From a5660ded7ed7e822b581bbeb940cdfc571073786 Mon Sep 17 00:00:00 2001 From: eileencodes Date: Thu, 9 May 2024 11:38:17 -0400 Subject: [PATCH] fix it --- .github/workflows/macos.yml | 4 ++ contrib/ruby/test/auth_test.rb | 55 +++++++++---------- contrib/ruby/test/test_helper.rb | 11 +++- .../caching_sha2_password_user.sql | 3 + .../cleartext_user.sql | 4 ++ .../native_password_user.sql | 3 + 6 files changed, 49 insertions(+), 31 deletions(-) create mode 100644 test/mysql/docker-entrypoint-initdb.d/caching_sha2_password_user.sql create mode 100644 test/mysql/docker-entrypoint-initdb.d/cleartext_user.sql create mode 100644 test/mysql/docker-entrypoint-initdb.d/native_password_user.sql diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 3d59367b..f24cf85a 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -44,6 +44,10 @@ jobs: brew services start mysql@${{ matrix.mysql }} sleep 5 $(brew --prefix mysql@${{ matrix.mysql }})/bin/mysql -uroot -e 'CREATE DATABASE test' + [[ "$MYSQL_VERSION" == "8.0" ]] && $(brew --prefix mysql@${{ matrix.mysql }})/bin/mysql -uroot < test/mysql/docker-entrypoint-initdb.d/caching_sha2_password_user.sql + $(brew --prefix mysql@${{ matrix.mysql }})/bin/mysql -uroot < test/mysql/docker-entrypoint-initdb.d/native_password_user.sql + $(brew --prefix mysql@${{ matrix.mysql }})/bin/mysql -uroot < test/mysql/docker-entrypoint-initdb.d/x509_user.sql + $(brew --prefix mysql@${{ matrix.mysql }})/bin/mysql -uroot < test/mysql/docker-entrypoint-initdb.d/cleartext_user.sql - name: Install dependencies run: | cd contrib/ruby diff --git a/contrib/ruby/test/auth_test.rb b/contrib/ruby/test/auth_test.rb index d1864300..736670ff 100644 --- a/contrib/ruby/test/auth_test.rb +++ b/contrib/ruby/test/auth_test.rb @@ -18,8 +18,8 @@ def has_caching_sha2? end def test_connect_native_with_password - create_and_delete_test_user(auth_plugin: "mysql_native_password") do - client = new_tcp_client username: "auth_user", password: "password" + create_and_delete_test_user(username: "native", auth_plugin: "mysql_native_password") do + client = new_tcp_client username: "native", password: "password" refute_nil client ensure @@ -28,8 +28,8 @@ def test_connect_native_with_password end def test_connect_native_with_no_password - create_and_delete_test_user(password: "", auth_plugin: "mysql_native_password") do - client = new_tcp_client username: "auth_user" + create_and_delete_test_user(username: "native", password: "", auth_plugin: "mysql_native_password") do + client = new_tcp_client username: "native" refute_nil client ensure @@ -39,12 +39,12 @@ def test_connect_native_with_no_password def test_connect_caching_sha2_with_password return skip unless has_caching_sha2? - create_and_delete_test_user(auth_plugin: "caching_sha2_password") do + create_and_delete_test_user(username: "caching_sha2", auth_plugin: "caching_sha2_password") do # Ensure correct setup - assert_equal [["caching_sha2_password"]], new_tcp_client.query("SELECT plugin FROM mysql.user WHERE user = 'auth_user'").rows + assert_equal [["caching_sha2_password"]], new_tcp_client.query("SELECT plugin FROM mysql.user WHERE user = 'caching_sha2'").rows - client = new_tcp_client username: "auth_user", password: "password" + client = new_tcp_client username: "caching_sha2", password: "password" refute_nil client ensure @@ -54,12 +54,12 @@ def test_connect_caching_sha2_with_password def test_connect_caching_sha2_with_no_password return skip unless has_caching_sha2? - create_and_delete_test_user(password: "", auth_plugin: "caching_sha2_password") do + create_and_delete_test_user(username: "caching_sha2", password: "", auth_plugin: "caching_sha2_password") do # Ensure correct setup - assert_equal [["caching_sha2_password"]], new_tcp_client.query("SELECT plugin FROM mysql.user WHERE user = 'auth_user'").rows + assert_equal [["caching_sha2_password"]], new_tcp_client.query("SELECT plugin FROM mysql.user WHERE user = 'caching_sha2'").rows - client = new_tcp_client username: "auth_user" + client = new_tcp_client username: "caching_sha2" refute_nil client ensure @@ -70,7 +70,7 @@ def test_connect_caching_sha2_with_no_password def test_connect_with_unix_and_caching_sha2_works return skip unless has_caching_sha2? return skip unless ["127.0.0.1", "localhost"].include?(DEFAULT_HOST) - create_and_delete_test_user(host: "localhost", auth_plugin: "caching_sha2_password") do + create_and_delete_test_user(username: "caching_sha2", host: "localhost", auth_plugin: "caching_sha2_password") do socket = new_tcp_client.query("SHOW VARIABLES LIKE 'socket'").to_a[0][1] @@ -78,7 +78,7 @@ def test_connect_with_unix_and_caching_sha2_works skip "cound not find socket at #{socket}" end - client = new_unix_client(socket, username: "auth_user", password: "password") + client = new_unix_client(socket, username: "caching_sha2", password: "password") refute_nil client ensure ensure_closed client @@ -88,15 +88,14 @@ def test_connect_with_unix_and_caching_sha2_works def test_connect_without_ssl_or_unix_socket_caching_sha2_raises return skip unless has_caching_sha2? - create_and_delete_test_user(auth_plugin: "caching_sha2_password") do - + create_and_delete_test_user(username: "caching_sha2", auth_plugin: "caching_sha2_password") do # Ensure correct setup - assert_equal [["caching_sha2_password"]], new_tcp_client.query("SELECT plugin FROM mysql.user WHERE user = 'auth_user'").rows + assert_equal [["caching_sha2_password"]], new_tcp_client.query("SELECT plugin FROM mysql.user WHERE user = 'caching_sha2'").rows options = { host: DEFAULT_HOST, port: DEFAULT_PORT, - username: "auth_user", + username: "caching_sha2", password: "password", ssl: false, ssl_mode: 0 @@ -112,31 +111,31 @@ def test_connect_without_ssl_or_unix_socket_caching_sha2_raises end def test_connection_error_native - create_and_delete_test_user(auth_plugin: "mysql_native_password") do + create_and_delete_test_user(username: "native", auth_plugin: "mysql_native_password") do err = assert_raises Trilogy::ConnectionError do - new_tcp_client(username: "auth_user", password: "incorrect") + new_tcp_client(username: "native", password: "incorrect") end - assert_includes err.message, "Access denied for user 'auth_user" + assert_includes err.message, "Access denied for user 'native" end end def test_connection_error_caching_sha2 return skip unless has_caching_sha2? - create_and_delete_test_user(auth_plugin: "caching_sha2_password") do + create_and_delete_test_user(username: "caching_sha2", auth_plugin: "caching_sha2_password") do err = assert_raises Trilogy::ConnectionError do - new_tcp_client(username: "auth_user", password: "incorrect") + new_tcp_client(username: "caching_sha2", password: "incorrect") end - assert_includes err.message, "Access denied for user 'auth_user" + assert_includes err.message, "Access denied for user 'caching_sha2" end end def test_cleartext_auth_plugin_with_password - create_and_delete_test_user(auth_plugin: "cleartext_plugin_server") do - client = new_tcp_client username: "auth_user", password: "password", enable_cleartext_plugin: true + create_and_delete_test_user(username: "cleartext_user", auth_plugin: "cleartext_plugin_server") do + client = new_tcp_client username: "cleartext_user", password: "password", enable_cleartext_plugin: true refute_nil