database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-08-07 00:04:31 +03:00
Code Activity

MDEV-35617: DROP USER should leave no active session for that user

Browse Source 
DROP USER looks for sessions by the do-be-dropped user and if found:
* fails with ER_CANNOT_USER in Oracle mode
* continues with ER_ACTIVE_CONNECTIONS_FOR_USER_TO_DROP warning otherwise

Every user being dropped is marked with flag that disallow establishing
a new connections on behalf this user.
This commit is contained in:
Dmitry Shulga
2025-05-28 00:05:05 +07:00
parent e3d9369774
commit ce7ab467db
51 changed files with 410 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
mysql-test/main/auth_rpl.test
View File

@@ -57,7 +57,9 @@ DROP USER 'plug_user';
--echo # Cleanup (on master). --echo # Cleanup (on master).
--connection master --connection master
--disable_warnings
DROP USER 'plug_user'; DROP USER 'plug_user';
--enable_warnings
--let $rpl_only_running_threads= 1 --let $rpl_only_running_threads= 1
--source include/rpl_end.inc --source include/rpl_end.inc

77
mysql-test/main/create_drop_user.result
View File

@@ -41,3 +41,80 @@ Warnings:
Note 1974 Can't drop user 'u1'@'%'; it doesn't exist Note 1974 Can't drop user 'u1'@'%'; it doesn't exist
DROP USER u2; DROP USER u2;
ERROR HY000: Operation DROP USER failed for 'u2'@'%' ERROR HY000: Operation DROP USER failed for 'u2'@'%'
#
# MDEV-35617: DROP USER should leave no active session for that user
#
CREATE USER u1;
CREATE USER u2;
CREATE USER u3;
GRANT ALL on test.* to u1;
GRANT ALL on test.* to u2;
GRANT ALL on test.* to u3;
# Establish two connections on behalf the users u1, u3
# A connection on behalf the user u2 isn't established intentionally
connect con1, localhost, u1, , test;
connect con3, localhost, u3, , test;
# Drop the users u1, u2, u3. Since the users u1 and u3 have active
# connections to the server, the warning about it will be output
connection default;
DROP USER u1, u2, u3;
Warnings:
Note 4227 Dropped users 'u1'@'%','u3'@'%' have active connections. Use KILL CONNECTION if they should not be used anymore.
# None of the users u1, u2, u3 should be present in the system
SELECT user, host FROM mysql.user WHERE user IN ('u1', 'u2', 'u3');
User Host
disconnect con1;
disconnect con3;
# Check behaviour of the DROP USER statement in
# oracle compatibility mode
SET @save_sql_mode = @@sql_mode;
SET sql_mode="oracle";
CREATE USER u1;
CREATE USER u2;
CREATE USER u3;
GRANT ALL on test.* to u1;
GRANT ALL on test.* to u2;
GRANT ALL on test.* to u3;
# Established two connections on behalf the users u1, u3;
# A connection on behalf the user u2 isn't established intentionally
connect con1, localhost, u1, , test;
connect con3, localhost, u3, , test;
connection default;
# In oracle compatibility mode, DROP USER fails in case
# there are connections on behalf the users being dropped.
DROP USER u1, u2, u3;
ERROR HY000: Operation DROP USER failed for 'u1'@'%','u3'@'%'
# It is expected to see two users in output of the query: u1 and u3,
# u2 should be dropped since it doesn't have active connection at the moment
SELECT user, host FROM mysql.user WHERE user IN ('u1', 'u2', 'u3');
User Host
u1 %
u3 %
SET sql_mode= @save_sql_mode;
disconnect con1;
disconnect con3;
# Clean up
# Clean up
DROP USER u1, u3;
CREATE USER u@localhost;
CREATE USER u@'%';
connect u,localhost,u;
connection default;
DROP USER u@'%';
disconnect u;
DROP USER u@localhost;
CREATE USER u@localhost;
SET sql_mode=oracle;
connect u,localhost,u;
connection default;
DROP USER u@'%';
ERROR HY000: Operation DROP USER failed for 'u'@'%'
disconnect u;
connect u,localhost,u;
SELECT user(), current_user();
user() current_user()
u@localhost u@localhost
disconnect u;
connection default;
# Clean up
DROP USER u@localhost;

91
mysql-test/main/create_drop_user.test
View File

@@ -44,3 +44,94 @@ DROP USER IF EXISTS u1, u2;
--error ER_CANNOT_USER --error ER_CANNOT_USER
DROP USER u2; DROP USER u2;
--echo #
--echo # MDEV-35617: DROP USER should leave no active session for that user
--echo #
CREATE USER u1;
CREATE USER u2;
CREATE USER u3;
GRANT ALL on test.* to u1;
GRANT ALL on test.* to u2;
GRANT ALL on test.* to u3;
--echo # Establish two connections on behalf the users u1, u3
--echo # A connection on behalf the user u2 isn't established intentionally
--connect (con1, localhost, u1, , test)
--connect (con3, localhost, u3, , test)
--echo # Drop the users u1, u2, u3. Since the users u1 and u3 have active
--echo # connections to the server, the warning about it will be output
--connection default
DROP USER u1, u2, u3;
--echo # None of the users u1, u2, u3 should be present in the system
SELECT user, host FROM mysql.user WHERE user IN ('u1', 'u2', 'u3');
--disconnect con1
--disconnect con3
--echo # Check behaviour of the DROP USER statement in
--echo # oracle compatibility mode
SET @save_sql_mode = @@sql_mode;
SET sql_mode="oracle";
CREATE USER u1;
CREATE USER u2;
CREATE USER u3;
GRANT ALL on test.* to u1;
GRANT ALL on test.* to u2;
GRANT ALL on test.* to u3;
--echo # Established two connections on behalf the users u1, u3;
--echo # A connection on behalf the user u2 isn't established intentionally
--connect (con1, localhost, u1, , test)
--connect (con3, localhost, u3, , test)
--connection default
--echo # In oracle compatibility mode, DROP USER fails in case
--echo # there are connections on behalf the users being dropped.
--error ER_CANNOT_USER
DROP USER u1, u2, u3;
--echo # It is expected to see two users in output of the query: u1 and u3,
--echo # u2 should be dropped since it doesn't have active connection at the moment
SELECT user, host FROM mysql.user WHERE user IN ('u1', 'u2', 'u3');
SET sql_mode= @save_sql_mode;
--disconnect con1
--disconnect con3
--echo # Clean up
--disable_warnings
--echo # Clean up
DROP USER u1, u3;
--enable_warnings
CREATE USER u@localhost;
CREATE USER u@'%';
--connect u,localhost,u
--connection default
DROP USER u@'%';
--disconnect u
--disable_warnings
DROP USER u@localhost;
--enable_warnings
CREATE USER u@localhost;
SET sql_mode=oracle;
--connect u,localhost,u
--connection default
--error ER_CANNOT_USER
DROP USER u@'%';
--disconnect u
--connect u,localhost,u
SELECT user(), current_user();
--disconnect u
--connection default
--echo # Clean up
DROP USER u@localhost;

2
mysql-test/main/grant.result
View File

@@ -1585,6 +1585,8 @@ mysqltest1.f1()
0 0
connection default; connection default;
drop user mysqluser1@localhost; drop user mysqluser1@localhost;
Warnings:
Note 4227 Dropped users 'mysqluser1'@'localhost' have active connections. Use KILL CONNECTION if they should not be used anymore.
# #
# Test that dropping of user is properly reflected in # Test that dropping of user is properly reflected in
# both privilege tables and in in-memory structures. # both privilege tables and in in-memory structures.

