using GRANT for creating new user is deprecated and will be removed in future release. Create new user with CREATE USER statement. set sql_mode= @orig_sql_mode; Warnings: Warning 3090 Changing sql mode 'NO_AUTO_CREATE_USER' is deprecated. It will be removed in a future release. GRANT USAGE ON anonymous_db.* TO ''@'' IDENTIFIED WITH 'test_plugin_server' AS 'power_user'; Warnings: Warning 1287 Using GRANT for creating new user is deprecated and will be removed in future release. Create new user with CREATE USER statement. GRANT PROXY ON power_user TO ''@''; CREATE DATABASE confidential_db; SELECT user(),current_user(),@@proxy_user; user() current_user() @@proxy_user test_login_user@localhost power_user@% ''@'' DROP USER power_user; DROP USER ''@''; DROP DATABASE confidential_db; # Test case #2 (crash with double grant proxy) CREATE USER ''@'' IDENTIFIED WITH 'test_plugin_server' AS 'standard_user'; CREATE USER standard_user; CREATE DATABASE shared; GRANT ALL PRIVILEGES ON shared.* TO standard_user; GRANT PROXY ON standard_user TO ''@''; #should not crash GRANT PROXY ON standard_user TO ''@''; DROP USER ''@''; DROP USER standard_user; DROP DATABASE shared; # # Bug #57551 : Live upgrade fails between 5.1.52 -> 5.5.7-rc # CALL mtr.add_suppression("Missing system table mysql.proxies_priv."); DROP TABLE mysql.proxies_priv; # Must come back with mysql.proxies_priv absent. # restart SELECT * FROM mysql.proxies_priv; ERROR 42S02: Table 'mysql.proxies_priv' doesn't exist CREATE USER u1@localhost; GRANT ALL PRIVILEGES ON *.* TO u1@localhost; REVOKE ALL PRIVILEGES ON *.* FROM u1@localhost; GRANT ALL PRIVILEGES ON *.* TO u1@localhost; CREATE USER u2@localhost; GRANT ALL PRIVILEGES ON *.* TO u2@localhost; # access denied because of no privileges to root GRANT PROXY ON u2@localhost TO u1@localhost; ERROR 28000: Access denied for user 'root'@'localhost' # access denied because of no privileges to root REVOKE PROXY ON u2@localhost FROM u1@localhost; ERROR 28000: Access denied for user 'root'@'localhost' # go try graning proxy on itself, so that it will need the table GRANT PROXY ON u2@localhost TO u1@localhost; ERROR 42S02: Table 'mysql.proxies_priv' doesn't exist REVOKE PROXY ON u2@localhost FROM u1@localhost; ERROR 42S02: Table 'mysql.proxies_priv' doesn't exist # test if REVOKE works without the proxies_priv table REVOKE ALL PRIVILEGES ON *.* FROM u1@localhost, u2@localhost; # test if DROP USER work without the proxies_priv table DROP USER u1@localhost,u2@localhost; # test if FLUSH PRIVILEGES works without the proxies_priv table FLUSH PRIVILEGES; mysql.columns_priv OK mysql.db OK mysql.engine_cost OK mysql.event OK mysql.func OK mysql.general_log OK mysql.gtid_executed OK mysql.help_category OK mysql.help_keyword OK mysql.help_relation OK mysql.help_topic OK mysql.innodb_index_stats OK mysql.innodb_table_stats OK mysql.ndb_binlog_index OK mysql.plugin OK mysql.proc OK mysql.procs_priv OK mysql.proxies_priv OK mysql.server_cost OK mysql.servers OK mysql.slave_master_info OK mysql.slave_relay_log_info OK mysql.slave_worker_info OK mysql.slow_log OK mysql.tables_priv OK mysql.time_zone OK mysql.time_zone_leap_second OK mysql.time_zone_name OK mysql.time_zone_transition OK mysql.time_zone_transition_type OK mysql.user OK mtr.global_suppressions OK mtr.test_suppressions OK sys.sys_config OK SELECT Host,User,Proxied_host,Proxied_user,With_grant FROM mysql.proxies_priv; Host localhost User root Proxied_host Proxied_user With_grant 1 FLUSH PRIVILEGES; # # Bug#58139 : default-auth option not recognized in MySQL standard # command line clients # # Executing 'mysql' 1 1 # Executing 'mysqladmin' mysqld