| Current Path : /usr/opt/mysql57/mysql-test/t/ |
FreeBSD hs32.drive.ne.jp 9.1-RELEASE FreeBSD 9.1-RELEASE #1: Wed Jan 14 12:18:08 JST 2015 root@hs32.drive.ne.jp:/sys/amd64/compile/hs32 amd64 |
| Current File : //usr/opt/mysql57/mysql-test/t/grant_alter_user.test |
-- source include/not_embedded.inc
# Save the initial number of concurrent sessions
--source include/count_sessions.inc
--echo #
--echo # WL#6409: CREATE/ALTER USER
--echo #
--echo # CREATE USER
CREATE USER u1@localhost;
query_vertical SELECT User,plugin,authentication_string FROM mysql.user WHERE USER='u1';
CREATE USER u2@localhost IDENTIFIED BY 'auth_string';
query_vertical SELECT User,plugin,authentication_string FROM mysql.user WHERE USER='u2';
CREATE USER u3@localhost IDENTIFIED WITH 'sha256_password';
query_vertical SELECT User,plugin,length(authentication_string) FROM mysql.user WHERE USER='u3';
CREATE USER u4@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string';
query_vertical SELECT User,plugin,length(authentication_string) FROM mysql.user WHERE USER='u4';
CREATE USER u5@localhost REQUIRE SSL;
query_vertical SELECT User,plugin,authentication_string,ssl_type FROM mysql.user WHERE USER='u5';
CREATE USER u6@localhost IDENTIFIED BY 'auth_string' REQUIRE X509;
query_vertical SELECT User,plugin,authentication_string,ssl_type FROM mysql.user WHERE USER='u6';
CREATE USER u7@localhost IDENTIFIED WITH 'sha256_password'
REQUIRE CIPHER "DHE-RSA-AES256-SHA" PASSWORD EXPIRE NEVER;
query_vertical SELECT User,plugin,length(authentication_string),ssl_type,
ssl_cipher,x509_issuer,x509_subject,password_expired,password_lifetime FROM mysql.user WHERE USER='u7';
CREATE USER u8@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string'
REQUIRE ISSUER 'issuer';
query_vertical SELECT User,plugin,length(authentication_string),ssl_type,ssl_cipher,x509_issuer,x509_subject FROM mysql.user WHERE USER='u8';
CREATE USER u9@localhost REQUIRE SUBJECT 'sub';
query_vertical SELECT User,plugin,authentication_string,ssl_type,ssl_cipher,x509_issuer,x509_subject FROM mysql.user WHERE USER='u9';
CREATE USER u10@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string'
REQUIRE CIPHER "DHE-RSA-AES256-SHA" AND
SUBJECT "/C=SE/ST=Uppsala/O=MySQL AB"
ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB";
query_vertical SELECT User,plugin,length(authentication_string),ssl_type,ssl_cipher,x509_issuer,x509_subject FROM mysql.user WHERE USER='u10';
CREATE USER u11@localhost WITH MAX_QUERIES_PER_HOUR 2;
query_vertical SELECT User,plugin,authentication_string,max_questions FROM mysql.user WHERE USER='u11';
CREATE USER u12@localhost IDENTIFIED BY 'auth_string' WITH MAX_QUERIES_PER_HOUR 2;
query_vertical SELECT User,plugin,authentication_string,max_questions FROM mysql.user WHERE USER='u12';
CREATE USER u13@localhost IDENTIFIED WITH 'sha256_password'
WITH MAX_CONNECTIONS_PER_HOUR 2;
query_vertical SELECT User,plugin,length(authentication_string),max_connections FROM mysql.user WHERE USER='u13';
CREATE USER u14@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string'
WITH MAX_USER_CONNECTIONS 2 PASSWORD EXPIRE INTERVAL 6 DAY;
query_vertical SELECT User,plugin,length(authentication_string),max_user_connections,
password_expired,password_lifetime FROM mysql.user WHERE USER='u14';
CREATE USER u15@localhost,
u16@localhost IDENTIFIED BY 'auth_string',
u17@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string' PASSWORD EXPIRE;
query_vertical SELECT User,plugin,password_expired,password_lifetime FROM mysql.user WHERE USER BETWEEN 'u15' AND 'u17' ORDER BY User;