2
mysql-test/main/grant_utf8_cli.test
View File

@@ -8,5 +8,7 @@ set names utf8;
create user юзер_юзер@localhost; create user юзер_юзер@localhost;
grant select on test.* to юзер_юзер@localhost; grant select on test.* to юзер_юзер@localhost;
--exec $MYSQL --default-character-set=utf8 --user=юзер_юзер -e "select user()" --exec $MYSQL --default-character-set=utf8 --user=юзер_юзер -e "select user()"
--disable_warnings
drop user юзер_юзер@localhost; drop user юзер_юзер@localhost;
--enable_warnings
set names default; set names default;

2
mysql-test/main/information_schema_db.result
View File

@@ -473,6 +473,8 @@ USER PASSWORD_ERRORS PASSWORD_EXPIRATION_TIME
# Delete user while some connection is still alive, then select. # Delete user while some connection is still alive, then select.
connection default; connection default;
drop user nice_user; drop user nice_user;
Warnings:
Note 4227 Dropped users 'nice_user'@'%' have active connections. Use KILL CONNECTION if they should not be used anymore.
connection con2; connection con2;
select * from information_schema.users; select * from information_schema.users;
ERROR 0L000: The current user is invalid ERROR 0L000: The current user is invalid

2
mysql-test/main/lock_view.test
View File

@@ -94,5 +94,7 @@ connection default;
exec $MYSQL_DUMP --no-autocommit=0 test v1 -uu1 --compact; exec $MYSQL_DUMP --no-autocommit=0 test v1 -uu1 --compact;
drop view v1; drop view v1;
drop table t1; drop table t1;
--disable_warnings
drop user u1@localhost; drop user u1@localhost;
--enable_warnings
--enable_service_connection --enable_service_connection

2
mysql-test/main/mysql.test
View File

@@ -792,7 +792,9 @@ create user ser@localhost identified by "ass";
--echo MYSQL --ssl-verify-server-cert -e "\\s" --echo MYSQL --ssl-verify-server-cert -e "\\s"
--replace_regex /^.[^S].*// /\b[-A-Z_0-9]+,/XXX,/ --replace_regex /^.[^S].*// /\b[-A-Z_0-9]+,/XXX,/
--exec $MYSQL -user -pass --ssl-verify-server-cert -e "\\s" --exec $MYSQL -user -pass --ssl-verify-server-cert -e "\\s"
--disable_warnings
drop user ser@localhost; drop user ser@localhost;
--enable_warnings
--echo # --echo #
--echo # MDEV-32473 --disable-ssl doesn't disable it --echo # MDEV-32473 --disable-ssl doesn't disable it

3
mysql-test/main/mysqlbinlog.test
View File

@@ -4,6 +4,7 @@
-- source include/have_log_bin.inc -- source include/have_log_bin.inc
-- source include/binlog_start_pos.inc -- source include/binlog_start_pos.inc
-- source include/count_sessions.inc
--disable_query_log --disable_query_log
CALL mtr.add_suppression("Unsafe statement written to the binary log using statement format since BINLOG_FORMAT = STATEMENT"); CALL mtr.add_suppression("Unsafe statement written to the binary log using statement format since BINLOG_FORMAT = STATEMENT");
@@ -365,6 +366,7 @@ echo mysql mysqltest1 -uuntrusted < var/tmp/bug31611.sql;
error 1; error 1;
exec $MYSQL mysqltest1 -uuntrusted < $MYSQLTEST_VARDIR/tmp/bug31611.sql; exec $MYSQL mysqltest1 -uuntrusted < $MYSQLTEST_VARDIR/tmp/bug31611.sql;
--remove_file $MYSQLTEST_VARDIR/tmp/bug31611.sql --remove_file $MYSQLTEST_VARDIR/tmp/bug31611.sql
connection unsecure; connection unsecure;
error ER_TABLEACCESS_DENIED_ERROR; error ER_TABLEACCESS_DENIED_ERROR;
INSERT INTO t1 VALUES (1,USER()); INSERT INTO t1 VALUES (1,USER());
@@ -373,6 +375,7 @@ SELECT * FROM t1;
connection default; connection default;
disconnect unsecure; disconnect unsecure;
DROP DATABASE mysqltest1; DROP DATABASE mysqltest1;
--source include/wait_until_count_sessions.inc
DROP USER untrusted@localhost; DROP USER untrusted@localhost;
--echo # Bug#32580 mysqlbinlog cannot read binlog event with user variables --echo # Bug#32580 mysqlbinlog cannot read binlog event with user variables

2
mysql-test/main/mysqldump-system.test
View File

@@ -125,7 +125,9 @@ set time_zone= @@global.time_zone;
--echo # Restore from mysqldump --echo # Restore from mysqldump
--exec $MYSQL --user mariadb_test_restore --password=getitback --show-warnings < $MYSQLTEST_VARDIR/tmp/dump1.sql --exec $MYSQL --user mariadb_test_restore --password=getitback --show-warnings < $MYSQLTEST_VARDIR/tmp/dump1.sql
--disable_warnings
DROP USER mariadb_test_restore; DROP USER mariadb_test_restore;
--enable_warnings
# successful restore? # successful restore?

2
mysql-test/main/mysqldump.result
View File

@@ -3934,6 +3934,8 @@ drop table t1;
drop table u1; drop table u1;
revoke all privileges on mysqldump_myDB.* from myDB_User@localhost; revoke all privileges on mysqldump_myDB.* from myDB_User@localhost;
drop user myDB_User@localhost; drop user myDB_User@localhost;
Warnings:
Note 4227 Dropped users 'myDB_User'@'localhost' have active connections. Use KILL CONNECTION if they should not be used anymore.
drop database mysqldump_myDB; drop database mysqldump_myDB;
flush privileges; flush privileges;
# Bug#21424 continues from here. # Bug#21424 continues from here.

4
mysql-test/main/mysqldump.test
View File

@@ -1617,8 +1617,10 @@ drop procedure sp1;
connection default; connection default;
disconnect user27293; disconnect user27293;
--disable_warnings
drop user user1; drop user user1;
drop user user2; drop user user2;
--enable_warnings
drop database mysqldump_test_db; drop database mysqldump_test_db;
@@ -2348,7 +2350,9 @@ connection conn_1;
connection default; connection default;
disconnect conn_1; disconnect conn_1;
--disable_warnings
DROP USER user1; DROP USER user1;
--enable_warnings
DROP DATABASE BUG52792; DROP DATABASE BUG52792;
--echo # UTF-8 --echo # UTF-8
CREATE DATABASE BUG52792; CREATE DATABASE BUG52792;

