database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-07-29 05:21:33 +03:00
Code Activity

don't consider the password "expired" if authentication is passwordless

Browse Source
This commit is contained in:
Sergei Golubchik
2019-02-19 01:03:16 +01:00
parent 1e6210161d
commit a94b20a8e0
3 changed files with 35 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
mysql-test/main/password_expiration_unix_socket.result Normal file
View File

@ -0,0 +1,8 @@
#
# A password cannot expire, if there is no password
#
create user USER identified via unix_socket;
alter user USER password expire;
1
1
drop user USER;

24
mysql-test/main/password_expiration_unix_socket.test Normal file
View File

@ -0,0 +1,24 @@
#
# Test password expiration
#
--source include/not_embedded.inc
--source include/have_unix_socket.inc
--echo #
--echo # A password cannot expire, if there is no password
--echo #
--let $replace=create user $USER
--replace_result $replace "create user USER"
--eval create user $USER identified via unix_socket
--let $replace=alter user $USER
--replace_result $replace "alter user USER"
--eval alter user $USER password expire
--exec $MYSQL -u $USER -e 'select 1'
--let $replace=drop user $USER
--replace_result $replace "drop user USER"
--eval drop user $USER

5
sql/sql_acl.cc
View File

@ -13843,8 +13843,9 @@ bool acl_authenticate(THD *thd, uint com_change_user_pkt_len)
bool client_can_handle_exp_pass= thd->client_capabilities & bool client_can_handle_exp_pass= thd->client_capabilities &
CLIENT_CAN_HANDLE_EXPIRED_PASSWORDS; CLIENT_CAN_HANDLE_EXPIRED_PASSWORDS;
bool password_expired= acl_user->password_expired || bool password_expired= thd->password != PASSWORD_USED_NO_MENTION
check_password_lifetime(thd, *acl_user); && (acl_user->password_expired ||
check_password_lifetime(thd, *acl_user));
if (!client_can_handle_exp_pass && disconnect_on_expired_password && if (!client_can_handle_exp_pass && disconnect_on_expired_password &&
password_expired) password_expired)