diff options
| author | Sergei Golubchik <sergii@pisem.net> | 2013-01-25 11:24:42 +0100 |
|---|---|---|
| committer | Sergei Golubchik <sergii@pisem.net> | 2013-01-25 11:24:42 +0100 |
| commit | 672b293860318b290374757f9b6a7f90b8942570 (patch) | |
| tree | 6e1b4784e1d01890a1f9c5e3b88fe54ee773ba6b | |
| parent | 32151409c13ddc09ebda7cd02fdfe40db290503e (diff) | |
| parent | de10e214115ecc89087386ecad8bddee2a1e1608 (diff) | |
| download | mariadb-git-672b293860318b290374757f9b6a7f90b8942570.tar.gz | |
5.3 merge
client/mysqltest.cc:
make --error to work for --change_user errors
| -rw-r--r-- | client/mysqldump.c | 4 | ||||
| -rw-r--r-- | client/mysqltest.cc | 5 | ||||
| -rw-r--r-- | mysql-test/r/change_user_notembedded.result | 5 | ||||
| -rw-r--r-- | mysql-test/r/failed_auth_3909.result | 21 | ||||
| -rw-r--r-- | mysql-test/r/mysqltest.result | 6 | ||||
| -rw-r--r-- | mysql-test/t/change_user_notembedded.test | 24 | ||||
| -rw-r--r-- | mysql-test/t/failed_auth_3909.test | 37 | ||||
| -rw-r--r-- | sql/sql_acl.cc | 50 | ||||
| -rw-r--r-- | sql/sql_class.cc | 1 | ||||
| -rw-r--r-- | sql/sql_class.h | 1 | ||||
| -rw-r--r-- | sql/sql_parse.cc | 15 | ||||
| -rw-r--r-- | tests/mysql_client_test.c | 180 |
12 files changed, 262 insertions, 87 deletions
diff --git a/client/mysqldump.c b/client/mysqldump.c index a2f6087f09b..c4dda927c68 100644 --- a/client/mysqldump.c +++ b/client/mysqldump.c @@ -2551,7 +2551,7 @@ static uint get_table_structure(char *table, char *db, char *table_type, verbose_msg("-- Retrieving table structure for table %s...\n", table); len= my_snprintf(query_buff, sizeof(query_buff), - "SET OPTION SQL_QUOTE_SHOW_CREATE=%d", + "SET SQL_QUOTE_SHOW_CREATE=%d", (opt_quoted || opt_keywords)); if (!create_options) strmov(query_buff+len, @@ -5292,7 +5292,7 @@ static my_bool get_view_structure(char *table, char* db) verbose_msg("-- Retrieving view structure for table %s...\n", table); #ifdef NOT_REALLY_USED_YET - sprintf(insert_pat,"SET OPTION SQL_QUOTE_SHOW_CREATE=%d", + sprintf(insert_pat,"SET SQL_QUOTE_SHOW_CREATE=%d", (opt_quoted || opt_keywords)); #endif diff --git a/client/mysqltest.cc b/client/mysqltest.cc index 7bc52941700..8c6c1cb3408 100644 --- a/client/mysqltest.cc +++ b/client/mysqltest.cc @@ -4393,7 +4393,10 @@ void do_change_user(struct st_command *command) cur_con->name, ds_user.str, ds_passwd.str, ds_db.str)); if (mysql_change_user(mysql, ds_user.str, ds_passwd.str, ds_db.str)) - die("change user failed: %s", mysql_error(mysql)); + handle_error(command, mysql_errno(mysql), mysql_error(mysql), + mysql_sqlstate(mysql), &ds_res); + else + handle_no_error(command); dynstr_free(&ds_user); dynstr_free(&ds_passwd); diff --git a/mysql-test/r/change_user_notembedded.result b/mysql-test/r/change_user_notembedded.result new file mode 100644 index 00000000000..60579d15ec2 --- /dev/null +++ b/mysql-test/r/change_user_notembedded.result @@ -0,0 +1,5 @@ +ERROR 28000: Access denied for user 'foo'@'localhost' (using password: YES) +ERROR 28000: Access denied for user 'foo'@'localhost' (using password: NO) +ERROR 28000: Access denied for user 'foo'@'localhost' (using password: YES) +ERROR 08S01: Unknown command +ERROR 08S01: Unknown command diff --git a/mysql-test/r/failed_auth_3909.result b/mysql-test/r/failed_auth_3909.result new file mode 100644 index 00000000000..0a757e2cee2 --- /dev/null +++ b/mysql-test/r/failed_auth_3909.result @@ -0,0 +1,21 @@ +optimize table mysql.user; +Table Op Msg_type