6
mysql-test/main/password_expiration.test
View File

@@ -3,6 +3,7 @@
# #
--source include/not_embedded.inc --source include/not_embedded.inc
--source include/count_sessions.inc
--echo # --echo #
--echo # Only privileged users should be able to expire passwords --echo # Only privileged users should be able to expire passwords
@@ -54,6 +55,7 @@ set global disconnect_on_expired_password=ON;
connect(con1,localhost,user1); connect(con1,localhost,user1);
--exec $MYSQL --connect-expired-password -u user1 -e "set password=password('');" --exec $MYSQL --connect-expired-password -u user1 -e "set password=password('');"
--source include/wait_until_count_sessions.inc
drop user user1@localhost; drop user user1@localhost;
--echo # --echo #
@@ -65,6 +67,7 @@ set global disconnect_on_expired_password=ON;
--replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK
--error ER_MUST_CHANGE_PASSWORD_LOGIN --error ER_MUST_CHANGE_PASSWORD_LOGIN
connect(con1,localhost,user1); connect(con1,localhost,user1);
--source include/wait_until_count_sessions.inc
drop user user1@localhost; drop user user1@localhost;
--echo # --echo #
@@ -94,6 +97,7 @@ flush privileges;
--replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK
--error ER_MUST_CHANGE_PASSWORD_LOGIN --error ER_MUST_CHANGE_PASSWORD_LOGIN
connect(con1,localhost,user1); connect(con1,localhost,user1);
--source include/wait_until_count_sessions.inc
drop user user1@localhost; drop user user1@localhost;
--echo # --echo #
@@ -215,6 +219,7 @@ flush privileges;
--replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK
--error ER_MUST_CHANGE_PASSWORD_LOGIN --error ER_MUST_CHANGE_PASSWORD_LOGIN
connect(con1,localhost,user1); connect(con1,localhost,user1);
--source include/wait_until_count_sessions.inc
drop user user1@localhost; drop user user1@localhost;
--echo # --echo #
@@ -237,6 +242,7 @@ flush privileges;
--replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK
--error ER_MUST_CHANGE_PASSWORD_LOGIN --error ER_MUST_CHANGE_PASSWORD_LOGIN
connect(con1,localhost,user1); connect(con1,localhost,user1);
--source include/wait_until_count_sessions.inc
drop user user1@localhost; drop user user1@localhost;
--echo # --echo #

2
mysql-test/main/password_expiration_unix_socket.test
View File

@@ -21,4 +21,6 @@
--let $replace=drop user '$USER' --let $replace=drop user '$USER'
--replace_result $replace "drop user 'USER'" --replace_result $replace "drop user 'USER'"
--disable_warnings
--eval drop user '$USER' --eval drop user '$USER'
--enable_warnings

6
mysql-test/main/plugin_auth_qa_1.test
View File

@@ -4,6 +4,7 @@
--source include/not_embedded.inc --source include/not_embedded.inc
#enable view protocol after fix MDEV-29542 #enable view protocol after fix MDEV-29542
--source include/no_view_protocol.inc --source include/no_view_protocol.inc
--source include/count_sessions.inc
CREATE DATABASE test_user_db; CREATE DATABASE test_user_db;
@@ -27,6 +28,7 @@ GRANT ALL ON test_user_db.* TO 'plug_dest'@'%';
REVOKE PROXY ON plug_dest FROM plug_user; REVOKE PROXY ON plug_dest FROM plug_user;
--error 1 --error 1
--exec $MYSQL -u plug_user --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1 --exec $MYSQL -u plug_user --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1
--source include/wait_until_count_sessions.inc
DROP USER plug_user,plug_dest; DROP USER plug_user,plug_dest;
# #
# GRANT...WITH # GRANT...WITH
@@ -48,6 +50,7 @@ REVOKE PROXY ON plug_dest FROM plug_user;
--echo 3) --echo 3)
--error 1 --error 1
--exec $MYSQL -u plug_user --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1 --exec $MYSQL -u plug_user --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1
--source include/wait_until_count_sessions.inc
DROP USER plug_user,plug_dest; DROP USER plug_user,plug_dest;
# #
# GRANT...WITH/CREATE...BY # GRANT...WITH/CREATE...BY
@@ -62,6 +65,7 @@ GRANT ALL ON test_user_db.* TO 'plug_dest'@'%';
--echo 2) --echo 2)
--replace_result $MASTER_MYSOCK MASTER_MYSOCK --replace_result $MASTER_MYSOCK MASTER_MYSOCK
--exec $MYSQL -u plug_user --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1 --exec $MYSQL -u plug_user --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1
--source include/wait_until_count_sessions.inc
DROP USER plug_user,plug_dest; DROP USER plug_user,plug_dest;
--echo ========== test 1.2 ======================================== --echo ========== test 1.2 ========================================
@@ -81,6 +85,7 @@ GRANT PROXY ON new_dest TO plug_user;
--exec $MYSQL -u plug_user --password=new_dest -e "SELECT current_user();SELECT user();" 2>&1 --exec $MYSQL -u plug_user --password=new_dest -e "SELECT current_user();SELECT user();" 2>&1
--sorted_result --sorted_result
SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
--source include/wait_until_count_sessions.inc
DROP USER plug_user,new_dest; DROP USER plug_user,new_dest;
# CREATE...WITH/CREATE...BY # CREATE...WITH/CREATE...BY
@@ -100,6 +105,7 @@ GRANT PROXY ON new_dest TO plug_user;
--exec $MYSQL -u plug_user --password=new_dest -e "SELECT current_user();SELECT user();" 2>&1 --exec $MYSQL -u plug_user --password=new_dest -e "SELECT current_user();SELECT user();" 2>&1
--sorted_result --sorted_result
SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
--source include/wait_until_count_sessions.inc
DROP USER plug_user,new_dest; DROP USER plug_user,new_dest;
# CREATE...WITH # CREATE...WITH
CREATE USER plug_user CREATE USER plug_user

10
mysql-test/main/plugin_auth_qa_2.test
View File

@@ -7,6 +7,7 @@
--source include/not_embedded.inc --source include/not_embedded.inc
#enable view protocol after fix MDEV-29542 #enable view protocol after fix MDEV-29542
--source include/no_view_protocol.inc --source include/no_view_protocol.inc
--source include/count_sessions.inc
CREATE DATABASE test_user_db; CREATE DATABASE test_user_db;
@@ -29,6 +30,7 @@ SELECT @@external_user;
--sorted_result --sorted_result
SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
--source include/wait_until_count_sessions.inc
DROP USER qa_test_1_user; DROP USER qa_test_1_user;
DROP USER qa_test_1_dest; DROP USER qa_test_1_dest;
@@ -52,6 +54,7 @@ SELECT @@external_user;
--sorted_result --sorted_result
SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
--source include/wait_until_count_sessions.inc
DROP USER qa_test_2_user; DROP USER qa_test_2_user;
DROP USER qa_test_2_dest; DROP USER qa_test_2_dest;
DROP USER authenticated_as; DROP USER authenticated_as;
@@ -66,6 +69,7 @@ GRANT PROXY ON qa_test_3_dest TO qa_test_3_user;
--echo exec MYSQL -h localhost -u qa_test_3_user --password=qa_test_3_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1 --echo exec MYSQL -h localhost -u qa_test_3_user --password=qa_test_3_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
--exec $MYSQL -h localhost -u qa_test_3_user --password=qa_test_3_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1 --exec $MYSQL -h localhost -u qa_test_3_user --password=qa_test_3_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
--source include/wait_until_count_sessions.inc
DROP USER qa_test_3_user; DROP USER qa_test_3_user;
DROP USER qa_test_3_dest; DROP USER qa_test_3_dest;
@@ -79,6 +83,7 @@ GRANT PROXY ON qa_test_4_dest TO qa_test_4_user;
--echo exec MYSQL -h localhost -u qa_test_4_user --password=qa_test_4_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1 --echo exec MYSQL -h localhost -u qa_test_4_user --password=qa_test_4_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
--exec $MYSQL -h localhost -u qa_test_4_user --password=qa_test_4_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1 --exec $MYSQL -h localhost -u qa_test_4_user --password=qa_test_4_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
--source include/wait_until_count_sessions.inc
DROP USER qa_test_4_user; DROP USER qa_test_4_user;
DROP USER qa_test_4_dest; DROP USER qa_test_4_dest;
@@ -99,6 +104,7 @@ SELECT user,plugin,authentication_string,password FROM mysql.user WHERE user !=
--error 1 --error 1
--exec $MYSQL -h localhost --user=qa_test_5_user --password=qa_test_5_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1 --exec $MYSQL -h localhost --user=qa_test_5_user --password=qa_test_5_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
--source include/wait_until_count_sessions.inc
DROP USER qa_test_5_user; DROP USER qa_test_5_user;
DROP USER qa_test_5_dest; DROP USER qa_test_5_dest;
DROP USER ''@'localhost'; DROP USER ''@'localhost';
@@ -133,6 +139,7 @@ SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
--error 1 --error 1
--exec $MYSQL -h localhost --user=root --password=qa_test_6_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1 --exec $MYSQL -h localhost --user=root --password=qa_test_6_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
--source include/wait_until_count_sessions.inc
DROP USER qa_test_6_user; DROP USER qa_test_6_user;
DROP USER qa_test_6_dest; DROP USER qa_test_6_dest;
DELETE FROM mysql.user WHERE user='root' AND plugin='qa_auth_interface'; DELETE FROM mysql.user WHERE user='root' AND plugin='qa_auth_interface';
@@ -151,7 +158,6 @@ GRANT PROXY ON qa_test_11_dest TO qa_test_11_user;
--error 1 --error 1
--exec $MYSQL --default_auth=qa_auth_client -h localhost -u qa_test_11_user --password=qa_test_11_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1 --exec $MYSQL --default_auth=qa_auth_client -h localhost -u qa_test_11_user --password=qa_test_11_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
--source include/wait_until_count_sessions.inc
DROP USER qa_test_11_user, qa_test_11_dest; DROP USER qa_test_11_user, qa_test_11_dest;
DROP DATABASE test_user_db; DROP DATABASE test_user_db;
--exit

