diff options
-rw-r--r-- | mysql-test/main/mysql_install_db_win_admin.result | 12 | ||||
-rw-r--r-- | mysql-test/main/mysql_install_db_win_admin.test | 21 | ||||
-rw-r--r-- | mysql-test/main/mysqld--help.test | 2 | ||||
-rwxr-xr-x | mysql-test/mariadb-test-run.pl | 3 | ||||
-rw-r--r-- | plugin/auth_gssapi/CMakeLists.txt | 12 | ||||
-rw-r--r-- | plugin/auth_gssapi/mysql-test/auth_gssapi/basic.result | 4 | ||||
-rw-r--r-- | plugin/auth_gssapi/mysql-test/auth_gssapi/basic.test | 5 | ||||
-rw-r--r-- | plugin/auth_gssapi/mysql-test/auth_gssapi/groups.result | 4 | ||||
-rw-r--r-- | plugin/auth_gssapi/mysql-test/auth_gssapi/groups.test | 7 | ||||
-rw-r--r-- | plugin/auth_gssapi/mysql-test/auth_gssapi/multiauth.result | 4 | ||||
-rw-r--r-- | plugin/auth_gssapi/mysql-test/auth_gssapi/multiauth.test | 4 | ||||
-rw-r--r-- | plugin/auth_gssapi/mysql-test/auth_gssapi/suite.opt | 2 | ||||
-rw-r--r-- | plugin/auth_gssapi/mysql-test/auth_gssapi/suite.pm | 3 | ||||
-rw-r--r-- | plugin/auth_gssapi/server_plugin.cc | 2 | ||||
-rw-r--r-- | sql/mysql_install_db.cc | 5 |
15 files changed, 54 insertions, 36 deletions
diff --git a/mysql-test/main/mysql_install_db_win_admin.result b/mysql-test/main/mysql_install_db_win_admin.result new file mode 100644 index 00000000000..06d3d677977 --- /dev/null +++ b/mysql-test/main/mysql_install_db_win_admin.result @@ -0,0 +1,12 @@ +use mysql; +Running bootstrap +Creating my.ini file +Removing default user +Allowing remote access for user root +Setting root password +Creation of the database was successful +# Kill the server +# restart: --datadir=MYSQLTEST_VARDIR/tmp/ddir +connect root,localhost,root,wrongpass,mysql; +# Kill the server +# restart diff --git a/mysql-test/main/mysql_install_db_win_admin.test b/mysql-test/main/mysql_install_db_win_admin.test new file mode 100644 index 00000000000..a6b98f97058 --- /dev/null +++ b/mysql-test/main/mysql_install_db_win_admin.test @@ -0,0 +1,21 @@ +--source include/windows.inc +--source include/check_windows_admin.inc +--source include/have_innodb.inc + +# Create database in tmp directory using mysql_install_db.exe, +# and start server from this directory. +let $ddir= $MYSQLTEST_VARDIR/tmp/ddir; +use mysql; +exec $MYSQL_INSTALL_DB_EXE --datadir=$ddir --password=foo -R; +--source include/kill_mysqld.inc +let $restart_parameters=--datadir=$ddir; +--source include/start_mysqld.inc + +# Check that connect with wrong password succeeds +connect (root,localhost,root,wrongpass,mysql); + +--source include/kill_mysqld.inc +let $restart_parameters=; +rmdir $ddir; +--source include/start_mysqld.inc + diff --git a/mysql-test/main/mysqld--help.test b/mysql-test/main/mysqld--help.test index 35b3363e8d8..a73562e4249 100644 --- a/mysql-test/main/mysqld--help.test +++ b/mysql-test/main/mysqld--help.test @@ -41,7 +41,7 @@ perl; wsrep file-key-management cracklib-password-check user-variables provider-bzip2 provider-lzma provider-lzo thread-pool-groups thread-pool-queues thread-pool-stats - thread-pool-waits hashicorp provider/; + thread-pool-waits hashicorp provider gssapi/; # And substitute the content some environment variables with their # names: diff --git a/mysql-test/mariadb-test-run.pl b/mysql-test/mariadb-test-run.pl index 491779dd613..5d84f73cc58 100755 --- a/mysql-test/mariadb-test-run.pl +++ b/mysql-test/mariadb-test-run.pl @@ -1769,7 +1769,8 @@ sub collect_mysqld_features { and $1 ne "innodb-buffer-page" and $1 ne "innodb-lock-waits" and $1 ne "innodb-locks" - and $1 ne "innodb-trx"; + and $1 ne "innodb-trx" + and $1 ne "gssapi"; next; } diff --git a/plugin/auth_gssapi/CMakeLists.txt b/plugin/auth_gssapi/CMakeLists.txt