Msg_text +mysql.user optimize status OK +insert mysql.user (user,plugin) values ('foo','bar'),('bar','bar'),('baz','bar'); +Warnings: +Warning 1364 Field 'ssl_cipher' doesn't have a default value +Warning 1364 Field 'x509_issuer' doesn't have a default value +Warning 1364 Field 'x509_subject' doesn't have a default value +Warning 1364 Field 'authentication_string' doesn't have a default value +flush privileges; +connect(localhost,u1,,test,MASTER_PORT,MASTER_SOCKET); +ERROR HY000: Plugin 'bar' is not loaded +connect(localhost,u2,,test,MASTER_PORT,MASTER_SOCKET); +ERROR 28000: Access denied for user 'u2'@'localhost' (using password: NO) +connect(localhost,u2,password,test,MASTER_PORT,MASTER_SOCKET); +ERROR 28000: Access denied for user 'u2'@'localhost' (using password: YES) +ERROR HY000: Plugin 'bar' is not loaded +ERROR 28000: Access denied for user 'u2'@'localhost' (using password: NO) +ERROR 28000: Access denied for user 'u2'@'localhost' (using password: YES) +delete from mysql.user where plugin = 'bar'; +flush privileges; diff --git a/mysql-test/r/mysqltest.result b/mysql-test/r/mysqltest.result index fdb3029059f..a3043aed711 100644 --- a/mysql-test/r/mysqltest.result +++ b/mysql-test/r/mysqltest.result @@ -935,9 +935,9 @@ a int(11) YES NULL b varchar(255) YES NULL c datetime YES NULL drop table t1; -mysqltest: At line 1: change user failed: Unknown database 'inexistent' -mysqltest: At line 1: change user failed: Access denied for user 'inexistent'@'localhost' (using password: NO) -mysqltest: At line 1: change user failed: Access denied for user 'root'@'localhost' (using password: YES) +mysqltest: At line 1: query 'change_user root,,inexistent' failed: 1049: Unknown database 'inexistent' +mysqltest: At line 1: query 'change_user inexistent,,test' failed: 1045: Access denied for user 'inexistent'@'localhost' (using password: NO) +mysqltest: At line 1: query 'change_user root,inexistent,test' failed: 1045: Access denied for user 'root'@'localhost' (using password: YES) REPLACED_FILE1.txt file1.txt file2.txt diff --git a/mysql-test/t/change_user_notembedded.test b/mysql-test/t/change_user_notembedded.test new file mode 100644 index 00000000000..bf5d1956cd5 --- /dev/null +++ b/mysql-test/t/change_user_notembedded.test @@ -0,0 +1,24 @@ +source include/not_embedded.inc; + +# +# MDEV-3915 COM_CHANGE_USER allows fast password brute-forcing +# +# only three failed change_user per connection. +# successful change_user do NOT reset the counter +# +connect (test,localhost,root,,); +connection test; +--error 1045 +change_user foo,bar; +--error 1045 +change_user foo; +change_user; +--error 1045 +change_user foo,bar; +--error 1047 +change_user foo,bar; +--error 1047 +change_user; +disconnect test; +connection default; + diff --git a/mysql-test/t/failed_auth_3909.test b/mysql-test/t/failed_auth_3909.test new file mode 100644 index 00000000000..3179794d155 --- /dev/null +++ b/mysql-test/t/failed_auth_3909.test @@ -0,0 +1,37 @@ +source include/not_embedded.inc; + +# +# MDEV-3909 remote user enumeration +# +# verify that for some failed login attemps (with wrong user names) +# the server requests a plugin +# +optimize table mysql.user; +insert mysql.user (user,plugin) values ('foo','bar'),('bar','bar'),('baz','bar'); +flush privileges; + +--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT +--error ER_PLUGIN_IS_NOT_LOADED +connect (fail,localhost,u1); + +--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT +--error ER_ACCESS_DENIED_ERROR +connect (fail,localhost,u2); + +--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT +--error ER_ACCESS_DENIED_ERROR +connect (fail,localhost,u2,password); + +--error ER_PLUGIN_IS_NOT_LOADED +change_user u1; + +--error ER_ACCESS_DENIED_ERROR +change_user u2; + +--error ER_ACCESS_DENIED_ERROR +change_user u2,password; + +delete from mysql.user where plugin = 'bar'; +flush privileges; + + diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index f38f29898d3..04d797b3ba1 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -7987,6 +7987,7 @@ struct MPVIO_EXT :public MYSQL_PLUGIN_VIO } cached_server_packet; int packets_read, packets_written; ///< counters for send/received packets uint connect_errors; ///< if there were connect errors for this host + bool make_it_fail; /** when plugin returns a failure this tells us what really happened */ enum { SUCCESS, FAILURE, RESTART } status; }; @@ -8252,14 +8253,14 @@ static bool send_plugin_request_packet(MPVIO_EXT *mpvio, /** Finds acl entry in user database for authentication purposes. - Finds a user and copies it into mpvio. Reports an authentication - failure if a user is not found. + Finds a user and copies it into mpvio. Creates a fake user + if no matching user account is found. @note find_acl_user is not the same, because it doesn't take into account the case when user is not empty, but acl_user->user is empty @retval 0 found - @retval 1 not found + @retval 1 error */ static bool find_mpvio_user(MPVIO_EXT *mpvio) { @@ -8282,8 +8283,27 @@ static bool find_mpvio_user(MPVIO_EXT *mpvio) if (!mpvio->acl_user) { - login_failed_error(mpvio->thd); - DBUG_RETURN (1); + /* + A matching user was not found. Fake it. Take any user, make the + authentication fail later. + This way we get a realistically looking failure, with occasional + "change auth plugin" requests even for nonexistent users. The ratio + of "change auth plugin" request will be the same for real and + nonexistent users. + Note, that we cannot pick any user at random, it must always be + the same user account for the incoming sctx->user name. + */ + ulong nr1=1, nr2=4; + CHARSET_INFO *cs= &my_charset_latin1; + cs->coll->hash_sort(cs, (uchar*) sctx->user, strlen(sctx->user), &nr1, &nr2); + + mysql_mutex_lock(&acl_cache->lock); + uint i= nr1 % acl_users.elements; + ACL_USER *acl_user_tmp= dynamic_element(&acl_users, i, ACL_USER*); + mpvio->acl_user= acl_user_tmp->copy(mpvio->thd->mem_root); + mysql_mutex_unlock(&acl_cache->lock); + + mpvio->make_it_fail= true; } /* user account requires non-default plugin and the client is too old */ @@ -8410,6 +8430,7 @@ static bool parse_com_change_user_packet(MPVIO_EXT *mpvio, uint packet_length) } #ifndef NO_EMBEDDED_ACCESS_CHECKS + thd->password= passwd_len > 0; if (find_mpvio_user(mpvio)) DBUG_RETURN(1); @@ -8705,8 +8726,8 @@ static ulong parse_client_handshake_packet(MPVIO_EXT *mpvio, mpvio->cached_server_packet.pkt_len)) return packet_error; - passwd_len= my_net_read(&mpvio->thd->net); - passwd= (char*)mpvio->thd->net.read_pos; + passwd_len= my_net_read(&thd->net); + passwd= (char*)thd->net.read_pos; } *buff= (uchar*) passwd; @@ -8808,6 +8829,10 @@ static int server_mpvio_read_packet(MYSQL_PLUGIN_VIO *param, uchar **buf) *buf= (uchar*) mpvio->cached_client_reply.pkt; mpvio->cached_client_reply.pkt= 0; mpvio->packets_read++; + + if (mpvio->make_it_fail) + goto err; + DBUG_RETURN ((int) mpvio->cached_client_reply.pkt_len); } @@ -8842,6 +8867,9 @@ static int server_mpvio_read_packet(MYSQL_PLUGIN_VIO *param, uchar **buf) else *buf= mpvio->thd->net.read_pos; + if (mpvio->make_it_fail) + goto err; + DBUG_RETURN((int)pkt_len); err: @@ -8849,7 +8877,12 @@ err: { inc_host_errors(mpvio->thd->security_ctx->ip); if (!mpvio->thd->is_error()) - my_error(ER_HANDSHAKE_ERROR, MYF(0)); + { + if (mpvio->make_it_fail) + login_failed_error(mpvio->thd); + else + my_error(ER_HANDSHAKE_ERROR, MYF(0)); + } } DBUG_RETURN(-1); } @@ -9054,6 +9087,7 @@ bool acl_authenticate(THD *thd, uint connect_errors, mpvio.thd= thd; mpvio.connect_errors= connect_errors; mpvio.status= MPVIO_EXT::FAILURE; + mpvio.make_it_fail= false; mpvio.auth_info.host_or_ip= thd->security_ctx->host_or_ip; mpvio.auth_info.host_or_ip_length= (unsigned int) strlen(thd->security_ctx->host_or_ip); diff --git a/sql/sql_class.cc b/sql/sql_class.cc index 9c53db45009..df71b78ada0 100644 --- a/sql/sql_class.cc +++ b/sql/sql_class.cc @@ -812,6 +812,7 @@ THD::THD() warning_info(&main_warning_info), stmt_da(&main_da), global_disable_checkpoint(0), + failed_com_change_user(0), is_fatal_error(0), transaction_rollback_request(0), is_fatal_sub_stmt_error(0), diff --git a/sql/sql_class.h b/sql/sql_class.h index bdf08cea250..cff6acbb9c9 100644 --- a/sql/sql_class.h +++ b/sql/sql_class.h @@ -2200,6 +2200,7 @@ public: bool no_errors; uint8 password; + uint8 failed_com_change_user; /** Set to TRUE if execution of the current compound statement diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc index 255d03e69dd..6ea0dcbeb8e 100644 --- a/sql/sql_parse.cc +++ b/sql/sql_parse.cc @@ -976,7 +976,18 @@ bool dispatch_command(enum enum_server_command command, THD *thd, thd->security_ctx->user= 0; thd->user_connect= 0; - rc= acl_authenticate(thd, 0, packet_length); + /* + to limit COM_CHANGE_USER ability to brute-force passwords, + we only allow three unsuccessful COM_CHANGE_USER per connection. + */ + if (thd->failed_com_change_user >= 3) + { + my_message(ER_UNKNOWN_COM_ERROR, ER(ER_UNKNOWN_COM_ERROR), MYF(0)); + rc= 1; + } + else + rc= acl_authenticate(thd, 0, packet_length); + MYSQL_AUDIT_NOTIFY_CONNECTION_CHANGE_USER(thd); if (rc) { @@ -991,6 +1002,8 @@ bool dispatch_command(enum enum_server_command command, THD *thd, thd->variables.collation_connection= save_collation_connection; thd->variables.character_set_results= save_character_set_results; thd->update_charset(); + thd->failed_com_change_user++; + my_sleep(1000000); } else { diff --git a/tests/mysql_client_test.c b/tests/mysql_client_test.c index 9869290a5bb..f348ec4515b 100644 --- a/tests/mysql_client_test.c +++ b/tests/mysql_client_test.c @@ -16040,6 +16040,7 @@ static void test_change_user() const char *pw= "password"; const char *db= "mysqltest_user_test_database"; int rc; + MYSQL* conn; DBUG_ENTER("test_change_user"); myheader("test_change_user"); @@ -16083,149 +16084,173 @@ static void test_change_user() rc= mysql_query(mysql, buff); myquery(rc); + conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0); /* Try some combinations */ - rc= mysql_change_user(mysql, NULL, NULL, NULL); + rc= mysql_change_user(conn, NULL, NULL, NULL); DIE_UNLESS(rc); if (! opt_silent) - printf("Got error (as expected): %s\n", mysql_error(mysql)); + printf("Got error (as expected): %s\n", mysql_error(conn)); - rc= mysql_change_user(mysql, "", NULL, NULL); + rc= mysql_change_user(conn, "", NULL, NULL); DIE_UNLESS(rc); if (! opt_silent) - printf("Got