1berry/MariaDB-server
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'github/10.4' into 10.4

Browse Source
This commit is contained in:
Sergei Golubchik 2021-02-23 10:35:16 +01:00
commit 245d33db4e
4 changed files with 42 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
mysql-test/main/lock_user.result
View File

@ -156,6 +156,7 @@ alter user user1@localhost PASSWORD EXPIRE NEVER ACCOUNT UNLOCK ;
show create user user1@localhost; show create user user1@localhost;
CREATE USER for user1@localhost CREATE USER for user1@localhost
CREATE USER `user1`@`localhost` PASSWORD EXPIRE CREATE USER `user1`@`localhost` PASSWORD EXPIRE
ALTER USER `user1`@`localhost` PASSWORD EXPIRE NEVER
alter user user1@localhost ACCOUNT LOCK PASSWORD EXPIRE DEFAULT; alter user user1@localhost ACCOUNT LOCK PASSWORD EXPIRE DEFAULT;
show create user user1@localhost; show create user user1@localhost;
CREATE USER for user1@localhost CREATE USER for user1@localhost
@ -167,5 +168,6 @@ localhost user1 {"access":0,"plugin":"mysql_native_password","authentication_str
show create user user1@localhost; show create user user1@localhost;
CREATE USER for user1@localhost CREATE USER for user1@localhost
CREATE USER `user1`@`localhost` PASSWORD EXPIRE CREATE USER `user1`@`localhost` PASSWORD EXPIRE
ALTER USER `user1`@`localhost` PASSWORD EXPIRE INTERVAL 60 DAY
drop user user1@localhost; drop user user1@localhost;
drop user user2@localhost; drop user user2@localhost;

5
mysql-test/main/password_expiration.result
View File

@ -125,6 +125,7 @@ alter user user1@localhost password expire;
show create user user1@localhost; show create user user1@localhost;
CREATE USER for user1@localhost CREATE USER for user1@localhost
CREATE USER `user1`@`localhost` PASSWORD EXPIRE CREATE USER `user1`@`localhost` PASSWORD EXPIRE
ALTER USER `user1`@`localhost` PASSWORD EXPIRE INTERVAL 123 DAY
set password for user1@localhost= password(''); set password for user1@localhost= password('');
show create user user1@localhost; show create user user1@localhost;
CREATE USER for user1@localhost CREATE USER for user1@localhost
@ -151,10 +152,12 @@ alter user user1@localhost password expire;
show create user user1@localhost; show create user user1@localhost;
CREATE USER for user1@localhost CREATE USER for user1@localhost
CREATE USER `user1`@`localhost` PASSWORD EXPIRE CREATE USER `user1`@`localhost` PASSWORD EXPIRE
ALTER USER `user1`@`localhost` PASSWORD EXPIRE NEVER
flush privileges; flush privileges;
show create user user1@localhost; show create user user1@localhost;
CREATE USER for user1@localhost CREATE USER for user1@localhost
CREATE USER `user1`@`localhost` PASSWORD EXPIRE CREATE USER `user1`@`localhost` PASSWORD EXPIRE
ALTER USER `user1`@`localhost` PASSWORD EXPIRE NEVER
set password for user1@localhost= password(''); set password for user1@localhost= password('');
alter user user1@localhost password expire default; alter user user1@localhost password expire default;
show create user user1@localhost; show create user user1@localhost;
@ -184,10 +187,12 @@ alter user user1@localhost password expire;
show create user user1@localhost; show create user user1@localhost;
CREATE USER for user1@localhost CREATE USER for user1@localhost
CREATE USER `user1`@`localhost` PASSWORD EXPIRE CREATE USER `user1`@`localhost` PASSWORD EXPIRE
ALTER USER `user1`@`localhost` PASSWORD EXPIRE NEVER
flush privileges; flush privileges;
show create user user1@localhost; show create user user1@localhost;
CREATE USER for user1@localhost CREATE USER for user1@localhost
CREATE USER `user1`@`localhost` PASSWORD EXPIRE CREATE USER `user1`@`localhost` PASSWORD EXPIRE
ALTER USER `user1`@`localhost` PASSWORD EXPIRE NEVER
set global disconnect_on_expired_password=ON; set global disconnect_on_expired_password=ON;
connect(localhost,user1,,test,MYSQL_PORT,MYSQL_SOCK); connect(localhost,user1,,test,MYSQL_PORT,MYSQL_SOCK);
connect con1,localhost,user1; connect con1,localhost,user1;

