1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
|
############ Test with zlib algorithm ############
# case1: default connection with default authentication plugin
CREATE DATABASE testdb;
CREATE USER caching_sha2@localhost IDENTIFIED BY 'caching';
GRANT ALL ON *.* TO caching_sha2@localhost;
# connect as caching_sha2
SELECT USER(), DATABASE();
USER() DATABASE()
caching_sha2@localhost testdb
USE testdb;
CREATE TABLE t1(i INT, j VARCHAR(2048));
INSERT INTO t1 VALUES(1,repeat('a',1000)),(2,repeat('def',600));
SELECT * FROM t1;
i j
count big_value
count big_value
# case2: request a large packet
SET GLOBAL max_allowed_packet=4*1024;
Warnings:
Warning 1708 The value of 'max_allowed_packet' should be no less than the value of 'net_buffer_length'
SELECT SPACE(@@global.max_allowed_packet);
SPACE(@@global.max_allowed_packet)
lot_of_spaces
SET GLOBAL max_allowed_packet=default;
# connect with wrong password
connect(localhost,caching_sha2,caching1,testdb,MASTER_PORT,MASTER_SOCKET);
ERROR 28000: Access denied for user 'caching_sha2'@'localhost' (using password: YES)
# check for timeout
SELECT USER();
USER()
caching_sha2@localhost
SET @@SESSION.wait_timeout = 2;
SELECT SLEEP(10);
SLEEP(10)
0
# Check that ssl_con has not disconnected
SELECT 1;
1
1
# lock the account
ALTER USER caching_sha2@localhost ACCOUNT LOCK;
# account is locked so connect should fail
connect(localhost,caching_sha2,caching,testdb,MASTER_PORT,MASTER_SOCKET);
ERROR HY000: Access denied for user 'caching_sha2'@'localhost'. Account is locked.
# lock the account
ALTER USER caching_sha2@localhost ACCOUNT UNLOCK;
# account is unlocked so connect should pass
SELECT "connect succeeded after account is unlocked";
connect succeeded after account is unlocked
connect succeeded after account is unlocked
# restart: --ssl=off --loose-caching_sha2_password_private_key_path=MYSQL_TEST_DIR/std_data/rsa_private_key.pem --loose-caching_sha2_password_public_key_path=MYSQL_TEST_DIR/std_data/rsa_public_key.pem
# connect as caching_sha2 with SSL disabled
SELECT USER();
USER()
caching_sha2@localhost
# change to empty password
ALTER USER caching_sha2@localhost IDENTIFIED BY '';
# connect as caching_sha2 with SSL disabled and empty password
SELECT USER();
USER()
caching_sha2@localhost
# case3: authenticate user with sha256_password
CREATE USER sha256@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string';
# restart: --default-authentication-plugin=sha256_password
# connect as sha256
SELECT USER();
USER()
sha256@localhost
# change to empty password
ALTER USER sha256@localhost IDENTIFIED BY '';
# connect with empty password
SELECT USER();
USER()
sha256@localhost
# restart: --default-authentication-plugin=sha256_password --ssl=off --loose-sha256_password_private_key_path=MYSQL_TEST_DIR/std_data/rsa_private_key.pem --loose-sha256_password_public_key_path=MYSQL_TEST_DIR/std_data/rsa_public_key.pem
# connect with wrong password and SSL disabled
connect(localhost,sha256,auth_string,test,MASTER_PORT,MASTER_SOCKET);
Got one of the listed errors
# case4: authenticate user with mysql_native_password
CREATE USER native_user@localhost IDENTIFIED WITH 'mysql_native_password' BY 'native';
# restart: --default-authentication-plugin=mysql_native_password
# connect as native_user
SELECT USER();
USER()
native_user@localhost
# Change to empty password
ALTER USER native_user@localhost IDENTIFIED BY '';
# connect as native_user with empty password
SELECT USER();
USER()
native_user@localhost
DROP USER sha256@localhost, native_user@localhost, caching_sha2@localhost;
DROP DATABASE testdb;
# restart:
############ Test with zstd algorithm ############
# case1: default connection with default authentication plugin
CREATE DATABASE testdb;
CREATE USER caching_sha2@localhost IDENTIFIED BY 'caching';
GRANT ALL ON *.* TO caching_sha2@localhost;
# connect as caching_sha2
SELECT USER(), DATABASE();
USER() DATABASE()
caching_sha2@localhost testdb
USE testdb;
CREATE TABLE t1(i INT, j VARCHAR(2048));
INSERT INTO t1 VALUES(1,repeat('a',1000)),(2,repeat('def',600));
SELECT * FROM t1;
i j
count big_value
count big_value
# case2: request a large packet
SET GLOBAL max_allowed_packet=4*1024;
Warnings:
Warning 1708 The value of 'max_allowed_packet' should be no less than the value of 'net_buffer_length'
SELECT SPACE(@@global.max_allowed_packet);
SPACE(@@global.max_allowed_packet)
lot_of_spaces
SET GLOBAL max_allowed_packet=default;
# connect with wrong password
connect(localhost,caching_sha2,caching1,testdb,MASTER_PORT,MASTER_SOCKET);
ERROR 28000: Access denied for user 'caching_sha2'@'localhost' (using password: YES)
# check for timeout
SELECT USER();
USER()
caching_sha2@localhost
SET @@SESSION.wait_timeout = 2;
SELECT SLEEP(10);
SLEEP(10)
0
# Check that ssl_con has not disconnected
SELECT 1;
1
1
# lock the account
ALTER USER caching_sha2@localhost ACCOUNT LOCK;
# account is locked so connect should fail
connect(localhost,caching_sha2,caching,testdb,MASTER_PORT,MASTER_SOCKET);
ERROR HY000: Access denied for user 'caching_sha2'@'localhost'. Account is locked.
# lock the account
ALTER USER caching_sha2@localhost ACCOUNT UNLOCK;
# account is unlocked so connect should pass
SELECT "connect succeeded after account is unlocked";
connect succeeded after account is unlocked
connect succeeded after account is unlocked
# restart: --ssl=off --loose-caching_sha2_password_private_key_path=MYSQL_TEST_DIR/std_data/rsa_private_key.pem --loose-caching_sha2_password_public_key_path=MYSQL_TEST_DIR/std_data/rsa_public_key.pem
# connect as caching_sha2 with SSL disabled
SELECT USER();
USER()
caching_sha2@localhost
# change to empty password
ALTER USER caching_sha2@localhost IDENTIFIED BY '';
# connect as caching_sha2 with SSL disabled and empty password
SELECT USER();
USER()
caching_sha2@localhost
# case3: authenticate user with sha256_password
CREATE USER sha256@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string';
# restart: --default-authentication-plugin=sha256_password
# connect as sha256
SELECT USER();
USER()
sha256@localhost
# change to empty password
ALTER USER sha256@localhost IDENTIFIED BY '';
# connect with empty password
SELECT USER();
USER()
sha256@localhost
# restart: --default-authentication-plugin=sha256_password --ssl=off --loose-sha256_password_private_key_path=MYSQL_TEST_DIR/std_data/rsa_private_key.pem --loose-sha256_password_public_key_path=MYSQL_TEST_DIR/std_data/rsa_public_key.pem
# connect with wrong password and SSL disabled
connect(localhost,sha256,auth_string,test,MASTER_PORT,MASTER_SOCKET);
Got one of the listed errors
# case4: authenticate user with mysql_native_password
CREATE USER native_user@localhost IDENTIFIED WITH 'mysql_native_password' BY 'native';
# restart: --default-authentication-plugin=mysql_native_password
# connect as native_user
SELECT USER();
USER()
native_user@localhost
# Change to empty password
ALTER USER native_user@localhost IDENTIFIED BY '';
# connect as native_user with empty password
SELECT USER();
USER()
native_user@localhost
DROP USER sha256@localhost, native_user@localhost, caching_sha2@localhost;
DROP DATABASE testdb;
# restart:
|
