Merge lp:~sergei.glushchenko/percona-server/CVE-2012-5627-bug1172090-5.6 into lp:percona-server/5.6

Proposed by Sergei Glushchenko
Status: Merged
Approved by: Laurynas Biveinis
Approved revision: 343
Merged at revision: 344
Proposed branch: lp:~sergei.glushchenko/percona-server/CVE-2012-5627-bug1172090-5.6
Merge into: lp:percona-server/5.6
Diff against target: 758 lines (+357/-171)
11 files modified
Percona-Server/client/mysqltest.cc (+4/-1)
Percona-Server/mysql-test/r/change_user_notembedded.result (+5/-0)
Percona-Server/mysql-test/r/failed_auth_3909.result (+20/-0)
Percona-Server/mysql-test/r/mysqltest.result (+3/-3)
Percona-Server/mysql-test/t/change_user_notembedded.test (+24/-0)
Percona-Server/mysql-test/t/failed_auth_3909.test (+37/-0)
Percona-Server/sql/sql_acl.cc (+48/-6)
Percona-Server/sql/sql_class.cc (+1/-0)
Percona-Server/sql/sql_class.h (+1/-0)
Percona-Server/sql/sql_parse.cc (+18/-1)
Percona-Server/tests/mysql_client_test.c (+196/-160)
To merge this branch: bzr merge lp:~sergei.glushchenko/percona-server/CVE-2012-5627-bug1172090-5.6
Reviewer Review Type Date Requested Status
Laurynas Biveinis (community) Approve
Review via email: mp+161800@code.launchpad.net

Description of the change

This is a manual merge fix for #1172090, #1171941 from 5.6

http://jenkins.percona.com/view/PS%205.6/job/percona-server-5.6-param/81/

To post a comment you must log in.

Same comment as for 5.5, also the sql_acl.cc bit in rev 342 belongs to 343 instead. It is benign enough though.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'Percona-Server/client/mysqltest.cc'
2--- Percona-Server/client/mysqltest.cc 2013-03-05 12:46:43 +0000
3+++ Percona-Server/client/mysqltest.cc 2013-05-01 09:25:43 +0000
4@@ -4165,7 +4165,10 @@
5 cur_con->name, ds_user.str, ds_passwd.str, ds_db.str));
6
7 if (mysql_change_user(mysql, ds_user.str, ds_passwd.str, ds_db.str))
8- die("change user failed: %s", mysql_error(mysql));
9+ handle_error(command, mysql_errno(mysql), mysql_error(mysql),
10+ mysql_sqlstate(mysql), &ds_res);
11+ else
12+ handle_no_error(command);
13
14 dynstr_free(&ds_user);
15 dynstr_free(&ds_passwd);
16
17=== added file 'Percona-Server/mysql-test/r/change_user_notembedded.result'
18--- Percona-Server/mysql-test/r/change_user_notembedded.result 1970-01-01 00:00:00 +0000
19+++ Percona-Server/mysql-test/r/change_user_notembedded.result 2013-05-01 09:25:43 +0000
20@@ -0,0 +1,5 @@
21+ERROR 28000: Access denied for user 'foo'@'localhost' (using password: YES)
22+ERROR 28000: Access denied for user 'foo'@'localhost' (using password: NO)
23+ERROR 28000: Access denied for user 'foo'@'localhost' (using password: YES)
24+ERROR 08S01: Unknown command
25+ERROR 08S01: Unknown command
26
27=== added file 'Percona-Server/mysql-test/r/failed_auth_3909.result'
28--- Percona-Server/mysql-test/r/failed_auth_3909.result 1970-01-01 00:00:00 +0000
29+++ Percona-Server/mysql-test/r/failed_auth_3909.result 2013-05-01 09:25:43 +0000
30@@ -0,0 +1,20 @@
31+optimize table mysql.user;
32+Table Op Msg_type Msg_text
33+mysql.user optimize status OK
34+insert mysql.user (user,plugin) values ('foo','bar'),('bar','bar'),('baz','bar');
35+Warnings:
36+Warning 1364 Field 'ssl_cipher' doesn't have a default value
37+Warning 1364 Field 'x509_issuer' doesn't have a default value
38+Warning 1364 Field 'x509_subject' doesn't have a default value
39+flush privileges;
40+connect(localhost,u1,,test,MASTER_PORT,MASTER_SOCKET);
41+ERROR HY000: Plugin 'bar' is not loaded
42+connect(localhost,u2,,test,MASTER_PORT,MASTER_SOCKET);
43+ERROR 28000: Access denied for user 'u2'@'localhost' (using password: NO)
44+connect(localhost,u2,password,test,MASTER_PORT,MASTER_SOCKET);
45+ERROR 28000: Access denied for user 'u2'@'localhost' (using password: YES)
46+ERROR HY000: Plugin 'bar' is not loaded