CREATE USER u18@localhost,
u19@localhost IDENTIFIED BY 'auth_string',
u20@localhost IDENTIFIED WITH 'sha256_password',
u21@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string'
REQUIRE SUBJECT '/C=SE/ST=Uppsala/O=MySQL AB' WITH MAX_QUERIES_PER_HOUR 2 MAX_USER_CONNECTIONS 2
PASSWORD EXPIRE NEVER;
query_vertical SELECT User,plugin,ssl_type,ssl_cipher,x509_issuer,x509_subject,
max_questions,max_user_connections,password_expired,password_lifetime
FROM mysql.user WHERE USER BETWEEN 'u18' AND 'u21' ORDER BY User;
drop user u1@localhost, u2@localhost, u3@localhost, u4@localhost, u5@localhost,
u6@localhost, u7@localhost, u8@localhost, u9@localhost, u10@localhost,
u11@localhost, u12@localhost, u13@localhost, u14@localhost,
u15@localhost, u16@localhost, u17@localhost, u18@localhost,
u19@localhost, u20@localhost, u21@localhost;
--echo # ALTER USER
CREATE USER u1@localhost;
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,
password_lifetime
FROM mysql.user WHERE USER='u1';
--echo its a no op
ALTER USER u1@localhost;
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,
password_lifetime
FROM mysql.user WHERE USER='u1';
CREATE USER u2@localhost IDENTIFIED BY 'auth_string';
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,
password_lifetime FROM mysql.user WHERE USER='u2';
ALTER USER u2@localhost IDENTIFIED BY 'new_auth_string';
# look for auth_string and password last changed field
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,
password_lifetime FROM mysql.user WHERE USER='u2';
CREATE USER u3@localhost IDENTIFIED WITH 'sha256_password';
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,
password_lifetime FROM mysql.user WHERE USER='u3';
ALTER USER u3@localhost IDENTIFIED WITH 'mysql_native_password';
# look for plugin,auth_string and password expired field
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,
password_lifetime FROM mysql.user WHERE USER='u3';
CREATE USER u4@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string';
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,
password_lifetime FROM mysql.user WHERE USER='u4';
ALTER USER u4@localhost IDENTIFIED WITH 'mysql_native_password'
BY 'auth_string';
# look for plugin,auth_string field
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,
password_lifetime FROM mysql.user WHERE USER='u4';
CREATE USER u5@localhost REQUIRE SSL;
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,
password_lifetime FROM mysql.user WHERE USER='u5';
ALTER USER u5@localhost IDENTIFIED WITH 'sha256_password';
# look for plugin,auth_string, password expired field
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,
password_lifetime FROM mysql.user WHERE USER='u5';
CREATE USER u6@localhost IDENTIFIED BY 'auth_string' REQUIRE X509;
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,
password_lifetime FROM mysql.user WHERE USER='u6';
ALTER USER u6@localhost IDENTIFIED BY 'new_auth_string' REQUIRE SSL;
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,
password_lifetime FROM mysql.user WHERE USER='u6';
CREATE USER u7@localhost IDENTIFIED WITH 'sha256_password'
BY 'auth_string' REQUIRE CIPHER 'cipher';
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,
password_lifetime FROM mysql.user WHERE USER='u7';
ALTER USER u7@localhost IDENTIFIED WITH 'mysql_native_password'
REQUIRE ISSUER 'issuer';
# look for plugin,auth_string, password expired, SSL type field
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,
password_lifetime FROM mysql.user WHERE USER='u7';
