Skip to content
Permalink
Browse files
MDEV-26647 (plugin name) Include password validation plugin informati…
…on in the error message if the SQL statement is not satisfied password policy

Add plugin name to the error message.
  • Loading branch information
sanja-byelkin committed Jul 27, 2022
1 parent 0ee1082 commit cc6bba0
Show file tree
Hide file tree
Showing 6 changed files with 37 additions and 32 deletions.
@@ -8,7 +8,7 @@ simple_password_check
#
CREATE USER user1@localhost IDENTIFIED BY 'BsG9#9.cem#!85';
CREATE USER user2@localhost IDENTIFIED BY 'bsg9#d.cem#!85';
ERROR HY000: Your password does not satisfy the current policy requirements
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
DROP USER user1@localhost;
include/show_binlog_events.inc
Log_name Pos Event_type Server_id End_log_pos Info
@@ -14,37 +14,37 @@ LOAD_OPTION ON
PLUGIN_MATURITY Stable
PLUGIN_AUTH_VERSION 1.0
grant select on *.* to foocar identified by 'foocar';
ERROR HY000: Your password does not satisfy the current policy requirements
ERROR HY000: Your password does not satisfy the current policy requirements (cracklib_password_check)
show warnings;
Level Code Message
Warning 1819 cracklib: it is based on your username
Error 1819 Your password does not satisfy the current policy requirements
Error 1819 Your password does not satisfy the current policy requirements (cracklib_password_check)
grant select on *.* to foocar identified by 'racoof';
ERROR HY000: Your password does not satisfy the current policy requirements
ERROR HY000: Your password does not satisfy the current policy requirements (cracklib_password_check)
show warnings;
Level Code Message
Warning 1819 cracklib: it is based on your username
Error 1819 Your password does not satisfy the current policy requirements
Error 1819 Your password does not satisfy the current policy requirements (cracklib_password_check)
grant select on *.* to foo@barbar identified by 'barbar';
ERROR HY000: Your password does not satisfy the current policy requirements
ERROR HY000: Your password does not satisfy the current policy requirements (cracklib_password_check)
show warnings;
Level Code Message
Warning 1819 cracklib: it does not contain enough DIFFERENT characters
Error 1819 Your password does not satisfy the current policy requirements
Error 1819 Your password does not satisfy the current policy requirements (cracklib_password_check)
grant select on *.* to foobar identified by 'qwerty';
ERROR HY000: Your password does not satisfy the current policy requirements
ERROR HY000: Your password does not satisfy the current policy requirements (cracklib_password_check)
show warnings;
Level Code Message
Warning 1819 cracklib: it is based on a dictionary word
Error 1819 Your password does not satisfy the current policy requirements
Error 1819 Your password does not satisfy the current policy requirements (cracklib_password_check)
grant select on *.* to foobar identified by 'q$%^&*rty';
drop user foobar;
#
# MDEV-9851: CREATE USER w/o IDENTIFIED BY clause causes crash
# when using cracklib plugin
#
create user 'newuser'@'localhost';
ERROR HY000: Your password does not satisfy the current policy requirements
ERROR HY000: Your password does not satisfy the current policy requirements (cracklib_password_check)
uninstall plugin cracklib_password_check;
create user foo1 identified by 'pwd';
drop user foo1;
@@ -71,13 +71,13 @@ ENUM_VALUE_LIST NULL
READ_ONLY NO
COMMAND_LINE_ARGUMENT REQUIRED
create user foo1 identified by 'pwd';
ERROR HY000: Your password does not satisfy the current policy requirements
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
create user foo1;
ERROR HY000: Your password does not satisfy the current policy requirements
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
grant select on *.* to foo1 identified by 'pwd';
ERROR HY000: Your password does not satisfy the current policy requirements
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
grant select on *.* to `FooBar1!` identified by 'FooBar1!';
ERROR HY000: Your password does not satisfy the current policy requirements
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
grant select on *.* to `BarFoo1!` identified by 'FooBar1!';
drop user `BarFoo1!`;
create user foo1 identified by 'aA.12345';
@@ -99,28 +99,28 @@ simple_password_check_other_characters 3
create user foo1 identified by '123:qwe:ASD!';
drop user foo1;
create user foo1 identified by '-23:qwe:ASD!';
ERROR HY000: Your password does not satisfy the current policy requirements
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
create user foo1 identified by '123:4we:ASD!';
ERROR HY000: Your password does not satisfy the current policy requirements
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
create user foo1 identified by '123:qwe:4SD!';
ERROR HY000: Your password does not satisfy the current policy requirements
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
create user foo1 identified by '123:qwe:ASD4';