error (as expected): %s\n", mysql_error(mysql)); + printf("Got error (as expected): %s\n", mysql_error(conn)); - rc= mysql_change_user(mysql, "", "", NULL); + rc= mysql_change_user(conn, "", "", NULL); DIE_UNLESS(rc); if (! opt_silent) - printf("Got error (as expected): %s\n", mysql_error(mysql)); + printf("Got error (as expected): %s\n", mysql_error(conn)); - rc= mysql_change_user(mysql, "", "", ""); + mysql_close(conn); + conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0); + + rc= mysql_change_user(conn, "", "", ""); DIE_UNLESS(rc); if (! opt_silent) - printf("Got error (as expected): %s\n", mysql_error(mysql)); + printf("Got error (as expected): %s\n", mysql_error(conn)); - rc= mysql_change_user(mysql, NULL, "", ""); + rc= mysql_change_user(conn, NULL, "", ""); DIE_UNLESS(rc); if (! opt_silent) - printf("Got error (as expected): %s\n", mysql_error(mysql)); + printf("Got error (as expected): %s\n", mysql_error(conn)); - rc= mysql_change_user(mysql, NULL, NULL, ""); + rc= mysql_change_user(conn, NULL, NULL, ""); DIE_UNLESS(rc); if (! opt_silent) - printf("Got error (as expected): %s\n", mysql_error(mysql)); + printf("Got error (as expected): %s\n", mysql_error(conn)); + + mysql_close(conn); + conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0); - rc= mysql_change_user(mysql, "", NULL, ""); + rc= mysql_change_user(conn, "", NULL, ""); DIE_UNLESS(rc); if (! opt_silent) - printf("Got error (as expected): %s\n", mysql_error(mysql)); + printf("Got error (as expected): %s\n", mysql_error(conn)); - rc= mysql_change_user(mysql, user_pw, NULL, ""); + rc= mysql_change_user(conn, user_pw, NULL, ""); DIE_UNLESS(rc); if (! opt_silent) - printf("Got error (as expected): %s\n", mysql_error(mysql)); + printf("Got error (as expected): %s\n", mysql_error(conn)); - rc= mysql_change_user(mysql, user_pw, "", ""); + rc= mysql_change_user(conn, user_pw, "", ""); DIE_UNLESS(rc); if (! opt_silent) - printf("Got error (as expected): %s\n", mysql_error(mysql)); + printf("Got error (as expected): %s\n", mysql_error(conn)); - rc= mysql_change_user(mysql, user_pw, "", NULL); + mysql_close(conn); + conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0); + + rc= mysql_change_user(conn, user_pw, "", NULL); DIE_UNLESS(rc); if (! opt_silent) - printf("Got error (as expected): %s\n", mysql_error(mysql)); + printf("Got error (as expected): %s\n", mysql_error(conn)); - rc= mysql_change_user(mysql, user_pw, NULL, NULL); + rc= mysql_change_user(conn, user_pw, NULL, NULL); DIE_UNLESS(rc); if (! opt_silent) - printf("Got error (as expected): %s\n", mysql_error(mysql)); + printf("Got error (as expected): %s\n", mysql_error(conn)); - rc= mysql_change_user(mysql, user_pw, "", db); + rc= mysql_change_user(conn, user_pw, "", db); DIE_UNLESS(rc); if (! opt_silent) - printf("Got error (as expected): %s\n", mysql_error(mysql)); + printf("Got error (as expected): %s\n", mysql_error(conn)); + + mysql_close(conn); + conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0); - rc= mysql_change_user(mysql, user_pw, NULL, db); + rc= mysql_change_user(conn, user_pw, NULL, db); DIE_UNLESS(rc); if (! opt_silent) - printf("Got error (as expected): %s\n", mysql_error(mysql)); + printf("Got error (as