CREATE USER u8@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string'
REQUIRE ISSUER 'issuer';
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,
password_lifetime FROM mysql.user WHERE USER='u8';
ALTER USER u8@localhost IDENTIFIED WITH 'mysql_native_password'
REQUIRE CIPHER "DHE-RSA-AES256-SHA";
# look for plugin,auth_string, password expired, SSL fields
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,
password_lifetime FROM mysql.user WHERE USER='u8';
CREATE USER u9@localhost REQUIRE SUBJECT 'sub';
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,
password_lifetime FROM mysql.user WHERE USER='u9';
ALTER USER u9@localhost REQUIRE ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB";
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,
password_lifetime FROM mysql.user WHERE USER='u9';
CREATE USER u10@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string'
REQUIRE CIPHER "DHE-RSA-AES256-SHA" AND
SUBJECT "/C=SE/ST=Uppsala/O=MySQL AB"
ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB";
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,
password_lifetime FROM mysql.user WHERE USER='u10';
ALTER USER u10@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string'
REQUIRE SSL;
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,
password_lifetime FROM mysql.user WHERE USER='u10';
CREATE USER u11@localhost WITH MAX_QUERIES_PER_HOUR 2;
query_vertical SELECT User,max_questions FROM mysql.user WHERE USER='u11';
ALTER USER u11@localhost WITH MAX_QUERIES_PER_HOUR 6;
query_vertical SELECT User,max_questions FROM mysql.user WHERE USER='u11';
CREATE USER u12@localhost IDENTIFIED BY 'auth_string' WITH MAX_QUERIES_PER_HOUR 2;
query_vertical SELECT User,max_questions FROM mysql.user WHERE USER='u12';
ALTER USER u12@localhost IDENTIFIED WITH 'sha256_password' WITH MAX_QUERIES_PER_HOUR 8;
query_vertical SELECT User,max_questions FROM mysql.user WHERE USER='u12';
CREATE USER u13@localhost IDENTIFIED WITH 'sha256_password'
WITH MAX_CONNECTIONS_PER_HOUR 2;
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,
password_lifetime FROM mysql.user WHERE USER='u13';
ALTER USER u13@localhost PASSWORD EXPIRE;
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,
password_lifetime FROM mysql.user WHERE USER='u13';
CREATE USER u14@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string'
WITH MAX_USER_CONNECTIONS 2;
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,max_user_connections,
password_lifetime FROM mysql.user WHERE USER='u14';
ALTER USER u14@localhost WITH MAX_USER_CONNECTIONS 12 PASSWORD EXPIRE INTERVAL 365 DAY;
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,max_user_connections,
password_lifetime FROM mysql.user WHERE USER='u14';
CREATE USER u15@localhost,
u16@localhost IDENTIFIED WITH 'sha256_password',
u17@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string';
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,
password_lifetime FROM mysql.user
WHERE USER BETWEEN 'u15' AND 'u17' order by 1;
ALTER USER u15@localhost IDENTIFIED WITH 'sha256_password',
u16@localhost,
u17@localhost IDENTIFIED BY 'new_auth_string'
PASSWORD EXPIRE DEFAULT;
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,
password_lifetime FROM mysql.user
WHERE USER BETWEEN 'u15' AND 'u17' order by 1;
CREATE USER u18@localhost,
u19@localhost IDENTIFIED BY 'auth_string',
u20@localhost IDENTIFIED WITH 'sha256_password',
u21@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string'
REQUIRE SUBJECT '/C=SE/ST=Uppsala/O=MySQL AB' WITH MAX_QUERIES_PER_HOUR 2 MAX_USER_CONNECTIONS 2;