47+ERROR 28000: Access denied for user 'u2'@'localhost' (using password: NO)
48+ERROR 28000: Access denied for user 'u2'@'localhost' (using password: YES)
49+delete from mysql.user where plugin = 'bar';
50+flush privileges;
51
52=== modified file 'Percona-Server/mysql-test/r/mysqltest.result'
53--- Percona-Server/mysql-test/r/mysqltest.result 2012-08-22 01:40:20 +0000
54+++ Percona-Server/mysql-test/r/mysqltest.result 2013-05-01 09:25:43 +0000
55@@ -929,9 +929,9 @@
56 b varchar(255) YES NULL
57 c datetime YES NULL
58 drop table t1;
59-mysqltest: At line 1: change user failed: Unknown database 'inexistent'
60-mysqltest: At line 1: change user failed: Access denied for user 'inexistent'@'localhost' (using password: NO)
61-mysqltest: At line 1: change user failed: Access denied for user 'root'@'localhost' (using password: YES)
62+mysqltest: At line 1: query 'change_user root,,inexistent' failed: 1049: Unknown database 'inexistent'
63+mysqltest: At line 1: query 'change_user inexistent,,test' failed: 1045: Access denied for user 'inexistent'@'localhost' (using password: NO)
64+mysqltest: At line 1: query 'change_user root,inexistent,test' failed: 1045: Access denied for user 'root'@'localhost' (using password: YES)
65 REPLACED_FILE1.txt
66 file1.txt
67 file2.txt
68
69=== added file 'Percona-Server/mysql-test/t/change_user_notembedded.test'
70--- Percona-Server/mysql-test/t/change_user_notembedded.test 1970-01-01 00:00:00 +0000
71+++ Percona-Server/mysql-test/t/change_user_notembedded.test 2013-05-01 09:25:43 +0000
72@@ -0,0 +1,24 @@
73+source include/not_embedded.inc;
74+
75+#
76+# MDEV-3915 COM_CHANGE_USER allows fast password brute-forcing
77+#
78+# only three failed change_user per connection.
79+# successful change_user do NOT reset the counter
80+#
81+connect (test,localhost,root,,);
82+connection test;
83+--error 1045
84+change_user foo,bar;
85+--error 1045
86+change_user foo;
87+change_user;
88+--error 1045
89+change_user foo,bar;
90+--error 1047
91+change_user foo,bar;
92+--error 1047
93+change_user;
94+disconnect test;
95+connection default;
96+
97
98=== added file 'Percona-Server/mysql-test/t/failed_auth_3909.test'
99--- Percona-Server/mysql-test/t/failed_auth_3909.test 1970-01-01 00:00:00 +0000
100+++ Percona-Server/mysql-test/t/failed_auth_3909.test 2013-05-01 09:25:43 +0000
101@@ -0,0 +1,37 @@
102+source include/not_embedded.inc;
103+
104+#
105+# MDEV-3909 remote user enumeration
106+#
107+# verify that for some failed login attemps (with wrong user names)
108+# the server requests a plugin
109+#
110+optimize table mysql.user;
111+insert mysql.user (user,plugin) values ('foo','bar'),('bar','bar'),('baz','bar');
112+flush privileges;
113+
114+--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
115+--error ER_PLUGIN_IS_NOT_LOADED
116+connect (fail,localhost,u1);
117+
118+--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
119+--error ER_ACCESS_DENIED_ERROR
120+connect (fail,localhost,u2);
121+
122+--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
123+--error ER_ACCESS_DENIED_ERROR
124+connect (fail,localhost,u2,password);
125+
126+--error ER_PLUGIN_IS_NOT_LOADED
127+change_user u1;
128+
129+--error ER_ACCESS_DENIED_ERROR
130+change_user u2;
131+
132+--error ER_ACCESS_DENIED_ERROR
133+change_user u2,password;
134+
135+delete from mysql.user where plugin = 'bar';
136+flush privileges;
137+
138+
139
140=== modified file 'Percona-Server/sql/sql_acl.cc'
141--- Percona-Server/sql/sql_acl.cc 2013-03-05 12:46:43 +0000
142+++ Percona-Server/sql/sql_acl.cc 2013-05-01 09:25:43 +0000
143@@ -9126,6 +9126,7 @@
144 uint pkt_len;
145 } cached_server_packet;
146 int packets_read, packets_written; ///< counters for send/received packets
147+ bool make_it_fail;
148 /** when plugin returns a failure this tells us what really happened */
149 enum { SUCCESS, FAILURE, RESTART } status;