is alive # Executing 'mysqldump' # Executing 'mysql_upgrade' The --upgrade-system-tables option was used, databases won't be touched. # # Bug #59657: Move the client authentication_pam plugin into the # server repository # CREATE USER uplain@localhost IDENTIFIED WITH 'cleartext_plugin_server' AS 'cleartext_test'; ## test plugin auth ERROR 28000: Access denied for user 'uplain'@'localhost' (using password: YES) select USER(),CURRENT_USER(); USER() CURRENT_USER() uplain@localhost uplain@localhost DROP USER uplain@localhost; # # Bug #59038 : mysql.user.authentication_string column # causes configuration wizard to fail INSERT INTO mysql.user( Host, User, Select_priv, Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv, File_priv, Grant_priv, References_priv, Index_priv, Alter_priv, Show_db_priv, Super_priv, Create_tmp_table_priv, Lock_tables_priv, Execute_priv, Repl_slave_priv, Repl_client_priv, /*!50001 Create_view_priv, Show_view_priv, Create_routine_priv, Alter_routine_priv, Create_user_priv, */ ssl_type, ssl_cipher, x509_issuer, x509_subject, max_questions, max_updates, max_connections) VALUES ( 'localhost', 'inserttest', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', /*!50001 'Y', 'Y', 'Y', 'Y', 'Y', */'', '', '', '', '0', '0', '0'); FLUSH PRIVILEGES; DROP USER inserttest@localhost; SELECT IS_NULLABLE, COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE COLUMN_NAME IN ('authentication_string', 'plugin') AND TABLE_NAME='user' AND TABLE_SCHEMA='mysql' ORDER BY COLUMN_NAME; IS_NULLABLE COLUMN_NAME YES authentication_string NO plugin # # Bug #11936829: diff. between mysql.user (authentication_string) # in fresh and upgraded 5.5.11 # SELECT IS_NULLABLE, COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_SCHEMA= 'mysql' AND TABLE_NAME= 'user' AND COLUMN_NAME IN ('plugin', 'authentication_string') ORDER BY COLUMN_NAME; IS_NULLABLE COLUMN_NAME YES authentication_string NO plugin ALTER TABLE mysql.user MODIFY plugin char(64) DEFAULT '' NOT NULL; ALTER TABLE mysql.user MODIFY authentication_string TEXT NOT NULL; Run mysql_upgrade on a 5.5.10 external authentication column layout mysql.columns_priv OK mysql.db OK mysql.engine_cost OK mysql.event OK mysql.func OK mysql.general_log OK mysql.gtid_executed OK mysql.help_category OK mysql.help_keyword OK mysql.help_relation OK mysql.help_topic OK mysql.innodb_index_stats OK mysql.innodb_table_stats OK mysql.ndb_binlog_index OK mysql.plugin OK mysql.proc OK mysql.procs_priv OK mysql.proxies_priv OK mysql.server_cost OK mysql.servers OK mysql.slave_master_info OK mysql.slave_relay_log_info OK mysql.slave_worker_info OK mysql.slow_log OK mysql.tables_priv OK mysql.time_zone OK mysql.time_zone_leap_second OK mysql.time_zone_name OK mysql.time_zone_transition OK mysql.time_zone_transition_type OK mysql.user OK mtr.global_suppressions OK mtr.test_suppressions OK sys.sys_config OK SELECT IS_NULLABLE, COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_SCHEMA= 'mysql' AND TABLE_NAME= 'user' AND COLUMN_NAME IN ('plugin', 'authentication_string') ORDER BY COLUMN_NAME; IS_NULLABLE COLUMN_NAME YES authentication_string NO plugin # # Bug #12610784: SET PASSWORD INCORRECTLY KEEP AN OLD EMPTY PASSWORD # CREATE USER bug12610784@localhost; SET PASSWORD FOR bug12610784@localhost = 'secret'; ERROR 28000: Access denied for user 'bug12610784'@'localhost' (using password: NO) DROP USER bug12610784@localhost; # # Bug # 11766641: 59792: BIN/MYSQL -UUNKNOWN -PUNKNOWN # .-> USING PASSWORD: NO # shoud contain "using password=yes" mysql: [Warning] Using a password on the command line interface can be insecure. ERROR 1045 (28000): Access denied for user 'unknown'@'localhost' (using password: YES) # shoud contain "using password=no" ERROR 1045 (28000): Access denied for user 'unknown'@'localhost' (using password: NO) # # Bug #12818542: PAM: ADDING PASSWORD FOR AN ACCOUNT DISABLES PAM # AUTHENTICATION SETTINGS # CREATE USER bug12818542@localhost IDENTIFIED WITH 'test_plugin_server' AS 'bug12818542_dest'; CREATE USER bug12818542_dest@localhost IDENTIFIED BY 'bug12818542_dest_passwd'; GRANT PROXY ON bug12818542_dest@localhost TO bug12818542@localhost; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() bug12818542@localhost bug12818542_dest@localhost SET PASSWORD = 'bruhaha'; Warnings: Note 1699 SET PASSWORD has no significance for user 'bug12818542'@'localhost' as authentication plugin does not support it. SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() bug12818542@localhost bug12818542_dest@localhost DROP USER bug12818542@localhost; DROP USER bug12818542_dest@localhost; # # Bug #12818542: PAM: ADDING PASSWORD FOR AN ACCOUNT DISABLES PAM # AUTHENTICATION SETTINGS # CREATE USER bug12818542@localhost IDENTIFIED WITH 'test_plugin_server' AS 'bug12818542_dest'; CREATE USER bug12818542_dest@localhost IDENTIFIED BY 'bug12818542_dest_passwd'; GRANT PROXY ON bug12818542_dest@localhost TO bug12818542@localhost; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() bug12818542@localhost bug12818542_dest@localhost SET PASSWORD = 'bruhaha'; Warnings: Note 1699 SET PASSWORD has no significance for user 'bug12818542'@'localhost' as authentication plugin does not support it. SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() bug12818542@localhost bug12818542_dest@localhost DROP USER bug12818542@localhost; DROP USER bug12818542_dest@localhost; End of 5.5 tests # # Bug #18057562: PROXY USERS LOCKED OUT WHEN UNDERLYING PROXIED USER # PASSWORD IS EXPIRED # # Restart server with disconnect_on_expired_password OFF; CREATE USER 'empl_external'@'localhost' IDENTIFIED WITH test_plugin_server AS 'employee'; CREATE USER 'employee'@'localhost' IDENTIFIED BY 'passkey'; GRANT PROXY ON 'employee'@'localhost' TO 'empl_external'@'localhost'; # Expiring the proxied user's password ALTER USER employee@localhost PASSWORD EXPIRE; # Connecting with the proxied user and executing a query after the # proxied user's password is expired mysql: [Warning] Using a password on the command line interface can be insecure. ERROR 1820 (HY000) at line 1: You must reset your password using ALTER USER statement before executing this statement. # Connecting with the proxy user and executing a query after the proxied # user's password is expired. Here we are not supposed to get error. mysql: [Warning] Using a password on the command line interface can be insecure. current_user() employee@localhost user() empl_external@localhost DROP USER 'empl_external'@'localhost', 'employee'@'localhost'; # # Bug #20537246: SERVER CRASH WHILE CONNECTING WITH CLEARTEXT-PLUGIN # USER WITH BLANK PWD # CREATE USER bug20537246@localhost IDENTIFIED WITH 'cleartext_plugin_server' AS ''; ## test connection select USER(),CURRENT_USER(); USER() CURRENT_USER() bug20537246@localhost bug20537246@localhost DROP USER bug20537246@localhost; # # Bug #20599280 PASSWORD EXPIRED FLAG SET FOR PROXY USER SESSION WHEN # IT SET FOR PROXIED USER # CREATE USER 'empl_external'@'localhost' IDENTIFIED WITH test_plugin_server AS 'employee'; CREATE USER 'employee'@'localhost' IDENTIFIED BY 'passkey'; GRANT ALL ON *.* TO 'employee'@'localhost'; GRANT PROXY ON 'employee'@'localhost' TO 'empl_external'@'localhost'; SELECT USER(), CURRENT_USER, @@PROXY_USER; USER() CURRENT_USER @@PROXY_USER empl_external@localhost employee@localhost 'empl_external'@'localhost' ALTER USER 'employee'@'localhost' PASSWORD EXPIRE; SELECT USER(), CURRENT_USER, @@PROXY_USER; USER() CURRENT_USER @@PROXY_USER empl_external@localhost employee@localhost 'empl_external'@'localhost' SELECT USER(), CURRENT_USER, @@PROXY_USER; USER() CURRENT_USER @@PROXY_USER empl_external@localhost employee@localhost 'empl_external'@'localhost' SELECT USER(), CURRENT_USER, @@PROXY_USER; ERROR HY000: You must reset your password using ALTER USER statement before executing this statement. DROP USER 'employee'@'localhost', 'empl_external'@'localhost'; # # WL#2284: Increase the length of a user name # # Testing 32 proxy users CREATE USER user_name_len_22_01234 IDENTIFIED WITH 'test_plugin_server' AS 'user_name_len_22_0dest'; CREATE USER user_name_len_22_0dest IDENTIFIED BY 'plug_dest_passwd'; SELECT plugin,authentication_string FROM mysql.user WHERE User='plug'; plugin authentication_string ## test plugin auth ERROR 28000: Access denied for user 'user_name_len_22_01234'@'localhost' (using password: YES) GRANT PROXY ON user_name_len_22_0dest TO user_name_len_22_01234; test proxies_priv columns SELECT * FROM mysql.proxies_priv WHERE user !='root'; Host User Proxied_host Proxied_user With_grant Grantor Timestamp xx user_name_len_22_01234 % user_name_len_22_0dest 0 root@localhost xx test mysql.proxies_priv; SHOW CREATE TABLE mysql.proxies_priv; Table Create Table proxies_priv CREATE TABLE `proxies_priv` ( `Host` char(60) COLLATE utf8_bin NOT NULL DEFAULT '', `User` char(32) COLLATE utf8_bin NOT NULL DEFAULT '', `Proxied_host` char(60) COLLATE utf8_bin NOT NULL DEFAULT '', `Proxied_user` char(32) COLLATE utf8_bin NOT NULL DEFAULT '', `With_grant` tinyint(1) NOT NULL DEFAULT '0', `Grantor` char(93) COLLATE utf8_bin NOT NULL DEFAULT '', `Timestamp` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, PRIMARY KEY (`Host`,`User`,`Proxied_host`,`Proxied_user`), KEY `Grantor` (`Grantor`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin COMMENT='User proxy privileges' SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() user_name_len_22_01234@localhost user_name_len_22_0dest@% SET NAMES utf8; CREATE USER очень_очень_очень_длинный_юзер__ IDENTIFIED WITH 'test_plugin_server' AS 'очень_очень_очень_длинный_дест__'; CREATE USER очень_очень_очень_длинный_дест__ IDENTIFIED BY 'plug_dest_passwd'; SELECT plugin,authentication_string FROM mysql.user WHERE User='plug'; plugin authentication_string ## test plugin auth ERROR 28000: Access denied for user 'очень_очень_очень_длинный_'@'localhost' (using password: YES) GRANT PROXY ON очень_очень_очень_длинный_дест__ TO очень_очень_очень_длинный_юзер__; test proxies_priv columns SELECT * FROM mysql.proxies_priv WHERE user !='root'; Host User Proxied_host Proxied_user With_grant Grantor Timestamp xx user_name_len_22_01234 % user_name_len_22_0dest 0 root@localhost xx xx очень_очень_очень_длинный_юзер__ % очень_очень_очень_длинный_дест__ 0 root@localhost xx test mysql.proxies_priv; SHOW CREATE TABLE mysql.proxies_priv; Table Create Table proxies_priv CREATE TABLE `proxies_priv` ( `Host` char(60) COLLATE utf8_bin NOT NULL DEFAULT '', `User` char(32) COLLATE utf8_bin NOT NULL DEFAULT '', `Proxied_host` char(60) COLLATE utf8_bin NOT NULL DEFAULT '', `Proxied_user` char(32) COLLATE utf8_bin NOT NULL DEFAULT '', `With_grant` tinyint(1) NOT NULL DEFAULT '0', `Grantor` char(93) COLLATE utf8_bin NOT NULL DEFAULT '', `Timestamp` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, PRIMARY KEY (`Host`,`User`,`Proxied_host`,`Proxied_user`), KEY `Grantor` (`Grantor`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin COMMENT='User proxy privileges' SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() очень_очень_очень_длинный_юзер__@localhost очень_очень_очень_длинный_дест__@% # Testing 32 proxy users cleanup DROP USER user_name_len_22_01234; DROP USER user_name_len_22_0dest; DROP USER очень_очень_очень_длинный_юзер__; DROP USER очень_очень_очень_длинный_дест__; SET NAMES default; # Testing 32 users with different authentication plugins CREATE USER user_name_len_22_01234@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string'; SELECT CURRENT_USER(); CURRENT_USER() user_name_len_22_01234@localhost DROP USER user_name_len_22_01234@localhost; CREATE USER user_name_len_32_012345678901234@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string'; SELECT CURRENT_USER(); CURRENT_USER() user_name_len_32_012345678901234@localhost DROP USER user_name_len_32_012345678901234@localhost; CREATE USER user_name_len_32_012345678901234@localhost IDENTIFIED WITH 'cleartext_plugin_server' AS 'auth_string'; SELECT CURRENT_USER(); CURRENT_USER() user_name_len_32_012345678901234@localhost DROP USER user_name_len_32_012345678901234@localhost; # Testing 32 users with different authentication plugins WITH REQUIRE SSL CREATE USER user_name_len_22_01234@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string' REQUIRE SSL; SELECT CURRENT_USER(); CURRENT_USER() user_name_len_22_01234@localhost DROP USER user_name_len_22_01234@localhost; CREATE USER user_name_len_32_012345678901234@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string' REQUIRE SSL; SELECT CURRENT_USER(); CURRENT_USER() user_name_len_32_012345678901234@localhost DROP USER user_name_len_32_012345678901234@localhost; CREATE USER user_name_len_32_012345678901234@localhost IDENTIFIED WITH 'cleartext_plugin_server' AS 'auth_string' REQUIRE SSL; SELECT CURRENT_USER(); CURRENT_USER() user_name_len_32_012345678901234@localhost DROP USER user_name_len_32_012345678901234@localhost; # Testing 32 utf users with different authentication plugins SET NAMES utf8; CREATE USER очень_очень_очень_длинный_юзер__@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string'; SELECT CURRENT_USER(); CURRENT_USER() очень_очень_очень_длинный_юзер__@localhost DROP USER очень_очень_очень_длинный_юзер__@localhost; CREATE USER очень_очень_очень_длинный_юзер__@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string'; SELECT CURRENT_USER(); CURRENT_USER() очень_очень_очень_длинный_юзер__@localhost DROP USER очень_очень_очень_длинный_юзер__@localhost; CREATE USER очень_очень_очень_длинный_юзер__@localhost IDENTIFIED WITH 'cleartext_plugin_server' AS 'auth_string'; SELECT CURRENT_USER(); CURRENT_USER() очень_очень_очень_длинный_юзер__@localhost DROP USER очень_очень_очень_длинный_юзер__@localhost; # Testing 32 utf users with different authentication plugins WITH REQUIRE SSL CREATE USER очень_очень_очень_длинный_юзер__@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string' REQUIRE SSL; SELECT CURRENT_USER(); CURRENT_USER() очень_очень_очень_длинный_юзер__@localhost DROP USER очень_очень_очень_длинный_юзер__@localhost; CREATE USER очень_очень_очень_длинный_юзер__@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string' REQUIRE SSL; SELECT CURRENT_USER(); CURRENT_USER() очень_очень_очень_длинный_юзер__@localhost DROP USER очень_очень_очень_длинный_юзер__@localhost; CREATE USER очень_очень_очень_длинный_юзер__@localhost IDENTIFIED WITH 'cleartext_plugin_server' AS 'auth_string' REQUIRE SSL; SELECT CURRENT_USER(); CURRENT_USER() очень_очень_очень_длинный_юзер__@localhost DROP USER очень_очень_очень_длинный_юзер__@localhost; SET NAMES default;