1
mysql-test/main/system_mysql_db_507.result
View File

@ -214,6 +214,7 @@ alter user user@localhost password expire;
show create user user@localhost; show create user user@localhost;
CREATE USER for user@localhost CREATE USER for user@localhost
CREATE USER `user`@`localhost` PASSWORD EXPIRE CREATE USER `user`@`localhost` PASSWORD EXPIRE
ALTER USER `user`@`localhost` PASSWORD EXPIRE INTERVAL 123 DAY
set password for user@localhost= password(''); set password for user@localhost= password('');
show create user user@localhost; show create user user@localhost;
CREATE USER for user@localhost CREATE USER for user@localhost

42
sql/sql_acl.cc
View File

@ -8902,6 +8902,16 @@ static bool print_grants_for_role(THD *thd, ACL_ROLE * role)
} }
static void append_auto_expiration_policy(ACL_USER *acl_user, String *r) {
if (!acl_user->password_lifetime)
r->append(STRING_WITH_LEN(" PASSWORD EXPIRE NEVER"));
else if (acl_user->password_lifetime > 0)
{
r->append(STRING_WITH_LEN(" PASSWORD EXPIRE INTERVAL "));
r->append_longlong(acl_user->password_lifetime);
r->append(STRING_WITH_LEN(" DAY"));
}
}
bool mysql_show_create_user(THD *thd, LEX_USER *lex_user) bool mysql_show_create_user(THD *thd, LEX_USER *lex_user)
{ {
@ -8961,14 +8971,8 @@ bool mysql_show_create_user(THD *thd, LEX_USER *lex_user)
if (acl_user->password_expired) if (acl_user->password_expired)
result.append(STRING_WITH_LEN(" PASSWORD EXPIRE")); result.append(STRING_WITH_LEN(" PASSWORD EXPIRE"));
else if (!acl_user->password_lifetime) else
result.append(STRING_WITH_LEN(" PASSWORD EXPIRE NEVER")); append_auto_expiration_policy(acl_user, &result);
else if (acl_user->password_lifetime > 0)
{
result.append(STRING_WITH_LEN(" PASSWORD EXPIRE INTERVAL "));
result.append_longlong(acl_user->password_lifetime);
result.append(STRING_WITH_LEN(" DAY"));
}
protocol->prepare_for_resend(); protocol->prepare_for_resend();
protocol->store(result.ptr(), result.length(), result.charset()); protocol->store(result.ptr(), result.length(), result.charset());
@ -8976,6 +8980,28 @@ bool mysql_show_create_user(THD *thd, LEX_USER *lex_user)
{ {
error= true; error= true;
} }
/* MDEV-24114 - PASSWORD EXPIRE and PASSWORD EXPIRE [NEVER | INTERVAL X DAY]
are two different mechanisms. To make sure a tool can restore the state
of a user account, including both the manual expiration state of the
account and the automatic expiration policy attached to it, we should
print two statements here, a CREATE USER (printed above) and an ALTER USER */
if (acl_user->password_expired && acl_user->password_lifetime > -1) {
result.length(0);
result.append("ALTER USER ");
append_identifier(thd, &result, username, strlen(username));
result.append('@');
append_identifier(thd, &result, acl_user->host.hostname,
acl_user->hostname_length);
append_auto_expiration_policy(acl_user, &result);
protocol->prepare_for_resend();
protocol->store(result.ptr(), result.length(), result.charset());
if (protocol->write())
{
error= true;
}
}
my_eof(thd); my_eof(thd);
end: end: