1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
|
--source include/not_embedded.inc
--source include/have_ssl.inc
connect (ssl_con,localhost,root,,,,,SSL);
SHOW STATUS LIKE 'Ssl_cipher';
CREATE USER 'kristofer' IDENTIFIED WITH 'sha256_password';
SET GLOBAL old_passwords= 2;
SET SESSION old_passwords= 2;
SET PASSWORD FOR 'kristofer'=PASSWORD('secret');
connect(con1,localhost,kristofer,secret,,,,SSL);
connection con1;
connection ssl_con;
disconnect con1;
DROP USER 'kristofer';
GRANT ALL ON *.* TO 'kristofer'@'localhost' IDENTIFIED WITH 'sha256_password';
SET PASSWORD FOR 'kristofer'@'localhost'=PASSWORD('secret2');
connect(con2,localhost,kristofer,secret2,,,,SSL);
connection con2;
SELECT USER(),CURRENT_USER();
--replace_regex /PASSWORD .*$/PASSWORD '<non-deterministic-password-hash>'/
SHOW GRANTS FOR 'kristofer'@'localhost';
connection ssl_con;
disconnect con2;
DROP USER 'kristofer'@'localhost';
GRANT ALL ON *.* TO 'kristofer'@'localhost' IDENTIFIED WITH 'sha256_password';
SET PASSWORD FOR 'kristofer'@'localhost'=PASSWORD('');
connect(con3,localhost,kristofer,,,,,SSL);
connection con3;
SELECT USER(),CURRENT_USER();
--replace_regex /PASSWORD .*$/PASSWORD '<non-deterministic-password-hash>'/
SHOW GRANTS FOR 'kristofer'@'localhost';
connection ssl_con;
disconnect con3;
DROP USER 'kristofer'@'localhost';
GRANT ALL ON *.* TO 'kristofer'@'33.33.33.33' IDENTIFIED WITH 'sha256_password';
SET PASSWORD FOR 'kristofer'@'33.33.33.33'=PASSWORD('');
--echo Connection should fail for localhost
--replace_result $MASTER_MYSOCK MASTER_MYSOCK
--disable_query_log
--error ER_ACCESS_DENIED_ERROR
connect(con4,127.0.0.1,kristofer,,,,,SSL);
--enable_query_log
DROP USER 'kristofer'@'33.33.33.33';
--echo #
--echo # BUG#14807074 ALTER USER PASSWORD EXPIRE VS SHA256_PASSWORD
--echo #
CREATE USER 'u1'@'localhost' IDENTIFIED WITH 'sha256_password';
SET PASSWORD FOR 'u1'@'localhost' = PASSWORD('pass');
ALTER USER 'u1'@'localhost' PASSWORD EXPIRE;
connect(con5,127.0.0.1,u1,pass,test,,,SSL);
--error ER_MUST_CHANGE_PASSWORD
SELECT USER();
SET @@OLD_PASSWORDS=2;
SET PASSWORD=PASSWORD('pass2');
connect(con6,127.0.0.1,u1,pass2,test,,,SSL);
SELECT USER();
connection default;
DROP USER 'u1'@'localhost';
disconnect con5;
disconnect con6;
# Restore default value to old_passwords
SET GLOBAL old_passwords= default;
connection default;
disconnect ssl_con;
|