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,max_user_connections,
max_questions,password_lifetime FROM mysql.user
WHERE USER BETWEEN 'u18' AND 'u21' order by 1;
ALTER USER u18@localhost, u19@localhost,
u20@localhost, u21@localhost
REQUIRE SUBJECT '/C=SE/ST=Uppsala/O=MySQL AB'
WITH MAX_QUERIES_PER_HOUR 2 MAX_USER_CONNECTIONS 2
PASSWORD EXPIRE NEVER;
query_vertical SELECT User,ssl_type,ssl_cipher,x509_issuer,x509_subject,
plugin,password_expired,max_user_connections,
max_questions,password_lifetime FROM mysql.user
WHERE USER BETWEEN 'u18' AND 'u21' order by 1;
drop user u1@localhost, u2@localhost, u3@localhost, u4@localhost, u5@localhost,
u6@localhost, u7@localhost, u8@localhost, u9@localhost, u10@localhost,
u11@localhost, u12@localhost, u13@localhost, u14@localhost,
u15@localhost, u16@localhost, u17@localhost, u18@localhost,
u19@localhost, u20@localhost, u21@localhost;
--echo # CREATE USER with password expire attributes
CREATE USER u1@localhost PASSWORD EXPIRE NEVER;
--echo # This should report 0
SELECT password_lifetime FROM mysql.user where user='u1';
DROP USER u1@localhost;
CREATE USER u1@localhost PASSWORD EXPIRE DEFAULT;
--echo # This should report NULL
SELECT password_expired,password_lifetime FROM mysql.user where user='u1';
--exec $MYSQL -uu1 -e "EXIT" 2>&1
DROP USER u1@localhost;
CREATE USER u1@localhost PASSWORD EXPIRE INTERVAL 4 DAY;
--echo # Should report 4
SELECT password_lifetime FROM mysql.user where user='u1';
--exec $MYSQL -uu1 -e "EXIT" 2>&1
DROP USER u1@localhost;
CREATE USER u1@localhost PASSWORD EXPIRE;
--echo # This should report Y
SELECT password_expired FROM mysql.user where user='u1';
--error 1
--exec $MYSQL -uu1 -e "EXIT" 2>&1
DROP USER u1@localhost;
--echo # CREATE USER with password expire attributes for anonymous user
--error ER_CANNOT_USER
CREATE USER '' PASSWORD EXPIRE;
--error ER_CANNOT_USER
CREATE USER '' PASSWORD EXPIRE NEVER;
--error ER_CANNOT_USER
CREATE USER '' PASSWORD EXPIRE INTERVAL 4 DAY;
--echo # ALTER USER with user()
CREATE USER u1@localhost IDENTIFIED BY 'abc';
--connect(con1, localhost, u1, abc)
SELECT USER();
connection default;
ALTER USER u1@localhost PASSWORD EXPIRE;
disconnect con1;
--connect(con1, localhost, u1, abc)
--error ER_MUST_CHANGE_PASSWORD
SELECT USER();
--enable_warnings
SET PASSWORD = 'def';
--disable_warnings
disconnect con1;
--enable_warnings
--connect(con1, localhost, u1, def)
SELECT USER();
connection default;
ALTER USER u1@localhost PASSWORD EXPIRE;
disconnect con1;
--connect(con1, localhost, u1, def)
--error ER_MUST_CHANGE_PASSWORD
SELECT USER();
# password set to user()
ALTER USER user() IDENTIFIED BY 'abc';
disconnect con1;
--connect(con1, localhost, u1, abc)
SELECT USER();
connection default;
ALTER USER u1@localhost PASSWORD EXPIRE;
disconnect con1;
--connect(con1, localhost, u1, abc)
--error ER_MUST_CHANGE_PASSWORD
SELECT USER();
connection default;
ALTER USER u1@localhost IDENTIFIED BY 'def';
disconnect con1;
--connect(con1, localhost, u1, def)
SELECT USER();
connection default;
DROP USER u1@localhost;
disconnect con1;
--echo # ALTER USER with current user is allowed to set only credential information
CREATE USER u1@localhost, u2@localhost IDENTIFIED BY 'abc';
GRANT ALL ON *.* TO u2@localhost;
--connect(con1, localhost, u2, abc)
--error ER_PARSE_ERROR
ALTER USER USER() IDENTIFIED WITH 'sha256_password';
--error ER_PARSE_ERROR
ALTER USER USER() IDENTIFIED BY 'def', u2@localhost PASSWORD EXPIRE;
--error ER_PARSE_ERROR
ALTER USER USER() IDENTIFIED BY 'def' PASSWORD EXPIRE;
--error ER_PARSE_ERROR