150
151@@ -9488,14 +9489,14 @@
152 /**
153 Finds acl entry in user database for authentication purposes.
154
155- Finds a user and copies it into mpvio. Reports an authentication
156- failure if a user is not found.
157+ Finds a user and copies it into mpvio. Creates a fake user
158+ if no matching user account is found.
159
160 @note find_acl_user is not the same, because it doesn't take into
161 account the case when user is not empty, but acl_user->user is empty
162
163 @retval 0 found
164- @retval 1 not found
165+ @retval 1 error
166 */
167 static bool find_mpvio_user(MPVIO_EXT *mpvio)
168 {
169@@ -9530,8 +9531,32 @@
170
171 if (!mpvio->acl_user)
172 {
173- login_failed_error(mpvio, mpvio->auth_info.password_used);
174- DBUG_RETURN (1);
175+ /*
176+ A matching user was not found. Fake it. Take any user, make the
177+ authentication fail later.
178+ This way we get a realistically looking failure, with occasional
179+ "change auth plugin" requests even for nonexistent users. The ratio
180+ of "change auth plugin" request will be the same for real and
181+ nonexistent users.
182+ Note, that we cannot pick any user at random, it must always be
183+ the same user account for the incoming sctx->user name.
184+ */
185+ ulong nr1=1, nr2=4;
186+ CHARSET_INFO *cs= &my_charset_latin1;
187+ cs->coll->hash_sort(cs, (uchar*) mpvio->auth_info.user_name,
188+ mpvio->auth_info.user_name_length, &nr1, &nr2);
189+
190+ mysql_mutex_lock(&acl_cache->lock);
191+ uint i= nr1 % acl_users.elements;
192+ ACL_USER *acl_user_tmp= dynamic_element(&acl_users, i, ACL_USER*);
193+ mpvio->acl_user= acl_user_tmp->copy(mpvio->mem_root);
194+ make_lex_string_root(mpvio->mem_root,
195+ &mpvio->acl_user_plugin,
196+ acl_user_tmp->plugin.str,
197+ acl_user_tmp->plugin.length, 0);
198+ mysql_mutex_unlock(&acl_cache->lock);
199+
200+ mpvio->make_it_fail= true;
201 }
202
203 if (my_strcasecmp(system_charset_info, mpvio->acl_user->plugin.str,
204@@ -9638,6 +9663,9 @@
205 uint passwd_len= (mpvio->client_capabilities & CLIENT_SECURE_CONNECTION ?