index 8c82d335ab2..f84f0aafb65 100644 --- a/plugin/auth_gssapi/CMakeLists.txt +++ b/plugin/auth_gssapi/CMakeLists.txt @@ -46,11 +46,15 @@ ELSE() ENDIF() ENDIF () - +IF(WIN32) + SET(AUTH_GSSAPI_DEFAULT DEFAULT) +ELSE() + SET(AUTH_GSSAPI_DEFAULT) +ENDIF() MYSQL_ADD_PLUGIN(auth_gssapi server_plugin.cc ${GSSAPI_SERVER} ${GSSAPI_ERRMSG} - LINK_LIBRARIES ${GSSAPI_LIBS} - COMPONENT gssapi-server - MODULE_ONLY) + LINK_LIBRARIES ${GSSAPI_LIBS} + ${AUTH_GSSAPI_DEFAULT} + COMPONENT gssapi-server) # disabled in favor of libmariadb/plugins/auth/auth_gssapi_client.c # diff --git a/plugin/auth_gssapi/mysql-test/auth_gssapi/basic.result b/plugin/auth_gssapi/mysql-test/auth_gssapi/basic.result index b7cf3d8e488..09be092d879 100644 --- a/plugin/auth_gssapi/mysql-test/auth_gssapi/basic.result +++ b/plugin/auth_gssapi/mysql-test/auth_gssapi/basic.result @@ -1,6 +1,3 @@ -INSTALL SONAME 'auth_gssapi'; -Warnings: -Note 1105 SSPI: using principal name 'localhost', mech 'Negotiate' CREATE USER 'GSSAPI_SHORTNAME' IDENTIFIED WITH gssapi; connect con1,localhost,$GSSAPI_SHORTNAME,,; SELECT USER(),CURRENT_USER(); @@ -23,4 +20,3 @@ DROP USER usr1; CREATE USER nosuchuser IDENTIFIED WITH gssapi AS 'nosuchuser@EXAMPLE.COM'; ERROR 28000: GSSAPI name mismatch, requested 'nosuchuser@EXAMPLE.COM', actual name 'GSSAPI_FULLNAME' DROP USER nosuchuser; -UNINSTALL SONAME 'auth_gssapi'; diff --git a/plugin/auth_gssapi/mysql-test/auth_gssapi/basic.test b/plugin/auth_gssapi/mysql-test/auth_gssapi/basic.test index 2307aa3934a..dc242e3a9cb 100644 --- a/plugin/auth_gssapi/mysql-test/auth_gssapi/basic.test +++ b/plugin/auth_gssapi/mysql-test/auth_gssapi/basic.test @@ -1,6 +1,3 @@ ---replace_regex /name '[^']+'/name 'localhost'/ -INSTALL SONAME 'auth_gssapi'; - # # CREATE USER without 'AS' clause # @@ -42,5 +39,3 @@ CREATE USER nosuchuser IDENTIFIED WITH gssapi AS 'nosuchuser@EXAMPLE.COM'; connect (con1,localhost,nosuchuser,,); --enable_query_log DROP USER nosuchuser; - -UNINSTALL SONAME 'auth_gssapi';
\ No newline at end of file diff --git a/plugin/auth_gssapi/mysql-test/auth_gssapi/groups.result b/plugin/auth_gssapi/mysql-test/auth_gssapi/groups.result index 10b3eb3e9d6..38244eca35b 100644 --- a/plugin/auth_gssapi/mysql-test/auth_gssapi/groups.result +++ b/plugin/auth_gssapi/mysql-test/auth_gssapi/groups.result @@ -1,6 +1,3 @@ -INSTALL SONAME 'auth_gssapi'; -Warnings: -Note 1105 SSPI: using principal name 'localhost', mech 'Negotiate' CREATE USER 'nosuchgroup' IDENTIFIED WITH gssapi AS 'GROUP:nosuchgroup'; connect(localhost,nosuchuser,,test,MASTER_MYPORT,MASTER_MYSOCK); connect con1,localhost,nosuchuser,,; @@ -41,4 +38,3 @@ connect con1,localhost,me_sid,,; disconnect con1; connection default; DROP USER me_sid; -UNINSTALL SONAME 'auth_gssapi'; diff --git a/plugin/auth_gssapi/mysql-test/auth_gssapi/groups.test b/plugin/auth_gssapi/mysql-test/auth_gssapi/groups.test index 1c72ad9cc23..647e02043f2 100644 --- a/plugin/auth_gssapi/mysql-test/auth_gssapi/groups.test +++ b/plugin/auth_gssapi/mysql-test/auth_gssapi/groups.test @@ -1,6 +1,6 @@ source include/windows.inc; --replace_regex /name '[^']+'/name 'localhost'/ -INSTALL SONAME 'auth_gssapi'; + # Invalid group name @@ -67,7 +67,4 @@ replace_result $MASTER_MYSOCK MASTER_MYSOCK $MASTER_MYPORT MASTER_MYPORT; connect (con1,localhost,me_sid,,); disconnect con1; connection default; -DROP USER me_sid; - - -UNINSTALL SONAME 'auth_gssapi';
\ No newline at end of file +DROP USER me_sid;
