Merge lp:~sergei.glushchenko/percona-server/CVE-2012-5627-bug1172090-5.1 into lp:percona-server/5.1
- CVE-2012-5627-bug1172090-5.1
- Merge into 5.1
Proposed by
Sergei Glushchenko
Status: | Merged |
---|---|
Approved by: | Laurynas Biveinis |
Approved revision: | no longer in the source branch. |
Merged at revision: | 558 |
Proposed branch: | lp:~sergei.glushchenko/percona-server/CVE-2012-5627-bug1172090-5.1 |
Merge into: | lp:percona-server/5.1 |
Diff against target: |
570 lines (+249/-165) 8 files modified
Percona-Server/client/mysqltest.cc (+4/-1) Percona-Server/mysql-test/r/change_user_notembedded.result (+5/-0) Percona-Server/mysql-test/r/mysqltest.result (+3/-3) Percona-Server/mysql-test/t/change_user_notembedded.test (+24/-0) Percona-Server/sql/sql_class.cc (+1/-0) Percona-Server/sql/sql_class.h (+1/-0) Percona-Server/sql/sql_parse.cc (+15/-1) Percona-Server/tests/mysql_client_test.c (+196/-160) |
To merge this branch: | bzr merge lp:~sergei.glushchenko/percona-server/CVE-2012-5627-bug1172090-5.1 |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Laurynas Biveinis (community) | Approve | ||
Review via email: mp+161797@code.launchpad.net |
Commit message
Description of the change
This is a port from MariaDB os fix for bug 1172090.
The fix introduces limitation of unsuccessful COM_CHANGE_USER to 3 per client thread.
http://
To post a comment you must log in.
Revision history for this message
Laurynas Biveinis (laurynas-biveinis) : | # |
review:
Approve
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | === modified file 'Percona-Server/client/mysqltest.cc' |
2 | --- Percona-Server/client/mysqltest.cc 2013-03-06 11:10:14 +0000 |
3 | +++ Percona-Server/client/mysqltest.cc 2013-05-01 09:14:29 +0000 |
4 | @@ -3783,7 +3783,10 @@ |
5 | cur_con->name, ds_user.str, ds_passwd.str, ds_db.str)); |
6 | |
7 | if (mysql_change_user(mysql, ds_user.str, ds_passwd.str, ds_db.str)) |
8 | - die("change user failed: %s", mysql_error(mysql)); |
9 | + handle_error(command, mysql_errno(mysql), mysql_error(mysql), |
10 | + mysql_sqlstate(mysql), &ds_res); |
11 | + else |
12 | + handle_no_error(command); |
13 | |
14 | dynstr_free(&ds_user); |
15 | dynstr_free(&ds_passwd); |
16 | |
17 | === added file 'Percona-Server/mysql-test/r/change_user_notembedded.result' |
18 | --- Percona-Server/mysql-test/r/change_user_notembedded.result 1970-01-01 00:00:00 +0000 |
19 | +++ Percona-Server/mysql-test/r/change_user_notembedded.result 2013-05-01 09:14:29 +0000 |
20 | @@ -0,0 +1,5 @@ |
21 | +ERROR 28000: Access denied for user 'foo'@'localhost' (using password: YES) |
22 | +ERROR 28000: Access denied for user 'foo'@'localhost' (using password: NO) |
23 | +ERROR 28000: Access denied for user 'foo'@'localhost' (using password: YES) |
24 | +ERROR 08S01: Unknown command |
25 | +ERROR 08S01: Unknown command |
26 | |
27 | === modified file 'Percona-Server/mysql-test/r/mysqltest.result' |
28 | --- Percona-Server/mysql-test/r/mysqltest.result 2011-09-14 13:19:24 +0000 |
29 | +++ Percona-Server/mysql-test/r/mysqltest.result 2013-05-01 09:14:29 +0000 |
30 | @@ -835,9 +835,9 @@ |
31 | b varchar(255) YES NULL |
32 | c datetime YES NULL |
33 | drop table t1; |
34 | -mysqltest: At line 1: change user failed: Unknown database 'inexistent' |
