HEX
Server: nginx/1.26.1
System: Linux iZrj9cbdvwu1cot8sjlyzlZ 5.10.134-15.al8.x86_64 #1 SMP Thu Jul 20 00:44:04 CST 2023 x86_64
User: www (1000)
PHP: 7.4.33
Disabled: passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
$ pwd: /www/server/mysql/mysql-test/r/
Upload Files
File: //www/server/mysql/mysql-test/r/plugin_auth_qa_2.result
CREATE DATABASE test_user_db;
========== test 1.1.3.2 ====================================
=== check contens of components of info ====================
CREATE USER qa_test_1_user IDENTIFIED WITH qa_auth_interface AS 'qa_test_1_dest';
CREATE USER qa_test_1_dest IDENTIFIED BY 'dest_passwd';
GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_1_dest identified by 'dest_passwd';
GRANT PROXY ON qa_test_1_dest TO qa_test_1_user;
SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
user	plugin	authentication_string
qa_test_1_dest	mysql_native_password	
qa_test_1_user	qa_auth_interface	qa_test_1_dest
SELECT @@proxy_user;
@@proxy_user
NULL
SELECT @@external_user;
@@external_user
NULL
exec MYSQL PLUGIN_AUTH_OPT -h localhost -P MASTER_MYPORT -u qa_test_1_user --password=qa_test_1_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
Warning: Using a password on the command line interface can be insecure.
current_user()	user()	@@local.proxy_user	@@local.external_user
qa_test_1_user@%	qa_test_1_user@localhost	NULL	NULL
SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
user	plugin	authentication_string
qa_test_1_dest	mysql_native_password	
qa_test_1_user	qa_auth_interface	qa_test_1_dest
DROP USER qa_test_1_user;
DROP USER qa_test_1_dest;
=== Assign values to components of info ====================
CREATE USER qa_test_2_user IDENTIFIED WITH qa_auth_interface AS 'qa_test_2_dest';
CREATE USER qa_test_2_dest IDENTIFIED BY 'dest_passwd';
CREATE USER authenticated_as IDENTIFIED BY 'dest_passwd';
GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_2_dest identified by 'dest_passwd';
GRANT PROXY ON qa_test_2_dest TO qa_test_2_user;
GRANT PROXY ON authenticated_as TO qa_test_2_user;
SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
user	plugin	authentication_string
authenticated_as	mysql_native_password	
qa_test_2_dest	mysql_native_password	
qa_test_2_user	qa_auth_interface	qa_test_2_dest
SELECT @@proxy_user;
@@proxy_user
NULL
SELECT @@external_user;
@@external_user
NULL
exec MYSQL PLUGIN_AUTH_OPT -h localhost -P MASTER_MYPORT -u qa_test_2_user --password=qa_test_2_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
Warning: Using a password on the command line interface can be insecure.
current_user()	user()	@@local.proxy_user	@@local.external_user
authenticated_as@%	user_name@localhost	'qa_test_2_user'@'%'	'qa_test_2_user'@'%'
SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
user	plugin	authentication_string
authenticated_as	mysql_native_password	
qa_test_2_dest	mysql_native_password	
qa_test_2_user	qa_auth_interface	qa_test_2_dest
DROP USER qa_test_2_user;
DROP USER qa_test_2_dest;
DROP USER authenticated_as;
=== Assign too high values for *length, which should have no effect ====
CREATE USER qa_test_3_user IDENTIFIED WITH qa_auth_interface AS 'qa_test_3_dest';
CREATE USER qa_test_3_dest IDENTIFIED BY 'dest_passwd';
GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_3_dest identified by 'dest_passwd';
GRANT PROXY ON qa_test_3_dest TO qa_test_3_user;
exec MYSQL PLUGIN_AUTH_OPT -h localhost -P MASTER_MYPORT -u qa_test_3_user --password=qa_test_3_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
Warning: Using a password on the command line interface can be insecure.
current_user()	user()	@@local.proxy_user	@@local.external_user
qa_test_3_dest@%	qa_test_3_user@localhost	'qa_test_3_user'@'%'	'qa_test_3_user'@'%'
DROP USER qa_test_3_user;
DROP USER qa_test_3_dest;
=== Assign too low values for *length, which should have no effect ====
CREATE USER qa_test_4_user IDENTIFIED WITH qa_auth_interface AS 'qa_test_4_dest';
CREATE USER qa_test_4_dest IDENTIFIED BY 'dest_passwd';
GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_4_dest identified by 'dest_passwd';
GRANT PROXY ON qa_test_4_dest TO qa_test_4_user;
exec MYSQL PLUGIN_AUTH_OPT -h localhost -P MASTER_MYPORT -u qa_test_4_user --password=qa_test_4_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
Warning: Using a password on the command line interface can be insecure.
