Server IP : 104.21.38.3 / Your IP : 162.158.108.166 Web Server : Apache System : Linux krdc-ubuntu-s-2vcpu-4gb-amd-blr1-01.localdomain 5.15.0-142-generic #152-Ubuntu SMP Mon May 19 10:54:31 UTC 2025 x86_64 User : www ( 1000) PHP Version : 7.4.33 Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /www/server/mysql/src/mysql-test/suite/auth_sec/t/ |
Upload File : |
############################################################################### # # # Authorization and authentication of the key-value pair shared between # # the server and the client when server is started with SSL and client # # is connected without SSL # # # # # # Creation Date: 2012-12-20 # # Author : Tanjot Singh Uppal # # # # # # Description:Test Cases of validates the authentication of the handshake # # information when server started with SSL and client started without SSL # # # ############################################################################### --source include/not_embedded.inc --source include/have_ssl.inc --source include/have_openssl.inc --source include/have_sha256_rsa_auth.inc --source include/have_ssl_communication.inc let $crllen=`select length(trim(coalesce(@@ssl_crl, ''))) + length(trim(coalesce(@@ssl_crlpath, '')))`; if (!$crllen) { skip Needs OpenSSL; } # This test will intentionally generate errors in the server error log # when a broken password is inserted into the mysql.user table. # The below suppression is to clear those errors. --disable_query_log call mtr.add_suppression(".*Password salt for user.*"); --enable_query_log --disable_query_log call mtr.add_suppression(".*SSL.*"); --enable_query_log # The default authentication plugin at the server side is mysql_native_password --echo --echo --echo ====================================================================================== --echo Checking the user access with SSL through user created with mysql_native_password plugin --echo ====================================================================================== --echo # Creating a user at localhost with mysql_native_password plugin CREATE USER 'Tanjotuser1'@'localhost' IDENTIFIED WITH 'mysql_native_password'; set @@session.old_passwords=0; set password for 'Tanjotuser1'@'localhost' = 'abc'; # Trying connecting the client with the mysql_native_password user with out the SSL credentials. --echo **** connecting client using the ssl credentials --exec $MYSQL -uTanjotuser1 -hlocalhost -pabc -e "select @@Global.old_passwords;select @@session.old_passwords" --echo 0 for GLOBAL Expected --echo 0 for SESSION Expected --echo **** connecting client using the ssl credentials --exec $MYSQL -uTanjotuser1 -hlocalhost -pabc --default_auth=mysql_native_password -e "select @@Global.old_passwords;select @@session.old_passwords" --echo 0 for GLOBAL Expected --echo 0 for SESSION Expected --echo **** connecting client using the ssl credentials --exec $MYSQL -uTanjotuser1 -hlocalhost -pabc --default_auth=sha256_password -e "select @@Global.old_passwords;select @@session.old_passwords" --echo 0 for GLOBAL Expected --echo 0 for SESSION Expected # Trying connecting the client with the mysql_native_password user with out the SSL credentials with. --echo **** connecting client using the ssl credentials --exec $MYSQL -uTanjotuser1 -hlocalhost -pabc -e "select @@Global.old_passwords;select @@session.old_passwords" --echo 0 for GLOBAL Expected --echo 0 for SESSION Expected --echo **** connecting client using the ssl credentials --exec $MYSQL -uTanjotuser1 -hlocalhost -pabc --default_auth=mysql_native_password -e "select @@Global.old_passwords;select @@session.old_passwords" --echo 0 for GLOBAL Expected --echo 0 for SESSION Expected --echo **** connecting client using the ssl credentials --exec $MYSQL -uTanjotuser1 -hlocalhost -pabc --default_auth=sha256_password -e "select @@Global.old_passwords;select @@session.old_passwords" --echo 0 for GLOBAL Expected --echo 0 for SESSION Expected # Dropping the