35 | -mysqltest: At line 1: change user failed: Access denied for user 'inexistent'@'localhost' (using password: NO) |
36 | -mysqltest: At line 1: change user failed: Access denied for user 'root'@'localhost' (using password: YES) |
37 | +mysqltest: At line 1: query 'change_user root,,inexistent' failed: 1049: Unknown database 'inexistent' |
38 | +mysqltest: At line 1: query 'change_user inexistent,,test' failed: 1045: Access denied for user 'inexistent'@'localhost' (using password: NO) |
39 | +mysqltest: At line 1: query 'change_user root,inexistent,test' failed: 1045: Access denied for user 'root'@'localhost' (using password: YES) |
40 | REPLACED_FILE1.txt |
41 | file1.txt |
42 | file2.txt |
43 | |
44 | === added file 'Percona-Server/mysql-test/t/change_user_notembedded.test' |
45 | --- Percona-Server/mysql-test/t/change_user_notembedded.test 1970-01-01 00:00:00 +0000 |
46 | +++ Percona-Server/mysql-test/t/change_user_notembedded.test 2013-05-01 09:14:29 +0000 |
47 | @@ -0,0 +1,24 @@ |
48 | +source include/not_embedded.inc; |
49 | + |
50 | +# |
51 | +# MDEV-3915 COM_CHANGE_USER allows fast password brute-forcing |
52 | +# |
53 | +# only three failed change_user per connection. |
54 | +# successful change_user do NOT reset the counter |
55 | +# |
56 | +connect (test,localhost,root,,); |
57 | +connection test; |
58 | +--error 1045 |
59 | +change_user foo,bar; |
60 | +--error 1045 |
61 | +change_user foo; |
62 | +change_user; |
63 | +--error 1045 |
64 | +change_user foo,bar; |
65 | +--error 1047 |
66 | +change_user foo,bar; |
67 | +--error 1047 |
68 | +change_user; |
69 | +disconnect test; |
70 | +connection default; |
71 | + |
72 | |
73 | === modified file 'Percona-Server/sql/sql_class.cc' |
74 | --- Percona-Server/sql/sql_class.cc 2012-10-27 04:52:03 +0000 |
75 | +++ Percona-Server/sql/sql_class.cc 2013-05-01 09:14:29 +0000 |
76 | @@ -664,6 +664,7 @@ |
77 | first_successful_insert_id_in_prev_stmt_for_binlog(0), |
78 | first_successful_insert_id_in_cur_stmt(0), |
79 | stmt_depends_on_first_successful_insert_id_in_prev_stmt(FALSE), |
80 | + failed_com_change_user(0), |
81 | examined_row_count(0), |
82 | global_read_lock(0), |
83 | is_fatal_error(0), |
84 | |
85 | === modified file 'Percona-Server/sql/sql_class.h' |
86 | --- Percona-Server/sql/sql_class.h 2013-01-20 16:49:07 +0000 |
87 | +++ Percona-Server/sql/sql_class.h 2013-05-01 09:14:29 +0000 |
88 | @@ -1840,6 +1840,7 @@ |
89 | ulonglong options; /* Bitmap of states */ |
90 | longlong row_count_func; /* For the ROW_COUNT() function */ |
91 | ha_rows cuted_fields; |
92 | + uint8 failed_com_change_user; |
93 | |
94 | /* |
95 | number of rows we actually sent to the client, including "synthetic" |
96 | |
97 | === modified file 'Percona-Server/sql/sql_parse.cc' |
98 | --- Percona-Server/sql/sql_parse.cc 2013-03-07 05:58:03 +0000 |
99 | +++ Percona-Server/sql/sql_parse.cc 2013-05-01 09:14:29 +0000 |
100 | @@ -1215,7 +1215,19 @@ |
101 | /* Clear variables that are allocated */ |
102 | thd->user_connect= 0; |
103 | thd->security_ctx->priv_user= thd->security_ctx->user; |
104 | - res= check_user(thd, COM_CHANGE_USER, passwd, passwd_len, db, FALSE); |
105 | + thd->password= passwd_len > 0; |
106 | + |
107 | + /* |
108 | + to limit COM_CHANGE_USER ability to brute-force passwords, |
109 | + we only allow three unsuccessful COM_CHANGE_USER per connection. |
110 | + */ |