2
mysql-test/main/ssl_autoverify.test
View File

@@ -121,9 +121,11 @@ inc $mitm_port;
} }
drop function have_ssl; drop function have_ssl;
--disable_warnings
drop user native@'%'; drop user native@'%';
drop user ed@'%'; drop user ed@'%';
drop user nohash@'%'; drop user nohash@'%';
drop user multi@'%'; drop user multi@'%';
--enable_warnings
uninstall plugin ed25519; uninstall plugin ed25519;
uninstall plugin three_attempts; uninstall plugin three_attempts;

3
mysql-test/main/ssl_cipher.test
View File

@@ -8,6 +8,7 @@ CALL mtr.add_suppression("are insecure");
--enable_query_log --enable_query_log
--source include/have_ssl_communication.inc --source include/have_ssl_communication.inc
--source include/count_sessions.inc
if (`select @@version_ssl_library like 'OpenSSL 1.1.1%'`) { if (`select @@version_ssl_library like 'OpenSSL 1.1.1%'`) {
skip OpenSSL 1.1.1; skip OpenSSL 1.1.1;
@@ -43,6 +44,7 @@ connection con4;
SHOW STATUS LIKE 'Ssl_cipher'; SHOW STATUS LIKE 'Ssl_cipher';
disconnect con4; disconnect con4;
connection default; connection default;
--source include/wait_until_count_sessions.inc
drop user ssl_user1@localhost, ssl_user2@localhost, ssl_user3@localhost, ssl_user4@localhost, ssl_user5@localhost; drop user ssl_user1@localhost, ssl_user2@localhost, ssl_user3@localhost, ssl_user4@localhost, ssl_user5@localhost;
# #
@@ -93,6 +95,7 @@ select 'is still running; no cipher request crashed the server' as result from d
create user mysqltest_1@localhost; create user mysqltest_1@localhost;
grant usage on mysqltest.* to mysqltest_1@localhost require cipher "AES256-SHA"; grant usage on mysqltest.* to mysqltest_1@localhost require cipher "AES256-SHA";
--exec $MYSQL -umysqltest_1 --ssl-cipher=AES256-SHA -e "show status like 'ssl_cipher'" 2>&1 --exec $MYSQL -umysqltest_1 --ssl-cipher=AES256-SHA -e "show status like 'ssl_cipher'" 2>&1
--source include/wait_until_count_sessions.inc
drop user mysqltest_1@localhost; drop user mysqltest_1@localhost;
# #

2
mysql-test/main/upgrade_MDEV-19650.result
View File

@@ -279,6 +279,8 @@ GRANT PROXY ON ''@'%' TO 'not_root'@'localhost' WITH GRANT OPTION;
connect con1,localhost,not_root,,; connect con1,localhost,not_root,,;
connection con1; connection con1;
DROP USER 'root'@'localhost'; DROP USER 'root'@'localhost';
Warnings:
Note 4227 Dropped users 'root'@'localhost' have active connections. Use KILL CONNECTION if they should not be used anymore.
DROP USER 'root'@'127.0.0.1'; DROP USER 'root'@'127.0.0.1';
DROP USER 'root'@'::1'; DROP USER 'root'@'::1';
use mysqltest1; use mysqltest1;

6
mysql-test/main/user_limits.test
View File

@@ -89,7 +89,9 @@ disconnect mcph2;
connect (mcph3, localhost, mysqltest_1,,); connect (mcph3, localhost, mysqltest_1,,);
# Cleanup # Cleanup
connection default; connection default;
--disable_warnings
drop user mysqltest_1@localhost; drop user mysqltest_1@localhost;
--enable_warnings
# Test of MAX_USER_CONNECTIONS limit # Test of MAX_USER_CONNECTIONS limit
# We need this to reset internal mqh_used variable # We need this to reset internal mqh_used variable
@@ -135,7 +137,9 @@ connect (muc5, localhost, mysqltest_1,,);
disconnect muc2; disconnect muc2;
disconnect muc3; disconnect muc3;
disconnect muc4; disconnect muc4;
--disable_warnings
drop user mysqltest_1@localhost; drop user mysqltest_1@localhost;
--enable_warnings
# Now let us test interaction between global and per-account # Now let us test interaction between global and per-account
# max_user_connections limits # max_user_connections limits
@@ -201,7 +205,9 @@ connect (muca2, localhost, mysqltest_1,,);
connect (muca3, localhost, mysqltest_1,,); connect (muca3, localhost, mysqltest_1,,);
disconnect muca2; disconnect muca2;
connection default; connection default;
--disable_warnings
drop user mysqltest_1@localhost; drop user mysqltest_1@localhost;
--enable_warnings
# Final cleanup # Final cleanup
drop table t1; drop table t1;

2
mysql-test/main/view_grant.result
View File

@@ -789,6 +789,8 @@ CREATE VIEW v1 AS SELECT * FROM t1;
connection root; connection root;
GRANT SELECT ON db17254.v1 TO inv_17254@localhost; GRANT SELECT ON db17254.v1 TO inv_17254@localhost;
DROP USER def_17254@localhost; DROP USER def_17254@localhost;
Warnings:
Note 4227 Dropped users 'def_17254'@'localhost' have active connections. Use KILL CONNECTION if they should not be used anymore.
connect inv,localhost,inv_17254,,db17254; connect inv,localhost,inv_17254,,db17254;
connection inv; connection inv;
for a user without SET USER for a user without SET USER

2
mysql-test/suite/binlog/t/binlog_grant.test
View File

@@ -195,7 +195,9 @@ call mtr.add_suppression("Access denied; you need (at least one of) the BINLOG R
--remove_file $MYSQLTEST_VARDIR/tmp/mysqlbinlog.sql --remove_file $MYSQLTEST_VARDIR/tmp/mysqlbinlog.sql
--disconnect user1 --disconnect user1
DROP TABLE t2,t1; DROP TABLE t2,t1;
--disable_warnings
DROP USER user1@localhost; DROP USER user1@localhost;
--enable_warnings
--echo # --echo #
--echo # End of 10.5 test --echo # End of 10.5 test