created users DROP USER 'Tanjotuser1'@'localhost'; --echo --echo --echo ====================================================================================== --echo Checking the user access with SSL through user created with sha256_password plugin --echo ====================================================================================== --echo # Creating a user at localhost with sha256_password plugin --echo Creating a user with the sha256_password CREATE USER 'Tanjotuser1'@'localhost' IDENTIFIED WITH 'sha256_password'; set @@session.old_passwords=2; set password for 'Tanjotuser1'@'localhost' = 'abc'; # Trying connecting the client with the sha256_password user with out the SSL credentials. --echo **** connecting client using the ssl credentials --exec $MYSQL -uTanjotuser1 -hlocalhost -pabc -e "select @@Global.old_passwords;select @@session.old_passwords" --echo 0 for GLOBAL Expected --echo 2 for SESSION Expected --echo **** connecting client using the ssl credentials --exec $MYSQL -uTanjotuser1 -hlocalhost -pabc --default_auth=mysql_native_password -e "select @@Global.old_passwords;select @@session.old_passwords" --echo 0 for GLOBAL Expected --echo 2 for SESSION Expected --echo **** connecting client using the ssl credentials --exec $MYSQL -uTanjotuser1 -hlocalhost -pabc --default_auth=sha256_password -e "select @@Global.old_passwords;select @@session.old_passwords" --echo 0 for GLOBAL Expected --echo 2 for SESSION Expected # Trying connecting the client with the sha256_password user with out the SSL credentials. --echo **** connecting client using the ssl credentials --exec $MYSQL -uTanjotuser1 -hlocalhost -pabc -e "select @@Global.old_passwords;select @@session.old_passwords" --echo 0 for GLOBAL Expected --echo 2 for SESSION Expected --echo **** connecting client using the ssl credentials --exec $MYSQL -uTanjotuser1 -hlocalhost -pabc --default_auth=mysql_native_password -e "select @@Global.old_passwords;select @@session.old_passwords" --echo 0 for GLOBAL Expected --echo 2 for SESSION Expected --echo **** connecting client using the ssl credentials --exec $MYSQL -uTanjotuser1 -hlocalhost -pabc --default_auth=sha256_password -e "select @@Global.old_passwords;select @@session.old_passwords" --echo 0 for GLOBAL Expected --echo 2 for SESSION Expected # Dropping the created users DROP USER 'Tanjotuser1'@'localhost'; --echo --echo --echo ================================================================================================= --echo Starting the server with the default authentication sha256_password --echo ================================================================================================= --echo --echo # Restart server with default-authentication-plugin=sha256_password; let $restart_file= $MYSQLTEST_VARDIR/tmp/mysqld.1.expect; --exec echo "wait" > $restart_file --shutdown_server --source include/wait_until_disconnected.inc -- exec echo "restart:--default-authentication-plugin=sha256_password " > $MYSQLTEST_VARDIR/tmp/mysqld.1.expect -- enable_reconnect -- source include/wait_until_connected_again.inc --echo --echo --echo ====================================================================================== --echo Checking the user access with SSL through user created with mysql_native_password plugin --echo ====================================================================================== --echo # Creating a user at localhost with mysql_native_password plugin --echo Creating a user with the mysql_native_password CREATE USER 'Tanjotuser1'@'localhost' IDENTIFIED WITH 'mysql_native_password'; set @@session.old_passwords=0; set password for 'Tanjotuser1'@'localhost' = 'abc'; # Trying connecting the client with the mysql_native_password user with out the SSL credentials. --echo **** connecting client using the ssl credentials --exec $MYSQL -uTanjotuser1 -hlocalhost -pabc -e "select @@Global.old_passwords;select @@session.old_passwords" --echo 2 for GLOBAL Expected --echo 0 for SESSION Expected --echo **** connecting client using the ssl credentials --exec $MYSQL -uTanjotuser1 -hlocalhost -pabc --default_auth=mysql_native_password -e "select @@Global.old_passwords;select @@session.old_passwords" --echo 2 for GLOBAL Expected --echo 0 for SESSION Expected --echo **** connecting client using the ssl credentials --exec $MYSQL -uTanjotuser1 -hlocalhost -pabc --default_auth=sha256_password -e "select @@Global.old_passwords;select @@session.old_passwords" --echo 2 for GLOBAL Expected --echo 0 for SESSION Expected # Trying connecting the client with the mysql_native_password user with out the SSL credentials. --echo **** connecting client using the ssl credentials --exec $MYSQL -uTanjotuser1 -hlocalhost -pabc -e "select @@Global.old_passwords;select @@session.old_passwords" --echo 2 for GLOBAL Expected --echo 0 for SESSION Expected --echo **** connecting client using the ssl credentials --exec $MYSQL -uTanjotuser1 -hlocalhost -pabc --default_auth=mysql_native_password -e "select @@Global.old_passwords;select @@session.old_passwords" --echo 2 for GLOBAL Expected --echo 0 for SESSION Expected --echo **** connecting client using the ssl credentials --exec $MYSQL -uTanjotuser1 -hlocalhost -pabc --default_auth=sha256_password -e "select @@Global.old_passwords;select @@session.old_passwords" --echo 2 for GLOBAL Expected --echo 0 for SESSION Expected # Dropping the created users DROP USER 'Tanjotuser1'@'localhost'; --echo --echo --echo ====================================================================================== --echo Checking the user access with SSL through user created with sha256_password plugin --echo ====================================================================================== --echo # Creating a user at localhost with sha256_password plugin --echo Creating a user with the sha256_plugin CREATE USER 'Tanjotuser1'@'localhost' IDENTIFIED WITH 'sha256_password'; set @@session.old_passwords=2; set password for 'Tanjotuser1'@'localhost' = 'abc'; GRANT ALL on *.* to 'Tanjotuser1'@'localhost'; # Trying connecting the client with the sha256_password user without the SSL credentials. --echo **** connecting client using the ssl credentials --exec $MYSQL -uTanjotuser1 -hlocalhost -pabc -e "select @@Global.old_passwords;select @@session.old_passwords" --echo 2 for GLOBAL Expected --echo 2 for SESSION Expected --echo **** connecting client using the ssl credentials --exec $MYSQL -uTanjotuser1 -hlocalhost -pabc --default_auth=mysql_native_password -e "select @@Global.old_passwords;select @@session.old_passwords" --echo 2 for GLOBAL Expected --echo 2 for SESSION Expected --echo **** connecting client using the ssl credentials --exec $MYSQL -uTanjotuser1 -hlocalhost -pabc --default_auth=sha256_password -e "select @@Global.old_passwords;select @@session.old_passwords" --echo 2 for GLOBAL Expected --echo 2 for SESSION Expected # Trying connecting the client with the sha256_password user without the SSL credentials. --echo **** connecting client using the ssl credentials --exec $MYSQL -uTanjotuser1 -hlocalhost -pabc -e "select @@Global.old_passwords;select @@session.old_passwords" --echo 2 for GLOBAL Expected --echo 2 for SESSION Expected --echo **** connecting client using the ssl credentials --exec $MYSQL -uTanjotuser1 -hlocalhost -pabc --default_auth=mysql_native_password -e "select @@Global.old_passwords;select @@session.old_passwords" --echo 2 for GLOBAL Expected --echo 2 for SESSION Expected --echo **** connecting client using the ssl credentials --exec $MYSQL -uTanjotuser1 -hlocalhost -pabc --default_auth=sha256_password -e "select @@Global.old_passwords;select @@session.old_passwords" --echo 2 for GLOBAL Expected --echo 2 for SESSION Expected # Trying connecting the client with the mysql_native_password user without the SSL credentials. # Dropping the created users DROP USER 'Tanjotuser1'@'localhost'; set @@session.old_passwords=default;