current_user()	user()	@@local.proxy_user	@@local.external_user
qa_test_4_dest@%	qa_test_4_user@localhost	'qa_test_4_user'@'%'	'qa_test_4_user'@'%'
DROP USER qa_test_4_user;
DROP USER qa_test_4_dest;
=== Assign empty string especially to authenticated_as (in plugin) ====
CREATE USER qa_test_5_user IDENTIFIED WITH qa_auth_interface AS 'qa_test_5_dest';
CREATE USER qa_test_5_dest IDENTIFIED BY 'dest_passwd';
CREATE USER ''@'localhost' IDENTIFIED BY 'dest_passwd';
GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_5_dest identified by 'dest_passwd';
GRANT ALL PRIVILEGES ON test_user_db.* TO ''@'localhost' identified by 'dest_passwd';
GRANT PROXY ON qa_test_5_dest TO qa_test_5_user;
GRANT PROXY ON qa_test_5_dest TO ''@'localhost';
SELECT user,plugin,authentication_string,password FROM mysql.user WHERE user != 'root';
user	plugin	authentication_string	password
	mysql_native_password		*DFCACE76914AD7BD801FC1A1ECF6562272621A22
qa_test_5_dest	mysql_native_password		*DFCACE76914AD7BD801FC1A1ECF6562272621A22
qa_test_5_user	qa_auth_interface	qa_test_5_dest	
exec MYSQL PLUGIN_AUTH_OPT -h localhost -P MASTER_MYPORT --user=qa_test_5_user  --password=qa_test_5_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
Warning: Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user 'qa_test_5_user'@'localhost' (using password: YES)
DROP USER qa_test_5_user;
DROP USER qa_test_5_dest;
DROP USER ''@'localhost';
=== Assign 'root' especially to authenticated_as (in plugin) ====
CREATE USER qa_test_6_user IDENTIFIED WITH qa_auth_interface AS 'qa_test_6_dest';
CREATE USER qa_test_6_dest IDENTIFIED BY 'dest_passwd';
GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_6_dest identified by 'dest_passwd';
GRANT PROXY ON qa_test_6_dest TO qa_test_6_user;
SELECT user,plugin,authentication_string,password FROM mysql.user WHERE user != 'root';
user	plugin	authentication_string	password
qa_test_6_dest	mysql_native_password		*DFCACE76914AD7BD801FC1A1ECF6562272621A22
qa_test_6_user	qa_auth_interface	qa_test_6_dest	
exec MYSQL PLUGIN_AUTH_OPT -h localhost -P MASTER_MYPORT --user=qa_test_6_user  --password=qa_test_6_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
Warning: Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user 'qa_test_6_user'@'localhost' (using password: YES)
GRANT PROXY ON qa_test_6_dest TO root IDENTIFIED WITH qa_auth_interface AS 'qa_test_6_dest';
SELECT user,plugin,authentication_string,password FROM mysql.user WHERE user != 'root';
user	plugin	authentication_string	password
qa_test_6_dest	mysql_native_password		*DFCACE76914AD7BD801FC1A1ECF6562272621A22
qa_test_6_user	qa_auth_interface	qa_test_6_dest	
exec MYSQL PLUGIN_AUTH_OPT -h localhost -P MASTER_MYPORT --user=root  --password=qa_test_6_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
Warning: Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
REVOKE PROXY ON qa_test_6_dest FROM root;
SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
user	plugin	authentication_string
qa_test_6_dest	mysql_native_password	
qa_test_6_user	qa_auth_interface	qa_test_6_dest
exec MYSQL PLUGIN_AUTH_OPT -h localhost -P MASTER_MYPORT --user=root  --password=qa_test_6_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
Warning: Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
DROP USER qa_test_6_user;
DROP USER qa_test_6_dest;
DELETE FROM mysql.user WHERE user='root' AND plugin='qa_auth_interface';
SELECT user,plugin,authentication_string,password FROM mysql.user WHERE user != 'root';
user	plugin	authentication_string	password
=== Test of the --default_auth option for clients ====
CREATE USER qa_test_11_user IDENTIFIED WITH qa_auth_interface AS 'qa_test_11_dest';
CREATE USER qa_test_11_dest IDENTIFIED BY 'dest_passwd';
GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_11_dest identified by 'dest_passwd';
GRANT PROXY ON qa_test_11_dest TO qa_test_11_user;
exec MYSQL PLUGIN_AUTH_OPT --default_auth=qa_auth_client -h localhost -P MASTER_MYPORT -u qa_test_11_user --password=qa_test_11_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
Warning: Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user 'qa_test_11_user'@'localhost' (using password: YES)
DROP USER qa_test_11_user, qa_test_11_dest;
DROP DATABASE test_user_db;
@ Telegram