MDEV-26647 (plugin name) Include password validation plugin information in the error message if the SQL statement is not satisfied password policy
Add plugin name to the error message.
This commit is contained in:
Oleksandr Byelkin
parent
0ee1082bd2
commit
cc6bba008d
@ -8,7 +8,7 @@ simple_password_check
|
||||
#
|
||||
CREATE USER user1@localhost IDENTIFIED BY 'BsG9#9.cem#!85';
|
||||
CREATE USER user2@localhost IDENTIFIED BY 'bsg9#d.cem#!85';
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
|
||||
DROP USER user1@localhost;
|
||||
include/show_binlog_events.inc
|
||||
Log_name Pos Event_type Server_id End_log_pos Info
|
||||
|
||||
@ -14,29 +14,29 @@ LOAD_OPTION ON
|
||||
PLUGIN_MATURITY Stable
|
||||
PLUGIN_AUTH_VERSION 1.0
|
||||
grant select on *.* to foocar identified by 'foocar';
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements (cracklib_password_check)
|
||||
show warnings;
|
||||
Level Code Message
|
||||
Warning 1819 cracklib: it is based on your username
|
||||
Error 1819 Your password does not satisfy the current policy requirements
|
||||
Error 1819 Your password does not satisfy the current policy requirements (cracklib_password_check)
|
||||
grant select on *.* to foocar identified by 'racoof';
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements (cracklib_password_check)
|
||||
show warnings;
|
||||
Level Code Message
|
||||
Warning 1819 cracklib: it is based on your username
|
||||
Error 1819 Your password does not satisfy the current policy requirements
|
||||
Error 1819 Your password does not satisfy the current policy requirements (cracklib_password_check)
|
||||
grant select on *.* to foo@barbar identified by 'barbar';
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements (cracklib_password_check)
|
||||
show warnings;
|
||||
Level Code Message
|
||||
Warning 1819 cracklib: it does not contain enough DIFFERENT characters
|
||||
Error 1819 Your password does not satisfy the current policy requirements
|
||||
Error 1819 Your password does not satisfy the current policy requirements (cracklib_password_check)
|
||||
grant select on *.* to foobar identified by 'qwerty';
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements (cracklib_password_check)
|
||||
show warnings;
|
||||
Level Code Message
|
||||
Warning 1819 cracklib: it is based on a dictionary word
|
||||
Error 1819 Your password does not satisfy the current policy requirements
|
||||
Error 1819 Your password does not satisfy the current policy requirements (cracklib_password_check)
|
||||
grant select on *.* to foobar identified by 'q$%^&*rty';
|
||||
drop user foobar;
|
||||
#
|
||||
@ -44,7 +44,7 @@ drop user foobar;
|
||||
# when using cracklib plugin
|
||||
#
|
||||
create user 'newuser'@'localhost';
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements (cracklib_password_check)
|
||||
uninstall plugin cracklib_password_check;
|
||||
create user foo1 identified by 'pwd';
|
||||
drop user foo1;
|
||||
|
||||
@ -71,13 +71,13 @@ ENUM_VALUE_LIST NULL
|
||||
READ_ONLY NO
|
||||
COMMAND_LINE_ARGUMENT REQUIRED
|
||||
create user foo1 identified by 'pwd';
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
|
||||
create user foo1;
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
|
||||
grant select on *.* to foo1 identified by 'pwd';
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
|
||||
grant select on *.* to `FooBar1!` identified by 'FooBar1!';
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
|
||||
grant select on *.* to `BarFoo1!` identified by 'FooBar1!';
|
||||
drop user `BarFoo1!`;
|
||||
create user foo1 identified by 'aA.12345';
|
||||
@ -99,28 +99,28 @@ simple_password_check_other_characters 3
|
||||
create user foo1 identified by '123:qwe:ASD!';
|
||||
drop user foo1;
|
||||
create user foo1 identified by '-23:qwe:ASD!';
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
|
||||
create user foo1 identified by '123:4we:ASD!';
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
|
||||
create user foo1 identified by '123:qwe:4SD!';
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
|
||||
create user foo1 identified by '123:qwe:ASD4';
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
|
||||
create user foo1 identified by '123:qwe:ASD!';
|
||||
set password for foo1 = password('qwe:-23:ASD!');
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
|
||||