2
mysql-test/suite/binlog_encryption/rpl_ssl.result
View File

@@ -46,6 +46,8 @@ Master_SSL_Key = 'MYSQL_TEST_DIR/std_data/client-key.pem'
include/check_slave_is_running.inc include/check_slave_is_running.inc
connection master; connection master;
drop user replssl@localhost; drop user replssl@localhost;
Warnings:
Note 4227 Dropped users 'replssl'@'localhost' have active connections. Use KILL CONNECTION if they should not be used anymore.
drop table t1; drop table t1;
connection slave; connection slave;
include/stop_slave.inc include/stop_slave.inc

2
mysql-test/suite/engines/funcs/r/rpl_slave_status.result
View File

@@ -30,6 +30,8 @@ n
==== Delete new replication user ==== ==== Delete new replication user ====
connection master; connection master;
DROP USER rpl@127.0.0.1; DROP USER rpl@127.0.0.1;
Warnings:
Note 4240 Dropped users 'rpl'@'127.0.0.1' have active connections. Use KILL CONNECTION if they should not be used anymore.
FLUSH PRIVILEGES; FLUSH PRIVILEGES;
connection slave; connection slave;
==== Restart slave without privileges ===== ==== Restart slave without privileges =====

2
mysql-test/suite/events/events_bugs.result
View File

@@ -659,6 +659,8 @@ Expect 1
1 1
connection default; connection default;
DROP USER evtest1@localhost; DROP USER evtest1@localhost;
Warnings:
Note 4227 Dropped users 'evtest1'@'localhost' have active connections. Use KILL CONNECTION if they should not be used anymore.
Sleep 4 seconds Sleep 4 seconds
SELECT COUNT(*) INTO @row_cnt FROM events_test.event_log; SELECT COUNT(*) INTO @row_cnt FROM events_test.event_log;
Sleep 4 seconds Sleep 4 seconds

2
mysql-test/suite/federated/federated_bug_25714.test
View File

@@ -57,7 +57,9 @@ SELECT LAST_INSERT_ID();
SELECT * from federated.t1; SELECT * from federated.t1;
DROP TABLE federated.t1; DROP TABLE federated.t1;
--disable_warnings
drop user fed@127.0.0.1; drop user fed@127.0.0.1;
--enable_warnings
SET @@GLOBAL.CONCURRENT_INSERT= @OLD_MASTER_CONCURRENT_INSERT; SET @@GLOBAL.CONCURRENT_INSERT= @OLD_MASTER_CONCURRENT_INSERT;
connection slave; connection slave;
DROP TABLE federated.t1; DROP TABLE federated.t1;

2
mysql-test/suite/federated/federated_server.test
View File

@@ -274,7 +274,9 @@ select * from federated.t1;
# clean up test # clean up test
connection slave; connection slave;
disable_warnings;
drop user test_fed@localhost; drop user test_fed@localhost;
enable_warnings;
drop database db_legitimate; drop database db_legitimate;
drop database db_bogus; drop database db_bogus;

2
mysql-test/suite/federated/update.test
View File

@@ -25,7 +25,9 @@ drop table tt1;
connection slave; connection slave;
drop database db1; drop database db1;
disable_warnings;
drop user my@localhost; drop user my@localhost;
enable_warnings;
source include/federated_cleanup.inc; source include/federated_cleanup.inc;

2
mysql-test/suite/galera/r/MW-416.result
View File

@@ -92,6 +92,8 @@ UNINSTALL PLUGIN plg;
Got one of the listed errors Got one of the listed errors
connection node_1; connection node_1;
DROP USER 'userMW416'@'localhost'; DROP USER 'userMW416'@'localhost';
Warnings:
Note 4226 Dropped users 'userMW416'@'localhost' have active connections. Use KILL CONNECTION if they should not be used anymore.
SHOW DATABASES; SHOW DATABASES;
Database Database
information_schema information_schema

2
mysql-test/suite/galera/r/galera_read_only.result
View File

@@ -33,3 +33,5 @@ DROP TABLE t2;
SET GLOBAL read_only=FALSE; SET GLOBAL read_only=FALSE;
DROP TABLE t1; DROP TABLE t1;
DROP USER foo@localhost; DROP USER foo@localhost;
Warnings:
Note 4226 Dropped users 'foo'@'localhost' have active connections. Use KILL CONNECTION if they should not be used anymore.

2
mysql-test/suite/galera/r/galera_roles.result
View File

@@ -167,6 +167,8 @@ disconnect foo_node_2;
# Connect with node_1 # Connect with node_1
connection node_1; connection node_1;
DROP USER foo@localhost; DROP USER foo@localhost;
Warnings:
Note 4226 Dropped users 'foo'@'localhost' have active connections. Use KILL CONNECTION if they should not be used anymore.
DROP DATABASE test1; DROP DATABASE test1;
# #
# MDEV-10566: Create role statement replicated inconsistently in Galera Cluster # MDEV-10566: Create role statement replicated inconsistently in Galera Cluster

2
mysql-test/suite/galera/r/rename.result
View File

@@ -44,5 +44,7 @@ i
1 1
connection node_1; connection node_1;
DROP USER foo@localhost; DROP USER foo@localhost;
Warnings:
Note 4226 Dropped users 'foo'@'localhost' have active connections. Use KILL CONNECTION if they should not be used anymore.
DROP TABLE t2; DROP TABLE t2;
# End of tests # End of tests

