database/mariadb-connector-c
1
0
Fork 0
mirror of https://github.com/mariadb-corporation/mariadb-connector-c.git synced 2025-08-07 02:42:49 +03:00
Code Activity

CONC-314: Support for expired passwords (MySQL Server)

Browse Source 
Added option MYSQL_OPT_CAN_HANDLE_EXPIRED_PASSWORDS for
mysql_options/mysql_optionsv.

If this option is set, client indicates that he will be able to handle expired passwords by setting the CLIENT_CAN_HANDLE_EXPIRED_PASSWORDS capability flag.
If password expired and CLIENT_CAN_HANDLE_EXPIRED_PASSWORDS is set, the server will not return an error when connecting, but put the connection in sandbox mode, where all commands will return error 1820 (ER_MUST_CHANGE_PASSWORD) unless a new password was set.

Since we frequently update mysqld_error.h error codes from 10.2-server, the ma_error_server.h include file now includes mysqld_error.h (and is just a stub)
This commit is contained in:
Georg Richter
2018-04-07 07:42:59 +02:00
parent 50d48e91fa
commit d3644be080
4 changed files with 73 additions and 772 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
unittest/libmariadb/connection.c
View File

@@ -1298,7 +1298,68 @@ static int test_conc276(MYSQL *unused __attribute__((unused)))
return OK;
}
static int test_expired_pw(MYSQL *my)
{
MYSQL *mysql;
int rc;
char query[512];
unsigned char expire= 1;
if (mariadb_connection(my) ||
!(my->server_capabilities & CLIENT_CAN_HANDLE_EXPIRED_PASSWORDS))
{
diag("Server doesn't support password expiration");
return SKIP;
}
sprintf(query, "DROP USER 'foo'@'%s'", this_host);
rc= mysql_query(my, query);
sprintf(query, "CREATE USER 'foo'@'%s' IDENTIFIED BY 'foo'", this_host);
rc= mysql_query(my, query);
check_mysql_rc(rc, my);
sprintf(query, "GRANT ALL ON *.* TO 'foo'@'%s'", this_host);
rc= mysql_query(my, query);
check_mysql_rc(rc, my);
sprintf(query, "ALTER USER 'foo'@'%s' PASSWORD EXPIRE", this_host);
rc= mysql_query(my, query);
check_mysql_rc(rc, my);
mysql= mysql_init(NULL);
my_test_connect(mysql, hostname, "foo", "foo", schema,
port, socketname, 0);
FAIL_IF(!mysql_errno(mysql), "Error expected");
mysql_close(mysql);
mysql= mysql_init(NULL);
mysql_optionsv(mysql, MYSQL_OPT_CAN_HANDLE_EXPIRED_PASSWORDS, &expire);
my_test_connect(mysql, hostname, "foo", "foo", schema,
port, socketname, 0);
rc= mysql_query(mysql, "CREATE TEMPORARY TABLE t1 (a int)");
diag("error: %d %s", mysql_errno(mysql), mysql_error(mysql));
FAIL_IF(mysql_errno(mysql) != ER_MUST_CHANGE_PASSWORD, "Error 1820 expected");
rc= mysql_query(mysql, "SET PASSWORD=PASSWORD('foobar')");
check_mysql_rc(rc, mysql);
rc= mysql_query(mysql, "CREATE TEMPORARY TABLE t1 (a int)");
check_mysql_rc(rc, mysql);
sprintf(query, "DROP USER 'foo'@'%s'", this_host);
rc= mysql_query(my, query);
check_mysql_rc(rc, my);
mysql_close(mysql);
return OK;
}
struct my_tests_st my_tests[] = {
{"test_expired_pw", test_expired_pw, TEST_CONNECTION_DEFAULT, 0, NULL, NULL},
{"test_conc276", test_conc276, TEST_CONNECTION_NONE, 0, NULL, NULL},
{"test_mdev13100", test_mdev13100, TEST_CONNECTION_DEFAULT, 0, NULL, NULL},
{"test_auth256", test_auth256, TEST_CONNECTION_DEFAULT, 0, NULL, NULL},