AnonSec Shell
Server IP : 185.86.78.101  /  Your IP : 216.73.216.124
Web Server : Apache
System : Linux 675867-vds-valikoshka1996.gmhost.pp.ua 5.4.0-150-generic #167-Ubuntu SMP Mon May 15 17:35:05 UTC 2023 x86_64
User : www ( 1000)
PHP Version : 7.4.33
Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : OFF  |  Sudo : ON  |  Pkexec : OFF
Directory :  /www/server/mysql/mysql-test/t/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME ]     

Current File : /www/server/mysql/mysql-test/t/validate_password_plugin_check_user.test
# No passwords in embedded server
--source include/not_embedded.inc

--source include/have_validate_password_plugin.inc

# Save the initial number of concurrent sessions
--source include/count_sessions.inc

--echo # Should fail: not a session variable
--error ER_GLOBAL_VARIABLE
SET @@session.validate_password_check_user_name= ON;

--echo # Should fail: not a session variable
--error ER_GLOBAL_VARIABLE
SET validate_password_check_user_name= ON;

# turn other policies off so they don't stand in the way
SET @@global.validate_password_policy=LOW;
SET @@global.validate_password_mixed_case_count=0;
SET @@global.validate_password_number_count=0;
SET @@global.validate_password_special_char_count=0;
SET @@global.validate_password_length=0;


# check_user_name=ON tests. No need to check with off since it's covered.
SET @@global.validate_password_check_user_name= ON;

--echo # Must pass: password the same as the the user name, but run by root
CREATE USER "base_user"@localhost IDENTIFIED BY 'base_user';
GRANT ALL PRIVILEGES ON test.* TO "base_user"@localhost;
--echo # Must pass: password the same as the user name, but run by root
SET PASSWORD FOR "base_user"@localhost = 'base_user';
--echo # Must pass: password the same as the user name, but run by root
ALTER USER "base_user"@localhost IDENTIFIED BY 'base_user';
--echo # Must fail: password is root
--error ER_NOT_VALID_PASSWORD
CREATE USER foo@localhost IDENTIFIED BY 'root';
--echo # Must return 0 : same as the user name
SELECT VALIDATE_PASSWORD_STRENGTH('root') = 0;
--echo # Must return 0 : same as the user name
SELECT VALIDATE_PASSWORD_STRENGTH('toor') = 0;
--echo # Must return non-0: upper case in user name
SELECT VALIDATE_PASSWORD_STRENGTH('Root') <> 0;
--echo # Must return non-0: upper case in reverse user name
SELECT VALIDATE_PASSWORD_STRENGTH('Toor') <> 0;
--echo # Must return non-0: different name
SELECT VALIDATE_PASSWORD_STRENGTH('fooHoHo%1') <> 0;


--echo # connect as base_user
connect(base_user_con,localhost,base_user,base_user,test);
--echo # Should fail: password the same as the user name
--error ER_NOT_VALID_PASSWORD
SET PASSWORD='base_user';
--echo # Should pass: uppercase in U
SET PASSWORD='base_User';
--echo # Should fail: password the same as the login user name
--error ER_NOT_VALID_PASSWORD
ALTER USER "base_user"@localhost IDENTIFIED BY 'base_user';
--echo # Must be 0: user name matches the password
SELECT VALIDATE_PASSWORD_STRENGTH('base_user') = 0;
--echo # Must be 0: reverse of user name matches the password
SELECT VALIDATE_PASSWORD_STRENGTH('resu_esab') = 0;
--echo # Must pass: empty password is ok
SET PASSWORD='';

--echo # back to default connection
connection default;
disconnect base_user_con;
REVOKE ALL PRIVILEGES ON test.* FROM "base_user"@localhost;
DROP USER "base_user"@localhost;

-- echo # test effective user name
CREATE USER ""@localhost;
GRANT ALL PRIVILEGES ON test.* TO ""@localhost;

--echo # connect as the login_user
connect(login_user_con,localhost,login_user,,test);
SELECT USER(),CURRENT_USER();

--echo # Should return 0: login user id matches
SELECT VALIDATE_PASSWORD_STRENGTH('login_user') = 0;

--echo # Should return 0: reverse login user id matches
SELECT VALIDATE_PASSWORD_STRENGTH('resu_nigol') = 0;

--echo # back to default connection
connection default;
disconnect login_user_con;
REVOKE ALL PRIVILEGES ON test.* FROM ""@localhost;
DROP USER ""@localhost;

SET @@global.validate_password_policy=default;
SET @@global.validate_password_length=default;
SET @@global.validate_password_mixed_case_count=default;
SET @@global.validate_password_number_count=default;
SET @@global.validate_password_special_char_count=default;
SET @@global.validate_password_check_user_name= default;

# Wait till all disconnects are completed
--source include/wait_until_count_sessions.inc

--echo End of 5.7 tests

Anon7 - 2022
AnonSec Team