ERROR HY000: Your password does not satisfy the current policy requirements
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
create user foo1 identified by '123:qwe:ASD!';
set password for foo1 = password('qwe:-23:ASD!');
ERROR HY000: Your password does not satisfy the current policy requirements
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
set password for foo1 = old_password('4we:123:ASD!');
ERROR HY000: Your password does not satisfy the current policy requirements
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
set password for foo1 = password('qwe:123:4SD!');
ERROR HY000: Your password does not satisfy the current policy requirements
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
set password for foo1 = old_password('qwe:123:ASD4');
ERROR HY000: Your password does not satisfy the current policy requirements
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
set password for foo1 = password('qwe:123:ASD!');
select @@strict_password_validation;
@@strict_password_validation
1
set password for foo1 = '';
ERROR HY000: Your password does not satisfy the current policy requirements
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
set password for foo1 = '2222222222222222';
ERROR HY000: The MariaDB server is running with the --strict-password-validation option so it cannot execute this statement
set password for foo1 = '11111111111111111111111111111111111111111';
@@ -134,13 +134,13 @@ ERROR HY000: The MariaDB server is running with the --strict-password-validation
grant select on *.* to foo2 identified with mysql_old_password using '2222222222222222';
ERROR HY000: The MariaDB server is running with the --strict-password-validation option so it cannot execute this statement
create user foo2 identified with mysql_native_password using '';
ERROR HY000: Your password does not satisfy the current policy requirements
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
grant select on *.* to foo2 identified with mysql_old_password;
ERROR 28000: Can't find any matching row in the user table
update mysql.user set password='xxx' where user='foo1';
set global strict_password_validation=0;
set password for foo1 = '';
ERROR HY000: Your password does not satisfy the current policy requirements
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
set password for foo1 = '2222222222222222';
set password for foo1 = '11111111111111111111111111111111111111111';
create user foo2 identified by password '11111111111111111111111111111111111111111';
@@ -5,16 +5,16 @@ install soname "cracklib_password_check";
grant select on *.* to foobar identified by 'q$%^&*R1234ty';
drop user foobar;
grant select on *.* to Fff_fff1 identified by '1fff_ffF';
ERROR HY000: Your password does not satisfy the current policy requirements
ERROR HY000: Your password does not satisfy the current policy requirements (cracklib_password_check)
show warnings;
Level Code Message
Warning 1819 cracklib: it does not contain enough DIFFERENT characters
Error 1819 Your password does not satisfy the current policy requirements
Error 1819 Your password does not satisfy the current policy requirements (cracklib_password_check)
grant select on *.* to foobar identified by 'q-%^&*rty';
ERROR HY000: Your password does not satisfy the current policy requirements
ERROR HY000: Your password does not satisfy the current policy requirements (simple_password_check)
show warnings;
Level Code Message
Error 1819 Your password does not satisfy the current policy requirements
Error 1819 Your password does not satisfy the current policy requirements (simple_password_check)
uninstall plugin simple_password_check;
grant select on *.* to foobar identified by 'q-%^&*rty';
drop user foobar;
@@ -6925,7 +6925,8 @@ ER_INVALID_YEAR_COLUMN_LENGTH
rus "Тип YEAR(%lu) более не поддерживается, вместо него будет создана колонка с типом YEAR(4)"

ER_NOT_VALID_PASSWORD
eng "Your password does not satisfy the current policy requirements"
eng "Your password does not satisfy the current policy requirements (%s)"
ukr "Ваш пароль не відповідає поточним правилам (%s)"

ER_MUST_CHANGE_PASSWORD
eng "You must SET PASSWORD before executing this statement"
@@ -1450,7 +1450,12 @@ static my_bool do_validate(THD *, plugin_ref plugin, void *arg)
struct validation_data *data= (struct validation_data *)arg;
struct st_mariadb_password_validation *handler=
(st_mariadb_password_validation *)plugin_decl(plugin)->info;
return handler->validate_password(data->user, data->password);
if (handler->validate_password(data->user, data->password))
{
my_error(ER_NOT_VALID_PASSWORD, MYF(0), plugin_ref_to_int(plugin)->name.str);
return true;
}
return false;
}


@@ -1464,7 +1469,6 @@ static bool validate_password(LEX_USER *user, THD *thd)
if (plugin_foreach(NULL, do_validate,
MariaDB_PASSWORD_VALIDATION_PLUGIN, &data))
{
my_error(ER_NOT_VALID_PASSWORD, MYF(0));
return true;
}
}

0 comments on commit cc6bba0

Please sign in to comment.