diff options
author | Michael Widenius <monty@askmonty.org> | 2013-01-11 00:35:33 +0200 |
---|---|---|
committer | Michael Widenius <monty@askmonty.org> | 2013-01-11 00:35:33 +0200 |
commit | a42e1e3885ce4519bb5db2f02f2448d0a29cd7a7 (patch) | |
tree | 43ff0b55f02627badeee1fbb66337de3f0d82d21 | |
parent | 6e9a48b67fceab17089ca4cd1406e302386a601b (diff) | |
download | mariadb-git-a42e1e3885ce4519bb5db2f02f2448d0a29cd7a7.tar.gz |
Fixed MDEV-4013: Password length in replication setup
Give error for wrong parameters to CHANGE MASTER
Extend MASTER_PASSWORD and MASTER_HOST lengths
mysql-test/suite/rpl/r/rpl_password_boundaries.result:
Test length of MASTER_PASSWORD, MASTER_HOST and MASTER_USER
mysql-test/suite/rpl/r/rpl_semi_sync.result:
Use different password than user name for better test coverage
mysql-test/suite/rpl/t/rpl_password_boundaries.test:
Test length of MASTER_PASSWORD, MASTER_HOST and MASTER_USER
mysql-test/suite/rpl/t/rpl_semi_sync.test:
Use different password than user name for better test coverage
sql/rpl_mi.h:
Extend MASTER_PASSWORD and MASTER_HOST lengths
sql/sql_repl.cc:
Give error for wrong parameters to CHANGE MASTER
sql/sql_repl.h:
Extend MASTER_PASSWORD and MASTER_HOST lengths
-rw-r--r-- | mysql-test/suite/rpl/r/rpl_password_boundaries.result | 59 | ||||
-rw-r--r-- | mysql-test/suite/rpl/r/rpl_semi_sync.result | 6 | ||||
-rw-r--r-- | mysql-test/suite/rpl/t/rpl_password_boundaries.test | 112 | ||||
-rw-r--r-- | mysql-test/suite/rpl/t/rpl_semi_sync.test | 6 | ||||
-rw-r--r-- | sql/rpl_mi.h | 6 | ||||
-rw-r--r-- | sql/sql_repl.cc | 42 | ||||
-rw-r--r-- | sql/sql_repl.h | 4 |
7 files changed, 218 insertions, 17 deletions
diff --git a/mysql-test/suite/rpl/r/rpl_password_boundaries.result b/mysql-test/suite/rpl/r/rpl_password_boundaries.result new file mode 100644 index 00000000000..71f32f492a2 --- /dev/null +++ b/mysql-test/suite/rpl/r/rpl_password_boundaries.result @@ -0,0 +1,59 @@ +include/master-slave.inc +[connection master] +include/rpl_reset.inc +[ on master ] +set sql_log_bin=0; +grant replication slave on *.* to rpl32@127.0.0.1 identified by '0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef'; +set sql_log_bin=1; +[ on slave ] +include/stop_slave.inc +change master to master_user='rpl32',master_password='0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef'; +include/start_slave.inc +[ on master ] +drop table if exists t1; +Warnings: +Note 1051 Unknown table 't1' +create table t1 (i int); +insert into t1 values (1); +[ on slave: synchronized ] +[ on master ] +set sql_log_bin=0; +grant replication slave on *.* to rpl33@127.0.0.1 identified by '0123456789abcdef0123456789abcdef!'; +set sql_log_bin=1; +[ on slave ] +include/stop_slave.inc +change master to master_user='rpl33',master_password='0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef!'; +ERROR HY000: String '0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef012345' is too long for MASTER_PASSWORD (should be no longer than 96) +change master to master_user='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'; +ERROR HY000: String 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa' is too long for MASTER_USER (should be no longer than 47) +change master to master_host='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbcccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc'; +ERROR HY000: String 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaabbbbbb' is too long for MASTER_HOST (should be no longer than 180) +[ on master ] +set sql_log_bin=0; +grant replication slave on *.* to rpl16cyr@127.0.0.1 identified by 'воттакойужпарольвоттакойужпарольвоттакойужпароль'; +set sql_log_bin=1; +[ on slave ] +SET NAMES utf8; +change master to master_user='rpl16cyr',master_password='воттакойужпарольвоттакойужпарольвоттакойужпароль'; +include/start_slave.inc +[ on master ] +drop table if exists t1; +create table t1 (i int); +insert into t1 values (1); +[ on slave: synchronized ] +[ on master ] +set sql_log_bin=0; +grant replication slave on *.