Bug #59657: Move the client authentication_pam plugin into the server repository

Created a clear text built in client authentication plugin.
Test case added.
Added a negative test case : a login failure.

mysql-test/include/plugin.defs

@@ -27,7 +27,7 @@
 # with name1, name2 etc from the comma separated list of plugin names
 # in the optional 4th argument.
 
-auth_test_plugin   plugin/auth        PLUGIN_AUTH      test_plugin_server
+auth_test_plugin   plugin/auth        PLUGIN_AUTH      test_plugin_server,cleartext_plugin_server
 qa_auth_interface  plugin/auth        PLUGIN_AUTH_INTERFACE qa_auth_interface
 qa_auth_server     plugin/auth        PLUGIN_AUTH_SERVER    qa_auth_server
 qa_auth_client     plugin/auth        PLUGIN_AUTH_CLIENT    qa_auth_client

mysql-test/r/plugin_auth.result

@@ -330,4 +330,16 @@ mysqld is alive
 # Executing 'mysqldump'
 # Executing 'mysql_upgrade'
 The --upgrade-system-tables option was used, databases won't be touched.
+#
+# Bug #59657: Move the client authentication_pam plugin into the 
+#  server repository
+#
+CREATE USER uplain@localhost IDENTIFIED WITH 'cleartext_plugin_server'
+  AS 'cleartext_test';
+## test plugin auth
+ERROR 28000: Access denied for user 'uplain'@'localhost' (using password: YES)
+select USER(),CURRENT_USER();
+USER()	CURRENT_USER()
+uplain@localhost	uplain@localhost
+DROP USER uplain@localhost;
 End of 5.5 tests

mysql-test/t/plugin_auth.test

@@ -411,4 +411,26 @@ FLUSH PRIVILEGES;
 --echo # Executing 'mysql_upgrade'
 --exec $MYSQL_UPGRADE -u root -S $MASTER_MYSOCK -P $MASTER_MYPORT --default-auth=auth_test_plugin $PLUGIN_AUTH_OPT --skip-verbose --force --upgrade-system-tables
 
+--echo #
+--echo # Bug #59657: Move the client authentication_pam plugin into the 
+--echo #  server repository
+--echo #
+
+CREATE USER uplain@localhost IDENTIFIED WITH 'cleartext_plugin_server'
+  AS 'cleartext_test';
+
+--echo ## test plugin auth
+--disable_query_log
+--error ER_ACCESS_DENIED_ERROR : this should fail : no grant
+connect(cleartext_fail_con,localhost,uplain,cleartext_test2);
+--enable_query_log
+
+connect(cleartext_con,localhost,uplain,cleartext_test);
+connection cleartext_con;
+select USER(),CURRENT_USER();
+
+connection default;
+disconnect cleartext_con;
+DROP USER uplain@localhost;
+
 --echo End of 5.5 tests

plugin/auth/test_plugin.c

@@ -82,6 +82,36 @@ static struct st_mysql_auth auth_test_handler=
   auth_test_plugin
 };
 
+/**
+  dialog test plugin mimicking the ordinary auth mechanism. Used to test the clear text plugin API
+*/
+static int auth_cleartext_plugin(MYSQL_PLUGIN_VIO *vio, 
+                                 MYSQL_SERVER_AUTH_INFO *info)
+{
+  unsigned char *pkt;
+  int pkt_len;
+
+  /* read the password */
+  if ((pkt_len= vio->read_packet(vio, &pkt)) < 0)
+    return CR_ERROR;
+
+  info->password_used= PASSWORD_USED_YES;
+
+  /* fail if the password is wrong */
+  if (strcmp((const char *) pkt, info->auth_string))
+    return CR_ERROR;
+
+  return CR_OK;
+}
+
+
+static struct st_mysql_auth auth_cleartext_handler=
+{
+  MYSQL_AUTHENTICATION_INTERFACE_VERSION,
+  "mysql_clear_password", /* requires the clear text plugin */
+  auth_cleartext_plugin
+};
+
 mysql_declare_plugin(test_plugin)
 {
   MYSQL_AUTHENTICATION_PLUGIN,
@@ -96,9 +126,24 @@ mysql_declare_plugin(test_plugin)
   NULL,
   NULL,
   NULL
+},
+{
+  MYSQL_AUTHENTICATION_PLUGIN,
+  &auth_cleartext_handler,
+  "cleartext_plugin_server",
+  "Georgi Kodinov",
+  "cleartext plugin API test plugin",
+  PLUGIN_LICENSE_GPL,
+  NULL,
+  NULL,
+  0x0100,
+  NULL,
+  NULL,
+  NULL
 }
 mysql_declare_plugin_end;
 
+
 /********************* CLIENT SIDE ***************************************/
 /*
   client plugin used for testing the plugin API

sql-common/client.c

@@ -2261,6 +2261,7 @@ typedef struct st_mysql_client_plugin_AUTHENTICATION auth_plugin_t;
 static int client_mpvio_write_packet(struct st_plugin_vio*, const uchar*, int);
 static int native_password_auth_client(MYSQL_PLUGIN_VIO *vio, MYSQL *mysql);
 static int old_password_auth_client(MYSQL_PLUGIN_VIO *vio, MYSQL *mysql);
+static int clear_password_auth_client(MYSQL_PLUGIN_VIO *vio, MYSQL *mysql);
 
 static auth_plugin_t native_password_client_plugin=
 {
@@ -2294,10 +2295,27 @@ static auth_plugin_t old_password_client_plugin=
   old_password_auth_client
 };
 
+static auth_plugin_t clear_password_client_plugin=
+{
+  MYSQL_CLIENT_AUTHENTICATION_PLUGIN,
+  MYSQL_CLIENT_AUTHENTICATION_PLUGIN_INTERFACE_VERSION,
+  "mysql_clear_password",
+  "Georgi Kodinov",
+  "Clear password authentication plugin",
+  {0,1,0},
+  "GPL",
+  NULL,
+  NULL,
+  NULL,
+  NULL,
+  clear_password_auth_client
+};
+
 struct st_mysql_client_plugin *mysql_client_builtins[]=
 {
   (struct st_mysql_client_plugin *)&native_password_client_plugin,
   (struct st_mysql_client_plugin *)&old_password_client_plugin,
+  (struct st_mysql_client_plugin *)&clear_password_client_plugin,
   0
 };
 
@@ -4271,3 +4289,20 @@ static int old_password_auth_client(MYSQL_PLUGIN_VIO *vio, MYSQL *mysql)
 
   DBUG_RETURN(CR_OK);
 }
+
+/**
+  The main function of the mysql_clear_password authentication plugin.
+*/
+
+static int clear_password_auth_client(MYSQL_PLUGIN_VIO *vio, MYSQL *mysql)
+{
+  int res;
+
+  /* send password in clear text */
+  res= vio->write_packet(vio, (const unsigned char *) mysql->passwd, 
+						 strlen(mysql->passwd) + 1);
+
+  return res ? CR_ERROR : CR_OK;
+}
+
+