summaryrefslogtreecommitdiff
path: root/client/mysqladmin.cc
diff options
context:
space:
mode:
authorGeorgi Kodinov <Georgi.Kodinov@Oracle.com>2012-07-05 09:55:20 +0300
committerGeorgi Kodinov <Georgi.Kodinov@Oracle.com>2012-07-05 09:55:20 +0300
commit31a9208bd09afd16ce540be2cd66c7059b7bdeb8 (patch)
tree79bc42ec937ff1b148e0a6b66924d7a3d796b805 /client/mysqladmin.cc
parente6f0b97b50bd2267ef7fdb8c8ec80ae5a4c62dc2 (diff)
downloadmariadb-git-31a9208bd09afd16ce540be2cd66c7059b7bdeb8.tar.gz
Bug #12998841: libmysql divulges plaintext password upon request in 5.5
1. Clear text password client plugin disabled by default. 2. Added an environment variable LIBMYSQL_ENABLE_CLEARTEXT_PLUGIN, that when set to something starting with '1', 'Y' or 'y' will enable the clear text plugin for all connections. 3. Added a new mysql_options() option : MYSQL_ENABLE_CLEARTEXT_PLUGIN that takes an my_bool argument. When the value of the argument is non-zero the clear text plugin is enabled for this connection only. 4. Added an enable-cleartext-plugin config file option that takes a numeric argument. If the numeric value of the numeric argument is non-zero the clear text plugin is enabled for the connection 5. Added a boolean command line option "--enable_cleartext_plugin" to mysql, mysqlslap and mysqladmin. When specified it will call mysql_options with the effect of #3 6. Added a new CLEARTEXT option to the connect command in mysqltest. When specified it will enable the cleartext plugin for usage. 7. Added test cases and updated existing ones that need the clear text plugin.
Diffstat (limited to 'client/mysqladmin.cc')
-rw-r--r--client/mysqladmin.cc13
1 files changed, 13 insertions, 0 deletions
diff --git a/client/mysqladmin.cc b/client/mysqladmin.cc
index 3f33c25e664..321efd36642 100644
--- a/client/mysqladmin.cc
+++ b/client/mysqladmin.cc
@@ -43,6 +43,8 @@ static uint opt_count_iterations= 0, my_end_arg;
static ulong opt_connect_timeout, opt_shutdown_timeout;
static char * unix_port=0;
static char *opt_plugin_dir= 0, *opt_default_auth= 0;
+static uint opt_enable_cleartext_plugin= 0;
+static my_bool using_opt_enable_cleartext_plugin= 0;
#ifdef HAVE_SMEM
static char *shared_memory_base_name=0;
@@ -212,6 +214,10 @@ static struct my_option my_long_options[] =
"Default authentication client-side plugin to use.",
&opt_default_auth, &opt_default_auth, 0,
GET_STR, REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
+ {"enable_cleartext_plugin", OPT_ENABLE_CLEARTEXT_PLUGIN,
+ "Enable/disable the clear text authentication plugin.",
+ &opt_enable_cleartext_plugin, &opt_enable_cleartext_plugin,
+ 0, GET_BOOL, OPT_ARG, 0, 0, 0, 0, 0, 0},
{ 0, 0, 0, 0, 0, 0, GET_NO_ARG, NO_ARG, 0, 0, 0, 0, 0, 0}
};
@@ -282,6 +288,9 @@ get_one_option(int optid, const struct my_option *opt __attribute__((unused)),
opt_protocol= find_type_or_exit(argument, &sql_protocol_typelib,
opt->name);
break;
+ case OPT_ENABLE_CLEARTEXT_PLUGIN:
+ using_opt_enable_cleartext_plugin= TRUE;
+ break;
}
if (error)
{
@@ -354,6 +363,10 @@ int main(int argc,char *argv[])
if (opt_default_auth && *opt_default_auth)
mysql_options(&mysql, MYSQL_DEFAULT_AUTH, opt_default_auth);
+ if (using_opt_enable_cleartext_plugin)
+ mysql_options(&mysql, MYSQL_ENABLE_CLEARTEXT_PLUGIN,
+ (char*) &opt_enable_cleartext_plugin);
+
if (sql_connect(&mysql, option_wait))
{
/*