ALTER USER ;
connection default;
disconnect con1;
DROP USER u1@localhost, u2@localhost;
# Wait till all disconnects are completed
--source include/wait_until_count_sessions.inc
--echo # SHOW CREATE USER
CREATE USER u1@localhost;
SHOW CREATE USER u1@localhost;
ALTER USER u1@localhost IDENTIFIED BY 'auth_string';
SHOW CREATE USER u1@localhost;
CREATE USER u2@localhost IDENTIFIED BY 'auth_string';
SHOW CREATE USER u2@localhost;
ALTER USER u2@localhost IDENTIFIED WITH 'sha256_password';
SHOW CREATE USER u2@localhost;
CREATE USER u3@localhost IDENTIFIED WITH 'sha256_password';
SHOW CREATE USER u3@localhost;
ALTER USER u3@localhost PASSWORD EXPIRE NEVER;
SHOW CREATE USER u3@localhost;
CREATE USER u4@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string';
--replace_regex /AS .*$/AS '<non-deterministic-password-hash>'/
SHOW CREATE USER u4@localhost;
ALTER USER u4@localhost PASSWORD EXPIRE INTERVAL 365 DAY;
--replace_regex /AS .*$/AS '<non-deterministic-password-hash>'/
SHOW CREATE USER u4@localhost;
CREATE USER u5@localhost REQUIRE SSL;
SHOW CREATE USER u5@localhost;
ALTER USER u5@localhost REQUIRE CIPHER "DHE-RSA-AES256-SHA";
SHOW CREATE USER u5@localhost;
CREATE USER u6@localhost IDENTIFIED BY 'auth_string' REQUIRE X509;
SHOW CREATE USER u6@localhost;
ALTER USER u6@localhost REQUIRE CIPHER "DHE-RSA-AES256-SHA" WITH MAX_QUERIES_PER_HOUR 2;
SHOW CREATE USER u6@localhost;
CREATE USER u7@localhost IDENTIFIED WITH 'sha256_password'
REQUIRE CIPHER 'DHE-RSA-AES256-SHA';
SHOW CREATE USER u7@localhost;
ALTER USER u7@localhost REQUIRE NONE WITH MAX_USER_CONNECTIONS 12;
SHOW CREATE USER u7@localhost;
CREATE USER u8@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string'
REQUIRE ISSUER 'issuer';
--replace_regex /AS .*$/AS '<non-deterministic-password-hash>'/
SHOW CREATE USER u8@localhost;
ALTER USER u8@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string';
SHOW CREATE USER u8@localhost;
CREATE USER u9@localhost REQUIRE SUBJECT 'sub';
SHOW CREATE USER u9@localhost;
ALTER USER u9@localhost;
SHOW CREATE USER u9@localhost;
CREATE USER u10@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string'
REQUIRE CIPHER "DHE-RSA-AES256-SHA" AND
SUBJECT "/C=SE/ST=Uppsala/O=MySQL AB"
ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB";
--replace_regex /AS .*$/AS '<non-deterministic-password-hash>'/
SHOW CREATE USER u10@localhost;
ALTER USER u10@localhost PASSWORD EXPIRE NEVER;
--replace_regex /AS .*$/AS '<non-deterministic-password-hash>'/
SHOW CREATE USER u10@localhost;
CREATE USER u11@localhost WITH MAX_QUERIES_PER_HOUR 2;
SHOW CREATE USER u11@localhost;
ALTER USER u11@localhost WITH MAX_QUERIES_PER_HOUR 10;
SHOW CREATE USER u11@localhost;
CREATE USER u12@localhost IDENTIFIED BY 'auth_string' WITH MAX_QUERIES_PER_HOUR 2;
SHOW CREATE USER u12@localhost;
ALTER USER u12@localhost REQUIRE SUBJECT '/C=SE/ST=Uppsala/O=MySQL AB' WITH MAX_QUERIES_PER_HOUR 10;
SHOW CREATE USER u12@localhost;
CREATE USER u13@localhost IDENTIFIED WITH 'sha256_password'
WITH MAX_CONNECTIONS_PER_HOUR 2;
SHOW CREATE USER u13@localhost;
ALTER USER u13@localhost REQUIRE SUBJECT '/C=SE/ST=Uppsala/O=MySQL AB' WITH MAX_QUERIES_PER_HOUR 10;
SHOW CREATE USER u13@localhost;
CREATE USER u14@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string'
WITH MAX_USER_CONNECTIONS 2;
--replace_regex /AS .*$/AS '<non-deterministic-password-hash>'/
SHOW CREATE USER u14@localhost;
ALTER USER u14@localhost REQUIRE SUBJECT '/C=SE/ST=Uppsala/O=MySQL AB' WITH MAX_QUERIES_PER_HOUR 10
PASSWORD EXPIRE;