9
mysql-test/suite/plugins/t/multiauth.test
View File

@@ -1,4 +1,5 @@
--source include/not_ubsan.inc --source include/not_ubsan.inc
--source include/count_sessions.inc
let $REGEX_VERSION_ID=/$mysql_get_server_version/VERSION_ID/; let $REGEX_VERSION_ID=/$mysql_get_server_version/VERSION_ID/;
let $REGEX_PASSWORD_LAST_CHANGED=/password_last_changed": [0-9]*/password_last_changed": #/; let $REGEX_PASSWORD_LAST_CHANGED=/password_last_changed": [0-9]*/password_last_changed": #/;
@@ -48,6 +49,7 @@ show create user mysqltest1;
--echo # name does not match, password bad = failure --echo # name does not match, password bad = failure
--error 1 --error 1
--exec $try_auth -u mysqltest1 -pbad --exec $try_auth -u mysqltest1 -pbad
--source include/wait_until_count_sessions.inc
--replace_result $dreplace "drop user 'USER'" --replace_result $dreplace "drop user 'USER'"
eval $dreplace, mysqltest1; eval $dreplace, mysqltest1;
@@ -68,6 +70,7 @@ show create user mysqltest1;
--echo # name does not match, password bad = failure --echo # name does not match, password bad = failure
--error 1 --error 1
--exec $try_auth -u mysqltest1 -pbad --exec $try_auth -u mysqltest1 -pbad
--source include/wait_until_count_sessions.inc
--replace_result $dreplace "drop user 'USER'" --replace_result $dreplace "drop user 'USER'"
eval $dreplace, mysqltest1; eval $dreplace, mysqltest1;
@@ -88,6 +91,7 @@ show create user mysqltest1;
--echo # name does not match, password bad = failure --echo # name does not match, password bad = failure
--error 1 --error 1
--exec $try_auth -u mysqltest1 -pbad --exec $try_auth -u mysqltest1 -pbad
--source include/wait_until_count_sessions.inc
--replace_result $dreplace "drop user 'USER'" --replace_result $dreplace "drop user 'USER'"
eval $dreplace, mysqltest1; eval $dreplace, mysqltest1;
@@ -108,6 +112,7 @@ show create user mysqltest1;
--echo # name does not match, password bad = failure --echo # name does not match, password bad = failure
--error 1 --error 1
--exec $try_auth -u mysqltest1 -pbad --exec $try_auth -u mysqltest1 -pbad
--source include/wait_until_count_sessions.inc
--replace_result $dreplace "drop user 'USER'" --replace_result $dreplace "drop user 'USER'"
eval $dreplace, mysqltest1; eval $dreplace, mysqltest1;
@@ -130,6 +135,7 @@ show create user mysqltest1;
--echo # name does not match, password bad = failure --echo # name does not match, password bad = failure
--error 1 --error 1
--exec $try_auth -u mysqltest1 -pbad --exec $try_auth -u mysqltest1 -pbad
--source include/wait_until_count_sessions.inc
--replace_result $dreplace "drop user 'USER'" --replace_result $dreplace "drop user 'USER'"
eval $dreplace, mysqltest1; eval $dreplace, mysqltest1;
@@ -146,6 +152,7 @@ show create user mysqltest1;
--echo # password bad = failure --echo # password bad = failure
--error 1 --error 1
--exec $try_auth -u mysqltest1 -pbad --exec $try_auth -u mysqltest1 -pbad
--source include/wait_until_count_sessions.inc
drop user mysqltest1; drop user mysqltest1;
# #
@@ -198,6 +205,7 @@ show create user mysqltest1;
--echo # SET PASSWORD helps --echo # SET PASSWORD helps
set password for mysqltest1 = password('bla'); set password for mysqltest1 = password('bla');
--exec $try_auth -u mysqltest1 -pbla --exec $try_auth -u mysqltest1 -pbla
--source include/wait_until_count_sessions.inc
--replace_result $dreplace "drop user 'USER'" --replace_result $dreplace "drop user 'USER'"
eval $dreplace, mysqltest1; eval $dreplace, mysqltest1;
@@ -219,6 +227,7 @@ show create user mysqltest1;
--exec $try_auth -u mysqltest1 -pgood --plugin-dir=$plugindir/no --exec $try_auth -u mysqltest1 -pgood --plugin-dir=$plugindir/no
--echo # no plugin, second password works = ok --echo # no plugin, second password works = ok
--exec $try_auth -u mysqltest1 -pworks --plugin-dir=$plugindir/no --exec $try_auth -u mysqltest1 -pworks --plugin-dir=$plugindir/no
--source include/wait_until_count_sessions.inc
drop user mysqltest1; drop user mysqltest1;
uninstall soname 'auth_ed25519'; uninstall soname 'auth_ed25519';

4
mysql-test/suite/plugins/t/pam.test
View File

@@ -1,5 +1,6 @@
let $PAM_PLUGIN_VERSION= $AUTH_PAM_SO; let $PAM_PLUGIN_VERSION= $AUTH_PAM_SO;
--source pam_init.inc --source pam_init.inc
--source include/count_sessions.inc
--write_file $MYSQLTEST_VARDIR/tmp/pam_good.txt --write_file $MYSQLTEST_VARDIR/tmp/pam_good.txt
not very secret challenge not very secret challenge
@@ -83,6 +84,7 @@ alter user test_pam password expire;
--error 1 --error 1
--exec $MYSQL_TEST -u test_pam -pgoodpassword < $MYSQLTEST_VARDIR/tmp/pam_good2.txt --exec $MYSQL_TEST -u test_pam -pgoodpassword < $MYSQLTEST_VARDIR/tmp/pam_good2.txt
--source include/wait_until_count_sessions.inc
drop user test_pam; drop user test_pam;
drop user pam_test; drop user pam_test;
create user PAM_TEST identified via pam using 'mariadb_mtr'; create user PAM_TEST identified via pam using 'mariadb_mtr';
@@ -104,6 +106,7 @@ set global pam_winbind_workaround=1;
--remove_file $MYSQLTEST_VARDIR/tmp/pam_good2.txt --remove_file $MYSQLTEST_VARDIR/tmp/pam_good2.txt
--remove_file $MYSQLTEST_VARDIR/tmp/pam_bad.txt --remove_file $MYSQLTEST_VARDIR/tmp/pam_bad.txt
--remove_file $MYSQLTEST_VARDIR/tmp/pam_ugly.txt --remove_file $MYSQLTEST_VARDIR/tmp/pam_ugly.txt
--source include/wait_until_count_sessions.inc
drop user PAM_TEST; drop user PAM_TEST;
--echo # --echo #
@@ -121,6 +124,7 @@ show create user;
EOF EOF
--exec $MYSQL_TEST -u pam_test < $MYSQLTEST_VARDIR/tmp/setpwd.txt --exec $MYSQL_TEST -u pam_test < $MYSQLTEST_VARDIR/tmp/setpwd.txt
--remove_file $MYSQLTEST_VARDIR/tmp/setpwd.txt --remove_file $MYSQLTEST_VARDIR/tmp/setpwd.txt
--source include/wait_until_count_sessions.inc
drop user pam_test; drop user pam_test;
let $count_sessions= 1; let $count_sessions= 1;

3
mysql-test/suite/plugins/t/parsec.test
View File

@@ -1,5 +1,6 @@
source include/platform.inc; source include/platform.inc;
source include/not_embedded.inc; source include/not_embedded.inc;
source include/count_sessions.inc;
if (`select count(*) = 0 from information_schema.plugins where plugin_name = 'parsec'`) if (`select count(*) = 0 from information_schema.plugins where plugin_name = 'parsec'`)
{ {
@@ -41,6 +42,7 @@ if ($MTR_COMBINATION_WIN) {
--echo # mysql -utest1 -ppwd --ssl-verify-server-cert -e "select test.have_ssl()" --echo # mysql -utest1 -ppwd --ssl-verify-server-cert -e "select test.have_ssl()"
--exec $MYSQL --protocol tcp $host -utest1 -ppwd --ssl-verify-server-cert -e "select test.have_ssl()" 2>&1 --exec $MYSQL --protocol tcp $host -utest1 -ppwd --ssl-verify-server-cert -e "select test.have_ssl()" 2>&1
source include/wait_until_count_sessions.inc;
drop function have_ssl; drop function have_ssl;
drop user test1@'%'; drop user test1@'%';
@@ -57,4 +59,5 @@ disconnect con4;
--error ER_ACCESS_DENIED_ERROR --error ER_ACCESS_DENIED_ERROR
connect con5, localhost, test2, "wrong_pwd"; connect con5, localhost, test2, "wrong_pwd";
connection default; connection default;
source include/wait_until_count_sessions.inc;
drop user test2@'%'; drop user test2@'%';

2
mysql-test/suite/roles/create_and_drop_current.result
View File

@@ -10,6 +10,8 @@ ERROR 42000: You have an error in your SQL syntax; check the manual that corresp
create role current_role; create role current_role;
ERROR HY000: Operation CREATE ROLE failed for CURRENT_ROLE ERROR HY000: Operation CREATE ROLE failed for CURRENT_ROLE
drop user current_user; drop user current_user;
Warnings:
Note 4227 Dropped users 'foo'@'localhost' have active connections. Use KILL CONNECTION if they should not be used anymore.
drop user current_role; drop user current_role;
ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'current_role' at line 1 ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'current_role' at line 1
drop role current_user; drop role current_user;