206 (uchar) (*passwd++) : strlen(passwd));
207
208+ if (passwd_len)
209+ mpvio->auth_info.password_used= PASSWORD_USED_YES;
210+
211 db+= passwd_len + 1;
212 /*
213 Database name is always NUL-terminated, so in case of empty database
214@@ -10431,6 +10459,10 @@
215 *buf= (uchar*) mpvio->cached_client_reply.pkt;
216 mpvio->cached_client_reply.pkt= 0;
217 mpvio->packets_read++;
218+
219+ if (mpvio->make_it_fail)
220+ goto err;
221+
222 DBUG_RETURN ((int) mpvio->cached_client_reply.pkt_len);
223 }
224
225@@ -10473,12 +10505,21 @@
226 else
227 *buf= mpvio->net->read_pos;
228
229+ if (mpvio->make_it_fail)
230+ goto err;
231+
232 DBUG_RETURN((int)pkt_len);
233
234 err:
235 if (mpvio->status == MPVIO_EXT::FAILURE)
236 {
237- my_error(ER_HANDSHAKE_ERROR, MYF(0));
238+ if (!current_thd->is_error())
239+ {
240+ if (mpvio->make_it_fail)
241+ login_failed_error(mpvio, mpvio->auth_info.password_used);
242+ else
243+ my_error(ER_HANDSHAKE_ERROR, MYF(0));
244+ }
245 }
246 DBUG_RETURN(-1);
247 }
248@@ -10686,6 +10727,7 @@
249 #endif /* HAVE_OPENSSL && !EMBEDDED_LIBRARY */
250 mpvio->vio_is_encrypted= 0;
251 mpvio->status= MPVIO_EXT::FAILURE;
252+ mpvio->make_it_fail= false;
253
254 mpvio->client_capabilities= thd->client_capabilities;
255 mpvio->mem_root= thd->mem_root;
256
257=== modified file 'Percona-Server/sql/sql_class.cc'
258--- Percona-Server/sql/sql_class.cc 2013-03-05 12:46:43 +0000
259+++ Percona-Server/sql/sql_class.cc 2013-05-01 09:25:43 +0000
260@@ -899,6 +899,7 @@
261 first_successful_insert_id_in_prev_stmt_for_binlog(0),
262 first_successful_insert_id_in_cur_stmt(0),
263 stmt_depends_on_first_successful_insert_id_in_prev_stmt(FALSE),
264+ failed_com_change_user(0),
265 m_examined_row_count(0),
266 m_statement_psi(NULL),
267 m_idle_psi(NULL),
268
269=== modified file 'Percona-Server/sql/sql_class.h'
270--- Percona-Server/sql/sql_class.h 2013-03-05 12:46:43 +0000
271+++ Percona-Server/sql/sql_class.h 2013-05-01 09:25:43 +0000
272@@ -2641,6 +2641,7 @@
273 }
274
275 ha_rows cuted_fields;
276+ uint8 failed_com_change_user;
277
278 private:
279 /**
280
281=== modified file 'Percona-Server/sql/sql_parse.cc'
282--- Percona-Server/sql/sql_parse.cc 2013-03-31 06:08:39 +0000
283+++ Percona-Server/sql/sql_parse.cc 2013-05-01 09:25:43 +0000
284@@ -1252,7 +1252,22 @@
285 const CHARSET_INFO *save_character_set_results=
286 thd->variables.character_set_results;
287
288- auth_rc= acl_authenticate(thd, packet_length);
289+ /* Ensure we don't free security_ctx->user in case we have to revert */
290+ thd->security_ctx->user= 0;
291+ thd->set_user_connect(0);
292+
293+ /*
294+ to limit COM_CHANGE_USER ability to brute-force passwords,
295+ we only allow three unsuccessful COM_CHANGE_USER per connection.
296+ */
297+ if (thd->failed_com_change_user >= 3)
298+ {
299+ my_message(ER_UNKNOWN_COM_ERROR, ER(ER_UNKNOWN_COM_ERROR), MYF(0));
300+ auth_rc= 1;
301+ }
302+ else
303+ auth_rc= acl_authenticate(thd, packet_length);
304+
305 MYSQL_AUDIT_NOTIFY_CONNECTION_CHANGE_USER(thd);
306 if (auth_rc)
307 {
308@@ -1264,6 +1279,8 @@
309 thd->variables.collation_connection= save_collation_connection;
310 thd->variables.character_set_results= save_character_set_results;
311 thd->update_charset();
312+ thd->failed_com_change_user++;
313+ my_sleep(1000000);
314 }
315 else
316 {
317
318=== modified file 'Percona-Server/tests/mysql_client_test.c'
319--- Percona-Server/tests/mysql_client_test.c 2013-03-05 12:46:43 +0000