--replace_regex /AS .*$/AS '<non-deterministic-password-hash>'/
SHOW CREATE USER u14@localhost;
CREATE USER u15@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string'
REQUIRE SUBJECT '/C=SE/ST=Uppsala/O=MySQL AB' ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB"
CIPHER 'DHE-RSA-AES256-SHA' WITH MAX_QUERIES_PER_HOUR 2 MAX_USER_CONNECTIONS 2;
--replace_regex /AS .*$/AS '<non-deterministic-password-hash>'/
SHOW CREATE USER u15@localhost;
ALTER USER u15@localhost REQUIRE X509 PASSWORD EXPIRE INTERVAL 365 DAY;
--replace_regex /AS .*$/AS '<non-deterministic-password-hash>'/
SHOW CREATE USER u15@localhost;
CREATE USER u16@localhost IDENTIFIED BY 'auth_string' PASSWORD EXPIRE;
SHOW CREATE USER u16@localhost;
ALTER USER u16@localhost REQUIRE X509 PASSWORD EXPIRE INTERVAL 365 DAY;
SHOW CREATE USER u16@localhost;
CREATE USER u17@localhost WITH MAX_QUERIES_PER_HOUR 200
MAX_USER_CONNECTIONS 2 PASSWORD EXPIRE NEVER;
SHOW CREATE USER u17@localhost;
ALTER USER u17@localhost REQUIRE X509 PASSWORD EXPIRE INTERVAL 365 DAY;
SHOW CREATE USER u17@localhost;
CREATE USER u18@localhost IDENTIFIED WITH 'sha256_password' PASSWORD EXPIRE INTERVAL 365 DAY;
SHOW CREATE USER u18@localhost;
ALTER USER u18@localhost PASSWORD EXPIRE NEVER;
SHOW CREATE USER u18@localhost;
CREATE USER u19@localhost REQUIRE SUBJECT '/C=SE/ST=Uppsala/O=MySQL AB'
ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB"
PASSWORD EXPIRE DEFAULT;
SHOW CREATE USER u19@localhost;
ALTER USER u19@localhost WITH MAX_QUERIES_PER_HOUR 200
MAX_USER_CONNECTIONS 2 PASSWORD EXPIRE NEVER;
SHOW CREATE USER u19@localhost;
drop user u1@localhost, u2@localhost, u3@localhost, u4@localhost, u5@localhost,
u6@localhost, u7@localhost, u8@localhost, u9@localhost, u10@localhost,
u11@localhost, u12@localhost, u13@localhost, u14@localhost,
u15@localhost, u16@localhost, u17@localhost, u18@localhost,
u19@localhost;
--echo # test general log with log_builtin_as_identified_by_password ON
SHOW GLOBAL VARIABLES LIKE 'log_builtin_as_identified_by_password';
--echo # restarting the server with log_builtin_as_identified_by_password ON
# Write file to make mysql-test-run.pl wait for the server to stop
--exec echo "wait" > $MYSQLTEST_VARDIR/tmp/mysqld.1.expect
# Request shutdown
-- send_shutdown
# Call script that will poll the server waiting for it to disapear
-- source include/wait_until_disconnected.inc
--echo # Restart server.
--exec echo "restart:--log-builtin-as-identified-by-password=ON" > $MYSQLTEST_VARDIR/tmp/mysqld.1.expect
# Turn on reconnect
--enable_reconnect
# Call script that will poll the server waiting for it to be back online again
--source include/wait_until_connected_again.inc
SHOW GLOBAL VARIABLES LIKE 'log_builtin_as_identified_by_password';
# make sure we start with a clean slate. log_tables.test says this is OK.
TRUNCATE TABLE mysql.general_log;
--echo --------------- general log ---------------------------------------
SET @old_log_output= @@global.log_output;
SET @old_general_log= @@global.general_log;
SET @old_general_log_file= @@global.general_log_file;
--replace_result $MYSQLTEST_VARDIR ...
eval SET GLOBAL general_log_file = '$MYSQLTEST_VARDIR/log/rewrite_general.log';
SET GLOBAL log_output = 'FILE,TABLE';
SET GLOBAL general_log= 'ON';
CREATE USER u1 IDENTIFIED WITH 'mysql_native_password' BY 'azundris1';
CREATE USER u2@localhost IDENTIFIED BY 'meow';
GRANT SELECT ON test.* TO u3@localhost IDENTIFIED BY 'azundris1' WITH GRANT OPTION;
SET PASSWORD FOR u3@localhost = 'def';
CREATE TABLE test_log (argument TEXT);
--replace_result $MYSQLTEST_VARDIR ...