* to rpl17mix@127.0.0.1 identified by 'воттакойужпарольвоттакойужпарольвоттакойужпароль!'; +set sql_log_bin=1; +[ on slave ] +include/stop_slave.inc +change master to master_user='rpl17mix',master_password='воттакойужпарольвоттакойужпарольвоттакойужпароль!'; +ERROR HY000: String 'воттакойужпарольвоттакойужпарольвот' is too long for MASTER_PASSWORD (should be no longer than 96) +[ on master ] +set sql_log_bin=0; +drop user rpl32@127.0.0.1, rpl33@127.0.0.1, rpl16cyr@127.0.0.1, rpl17mix@127.0.0.1; +set sql_log_bin=1; +change master to master_user='root',master_password=''; +include/start_slave.inc +drop table if exists t1; +include/rpl_end.inc diff --git a/mysql-test/suite/rpl/r/rpl_semi_sync.result b/mysql-test/suite/rpl/r/rpl_semi_sync.result index bb037de4e6d..2082b4bf61c 100644 --- a/mysql-test/suite/rpl/r/rpl_semi_sync.result +++ b/mysql-test/suite/rpl/r/rpl_semi_sync.result @@ -307,13 +307,13 @@ reset slave; [ on master ] reset master; set sql_log_bin=0; -grant replication slave on *.* to rpl@127.0.0.1 identified by 'rpl'; +grant replication slave on *.* to rpl@127.0.0.1 identified by 'rpl_password'; flush privileges; set sql_log_bin=1; [ on slave ] -grant replication slave on *.* to rpl@127.0.0.1 identified by 'rpl'; +grant replication slave on *.* to rpl@127.0.0.1 identified by 'rpl_password'; flush privileges; -change master to master_user='rpl',master_password='rpl'; +change master to master_user='rpl',master_password='rpl_password'; include/start_slave.inc show status like 'Rpl_semi_sync_slave_status'; Variable_name Value diff --git a/mysql-test/suite/rpl/t/rpl_password_boundaries.test b/mysql-test/suite/rpl/t/rpl_password_boundaries.test new file mode 100644 index 00000000000..cf8abfbda11 --- /dev/null +++ b/mysql-test/suite/rpl/t/rpl_password_boundaries.test @@ -0,0 +1,112 @@ +source include/not_embedded.inc; +source include/master-slave.inc; +source include/rpl_reset.inc; + +# Suppress warnings that might be generated during the test +disable_query_log; +connection master; +call mtr.add_suppression("Timeout waiting for reply of binlog"); +connection slave; +call mtr.add_suppression("Slave SQL.*Request to stop slave SQL Thread received while applying a group that has non-transactional changes; waiting for completion of the group"); +enable_query_log; + +connection master; +echo [ on master ]; + +# wait for dying connections (if any) to disappear +let $wait_condition= select count(*) = 0 from information_schema.processlist where command='killed'; +--source include/wait_condition.inc + +# 32*3-character ASCII password should work all right + +set sql_log_bin=0; +grant replication slave on *.* to rpl32@127.0.0.1 identified by '0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef'; +set sql_log_bin=1; + +connection slave; +echo [ on slave ]; +source include/stop_slave.inc; +change master to master_user='rpl32',master_password='0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef'; +source include/start_slave.inc; + +connection master; +echo [ on master ]; +drop table if exists t1; +create table t1 (i int); +insert into t1 values (1); +sync_slave_with_master; +echo [ on slave: synchronized ]; + +connection master; +echo [ on master ]; + +# 32*3+1 -character ASCII password expected to fail +set sql_log_bin=0; +grant replication slave on *.* to rpl33@127.0.0.1 identified by '0123456789abcdef0123456789abcdef!'; +set sql_log_bin=1; + +connection slave; +echo [ on slave ]; +source include/stop_slave.inc; +--error ER_WRONG_STRING_LENGTH +change master to master_user='rpl33',master_password='0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef!'; + +# Check also master_user and master_host +--error ER_WRONG_STRING_LENGTH +change master to master_user='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'; +--error ER_WRONG_STRING_LENGTH +change master to master_host='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbcccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc'; + +# 48-character cyrillic password should work all right +connection master; +echo [ on master ]; +set sql_log_bin=0; +grant replication slave on *.* to rpl16cyr@127.0.0.1 identified by 'воттакойужпарольвоттакойужпарольвоттакойужпароль'; +set sql_log_bin=1; + +connection slave; +echo [ on slave ]; +SET NAMES utf8; +change master to master_user='rpl16cyr',master_password='воттакойужпарольвоттакойужпарольвоттакойужпароль'; +source include/start_slave.inc; + +connection master; +echo [ on master ]; +drop table if exists t1; +create table t1 (i int); +insert into t1 values (1); +sync_slave_with_master; +echo [ on slave: synchronized ]; + +# 48+1-character cyrillic password should fail + +connection master; +echo [ on master ]; +set sql_log_bin=0; +grant replication slave on *.