320+++ Percona-Server/tests/mysql_client_test.c 2013-05-01 09:25:43 +0000
321@@ -16266,6 +16266,7 @@
322 const char *pw= "password";
323 const char *db= "mysqltest_user_test_database";
324 int rc;
325+ MYSQL *conn;
326
327 DBUG_ENTER("test_change_user");
328 myheader("test_change_user");
329@@ -16309,149 +16310,173 @@
330 rc= mysql_query(mysql, buff);
331 myquery(rc);
332
333+ conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0);
334
335 /* Try some combinations */
336- rc= mysql_change_user(mysql, NULL, NULL, NULL);
337- DIE_UNLESS(rc);
338- if (! opt_silent)
339- printf("Got error (as expected): %s\n", mysql_error(mysql));
340-
341-
342- rc= mysql_change_user(mysql, "", NULL, NULL);
343- DIE_UNLESS(rc);
344- if (! opt_silent)
345- printf("Got error (as expected): %s\n", mysql_error(mysql));
346-
347- rc= mysql_change_user(mysql, "", "", NULL);
348- DIE_UNLESS(rc);
349- if (! opt_silent)
350- printf("Got error (as expected): %s\n", mysql_error(mysql));
351-
352- rc= mysql_change_user(mysql, "", "", "");
353- DIE_UNLESS(rc);
354- if (! opt_silent)
355- printf("Got error (as expected): %s\n", mysql_error(mysql));
356-
357- rc= mysql_change_user(mysql, NULL, "", "");
358- DIE_UNLESS(rc);
359- if (! opt_silent)
360- printf("Got error (as expected): %s\n", mysql_error(mysql));
361-
362-
363- rc= mysql_change_user(mysql, NULL, NULL, "");
364- DIE_UNLESS(rc);
365- if (! opt_silent)
366- printf("Got error (as expected): %s\n", mysql_error(mysql));
367-
368- rc= mysql_change_user(mysql, "", NULL, "");
369- DIE_UNLESS(rc);
370- if (! opt_silent)
371- printf("Got error (as expected): %s\n", mysql_error(mysql));
372-
373- rc= mysql_change_user(mysql, user_pw, NULL, "");
374- DIE_UNLESS(rc);
375- if (! opt_silent)
376- printf("Got error (as expected): %s\n", mysql_error(mysql));
377-
378- rc= mysql_change_user(mysql, user_pw, "", "");
379- DIE_UNLESS(rc);
380- if (! opt_silent)
381- printf("Got error (as expected): %s\n", mysql_error(mysql));
382-
383- rc= mysql_change_user(mysql, user_pw, "", NULL);
384- DIE_UNLESS(rc);
385- if (! opt_silent)
386- printf("Got error (as expected): %s\n", mysql_error(mysql));
387-
388- rc= mysql_change_user(mysql, user_pw, NULL, NULL);
389- DIE_UNLESS(rc);
390- if (! opt_silent)
391- printf("Got error (as expected): %s\n", mysql_error(mysql));
392-
393- rc= mysql_change_user(mysql, user_pw, "", db);
394- DIE_UNLESS(rc);
395- if (! opt_silent)
396- printf("Got error (as expected): %s\n", mysql_error(mysql));
397-
398- rc= mysql_change_user(mysql, user_pw, NULL, db);
399- DIE_UNLESS(rc);
400- if (! opt_silent)
401- printf("Got error (as expected): %s\n", mysql_error(mysql));
402-
403- rc= mysql_change_user(mysql, user_pw, pw, db);
404- myquery(rc);
405-
406- rc= mysql_change_user(mysql, user_pw, pw, NULL);
407- myquery(rc);
408-
409- rc= mysql_change_user(mysql, user_pw, pw, "");
410- myquery(rc);
411-
412- rc= mysql_change_user(mysql, user_no_pw, pw, db);
413- DIE_UNLESS(rc);
414- if (! opt_silent)
415- printf("Got error (as expected): %s\n", mysql_error(mysql));
416-
417- rc= mysql_change_user(mysql, user_no_pw, pw, "");
418- DIE_UNLESS(rc);
419- if (! opt_silent)
420- printf("Got error (as expected): %s\n", mysql_error(mysql));
421-
422- rc= mysql_change_user(mysql, user_no_pw, pw, NULL);
423- DIE_UNLESS(rc);
424- if (! opt_silent)
425- printf("Got error (as expected): %s\n", mysql_error(mysql));
426-
427- rc= mysql_change_user(mysql, user_no_pw, "", NULL);
428- myquery(rc);
429-