eval LOAD DATA LOCAL INFILE '$MYSQLTEST_VARDIR/log/rewrite_general.log'
INTO TABLE test_log FIELDS TERMINATED BY '\n' LINES TERMINATED BY '\n';
--echo Show what is logged:
--echo ------ rewrite ------
SELECT argument FROM mysql.general_log WHERE argument LIKE 'CREATE USER %';
SELECT argument FROM mysql.general_log WHERE argument LIKE 'SET PASSWORD %';
SELECT argument FROM mysql.general_log WHERE argument LIKE 'GRANT %';
--echo ------ done ------
# cleanup
DROP USER u1, 'u2'@'localhost', 'u3'@'localhost';
--remove_file $MYSQLTEST_VARDIR/log/rewrite_general.log
SET GLOBAL general_log_file= @old_general_log_file;
SET GLOBAL general_log= @old_general_log;
SET GLOBAL log_output= @old_log_output;
--echo #
--echo # Bug #20553132 USER WITH EXPIRED PASSWORD ABLE TO EXECUTE
--echo # ALTER USER .. PASSWORD EXPIRE COMMAND
--echo #
connection default;
CREATE USER 20553132_u1@localhost;
CREATE USER 20553132_u2@localhost;
CREATE USER '20553132_u3'@'%';
GRANT ALL ON *.* TO 20553132_u1@localhost;
ALTER USER 20553132_u1@localhost PASSWORD EXPIRE;
ALTER USER '20553132_u3'@'%' PASSWORD EXPIRE;
--connect(con_20553132_u1, localhost, 20553132_u1)
--error ER_MUST_CHANGE_PASSWORD
ALTER USER 20553132_u1@localhost PASSWORD EXPIRE NEVER;
--error ER_MUST_CHANGE_PASSWORD
ALTER USER 20553132_u1@localhost PASSWORD EXPIRE DEFAULT;
--error ER_MUST_CHANGE_PASSWORD
ALTER USER 20553132_u1@localhost, 20553132_u2@localhost IDENTIFIED BY 'abcd' PASSWORD EXPIRE NEVER;
# Must succeed
ALTER USER 20553132_u2@localhost IDENTIFIED BY 'abcd', 20553132_u1@localhost IDENTIFIED BY 'defg' PASSWORD EXPIRE NEVER;
disconnect con_20553132_u1;
connection default;
ALTER USER 20553132_u1@localhost PASSWORD EXPIRE;
--connect(con_20553132_u1, localhost, 20553132_u1, defg)
# Must succeed
ALTER USER 20553132_u2@localhost IDENTIFIED BY 'abcd', 20553132_u1@localhost IDENTIFIED WITH 'mysql_native_password' BY 'hijk' PASSWORD EXPIRE DEFAULT;
disconnect con_20553132_u1;
--connect(con_20553132_u1, localhost, 20553132_u1, hijk)
SELECT USER();
disconnect con_20553132_u1;
--connect(con_20553132_u3, localhost, 20553132_u3)
ALTER USER CURRENT_USER() IDENTIFIED BY 'abcd';
SELECT CURRENT_USER();
disconnect con_20553132_u3;
connection default;
ALTER USER '20553132_u3'@'%' PASSWORD EXPIRE;
--connect(con_20553132_u3, localhost, 20553132_u3, abcd)
ALTER USER '20553132_u3'@'%' IDENTIFIED BY 'abcd';
SELECT CURRENT_USER();
disconnect con_20553132_u3;
connection default;
DROP USER 20553132_u1@localhost;
DROP USER 20553132_u2@localhost;
DROP USER '20553132_u3'@'%';
--source include/wait_until_count_sessions.inc
--echo
--echo End of 5.7 tests!
--echo
--echo
--echo Bug #20600865: IDENTIFIED BY PASSWORD IS NOT DEPRECATED FOR
--echo ALTER USER BUT DOESN\'T WORK
--echo
CREATE USER u1;
--error ER_PARSE_ERROR
ALTER USER u1 IDENTIFIED BY PASSWORD '*67092806AE91BFB6BE72DE6C7BE2B7CCA8CFA9DF';
--error ER_PARSE_ERROR
ALTER USER u1 IDENTIFIED BY PASSWORD '*67092806AE91BFB6BE72DE6C7BE2B7CCA8CFA9DF'
PASSWORD EXPIRE;
--error ER_PARSE_ERROR
ALTER USER u1 IDENTIFIED BY PASSWORD '*67092806AE91BFB6BE72DE6C7BE2B7CCA8CFA9DF'
WITH MAX_QUERIES_PER_HOUR 2 MAX_USER_CONNECTIONS 2;
--error ER_PARSE_ERROR
ALTER USER u1 IDENTIFIED BY PASSWORD '*67092806AE91BFB6BE72DE6C7BE2B7CCA8CFA9DF'
REQUIRE CIPHER "DHE-RSA-AES256-SHA" AND
SUBJECT "/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=Client";
--error ER_PARSE_ERROR
ALTER USER u1 IDENTIFIED BY PASSWORD '*67092806AE91BFB6BE72DE6C7BE2B7CCA8CFA9DF'
PASSWORD EXPIRE DEFAULT;
#Cleanup
DROP USER u1;
--echo
--echo Bug #20634154 GRANT/ALTER USER CLEARS PASSWORD EXPIRE.