2
mysql-test/suite/roles/definer.result
View File

@@ -620,6 +620,8 @@ drop view test.v1, test.v2, test.v3, test.v4, test.v5;
drop table t1, t2; drop table t1, t2;
drop role role1, role2; drop role role1, role2;
drop user foo@localhost; drop user foo@localhost;
Warnings:
Note 4227 Dropped users 'foo'@'localhost' have active connections. Use KILL CONNECTION if they should not be used anymore.
drop database mysqltest1; drop database mysqltest1;
use test; use test;
create user utest; create user utest;

2
mysql-test/suite/roles/definer.test
View File

@@ -327,7 +327,9 @@ drop view test.v1, test.v2, test.v3, test.v4, test.v5;
drop table t1, t2; drop table t1, t2;
drop role role1, role2; drop role role1, role2;
drop user foo@localhost; drop user foo@localhost;
--disable_warnings
drop database mysqltest1; drop database mysqltest1;
--enable_warnings
use test; use test;
################################################## ##################################################

2
mysql-test/suite/roles/drop_current_user-5176.result
View File

@@ -2,6 +2,8 @@ create user foo@localhost;
grant create user on *.* to foo@localhost; grant create user on *.* to foo@localhost;
connect foo,localhost,foo,,; connect foo,localhost,foo,,;
drop user foo@localhost; drop user foo@localhost;
Warnings:
Note 4227 Dropped users 'foo'@'localhost' have active connections. Use KILL CONNECTION if they should not be used anymore.
select * from information_schema.applicable_roles; select * from information_schema.applicable_roles;
GRANTEE ROLE_NAME IS_GRANTABLE IS_DEFAULT GRANTEE ROLE_NAME IS_GRANTABLE IS_DEFAULT
show grants; show grants;

2
mysql-test/suite/rpl/r/rpl_password_boundaries.result
View File

@@ -54,6 +54,8 @@ ERROR HY000: String 'воттакойужпарольвоттакойужпар
connection master; connection master;
set sql_log_bin=0; set sql_log_bin=0;
drop user rpl32@127.0.0.1, rpl33@127.0.0.1, rpl16cyr@127.0.0.1, rpl17mix@127.0.0.1; drop user rpl32@127.0.0.1, rpl33@127.0.0.1, rpl16cyr@127.0.0.1, rpl17mix@127.0.0.1;
Warnings:
Note 4227 Dropped users 'rpl16cyr'@'127.0.0.1' have active connections. Use KILL CONNECTION if they should not be used anymore.
set sql_log_bin=1; set sql_log_bin=1;
connection slave; connection slave;
change master to master_user='root',master_password=''; change master to master_user='root',master_password='';

2
mysql-test/suite/rpl/r/rpl_perfschema_connect_config.result
View File

@@ -57,6 +57,8 @@ include/assert.inc [Value returned by SSS and PS table for SSL_Key should be sam
include/assert.inc [Value returned by SSS and PS table for SSL_Verify_Server_Certificate should be same.] include/assert.inc [Value returned by SSS and PS table for SSL_Verify_Server_Certificate should be same.]
connection master; connection master;
drop user replssl@localhost; drop user replssl@localhost;
Warnings:
Note 4227 Dropped users 'replssl'@'localhost' have active connections. Use KILL CONNECTION if they should not be used anymore.
connection slave; connection slave;
include/stop_slave.inc include/stop_slave.inc
CHANGE MASTER TO CHANGE MASTER TO

2
mysql-test/suite/rpl/r/rpl_slave_alias_replica.result
View File

@@ -22,6 +22,8 @@ connection slave;
connection master; connection master;
"Command: SHOW SLAVE HOSTS --> SHOW REPLICA HOSTS" "Command: SHOW SLAVE HOSTS --> SHOW REPLICA HOSTS"
DROP USER 'repl_user'; DROP USER 'repl_user';
Warnings:
Note 4227 Dropped users 'repl_user'@'%' have active connections. Use KILL CONNECTION if they should not be used anymore.
connection slave; connection slave;
"Command: SHOW SLAVE IO/SQL THREAD --> SHOW REPLICA IO/SQL THREAD" "Command: SHOW SLAVE IO/SQL THREAD --> SHOW REPLICA IO/SQL THREAD"
STOP REPLICA IO_THREAD; STOP REPLICA IO_THREAD;

2
mysql-test/suite/rpl/r/rpl_slave_restart_long_password.result
View File

@@ -18,6 +18,8 @@ include/check_slave_param.inc [Slave_IO_Running]
connection master; connection master;
SET SQL_LOG_BIN=0; SET SQL_LOG_BIN=0;
DROP USER rpl@127.0.0.1; DROP USER rpl@127.0.0.1;
Warnings:
Note 4227 Dropped users 'rpl'@'127.0.0.1' have active connections. Use KILL CONNECTION if they should not be used anymore.
FLUSH PRIVILEGES; FLUSH PRIVILEGES;
SET SQL_LOG_BIN=1; SET SQL_LOG_BIN=1;
connection slave; connection slave;

2
mysql-test/suite/rpl/r/rpl_slave_status.result
View File

@@ -30,6 +30,8 @@ n
==== Delete new replication user ==== ==== Delete new replication user ====
connection master; connection master;
DROP USER rpl@127.0.0.1; DROP USER rpl@127.0.0.1;
Warnings:
Note 4227 Dropped users 'rpl'@'127.0.0.1' have active connections. Use KILL CONNECTION if they should not be used anymore.
FLUSH PRIVILEGES; FLUSH PRIVILEGES;
connection slave; connection slave;
==== Restart slave without privileges ===== ==== Restart slave without privileges =====

4
mysql-test/suite/rpl/r/rpl_ssl.result
View File

@@ -46,6 +46,8 @@ Master_SSL_Key = 'MYSQL_TEST_DIR/std_data/client-key.pem'
include/check_slave_is_running.inc include/check_slave_is_running.inc
connection master; connection master;
drop user replssl@localhost; drop user replssl@localhost;
Warnings:
Note 4227 Dropped users 'replssl'@'localhost' have active connections. Use KILL CONNECTION if they should not be used anymore.
drop table t1; drop table t1;
connection slave; connection slave;
include/stop_slave.inc include/stop_slave.inc
@@ -55,5 +57,5 @@ master_ssl = 1,
master_ssl_ca = '', master_ssl_ca = '',
master_ssl_cert = '', master_ssl_cert = '',
master_ssl_key = ''; master_ssl_key = '';
End of 5.0 tests # End of 5.0 tests
include/rpl_end.inc include/rpl_end.inc

2
mysql-test/suite/rpl/r/rpl_ssl1.result
View File

@@ -112,6 +112,8 @@ master_ssl_verify_server_cert=0,
master_ssl=1; master_ssl=1;
connection master; connection master;
drop user replssl@127.0.0.1; drop user replssl@127.0.0.1;
Warnings:
Note 4227 Dropped users 'replssl'@'127.0.0.1' have active connections. Use KILL CONNECTION if they should not be used anymore.
connection slave; connection slave;
drop user replssl@127.0.0.1; drop user replssl@127.0.0.1;
include/rpl_end.inc include/rpl_end.inc

2
mysql-test/suite/rpl/t/rpl_ssl1.test
View File

@@ -61,7 +61,9 @@ change master to master_user='root',master_password='', master_ssl=0;
start slave; start slave;
--source include/wait_for_slave_to_start.inc --source include/wait_for_slave_to_start.inc
connection master; connection master;
disable_warnings;
drop user replssl@localhost; drop user replssl@localhost;
enable_warnings;
drop table t1; drop table t1;
sync_slave_with_master; sync_slave_with_master;

2
sql/share/errmsg-utf8.txt
View File

@@ -12330,3 +12330,5 @@ ER_WARN_HINTS_ON_INSERT_PART_OF_INSERT_SELECT
eng "Optimizer hints at the INSERT part of a INSERT..SELECT statement are not supported" eng "Optimizer hints at the INSERT part of a INSERT..SELECT statement are not supported"
ER_INIT_SLAVE_ERROR ER_INIT_SLAVE_ERROR
eng "Slave SQL thread aborted. Can't execute init_slave query due to error code %u: %s" eng "Slave SQL thread aborted. Can't execute init_slave query due to error code %u: %s"
ER_ACTIVE_CONNECTIONS_FOR_USER_TO_DROP
eng "Dropped users %s have active connections. Use KILL CONNECTION if they should not be used anymore."

114
sql/sql_acl.cc
View File

@@ -172,7 +172,7 @@ public:
LEX_CSTRING user; LEX_CSTRING user;
/* list to hold references to granted roles (ACL_ROLE instances) */ /* list to hold references to granted roles (ACL_ROLE instances) */
DYNAMIC_ARRAY role_grants; DYNAMIC_ARRAY role_grants;
const char *get_username() { return user.str; } const char *get_username() const { return user.str; }
}; };
class ACL_USER_PARAM class ACL_USER_PARAM
@@ -205,6 +205,23 @@ public:
DBUG_ASSERT(host.hostname[hostname_length] == '\0'); DBUG_ASSERT(host.hostname[hostname_length] == '\0');
return Lex_ident_host(host.hostname, hostname_length); return Lex_ident_host(host.hostname, hostname_length);
} }
void disable_new_connections()
{
dont_accept_conn= true;
}
bool dont_accept_new_connections() const
{
return dont_accept_conn;
}
protected:
/*
Ephemeral state (meaning it is not stored anywhere in the Data Dictionary)
to disable establishing sessions in case the user is being dropped.
*/
bool dont_accept_conn= false;
}; };
@@ -11345,6 +11362,66 @@ bool mysql_create_user(THD *thd, List <LEX_USER> &list, bool handle_as_role)
DBUG_RETURN(result); DBUG_RETURN(result);
} }
/**
Callback function invoked for every active THD to find a first session
established by specified user
@param[in] thd Thread context
@param arg Account info for that checks presence of an active
connection
@return true on matching, else false
*/
static my_bool count_threads_callback(THD *thd,
LEX_USER *arg)
{
if (thd->security_ctx->user)
{
/*
Check that hostname (if given) and user name matches.
*/
if (!strcmp(arg->host.str, thd->main_security_ctx.priv_host) &&
!strcmp(arg->user.str, thd->main_security_ctx.priv_user) &&
(thd->killed & ~KILL_HARD_BIT) != KILL_CONNECTION)
return true;
}
return false;
}
/**
Check presence of an active connection established on behalf the user
@param[in] user User credential for that checks presence of an active
connection
@return true on presence connection, else false
*/
static bool exist_active_sessions_for_user(LEX_USER *user)
{
return server_threads.iterate(count_threads_callback, user);
}
/**
Find the specified user and mark it as not accepting incoming sessions
@param user_name the user for that accept of incoming connections
should be disabled
*/
static void disable_connections_for_user(LEX_USER *user)
{
ACL_USER *found_user= find_user_exact(user->host, user->user);
if (found_user != nullptr)
found_user->disable_new_connections();
}
/* /*
Drop a list of users and all their privileges. Drop a list of users and all their privileges.
@@ -11381,6 +11458,11 @@ bool mysql_drop_user(THD *thd, List <LEX_USER> &list, bool handle_as_role)
mysql_rwlock_wrlock(&LOCK_grant); mysql_rwlock_wrlock(&LOCK_grant);
mysql_mutex_lock(&acl_cache->lock); mysql_mutex_lock(&acl_cache->lock);
/*
String for storing a comma separated list of users that specified
at the DROP USER statement being processed and have active connections
*/
String connected_users;
while ((tmp_user_name= user_list++)) while ((tmp_user_name= user_list++))
{ {
int rc; int rc;
@@ -11403,6 +11485,28 @@ bool mysql_drop_user(THD *thd, List <LEX_USER> &list, bool handle_as_role)
continue; continue;
} }
if (!handle_as_role)
{
if (exist_active_sessions_for_user(user_name))
{
if ((thd->variables.sql_mode & MODE_ORACLE))
{
append_user(thd, &wrong_users, user_name);
result= TRUE;
continue;
}
else
append_user(thd, &connected_users, user_name);
}
/*
Prevent new connections to be established on behalf the user
being dropped.
*/
disable_connections_for_user(user_name);
}
if ((rc= handle_grant_data(thd, tables, 1, user_name, NULL)) > 0) if ((rc= handle_grant_data(thd, tables, 1, user_name, NULL)) > 0)
{ {
// The user or role was successfully deleted // The user or role was successfully deleted
@@ -11431,6 +11535,12 @@ bool mysql_drop_user(THD *thd, List <LEX_USER> &list, bool handle_as_role)
result= TRUE; result= TRUE;
} }
if (!connected_users.is_empty())
push_warning_printf(thd, Sql_condition::WARN_LEVEL_NOTE,
ER_ACTIVE_CONNECTIONS_FOR_USER_TO_DROP,
ER_THD(thd, ER_ACTIVE_CONNECTIONS_FOR_USER_TO_DROP),
connected_users.c_ptr_safe());
if (!handle_as_role) if (!handle_as_role)
{ {
/* Rebuild 'acl_check_hosts' since 'acl_users' has been modified */ /* Rebuild 'acl_check_hosts' since 'acl_users' has been modified */
@@ -13917,7 +14027,7 @@ static bool find_mpvio_user(MPVIO_EXT *mpvio)
ACL_USER *user= find_user_or_anon(sctx->host, sctx->user, sctx->ip); ACL_USER *user= find_user_or_anon(sctx->host, sctx->user, sctx->ip);
if (user) if (user && !user->dont_accept_new_connections())
mpvio->acl_user= user->copy(mpvio->auth_info.thd->mem_root); mpvio->acl_user= user->copy(mpvio->auth_info.thd->mem_root);
mysql_mutex_unlock(&acl_cache->lock); mysql_mutex_unlock(&acl_cache->lock);

2
storage/spider/mysql-test/spider/bugfix/r/direct_sql_with_comma_pwd.result
View File

@@ -27,6 +27,8 @@ connection master_1;
DROP DATABASE IF EXISTS auto_test_local; DROP DATABASE IF EXISTS auto_test_local;
connection child2_1; connection child2_1;
DROP USER tu@'%'; DROP USER tu@'%';
Warnings:
Note 4227 Dropped users 'tu'@'%' have active connections. Use KILL CONNECTION if they should not be used anymore.
for master_1 for master_1
for child2 for child2
child2_1 child2_1

2
storage/spider/mysql-test/spider/bugfix/t/mdev_34589.test
View File

@@ -15,7 +15,9 @@ CREATE TABLE t2 (c INT) ENGINE=Spider COMMENT='WRAPPER "mysql", SRV "srv", TABLE
CHECK TABLE t2; CHECK TABLE t2;
drop table t1, t2; drop table t1, t2;
drop server srv; drop server srv;
--disable_warnings
drop user spider@localhost; drop user spider@localhost;
--enable_warnings
--disable_query_log --disable_query_log
--disable_result_log --disable_result_log