111 | + if (thd->failed_com_change_user >= 3) |
112 | + { |
113 | + my_message(ER_UNKNOWN_COM_ERROR, ER(ER_UNKNOWN_COM_ERROR), MYF(0)); |
114 | + res= 1; |
115 | + } |
116 | + else |
117 | + res= check_user(thd, COM_CHANGE_USER, passwd, passwd_len, db, FALSE); |
118 | |
119 | if (res) |
120 | { |
121 | @@ -1224,6 +1236,8 @@ |
122 | thd->user_connect= save_user_connect; |
123 | thd->db= save_db; |
124 | thd->db_length= save_db_length; |
125 | + thd->failed_com_change_user++; |
126 | + my_sleep(1000000); |
127 | } |
128 | else |
129 | { |
130 | |
131 | === modified file 'Percona-Server/tests/mysql_client_test.c' |
132 | --- Percona-Server/tests/mysql_client_test.c 2013-01-10 00:55:28 +0000 |
133 | +++ Percona-Server/tests/mysql_client_test.c 2013-05-01 09:14:29 +0000 |
134 | @@ -15350,6 +15350,7 @@ |
135 | const char *pw= "password"; |
136 | const char *db= "mysqltest_user_test_database"; |
137 | int rc; |
138 | + MYSQL *conn; |
139 | |
140 | DBUG_ENTER("test_change_user"); |
141 | myheader("test_change_user"); |
142 | @@ -15393,149 +15394,173 @@ |
143 | rc= mysql_query(mysql, buff); |
144 | myquery(rc); |
145 | |
146 | + conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0); |
147 | |
148 | /* Try some combinations */ |
149 | - rc= mysql_change_user(mysql, NULL, NULL, NULL); |
150 | - DIE_UNLESS(rc); |
151 | - if (! opt_silent) |
152 | - printf("Got error (as expected): %s\n", mysql_error(mysql)); |
153 | - |
154 | - |
155 | - rc= mysql_change_user(mysql, "", NULL, NULL); |
156 | - DIE_UNLESS(rc); |
157 | - if (! opt_silent) |
158 | - printf("Got error (as expected): %s\n", mysql_error(mysql)); |
159 | - |
160 | - rc= mysql_change_user(mysql, "", "", NULL); |
161 | - DIE_UNLESS(rc); |
162 | - if (! opt_silent) |
163 | - printf("Got error (as expected): %s\n", mysql_error(mysql)); |
164 | - |
165 | - rc= mysql_change_user(mysql, "", "", ""); |
166 | - DIE_UNLESS(rc); |
167 | - if (! opt_silent) |
168 | - printf("Got error (as expected): %s\n", mysql_error(mysql)); |
169 | - |
170 | - rc= mysql_change_user(mysql, NULL, "", ""); |
171 | - DIE_UNLESS(rc); |
172 | - if (! opt_silent) |
173 | - printf("Got error (as expected): %s\n", mysql_error(mysql)); |
174 | - |
175 | - |
176 | - rc= mysql_change_user(mysql, NULL, NULL, ""); |
177 | - DIE_UNLESS(rc); |
178 | - if (! opt_silent) |
179 | - printf("Got error (as expected): %s\n", mysql_error(mysql)); |
180 | - |
181 | - rc= mysql_change_user(mysql, "", NULL, ""); |
182 | - DIE_UNLESS(rc); |
183 | - if (! opt_silent) |
184 | - printf("Got error (as expected): %s\n", mysql_error(mysql)); |
185 | - |
186 | - rc= mysql_change_user(mysql, user_pw, NULL, ""); |
187 | - DIE_UNLESS(rc); |
188 | - if (! opt_silent) |
189 | - printf("Got error (as expected): %s\n", mysql_error(mysql)); |
190 | - |
191 | - rc= mysql_change_user(mysql, user_pw, "", ""); |
192 | - DIE_UNLESS(rc); |
193 | - if (! opt_silent) |
194 | - printf("Got error (as expected): %s\n", mysql_error(mysql)); |
195 | - |
196 | - rc= mysql_change_user(mysql, user_pw, "", NULL); |
197 | - DIE_UNLESS(rc); |
198 | - if (! opt_silent) |
199 | - printf("Got error (as expected): %s\n", mysql_error(mysql)); |
200 | - |
201 | - rc= mysql_change_user(mysql, user_pw, NULL, NULL); |
202 | - DIE_UNLESS(rc); |
203 | - if (! opt_silent) |