430- rc= mysql_change_user(mysql, user_no_pw, "", "");
431- myquery(rc);
432-
433- rc= mysql_change_user(mysql, user_no_pw, "", db);
434- myquery(rc);
435-
436- rc= mysql_change_user(mysql, user_no_pw, NULL, db);
437- myquery(rc);
438-
439- rc= mysql_change_user(mysql, "", pw, db);
440- DIE_UNLESS(rc);
441- if (! opt_silent)
442- printf("Got error (as expected): %s\n", mysql_error(mysql));
443-
444- rc= mysql_change_user(mysql, "", pw, "");
445- DIE_UNLESS(rc);
446- if (! opt_silent)
447- printf("Got error (as expected): %s\n", mysql_error(mysql));
448-
449- rc= mysql_change_user(mysql, "", pw, NULL);
450- DIE_UNLESS(rc);
451- if (! opt_silent)
452- printf("Got error (as expected): %s\n", mysql_error(mysql));
453-
454- rc= mysql_change_user(mysql, NULL, pw, NULL);
455- DIE_UNLESS(rc);
456- if (! opt_silent)
457- printf("Got error (as expected): %s\n", mysql_error(mysql));
458-
459- rc= mysql_change_user(mysql, NULL, NULL, db);
460- DIE_UNLESS(rc);
461- if (! opt_silent)
462- printf("Got error (as expected): %s\n", mysql_error(mysql));
463-
464- rc= mysql_change_user(mysql, NULL, "", db);
465- DIE_UNLESS(rc);
466- if (! opt_silent)
467- printf("Got error (as expected): %s\n", mysql_error(mysql));
468-
469- rc= mysql_change_user(mysql, "", "", db);
470- DIE_UNLESS(rc);
471- if (! opt_silent)
472- printf("Got error (as expected): %s\n", mysql_error(mysql));
473+ rc= mysql_change_user(conn, NULL, NULL, NULL);
474+ DIE_UNLESS(rc);
475+ if (! opt_silent)
476+ printf("Got error (as expected): %s\n", mysql_error(conn));
477+
478+
479+ rc= mysql_change_user(conn, "", NULL, NULL);
480+ DIE_UNLESS(rc);
481+ if (! opt_silent)
482+ printf("Got error (as expected): %s\n", mysql_error(conn));
483+
484+ rc= mysql_change_user(conn, "", "", NULL);
485+ DIE_UNLESS(rc);
486+ if (! opt_silent)
487+ printf("Got error (as expected): %s\n", mysql_error(conn));
488+
489+ mysql_close(conn);
490+ conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0);
491+
492+ rc= mysql_change_user(conn, "", "", "");
493+ DIE_UNLESS(rc);
494+ if (! opt_silent)
495+ printf("Got error (as expected): %s\n", mysql_error(conn));
496+
497+ rc= mysql_change_user(conn, NULL, "", "");
498+ DIE_UNLESS(rc);
499+ if (! opt_silent)
500+ printf("Got error (as expected): %s\n", mysql_error(conn));
501+
502+
503+ rc= mysql_change_user(conn, NULL, NULL, "");
504+ DIE_UNLESS(rc);
505+ if (! opt_silent)
506+ printf("Got error (as expected): %s\n", mysql_error(conn));
507+
508+ mysql_close(conn);
509+ conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0);
510+
511+ rc= mysql_change_user(conn, "", NULL, "");
512+ DIE_UNLESS(rc);
513+ if (! opt_silent)
514+ printf("Got error (as expected): %s\n", mysql_error(conn));
515+
516+ rc= mysql_change_user(conn, user_pw, NULL, "");
517+ DIE_UNLESS(rc);
518+ if (! opt_silent)
519+ printf("Got error (as expected): %s\n", mysql_error(conn));
520+
521+ rc= mysql_change_user(conn, user_pw, "", "");
522+ DIE_UNLESS(rc);
523+ if (! opt_silent)
524+ printf("Got error (as expected): %s\n", mysql_error(conn));
525+
526+ mysql_close(conn);
527+ conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0);
528+
529+ rc= mysql_change_user(conn, user_pw, "", NULL);
530+ DIE_UNLESS(rc);
531+ if (! opt_silent)
532+ printf("Got error (as expected): %s\n", mysql_error(conn));
533+
534+ rc= mysql_change_user(conn, user_pw, NULL, NULL);
535+ DIE_UNLESS(rc);
536+ if (! opt_silent)
537+ printf("Got error (as expected): %s\n", mysql_error(conn));