set password for foo1 = old_password('4we:123:ASD!');
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
|
||||
set password for foo1 = password('qwe:123:4SD!');
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
|
||||
set password for foo1 = old_password('qwe:123:ASD4');
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
|
||||
set password for foo1 = password('qwe:123:ASD!');
|
||||
select @@strict_password_validation;
|
||||
@@strict_password_validation
|
||||
1
|
||||
set password for foo1 = '';
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
|
||||
set password for foo1 = '2222222222222222';
|
||||
ERROR HY000: The MariaDB server is running with the --strict-password-validation option so it cannot execute this statement
|
||||
set password for foo1 = '11111111111111111111111111111111111111111';
|
||||
@ -134,13 +134,13 @@ ERROR HY000: The MariaDB server is running with the --strict-password-validation
|
||||
grant select on *.* to foo2 identified with mysql_old_password using '2222222222222222';
|
||||
ERROR HY000: The MariaDB server is running with the --strict-password-validation option so it cannot execute this statement
|
||||
create user foo2 identified with mysql_native_password using '';
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
|
||||
grant select on *.* to foo2 identified with mysql_old_password;
|
||||
ERROR 28000: Can't find any matching row in the user table
|
||||
update mysql.user set password='xxx' where user='foo1';
|
||||
set global strict_password_validation=0;
|
||||
set password for foo1 = '';
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
|
||||
set password for foo1 = '2222222222222222';
|
||||
set password for foo1 = '11111111111111111111111111111111111111111';
|
||||
create user foo2 identified by password '11111111111111111111111111111111111111111';
|
||||
|
||||
@ -5,16 +5,16 @@ install soname "cracklib_password_check";
|
||||
grant select on *.* to foobar identified by 'q$%^&*R1234ty';
|
||||
drop user foobar;
|
||||
grant select on *.* to Fff_fff1 identified by '1fff_ffF';
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements (cracklib_password_check)
|
||||
show warnings;
|
||||
Level Code Message
|
||||
Warning 1819 cracklib: it does not contain enough DIFFERENT characters
|
||||
Error 1819 Your password does not satisfy the current policy requirements
|
||||
Error 1819 Your password does not satisfy the current policy requirements (cracklib_password_check)
|
||||
grant select on *.* to foobar identified by 'q-%^&*rty';
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements
|
||||
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
|
||||
show warnings;
|
||||
Level Code Message
|
||||
Error 1819 Your password does not satisfy the current policy requirements
|
||||
Error 1819 Your password does not satisfy the current policy requirements (simple_password_check)
|
||||
uninstall plugin simple_password_check;
|
||||
grant select on *.* to foobar identified by 'q-%^&*rty';
|
||||
drop user foobar;
|
||||
|
||||
@ -6925,7 +6925,8 @@ ER_INVALID_YEAR_COLUMN_LENGTH
|
||||
rus "Тип YEAR(%lu) более не поддерживается, вместо него будет создана колонка с типом YEAR(4)"
|
||||
|
||||
ER_NOT_VALID_PASSWORD
|
||||
eng "Your password does not satisfy the current policy requirements"
|
||||
eng "Your password does not satisfy the current policy requirements (%s)"
|
||||
ukr "Ваш пароль не відповідає поточним правилам (%s)"
|
||||
|
||||
ER_MUST_CHANGE_PASSWORD
|
||||
eng "You must SET PASSWORD before executing this statement"
|
||||
|
||||
@ -1450,7 +1450,12 @@ static my_bool do_validate(THD *, plugin_ref plugin, void *arg)
|
||||
struct validation_data *data= (struct validation_data *)arg;
|
||||
struct st_mariadb_password_validation *handler=
|
||||
(st_mariadb_password_validation *)plugin_decl(plugin)->info;
|
||||
return handler->validate_password(data->user, data->password);
|
||||
if (handler->validate_password(data->user, data->password))
|
||||
{
|
||||
my_error(ER_NOT_VALID_PASSWORD, MYF(0), plugin_ref_to_int(plugin)->name.str);
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
@ -1464,7 +1469,6 @@ static bool validate_password(LEX_USER *user, THD *thd)
|
||||
if (plugin_foreach(NULL, do_validate,
|
||||
MariaDB_PASSWORD_VALIDATION_PLUGIN, &data))
|
||||
{
|
||||
my_error(ER_NOT_VALID_PASSWORD, MYF(0));
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user