204 | - printf("Got error (as expected): %s\n", mysql_error(mysql)); |
205 | - |
206 | - rc= mysql_change_user(mysql, user_pw, "", db); |
207 | - DIE_UNLESS(rc); |
208 | - if (! opt_silent) |
209 | - printf("Got error (as expected): %s\n", mysql_error(mysql)); |
210 | - |
211 | - rc= mysql_change_user(mysql, user_pw, NULL, db); |
212 | - DIE_UNLESS(rc); |
213 | - if (! opt_silent) |
214 | - printf("Got error (as expected): %s\n", mysql_error(mysql)); |
215 | - |
216 | - rc= mysql_change_user(mysql, user_pw, pw, db); |
217 | - myquery(rc); |
218 | - |
219 | - rc= mysql_change_user(mysql, user_pw, pw, NULL); |
220 | - myquery(rc); |
221 | - |
222 | - rc= mysql_change_user(mysql, user_pw, pw, ""); |
223 | - myquery(rc); |
224 | - |
225 | - rc= mysql_change_user(mysql, user_no_pw, pw, db); |
226 | - DIE_UNLESS(rc); |
227 | - if (! opt_silent) |
228 | - printf("Got error (as expected): %s\n", mysql_error(mysql)); |
229 | - |
230 | - rc= mysql_change_user(mysql, user_no_pw, pw, ""); |
231 | - DIE_UNLESS(rc); |
232 | - if (! opt_silent) |
233 | - printf("Got error (as expected): %s\n", mysql_error(mysql)); |
234 | - |
235 | - rc= mysql_change_user(mysql, user_no_pw, pw, NULL); |
236 | - DIE_UNLESS(rc); |
237 | - if (! opt_silent) |
238 | - printf("Got error (as expected): %s\n", mysql_error(mysql)); |
239 | - |
240 | - rc= mysql_change_user(mysql, user_no_pw, "", NULL); |
241 | - myquery(rc); |
242 | - |
243 | - rc= mysql_change_user(mysql, user_no_pw, "", ""); |
244 | - myquery(rc); |
245 | - |
246 | - rc= mysql_change_user(mysql, user_no_pw, "", db); |
247 | - myquery(rc); |
248 | - |
249 | - rc= mysql_change_user(mysql, user_no_pw, NULL, db); |
250 | - myquery(rc); |
251 | - |
252 | - rc= mysql_change_user(mysql, "", pw, db); |
253 | - DIE_UNLESS(rc); |
254 | - if (! opt_silent) |
255 | - printf("Got error (as expected): %s\n", mysql_error(mysql)); |
256 | - |
257 | - rc= mysql_change_user(mysql, "", pw, ""); |
258 | - DIE_UNLESS(rc); |
259 | - if (! opt_silent) |
260 | - printf("Got error (as expected): %s\n", mysql_error(mysql)); |
261 | - |
262 | - rc= mysql_change_user(mysql, "", pw, NULL); |
263 | - DIE_UNLESS(rc); |
264 | - if (! opt_silent) |
265 | - printf("Got error (as expected): %s\n", mysql_error(mysql)); |
266 | - |
267 | - rc= mysql_change_user(mysql, NULL, pw, NULL); |
268 | - DIE_UNLESS(rc); |
269 | - if (! opt_silent) |
270 | - printf("Got error (as expected): %s\n", mysql_error(mysql)); |
271 | - |
272 | - rc= mysql_change_user(mysql, NULL, NULL, db); |
273 | - DIE_UNLESS(rc); |
274 | - if (! opt_silent) |
275 | - printf("Got error (as expected): %s\n", mysql_error(mysql)); |
276 | - |
277 | - rc= mysql_change_user(mysql, NULL, "", db); |
278 | - DIE_UNLESS(rc); |
279 | - if (! opt_silent) |
280 | - printf("Got error (as expected): %s\n", mysql_error(mysql)); |
281 | - |
282 | - rc= mysql_change_user(mysql, "", "", db); |
283 | - DIE_UNLESS(rc); |
284 | - if (! opt_silent) |
285 | - printf("Got error (as expected): %s\n", mysql_error(mysql)); |
286 | + rc= mysql_change_user(conn, NULL, NULL, NULL); |
287 | + DIE_UNLESS(rc); |
288 | + if (! opt_silent) |
289 | + printf("Got error (as expected): %s\n", mysql_error(conn)); |
290 | + |
291 | + |
292 | + rc= mysql_change_user(conn, "", NULL, NULL); |
293 | + DIE_UNLESS(rc); |
294 | + if (! opt_silent) |