538+
539+ rc= mysql_change_user(conn, user_pw, "", db);
540+ DIE_UNLESS(rc);
541+ if (! opt_silent)
542+ printf("Got error (as expected): %s\n", mysql_error(conn));
543+
544+ mysql_close(conn);
545+ conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0);
546+
547+ rc= mysql_change_user(conn, user_pw, NULL, db);
548+ DIE_UNLESS(rc);
549+ if (! opt_silent)
550+ printf("Got error (as expected): %s\n", mysql_error(conn));
551+
552+ rc= mysql_change_user(conn, user_pw, pw, db);
553+ myquery(rc);
554+
555+ rc= mysql_change_user(conn, user_pw, pw, NULL);
556+ myquery(rc);
557+
558+ rc= mysql_change_user(conn, user_pw, pw, "");
559+ myquery(rc);
560+
561+ rc= mysql_change_user(conn, user_no_pw, pw, db);
562+ DIE_UNLESS(rc);
563+ if (! opt_silent)
564+ printf("Got error (as expected): %s\n", mysql_error(conn));
565+
566+ rc= mysql_change_user(conn, user_no_pw, pw, "");
567+ DIE_UNLESS(rc);
568+ if (! opt_silent)
569+ printf("Got error (as expected): %s\n", mysql_error(conn));
570+
571+ mysql_close(conn);
572+ conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0);
573+
574+ rc= mysql_change_user(conn, user_no_pw, pw, NULL);
575+ DIE_UNLESS(rc);
576+ if (! opt_silent)
577+ printf("Got error (as expected): %s\n", mysql_error(conn));
578+
579+ rc= mysql_change_user(conn, user_no_pw, "", NULL);
580+ myquery(rc);
581+
582+ rc= mysql_change_user(conn, user_no_pw, "", "");
583+ myquery(rc);
584+
585+ rc= mysql_change_user(conn, user_no_pw, "", db);
586+ myquery(rc);
587+
588+ rc= mysql_change_user(conn, user_no_pw, NULL, db);
589+ myquery(rc);
590+
591+ rc= mysql_change_user(conn, "", pw, db);
592+ DIE_UNLESS(rc);
593+ if (! opt_silent)
594+ printf("Got error (as expected): %s\n", mysql_error(conn));
595+
596+ rc= mysql_change_user(conn, "", pw, "");
597+ DIE_UNLESS(rc);
598+ if (! opt_silent)
599+ printf("Got error (as expected): %s\n", mysql_error(conn));
600+
601+ mysql_close(conn);
602+ conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0);
603+
604+ rc= mysql_change_user(conn, "", pw, NULL);
605+ DIE_UNLESS(rc);
606+ if (! opt_silent)
607+ printf("Got error (as expected): %s\n", mysql_error(conn));
608+
609+ rc= mysql_change_user(conn, NULL, pw, NULL);
610+ DIE_UNLESS(rc);
611+ if (! opt_silent)
612+ printf("Got error (as expected): %s\n", mysql_error(conn));
613+
614+ rc= mysql_change_user(conn, NULL, NULL, db);
615+ DIE_UNLESS(rc);
616+ if (! opt_silent)
617+ printf("Got error (as expected): %s\n", mysql_error(conn));
618+
619+ mysql_close(conn);
620+ conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0);
621+
622+ rc= mysql_change_user(conn, NULL, "", db);
623+ DIE_UNLESS(rc);
624+ if (! opt_silent)
625+ printf("Got error (as expected): %s\n", mysql_error(conn));
626+
627+ rc= mysql_change_user(conn, "", "", db);
628+ DIE_UNLESS(rc);
629+ if (! opt_silent)
630+ printf("Got error (as expected): %s\n", mysql_error(conn));
631
632 /* Cleanup the environment */
633
634- mysql_change_user(mysql, opt_user, opt_password, current_db);
635+ mysql_change_user(conn, opt_user, opt_password, current_db);
636+
637+ mysql_close(conn);
638
639 sprintf(buff, "drop database %s", db);
640 rc= mysql_query(mysql, buff);
641@@ -17114,30 +17139,36 @@
642 static char db[NAME_CHAR_LEN+1];
643 static char query[LARGE_BUFFER_SIZE*2];
644 #endif
645+ MYSQL* conn;
646
647 DBUG_ENTER("test_bug31669");
648 myheader("test_bug31669");
649
650- rc= mysql_change_user(mysql, NULL, NULL, NULL);