expected): %s\n", mysql_error(conn)); - rc= mysql_change_user(mysql, user_pw, pw, db); + rc= mysql_change_user(conn, user_pw, pw, db); myquery(rc); - rc= mysql_change_user(mysql, user_pw, pw, NULL); + rc= mysql_change_user(conn, user_pw, pw, NULL); myquery(rc); - rc= mysql_change_user(mysql, user_pw, pw, ""); + rc= mysql_change_user(conn, user_pw, pw, ""); myquery(rc); - rc= mysql_change_user(mysql, user_no_pw, pw, db); + rc= mysql_change_user(conn, user_no_pw, pw, db); DIE_UNLESS(rc); if (! opt_silent) - printf("Got error (as expected): %s\n", mysql_error(mysql)); + printf("Got error (as expected): %s\n", mysql_error(conn)); - rc= mysql_change_user(mysql, user_no_pw, pw, ""); + rc= mysql_change_user(conn, user_no_pw, pw, ""); DIE_UNLESS(rc); if (! opt_silent) - printf("Got error (as expected): %s\n", mysql_error(mysql)); + printf("Got error (as expected): %s\n", mysql_error(conn)); - rc= mysql_change_user(mysql, user_no_pw, pw, NULL); + mysql_close(conn); + conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0); + + rc= mysql_change_user(conn, user_no_pw, pw, NULL); DIE_UNLESS(rc); if (! opt_silent) - printf("Got error (as expected): %s\n", mysql_error(mysql)); + printf("Got error (as expected): %s\n", mysql_error(conn)); - rc= mysql_change_user(mysql, user_no_pw, "", NULL); + rc= mysql_change_user(conn, user_no_pw, "", NULL); myquery(rc); - rc= mysql_change_user(mysql, user_no_pw, "", ""); + rc= mysql_change_user(conn, user_no_pw, "", ""); myquery(rc); - rc= mysql_change_user(mysql, user_no_pw, "", db); + rc= mysql_change_user(conn, user_no_pw, "", db); myquery(rc); - rc= mysql_change_user(mysql, user_no_pw, NULL, db); + rc= mysql_change_user(conn, user_no_pw, NULL, db); myquery(rc); - rc= mysql_change_user(mysql, "", pw, db); + rc= mysql_change_user(conn, "", pw, db); DIE_UNLESS(rc); if (! opt_silent) - printf("Got error (as expected): %s\n", mysql_error(mysql)); + printf("Got error (as expected): %s\n", mysql_error(conn)); - rc= mysql_change_user(mysql, "", pw, ""); + rc= mysql_change_user(conn, "", pw, ""); DIE_UNLESS(rc); if (! opt_silent) - printf("Got error (as expected): %s\n", mysql_error(mysql)); + printf("Got error (as expected): %s\n", mysql_error(conn)); + + mysql_close(conn); + conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0); - rc= mysql_change_user(mysql, "", pw, NULL); + rc= mysql_change_user(conn, "", pw, NULL); DIE_UNLESS(rc); if (! opt_silent) - printf("Got error (as expected): %s\n", mysql_error(mysql)); + printf("Got error (as expected): %s\n", mysql_error(conn)); - rc= mysql_change_user(mysql, NULL, pw, NULL); + rc= mysql_change_user(conn, NULL, pw, NULL); DIE_UNLESS(rc); if (! opt_silent) - printf("Got error (as expected): %s\n", mysql_error(mysql)); + printf("Got error (as expected): %s\n", mysql_error(conn)); - rc= mysql_change_user(mysql, NULL, NULL, db); + rc= mysql_change_user(conn, NULL, NULL, db); DIE_UNLESS(rc); if (! opt_silent) - printf("Got error (as expected): %s\n", mysql_error(mysql)); + printf("Got error (as expected): %s\n", mysql_error(conn)); - rc= mysql_change_user(mysql, NULL, "", db); + mysql_close(conn); + conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0); + + rc= mysql_change_user(conn, NULL, "", db); DIE_UNLESS(rc); if (! opt_silent) - printf("Got error (as expected): %s\n", mysql_error(mysql)); + printf("Got error (as expected): %s\n", mysql_error(conn)); - rc= mysql_change_user(mysql, "", "", db); + rc= mysql_change_user(conn, "", "", db); DIE_UNLESS(rc); if (! opt_silent) - printf("Got error (as expected): %s\n", mysql_error(mysql)); + printf("Got error (as expected): %s\n", mysql_error(conn)); /* Cleanup the environment */ - mysql_change_user(mysql, opt_user, opt_password, current_db); + mysql_change_user(conn, opt_user, opt_password, current_db); + + mysql_close(conn); sprintf(buff, "drop database %s", db); rc= mysql_query(mysql, buff); @@ -16888,29 +16913,35 @@ static void test_bug31669() static char db[NAME_CHAR_LEN+1]; static char query[LARGE_BUFFER_SIZE*2]; #endif + MYSQL* conn; DBUG_ENTER("test_bug31669"); myheader("test_bug31669"); - rc= mysql_change_user(mysql, NULL, NULL, NULL); + conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0); + + rc= mysql_change_user(conn, NULL, NULL, NULL); DIE_UNLESS(rc); - rc= mysql_change_user(mysql, "", "", ""); + rc= mysql_change_user(conn, "", "", ""); DIE_UNLESS(rc); memset(buff, 'a', sizeof(buff)); - rc= mysql_change_user(mysql, buff, buff, buff); + mysql_close(conn); + conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0); + + rc= mysql_change_user(conn, buff, buff, buff); DIE_UNLESS(rc); - rc = mysql_change_user(mysql, opt_user, opt_password, current_db); + rc = mysql_change_user(conn, opt_user, opt_password, current_db); DIE_UNLESS(!rc); #ifndef EMBEDDED_LIBRARY memset(db, 'a', sizeof(db)); db[NAME_CHAR_LEN]= 0; strxmov(query, "CREATE DATABASE IF NOT EXISTS ", db, NullS); - rc= mysql_query(mysql, query); + rc= mysql_query(conn, query); myquery(rc); memset(user, 'b', sizeof(user)); @@ -16919,54 +16950,59 @@ static void test_bug31669() buff[LARGE_BUFFER_SIZE]= 0; strxmov(query, "GRANT ALL PRIVILEGES ON *.* TO '", user, "'@'%' IDENTIFIED BY " "'", buff, "' WITH GRANT OPTION", NullS); - rc= mysql_query(mysql, query); + rc= mysql_query(conn, query); myquery(rc); strxmov(query, "GRANT ALL PRIVILEGES ON *.* TO '", user, "'@'localhost' IDENTIFIED BY " "'", buff, "' WITH GRANT OPTION", NullS); - rc= mysql_query(mysql, query); + rc= mysql_query(conn, query); myquery(rc); - rc= mysql_query(mysql, "FLUSH PRIVILEGES"); + rc= mysql_query(conn, "FLUSH PRIVILEGES"); myquery(rc); - rc= mysql_change_user(mysql, user, buff, db); + rc= mysql_change_user(conn, user, buff, db); DIE_UNLESS(!rc); user[USERNAME_CHAR_LENGTH-1]= 'a'; - rc= mysql_change_user(mysql, user, buff, db); + rc= mysql_change_user(conn, user, buff, db); DIE_UNLESS(rc); user[USERNAME_CHAR_LENGTH-1]= 'b'; buff[LARGE_BUFFER_SIZE-1]= 'd'; - rc= mysql_change_user(mysql, user, buff, db); + rc= mysql_change_user(conn, user, buff, db); DIE_UNLESS(rc); buff[LARGE_BUFFER_SIZE-1]= 'c'; db[NAME_CHAR_LEN-1]= 'e'; - rc= mysql_change_user(mysql, user, buff, db); + rc= mysql_change_user(conn, user, buff, db); DIE_UNLESS(rc); + mysql_close(conn); + conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0); + db[NAME_CHAR_LEN-1]= 'a'; - rc= mysql_change_user(mysql, user, buff, db); + rc= mysql_change_user(conn, user, buff, db); DIE_UNLESS(!rc); - rc= mysql_change_user(mysql, user + 1, buff + 1, db + 1); + rc= mysql_change_user(conn, user + 1, buff + 1, db + 1); DIE_UNLESS(rc); - rc = mysql_change_user(mysql, opt_user, opt_password, current_db); + rc = mysql_change_user(conn, opt_user, opt_password, current_db); DIE_UNLESS(!rc); strxmov(query, "DROP DATABASE ", db, NullS); - rc= mysql_query(mysql, query); + rc= mysql_query(conn, query); myquery(rc); strxmov(query, "DELETE FROM mysql.user WHERE User='", user, "'", NullS); - rc= mysql_query(mysql, query); + rc= mysql_query(conn, query); myquery(rc); - DIE_UNLESS(mysql_affected_rows(mysql) == 2); + DIE_UNLESS(mysql_affected_rows(conn) == 2); #endif + mysql_close(conn); + DBUG_VOID_RETURN; } |