295 | + printf("Got error (as expected): %s\n", mysql_error(conn)); |
296 | + |
297 | + rc= mysql_change_user(conn, "", "", NULL); |
298 | + DIE_UNLESS(rc); |
299 | + if (! opt_silent) |
300 | + printf("Got error (as expected): %s\n", mysql_error(conn)); |
301 | + |
302 | + mysql_close(conn); |
303 | + conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0); |
304 | + |
305 | + rc= mysql_change_user(conn, "", "", ""); |
306 | + DIE_UNLESS(rc); |
307 | + if (! opt_silent) |
308 | + printf("Got error (as expected): %s\n", mysql_error(conn)); |
309 | + |
310 | + rc= mysql_change_user(conn, NULL, "", ""); |
311 | + DIE_UNLESS(rc); |
312 | + if (! opt_silent) |
313 | + printf("Got error (as expected): %s\n", mysql_error(conn)); |
314 | + |
315 | + |
316 | + rc= mysql_change_user(conn, NULL, NULL, ""); |
317 | + DIE_UNLESS(rc); |
318 | + if (! opt_silent) |
319 | + printf("Got error (as expected): %s\n", mysql_error(conn)); |
320 | + |
321 | + mysql_close(conn); |
322 | + conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0); |
323 | + |
324 | + rc= mysql_change_user(conn, "", NULL, ""); |
325 | + DIE_UNLESS(rc); |
326 | + if (! opt_silent) |
327 | + printf("Got error (as expected): %s\n", mysql_error(conn)); |
328 | + |
329 | + rc= mysql_change_user(conn, user_pw, NULL, ""); |
330 | + DIE_UNLESS(rc); |
331 | + if (! opt_silent) |
332 | + printf("Got error (as expected): %s\n", mysql_error(conn)); |
333 | + |
334 | + rc= mysql_change_user(conn, user_pw, "", ""); |
335 | + DIE_UNLESS(rc); |
336 | + if (! opt_silent) |
337 | + printf("Got error (as expected): %s\n", mysql_error(conn)); |
338 | + |
339 | + mysql_close(conn); |
340 | + conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0); |
341 | + |
342 | + rc= mysql_change_user(conn, user_pw, "", NULL); |
343 | + DIE_UNLESS(rc); |
344 | + if (! opt_silent) |
345 | + printf("Got error (as expected): %s\n", mysql_error(conn)); |
346 | + |
347 | + rc= mysql_change_user(conn, user_pw, NULL, NULL); |
348 | + DIE_UNLESS(rc); |
349 | + if (! opt_silent) |
350 | + printf("Got error (as expected): %s\n", mysql_error(conn)); |
351 | + |
352 | + rc= mysql_change_user(conn, user_pw, "", db); |
353 | + DIE_UNLESS(rc); |
354 | + if (! opt_silent) |
355 | + printf("Got error (as expected): %s\n", mysql_error(conn)); |
356 | + |
357 | + mysql_close(conn); |
358 | + conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0); |
359 | + |
360 | + rc= mysql_change_user(conn, user_pw, NULL, db); |
361 | + DIE_UNLESS(rc); |
362 | + if (! opt_silent) |
363 | + printf("Got error (as expected): %s\n", mysql_error(conn)); |
364 | + |
365 | + rc= mysql_change_user(conn, user_pw, pw, db); |
366 | + myquery(rc); |
367 | + |
368 | + rc= mysql_change_user(conn, user_pw, pw, NULL); |
369 | + myquery(rc); |
370 | + |
371 | + rc= mysql_change_user(conn, user_pw, pw, ""); |
372 | + myquery(rc); |
373 | + |
374 | + rc= mysql_change_user(conn, user_no_pw, pw, db); |
375 | + DIE_UNLESS(rc); |
376 | + if (! opt_silent) |
377 | + printf("Got error (as expected): %s\n", mysql_error(conn)); |
378 | + |
379 | + rc= mysql_change_user(conn, user_no_pw, pw, ""); |
380 | + DIE_UNLESS(rc); |
381 | + if (! opt_silent) |
382 | + printf("Got error (as expected): %s\n", mysql_error(conn)); |
383 | + |
384 | + mysql_close(conn); |
385 | + conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0); |
386 | + |
387 | + rc= mysql_change_user(conn, user_no_pw, pw, NULL); |
388 | + DIE_UNLESS(rc); |
389 | + if (! opt_silent) |
390 | + printf("Got error (as expected): %s\n", mysql_error(conn)); |
391 | + |
392 | + rc= mysql_change_user(conn, user_no_pw, "", NULL); |
393 | + myquery(rc); |
394 | + |
395 | + rc= mysql_change_user(conn, user_no_pw, "", ""); |
396 | + myquery(rc); |
397 | + |
398 | + rc= mysql_change_user(conn, user_no_pw, "", db); |
399 | + myquery(rc); |
400 | + |
401 | + rc= mysql_change_user(conn, user_no_pw, NULL, db); |
402 | + myquery(rc); |
403 | + |
404 | + rc= mysql_change_user(conn, "", pw, db); |
405 | + DIE_UNLESS(rc); |
406 | + if (! opt_silent) |
407 | + printf("Got error (as expected): %s\n", mysql_error(conn)); |
408 | + |
409 | + rc= mysql_change_user(conn, "", pw, ""); |
410 | + DIE_UNLESS(rc); |
411 | + if (! opt_silent) |
412 | + printf("Got error (as expected): %s\n", mysql_error(conn)); |
413 | + |
414 | + mysql_close(conn); |
415 | + conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0); |
416 | + |
417 | + rc= mysql_change_user(conn, "", pw, NULL); |
418 | + DIE_UNLESS(rc); |
419 | + if (! opt_silent) |
420 | + printf("Got error (as expected): %s\n", mysql_error(conn)); |
421 | + |
422 | + rc= mysql_change_user(conn, NULL, pw, NULL); |
423 | + DIE_UNLESS(rc); |
424 | + if (! opt_silent) |
425 | + printf("Got error (as expected): %s\n", mysql_error(conn)); |
426 | + |
427 | + rc= mysql_change_user(conn, NULL, NULL, db); |
428 | + DIE_UNLESS(rc); |
429 | + if (! opt_silent) |
430 | + printf("Got error (as expected): %s\n", mysql_error(conn)); |
431 | + |
432 | + mysql_close(conn); |
433 | + conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0); |
434 | + |
435 | + rc= mysql_change_user(conn, NULL, "", db); |
436 | + DIE_UNLESS(rc); |
437 | + if (! opt_silent) |
438 | + printf("Got error (as expected): %s\n", mysql_error(conn)); |
439 | + |
440 | + rc= mysql_change_user(conn, "", "", db); |
441 | + DIE_UNLESS(rc); |
442 | + if (! opt_silent) |
443 | + printf("Got error (as expected): %s\n", mysql_error(conn)); |
444 | |
445 | /* Cleanup the environment */ |
446 | |
447 | - mysql_change_user(mysql, opt_user, opt_password, current_db); |
448 | + mysql_change_user(conn, opt_user, opt_password, current_db); |
449 | + |
450 | + mysql_close(conn); |
451 | |
452 | sprintf(buff, "drop database %s", db); |
453 | rc= mysql_query(mysql, buff); |
454 | @@ -16198,29 +16223,35 @@ |
455 | static char db[NAME_CHAR_LEN+1]; |
456 | static char query[LARGE_BUFFER_SIZE*2]; |
457 | #endif |
458 | + MYSQL* conn; |
459 | |
460 | DBUG_ENTER("test_bug31669"); |
461 | myheader("test_bug31669"); |
462 | |
463 | - rc= mysql_change_user(mysql, NULL, NULL, NULL); |
464 | + conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0); |
465 | + |
466 | + rc= mysql_change_user(conn, NULL, NULL, NULL); |
467 | DIE_UNLESS(rc); |
468 | |
469 | - rc= mysql_change_user(mysql, "", "", ""); |
470 | + rc= mysql_change_user(conn, "", "", ""); |
471 | DIE_UNLESS(rc); |
472 | |
473 | memset(buff, 'a', sizeof(buff)); |
474 | |
475 | - rc= mysql_change_user(mysql, buff, buff, buff); |
476 | + mysql_close(conn); |
477 | + conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0); |
478 | + |
479 | + rc= mysql_change_user(conn, buff, buff, buff); |