--echo
CREATE USER bug20634154@localhost IDENTIFIED BY 'abc';
--connect(con1, localhost, bug20634154, abc)
SELECT CURRENT_USER();
disconnect con1;
connection default;
ALTER USER bug20634154@localhost PASSWORD EXPIRE;
--connect(con1, localhost, bug20634154, abc)
--error ER_MUST_CHANGE_PASSWORD
SELECT CURRENT_USER();
disconnect con1;
connection default;
GRANT USAGE ON *.* TO bug20634154@localhost;
--connect(con1, localhost, bug20634154, abc)
--error ER_MUST_CHANGE_PASSWORD
SELECT CURRENT_USER();
disconnect con1;
connection default;
ALTER USER bug20634154@localhost;
--connect(con1, localhost, bug20634154, abc)
--error ER_MUST_CHANGE_PASSWORD
SELECT CURRENT_USER();
disconnect con1;
connection default;
ALTER USER bug20634154@localhost IDENTIFIED BY 'def';
--connect(con1, localhost, bug20634154, def)
SELECT CURRENT_USER();
disconnect con1;
connection default;
ALTER USER bug20634154@localhost IDENTIFIED BY 'abc' PASSWORD EXPIRE;
--connect(con1, localhost, bug20634154, abc)
--error ER_MUST_CHANGE_PASSWORD
SELECT CURRENT_USER();
disconnect con1;
connection default;
ALTER USER bug20634154@localhost IDENTIFIED BY 'def' PASSWORD EXPIRE INTERVAL 10 DAY;
--connect(con1, localhost, bug20634154, def)
# this will work
SELECT CURRENT_USER();
disconnect con1;
connection default;
#cleanup
DROP USER bug20634154@localhost;
--echo
--echo Bug #22205360 ALTER USER/SET PASSWORD DO NOT WORK FOR --INIT-FILE EXECUTION
--echo
CREATE USER bug22205360@localhost;
--write_file $MYSQLTEST_VARDIR/tmp/set_password.sql
SET PASSWORD FOR bug22205360@localhost= 'abc';
EOF
--echo # shutdown the server
--exec echo "wait" > $MYSQLTEST_VARDIR/tmp/mysqld.1.expect
--shutdown_server
--source include/wait_until_disconnected.inc
--echo # Restart server with init-file option
--exec echo "restart:--init-file=$MYSQLTEST_VARDIR/tmp/set_password.sql" > $MYSQLTEST_VARDIR/tmp/mysqld.1.expect
--enable_reconnect
--source include/wait_until_connected_again.inc
--connect(con1, localhost, bug22205360, abc)
SELECT 1;
connection default;
--write_file $MYSQLTEST_VARDIR/tmp/alter_password.sql
ALTER USER bug22205360@localhost IDENTIFIED BY 'def';
EOF
--echo # shutdown the server
--exec echo "wait" > $MYSQLTEST_VARDIR/tmp/mysqld.1.expect
--shutdown_server
--source include/wait_until_disconnected.inc
--echo # Restart server with init-file option
--exec echo "restart:--init-file=$MYSQLTEST_VARDIR/tmp/alter_password.sql" > $MYSQLTEST_VARDIR/tmp/mysqld.1.expect
--enable_reconnect
--source include/wait_until_connected_again.inc
--connect(con2, localhost, bug22205360, def)
SELECT 1;
disconnect con1;
disconnect con2;
connection default;
DROP USER bug22205360@localhost;
--remove_file $MYSQLTEST_VARDIR/tmp/alter_password.sql
--remove_file $MYSQLTEST_VARDIR/tmp/set_password.sql