\ No newline at end of file diff --git a/plugin/auth_gssapi/mysql-test/auth_gssapi/multiauth.result b/plugin/auth_gssapi/mysql-test/auth_gssapi/multiauth.result index c65eb7a8634..41d2707398b 100644 --- a/plugin/auth_gssapi/mysql-test/auth_gssapi/multiauth.result +++ b/plugin/auth_gssapi/mysql-test/auth_gssapi/multiauth.result @@ -1,6 +1,3 @@ -INSTALL SONAME 'auth_gssapi'; -Warnings: -Note 1105 SSPI: using principal name 'localhost', mech 'Negotiate' CREATE USER 'nosuchuser' IDENTIFIED WITH gssapi OR mysql_native_password as password("good"); connect(localhost,nosuchuser,,test,MASTER_MYPORT,MASTER_MYSOCK); connect con1,localhost,nosuchuser,,; @@ -31,4 +28,3 @@ GSSAPI_SHORTNAME@localhost GSSAPI_SHORTNAME@% disconnect con1; connection default; DROP USER 'GSSAPI_SHORTNAME'; -UNINSTALL SONAME 'auth_gssapi'; diff --git a/plugin/auth_gssapi/mysql-test/auth_gssapi/multiauth.test b/plugin/auth_gssapi/mysql-test/auth_gssapi/multiauth.test index 10e1e80907e..0257946b786 100644 --- a/plugin/auth_gssapi/mysql-test/auth_gssapi/multiauth.test +++ b/plugin/auth_gssapi/mysql-test/auth_gssapi/multiauth.test @@ -1,6 +1,3 @@ ---replace_regex /name '[^']+'/name 'localhost'/ -INSTALL SONAME 'auth_gssapi'; - # gssapi,password CREATE USER 'nosuchuser' IDENTIFIED WITH gssapi OR mysql_native_password as password("good"); replace_result $MASTER_MYSOCK MASTER_MYSOCK $MASTER_MYPORT MASTER_MYPORT; @@ -33,4 +30,3 @@ connection default; replace_result $GSSAPI_SHORTNAME GSSAPI_SHORTNAME; eval DROP USER '$GSSAPI_SHORTNAME'; -UNINSTALL SONAME 'auth_gssapi'; diff --git a/plugin/auth_gssapi/mysql-test/auth_gssapi/suite.opt b/plugin/auth_gssapi/mysql-test/auth_gssapi/suite.opt index 3077d70c9c3..c9a5d522600 100644 --- a/plugin/auth_gssapi/mysql-test/auth_gssapi/suite.opt +++ b/plugin/auth_gssapi/mysql-test/auth_gssapi/suite.opt @@ -1 +1 @@ ---loose-gssapi-keytab-path=$GSSAPI_KEYTAB_PATH --loose-gssapi-principal-name=$GSSAPI_PRINCIPAL_NAME +--loose-gssapi=ON --loose-gssapi-keytab-path=$GSSAPI_KEYTAB_PATH --loose-gssapi-principal-name=$GSSAPI_PRINCIPAL_NAME --plugin-load-add=$AUTH_GSSAPI_SO diff --git a/plugin/auth_gssapi/mysql-test/auth_gssapi/suite.pm b/plugin/auth_gssapi/mysql-test/auth_gssapi/suite.pm index e77ba05cb5c..af13b76e74c 100644 --- a/plugin/auth_gssapi/mysql-test/auth_gssapi/suite.pm +++ b/plugin/auth_gssapi/mysql-test/auth_gssapi/suite.pm @@ -1,8 +1,9 @@ + package My::Suite::AuthGSSAPI; @ISA = qw(My::Suite); -return "No AUTH_GSSAPI plugin" unless $ENV{AUTH_GSSAPI_SO}; +return "No AUTH_GSSAPI plugin" unless ($ENV{AUTH_GSSAPI_SO} or $::mysqld_variables{gssapi} eq "ON"); return "Not run for embedded server" if $::opt_embedded_server; diff --git a/plugin/auth_gssapi/server_plugin.cc b/plugin/auth_gssapi/server_plugin.cc index eeca4607ece..c45452cee8e 100644 --- a/plugin/auth_gssapi/server_plugin.cc +++ b/plugin/auth_gssapi/server_plugin.cc @@ -141,7 +141,7 @@ static struct st_mysql_auth server_handler= { gssapi_auth, NULL, NULL }; -maria_declare_plugin(gssapi_server) +maria_declare_plugin(auth_gssapi) { MYSQL_AUTHENTICATION_PLUGIN, &server_handler, diff --git a/sql/mysql_install_db.cc b/sql/mysql_install_db.cc index 934226685a9..100b4c25096 100644 --- a/sql/mysql_install_db.cc +++ b/sql/mysql_install_db.cc @@ -438,7 +438,10 @@ static constexpr const char* update_root_passwd= "UPDATE mysql.global_priv SET priv=json_set(priv," "'$.password_last_changed', UNIX_TIMESTAMP()," "'$.plugin','mysql_native_password'," - "'$.authentication_string','%s') where User='root';\n"; + "'$.authentication_string','%s'," + "'$.auth_or', json_array(json_object(), json_object('plugin', 'gssapi','authentication_string','SID:BA'))" + ") where User= 'root';\n "; + static constexpr char remove_default_user_cmd[]= "DELETE FROM mysql.user where User='';\n"; static constexpr char allow_remote_root_access_cmd[]= |