480 | DIE_UNLESS(rc); |
481 | |
482 | - rc = mysql_change_user(mysql, opt_user, opt_password, current_db); |
483 | + rc = mysql_change_user(conn, opt_user, opt_password, current_db); |
484 | DIE_UNLESS(!rc); |
485 | |
486 | #ifndef EMBEDDED_LIBRARY |
487 | memset(db, 'a', sizeof(db)); |
488 | db[NAME_CHAR_LEN]= 0; |
489 | strxmov(query, "CREATE DATABASE IF NOT EXISTS ", db, NullS); |
490 | - rc= mysql_query(mysql, query); |
491 | + rc= mysql_query(conn, query); |
492 | myquery(rc); |
493 | |
494 | memset(user, 'b', sizeof(user)); |
495 | @@ -16229,54 +16260,59 @@ |
496 | buff[LARGE_BUFFER_SIZE]= 0; |
497 | strxmov(query, "GRANT ALL PRIVILEGES ON *.* TO '", user, "'@'%' IDENTIFIED BY " |
498 | "'", buff, "' WITH GRANT OPTION", NullS); |
499 | - rc= mysql_query(mysql, query); |
500 | + rc= mysql_query(conn, query); |
501 | myquery(rc); |
502 | |
503 | strxmov(query, "GRANT ALL PRIVILEGES ON *.* TO '", user, "'@'localhost' IDENTIFIED BY " |
504 | "'", buff, "' WITH GRANT OPTION", NullS); |
505 | - rc= mysql_query(mysql, query); |
506 | - myquery(rc); |
507 | - |
508 | - rc= mysql_query(mysql, "FLUSH PRIVILEGES"); |
509 | - myquery(rc); |
510 | - |
511 | - rc= mysql_change_user(mysql, user, buff, db); |
512 | + rc= mysql_query(conn, query); |
513 | + myquery(rc); |
514 | + |
515 | + rc= mysql_query(conn, "FLUSH PRIVILEGES"); |
516 | + myquery(rc); |
517 | + |
518 | + rc= mysql_change_user(conn, user, buff, db); |
519 | DIE_UNLESS(!rc); |
520 | |
521 | user[USERNAME_CHAR_LENGTH-1]= 'a'; |
522 | - rc= mysql_change_user(mysql, user, buff, db); |
523 | + rc= mysql_change_user(conn, user, buff, db); |
524 | DIE_UNLESS(rc); |
525 | |
526 | user[USERNAME_CHAR_LENGTH-1]= 'b'; |
527 | buff[LARGE_BUFFER_SIZE-1]= 'd'; |
528 | - rc= mysql_change_user(mysql, user, buff, db); |
529 | + rc= mysql_change_user(conn, user, buff, db); |
530 | DIE_UNLESS(rc); |
531 | |
532 | buff[LARGE_BUFFER_SIZE-1]= 'c'; |
533 | db[NAME_CHAR_LEN-1]= 'e'; |
534 | - rc= mysql_change_user(mysql, user, buff, db); |
535 | + rc= mysql_change_user(conn, user, buff, db); |
536 | DIE_UNLESS(rc); |
537 | |
538 | + mysql_close(conn); |
539 | + conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0); |
540 | + |
541 | db[NAME_CHAR_LEN-1]= 'a'; |
542 | - rc= mysql_change_user(mysql, user, buff, db); |
543 | + rc= mysql_change_user(conn, user, buff, db); |
544 | DIE_UNLESS(!rc); |
545 | |
546 | - rc= mysql_change_user(mysql, user + 1, buff + 1, db + 1); |
547 | + rc= mysql_change_user(conn, user + 1, buff + 1, db + 1); |
548 | DIE_UNLESS(rc); |
549 | |
550 | - rc = mysql_change_user(mysql, opt_user, opt_password, current_db); |
551 | + rc = mysql_change_user(conn, opt_user, opt_password, current_db); |
552 | DIE_UNLESS(!rc); |
553 | |
554 | strxmov(query, "DROP DATABASE ", db, NullS); |
555 | - rc= mysql_query(mysql, query); |
556 | + rc= mysql_query(conn, query); |
557 | myquery(rc); |
558 | |
559 | strxmov(query, "DELETE FROM mysql.user WHERE User='", user, "'", NullS); |
560 | - rc= mysql_query(mysql, query); |
561 | + rc= mysql_query(conn, query); |
562 | myquery(rc); |
563 | - DIE_UNLESS(mysql_affected_rows(mysql) == 2); |
564 | + DIE_UNLESS(mysql_affected_rows(conn) == 2); |
565 | #endif |
566 | |
567 | + mysql_close(conn); |
568 | + |
569 | DBUG_VOID_RETURN; |
570 | } |
571 |