diff options
author | Dmitry Shulga <dmitry.shulga@mariadb.com> | 2021-04-13 00:12:36 +0700 |
---|---|---|
committer | Dmitry Shulga <dmitry.shulga@mariadb.com> | 2021-04-13 00:12:36 +0700 |
commit | 1e3182718e95331124b341a453bcc67c5054b5c0 (patch) | |
tree | 623c61b97a1521b51972e621678a84d716ebd41d | |
parent | f74704c7d963ddcd1109843a5861c6bd76409c8d (diff) | |
download | mariadb-git-bb-10.6-MDEV-25197-2.tar.gz |
MDEV-25197: The statement set password=password('') executed in PS mode fails in case it is run by a user with expired passwordbb-10.6-MDEV-25197-2
A user connected to a server with an expired password
can't change password with the statement "SET password=..."
if this statement is run in PS mode. In mentioned use case a user
gets the error ER_MUST_CHANGE_PASSWORD on attempt to run
the statement PREPARE stmt FOR "SET password=...";
The reason of failure to reset password by a locked user using the
statement PREPARE stmt FOR "SET password=..." is that PS-related
statements are not listed among the commands allowed for execution
by a user with expired password. However, simple adding of PS-related
statements (PREPARE FOR/EXECUTE/DEALLOCATE PREPARE ) to the list of
statements allowed for execution by a locked user is not enough
to solve problems, since it opens the opportunity for a locked user
to execute any statement in the PS mode.
To exclude this opportunity, additional checking that the statement
being prepared for execution in PS-mode is the SET statement has to be added.
This extra checking has been added by this patch into the method
Prepared_statement::prepare() that executed on preparing any statement
for execution in PS-mode.
-rw-r--r-- | mysql-test/main/ps.result | 32 | ||||
-rw-r--r-- | mysql-test/main/ps.test | 37 | ||||
-rw-r--r-- | sql/sql_parse.cc | 9 | ||||
-rw-r--r-- | sql/sql_prepare.cc | 10 |
4 files changed, 86 insertions, 2 deletions
diff --git a/mysql-test/main/ps.result b/mysql-test/main/ps.result index 1c13b0a0b84..db02ed665a5 100644 --- a/mysql-test/main/ps.result +++ b/mysql-test/main/ps.result @@ -5532,5 +5532,37 @@ DEALLOCATE PREPARE stmt; DROP VIEW v1; DROP TABLE t1; # +# MDEV-25197: The statement set password=password('') executed in PS mode +# fails in case it is run by a user with expired password +# +CREATE USER user1@localhost PASSWORD EXPIRE; +SET @disconnect_on_expired_password_save=@@global.disconnect_on_expired_password; +SET GLOBAL disconnect_on_expired_password=OFF; +connect con1,localhost,user1; +connection con1; +# Check that no regular statement like SELECT can be prepared +# by a user with an expired password +PREPARE stmt FROM "SELECT 1"; +ERROR HY000: You must SET PASSWORD before executing this statement +# Check that the DEALLOCATE PREPARE statement can be run by a user +# with an expired password +PREPARE stmt FROM "SET password=password('')"; +DEALLOCATE PREPARE stmt; +# Check that the SET PASSWORD statement can be executed in PS mode by +# a user with an expired password +PREPARE stmt FROM "SET password=password('')"; +EXECUTE stmt; +PREPARE stmt FROM "SELECT 1"; +# Check that user's password is not expired anymore +EXECUTE stmt; +1 +1 +DEALLOCATE PREPARE stmt; +# Clean up +disconnect con1; +connection default; +SET GLOBAL disconnect_on_expired_password=@disconnect_on_expired_password_save; +DROP USER user1@localhost; +# # End of 10.4 tests # diff --git a/mysql-test/main/ps.test b/mysql-test/main/ps.test index 2ce78b78e90..62a7efffbfd 100644 --- a/mysql-test/main/ps.test +++ b/mysql-test/main/ps.test @@ -4980,5 +4980,42 @@ DROP VIEW v1; DROP TABLE t1; --echo # +--echo # MDEV-25197: The statement set password=password('') executed in PS mode +--echo # fails in case it is run by a user with expired password +--echo # +CREATE USER user1@localhost PASSWORD EXPIRE; + +SET @disconnect_on_expired_password_save=@@global.disconnect_on_expired_password; +SET GLOBAL disconnect_on_expired_password=OFF; + +connect(con1,localhost,user1); +connection con1; +--echo # Check that no regular statement like SELECT can be prepared +--echo # by a user with an expired password +--error ER_MUST_CHANGE_PASSWORD +PREPARE stmt FROM "SELECT 1"; + +--echo # Check that the DEALLOCATE PREPARE statement can be run by a user +--echo # with an expired password +PREPARE stmt FROM "SET password=password('')"; +DEALLOCATE PREPARE stmt; + +--echo # Check that the SET PASSWORD statement can be executed in PS mode by +--echo # a user with an expired password +PREPARE stmt FROM "SET password=password('')"; +EXECUTE stmt; +PREPARE stmt FROM "SELECT 1"; +--echo # Check that user's password is not expired anymore +EXECUTE stmt; +DEALLOCATE PREPARE stmt; + +--echo # Clean up +disconnect con1; +connection default; + +SET GLOBAL disconnect_on_expired_password=@disconnect_on_expired_password_save; +DROP USER user1@localhost; + +--echo # --echo # End of 10.4 tests --echo # diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc index cca08c9007f..5ff8a2111ce 100644 --- a/sql/sql_parse.cc +++ b/sql/sql_parse.cc @@ -1663,7 +1663,9 @@ dispatch_command_return dispatch_command(enum enum_server_command command, THD * if (unlikely(thd->security_ctx->password_expired && command != COM_QUERY && command != COM_PING && - command != COM_QUIT)) + command != COM_QUIT && + command != COM_STMT_PREPARE && + command != COM_STMT_EXECUTE)) { my_error(ER_MUST_CHANGE_PASSWORD, MYF(0)); goto dispatch_end; @@ -3449,7 +3451,10 @@ mysql_execute_command(THD *thd) first_table->for_insert_data); if (thd->security_ctx->password_expired && - lex->sql_command != SQLCOM_SET_OPTION) + lex->sql_command != SQLCOM_SET_OPTION && + lex->sql_command != SQLCOM_PREPARE && + lex->sql_command != SQLCOM_EXECUTE && + lex->sql_command != SQLCOM_DEALLOCATE_PREPARE) { my_error(ER_MUST_CHANGE_PASSWORD, MYF(0)); DBUG_RETURN(1); diff --git a/sql/sql_prepare.cc b/sql/sql_prepare.cc index 24e0d8abf27..e35d1923cb3 100644 --- a/sql/sql_prepare.cc +++ b/sql/sql_prepare.cc @@ -4251,6 +4251,16 @@ bool Prepared_statement::prepare(const char *packet, uint packet_len) thd->is_error() || init_param_array(this)); + if (thd->security_ctx->password_expired && + lex->sql_command != SQLCOM_SET_OPTION) + { + thd->restore_backup_statement(this, &stmt_backup); + thd->restore_active_arena(this, &stmt_backup); + thd->stmt_arena= old_stmt_arena; + thd->cur_stmt= save_cur_stmt; + my_error(ER_MUST_CHANGE_PASSWORD, MYF(0)); + DBUG_RETURN(true); + } lex->set_trg_event_type_for_tables(); /* |