* to rpl17mix@127.0.0.1 identified by 'воттакойужпарольвоттакойужпарольвоттакойужпароль!'; +set sql_log_bin=1; + +connection slave; +echo [ on slave ]; +source include/stop_slave.inc; +--error ER_WRONG_STRING_LENGTH +change master to master_user='rpl17mix',master_password='воттакойужпарольвоттакойужпарольвоттакойужпароль!'; + +# Cleanup + +connection master; +echo [ on master ]; +set sql_log_bin=0; +drop user rpl32@127.0.0.1, rpl33@127.0.0.1, rpl16cyr@127.0.0.1, rpl17mix@127.0.0.1; +set sql_log_bin=1; + +connection slave; +change master to master_user='root',master_password=''; +source include/start_slave.inc; + +connection master; +drop table if exists t1; +sync_slave_with_master; + +connection master; +--source include/rpl_end.inc diff --git a/mysql-test/suite/rpl/t/rpl_semi_sync.test b/mysql-test/suite/rpl/t/rpl_semi_sync.test index 42adeed06a7..c42505241c1 100644 --- a/mysql-test/suite/rpl/t/rpl_semi_sync.test +++ b/mysql-test/suite/rpl/t/rpl_semi_sync.test @@ -462,14 +462,14 @@ if ($_tid) # Do not binlog the following statement because it will generate # different events for ROW and STATEMENT format set sql_log_bin=0; -grant replication slave on *.* to rpl@127.0.0.1 identified by 'rpl'; +grant replication slave on *.* to rpl@127.0.0.1 identified by 'rpl_password'; flush privileges; set sql_log_bin=1; connection slave; echo [ on slave ]; -grant replication slave on *.* to rpl@127.0.0.1 identified by 'rpl'; +grant replication slave on *.* to rpl@127.0.0.1 identified by 'rpl_password'; flush privileges; -change master to master_user='rpl',master_password='rpl'; +change master to master_user='rpl',master_password='rpl_password'; source include/start_slave.inc; show status like 'Rpl_semi_sync_slave_status'; connection master; diff --git a/sql/rpl_mi.h b/sql/rpl_mi.h index a885576ef1c..64525f81603 100644 --- a/sql/rpl_mi.h +++ b/sql/rpl_mi.h @@ -66,9 +66,9 @@ class Master_info : public Slave_reporting_capability /* the variables below are needed because we can change masters on the fly */ char master_log_name[FN_REFLEN]; - char host[HOSTNAME_LENGTH+1]; - char user[USERNAME_LENGTH+1]; - char password[MAX_PASSWORD_LENGTH+1]; + char host[HOSTNAME_LENGTH*SYSTEM_CHARSET_MBMAXLEN+1]; + char user[USERNAME_LENGTH*+1]; + char password[MAX_PASSWORD_LENGTH*SYSTEM_CHARSET_MBMAXLEN+1]; bool ssl; // enables use of SSL connection if true char ssl_ca[FN_REFLEN], ssl_capath[FN_REFLEN], ssl_cert[FN_REFLEN]; char ssl_cipher[FN_REFLEN], ssl_key[FN_REFLEN]; diff --git a/sql/sql_repl.cc b/sql/sql_repl.cc index 53ac103dda1..631825f0527 100644 --- a/sql/sql_repl.cc +++ b/sql/sql_repl.cc @@ -1541,6 +1541,31 @@ void kill_zombie_dump_threads(uint32 slave_server_id) } } +/** + Get value for a string parameter with error checking + + Note that in case of error the original string should not be updated! + + @ret 0 ok + @ret 1 error +*/ + +static bool get_string_parameter(char *to, const char *from, size_t length, + const char *name) +{ + if (from) // Empty paramaters allowed + { + size_t from_length; + if ((from_length= strlen(from)) > length) + { + my_error(ER_WRONG_STRING_LENGTH, MYF(0), from, name, (int) length); + return 1; + } + memcpy(to, from, from_length+1); + } + return 0; +} + /** Execute a CHANGE MASTER statement. @@ -1633,12 +1658,17 @@ bool change_master(THD* thd, Master_info* mi) } DBUG_PRINT("info", ("master_log_pos: %lu", (ulong) mi->master_log_pos)); - if (lex_mi->host) - strmake(mi->host, lex_mi->host, sizeof(mi->host)-1); - if (lex_mi->user) - strmake(mi->user, lex_mi->user, sizeof(mi->user)-1); - if (lex_mi->password) - strmake(mi->password, lex_mi->password, sizeof(mi->password)-1); + if (get_string_parameter(mi->host, lex_mi->host, sizeof(mi->host)-1, + "MASTER_HOST") || + get_string_parameter(mi->user, lex_mi->user, sizeof(mi->user)-1, + "MASTER_USER") || + get_string_parameter(mi->password, lex_mi->password, + sizeof(mi->password)-1, "MASTER_PASSWORD")) + { + ret= TRUE; + goto err; + } + if (lex_mi->port) mi->port = lex_mi->port; if (lex_mi->connect_retry) diff --git a/sql/sql_repl.h b/sql/sql_repl.h index 7dc58c47d52..c5a0b31388e 100644 --- a/sql/sql_repl.h +++ b/sql/sql_repl.h @@ -25,9 +25,9 @@ typedef struct st_slave_info { uint32 server_id; uint32 rpl_recovery_rank, master_id; - char host[HOSTNAME_LENGTH+1]; + char host[HOSTNAME_LENGTH*SYSTEM_CHARSET_MBMAXLEN+1]; char user[USERNAME_LENGTH+1]; - char password[MAX_PASSWORD_LENGTH+1]; + char password[MAX_PASSWORD_LENGTH*SYSTEM_CHARSET_MBMAXLEN+1]; uint16 port; THD* thd; } SLAVE_INFO; |