651+ conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0);
652+
653+ rc= mysql_change_user(conn, NULL, NULL, NULL);
654 DIE_UNLESS(rc);
655
656- rc= mysql_change_user(mysql, "", "", "");
657+ rc= mysql_change_user(conn, "", "", "");
658 DIE_UNLESS(rc);
659
660 memset(buff, 'a', sizeof(buff));
661 buff[sizeof(buff) - 1] = '\0';
662
663- rc= mysql_change_user(mysql, buff, buff, buff);
664+ mysql_close(conn);
665+ conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0);
666+
667+ rc= mysql_change_user(conn, buff, buff, buff);
668 DIE_UNLESS(rc);
669
670- rc = mysql_change_user(mysql, opt_user, opt_password, current_db);
671+ rc = mysql_change_user(conn, opt_user, opt_password, current_db);
672 DIE_UNLESS(!rc);
673
674 #ifndef EMBEDDED_LIBRARY
675 memset(db, 'a', sizeof(db));
676 db[NAME_CHAR_LEN]= 0;
677 strxmov(query, "CREATE DATABASE IF NOT EXISTS ", db, NullS);
678- rc= mysql_query(mysql, query);
679+ rc= mysql_query(conn, query);
680 myquery(rc);
681
682 memset(user, 'b', sizeof(user));
683@@ -17146,54 +17177,59 @@
684 buff[LARGE_BUFFER_SIZE]= 0;
685 strxmov(query, "GRANT ALL PRIVILEGES ON *.* TO '", user, "'@'%' IDENTIFIED BY "
686 "'", buff, "' WITH GRANT OPTION", NullS);
687- rc= mysql_query(mysql, query);
688+ rc= mysql_query(conn, query);
689 myquery(rc);
690
691 strxmov(query, "GRANT ALL PRIVILEGES ON *.* TO '", user, "'@'localhost' IDENTIFIED BY "
692 "'", buff, "' WITH GRANT OPTION", NullS);
693- rc= mysql_query(mysql, query);
694- myquery(rc);
695-
696- rc= mysql_query(mysql, "FLUSH PRIVILEGES");
697- myquery(rc);
698-
699- rc= mysql_change_user(mysql, user, buff, db);
700+ rc= mysql_query(conn, query);
701+ myquery(rc);
702+
703+ rc= mysql_query(conn, "FLUSH PRIVILEGES");
704+ myquery(rc);
705+
706+ rc= mysql_change_user(conn, user, buff, db);
707 DIE_UNLESS(!rc);
708
709 user[USERNAME_CHAR_LENGTH-1]= 'a';
710- rc= mysql_change_user(mysql, user, buff, db);
711+ rc= mysql_change_user(conn, user, buff, db);
712 DIE_UNLESS(rc);
713
714 user[USERNAME_CHAR_LENGTH-1]= 'b';
715 buff[LARGE_BUFFER_SIZE-1]= 'd';
716- rc= mysql_change_user(mysql, user, buff, db);
717+ rc= mysql_change_user(conn, user, buff, db);
718 DIE_UNLESS(rc);
719
720 buff[LARGE_BUFFER_SIZE-1]= 'c';
721 db[NAME_CHAR_LEN-1]= 'e';
722- rc= mysql_change_user(mysql, user, buff, db);
723+ rc= mysql_change_user(conn, user, buff, db);
724 DIE_UNLESS(rc);
725
726+ mysql_close(conn);
727+ conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0);
728+
729 db[NAME_CHAR_LEN-1]= 'a';
730- rc= mysql_change_user(mysql, user, buff, db);
731+ rc= mysql_change_user(conn, user, buff, db);
732 DIE_UNLESS(!rc);
733
734- rc= mysql_change_user(mysql, user + 1, buff + 1, db + 1);
735+ rc= mysql_change_user(conn, user + 1, buff + 1, db + 1);
736 DIE_UNLESS(rc);
737
738- rc = mysql_change_user(mysql, opt_user, opt_password, current_db);
739+ rc = mysql_change_user(conn, opt_user, opt_password, current_db);
740 DIE_UNLESS(!rc);
741
742 strxmov(query, "DROP DATABASE ", db, NullS);
743- rc= mysql_query(mysql, query);
744+ rc= mysql_query(conn, query);
745 myquery(rc);
746
747 strxmov(query, "DELETE FROM mysql.user WHERE User='", user, "'", NullS);
748- rc= mysql_query(mysql, query);
749+ rc= mysql_query(conn, query);
750 myquery(rc);
751- DIE_UNLESS(mysql_affected_rows(mysql) == 2);
752+ DIE_UNLESS(mysql_affected_rows(conn) == 2);
753 #endif
754
755+ mysql_close(conn);
756+
757 DBUG_VOID_RETURN;
758 }
759

Subscribers

People subscribed via source and target branches