client ensure ensure_closed client @@ -144,8 +143,8 @@ def test_cleartext_auth_plugin_with_password end def test_cleartext_auth_plugin_with_no_password - create_and_delete_test_user(password: "", auth_plugin: "cleartext_plugin_server") do - client = new_tcp_client username: "auth_user", enable_cleartext_plugin: true + create_and_delete_test_user(username: "cleartext_user", password: "", auth_plugin: "cleartext_plugin_server") do + client = new_tcp_client username: "cleartext_user", enable_cleartext_plugin: true refute_nil client ensure ensure_closed client @@ -153,10 +152,10 @@ def test_cleartext_auth_plugin_with_no_password end def test_cleartext_auth_plugin_disabled - create_and_delete_test_user(password: "", auth_plugin: "cleartext_plugin_server") do + create_and_delete_test_user(username: "cleartext_user", password: "", auth_plugin: "cleartext_plugin_server") do assert_raises Trilogy::AuthPluginError do - new_tcp_client username: "auth_user", password: "password" + new_tcp_client username: "cleartext_user", password: "password" end end end diff --git a/contrib/ruby/test/test_helper.rb b/contrib/ruby/test/test_helper.rb index d9e33e3c..9505d76b 100644 --- a/contrib/ruby/test/test_helper.rb +++ b/contrib/ruby/test/test_helper.rb @@ -92,22 +92,27 @@ def ensure_closed(socket) def create_and_delete_test_user(opts = {}, &block) client = new_tcp_client - create_test_user(client, opts) + user_created = create_test_user(client, opts) yield - delete_test_user(client, opts) ensure + delete_test_user(client, opts) if user_created ensure_closed client end def create_test_user(client, opts = {}) - username = opts[:username] || "auth_user" + username = opts[:username] password = opts[:password] || "password" host = opts[:host] || DEFAULT_HOST auth_plugin = opts[:auth_plugin] + raise ArgumentError if username.nil? || auth_plugin.nil? + user_exists = client.query("SELECT user FROM mysql.user WHERE user = '#{username}';").rows.first + return if user_exists + client.query("CREATE USER '#{username}'@'#{host}'") client.query("GRANT ALL PRIVILEGES ON test.* TO '#{username}'@'#{host}';") client.query("ALTER USER '#{username}'@'#{host}' IDENTIFIED WITH #{auth_plugin} BY '#{password}';") + client.query("SELECT user FROM mysql.user WHERE user = '#{username}';").rows.first end def delete_test_user(client, opts = {}) diff --git a/test/mysql/docker-entrypoint-initdb.d/caching_sha2_password_user.sql b/test/mysql/docker-entrypoint-initdb.d/caching_sha2_password_user.sql new file mode 100644 index 00000000..8a78c4dd --- /dev/null +++ b/test/mysql/docker-entrypoint-initdb.d/caching_sha2_password_user.sql @@ -0,0 +1,3 @@ +CREATE USER 'caching_sha2'@'%'; +GRANT ALL PRIVILEGES ON test.* TO 'caching_sha2'@'%'; +ALTER USER 'caching_sha2'@'%' IDENTIFIED /*!80000 WITH caching_sha2_password */ BY 'password'; diff --git a/test/mysql/docker-entrypoint-initdb.d/cleartext_user.sql b/test/mysql/docker-entrypoint-initdb.d/cleartext_user.sql new file mode 100644 index 00000000..797e0ed2 --- /dev/null +++ b/test/mysql/docker-entrypoint-initdb.d/cleartext_user.sql @@ -0,0 +1,4 @@ +INSTALL PLUGIN cleartext_plugin_server SONAME 'auth_test_plugin.so'; +CREATE USER 'cleartext_user'@'%'; +GRANT ALL PRIVILEGES ON test.* TO 'cleartext_user'@'%'; +ALTER USER 'cleartext_user'@'%' IDENTIFIED WITH cleartext_plugin_server BY 'password'; diff --git a/test/mysql/docker-entrypoint-initdb.d/native_password_user.sql b/test/mysql/docker-entrypoint-initdb.d/native_password_user.sql new file mode 100644 index 00000000..e254e73b --- /dev/null +++ b/test/mysql/docker-entrypoint-initdb.d/native_password_user.sql @@ -0,0 +1,3 @@ +CREATE USER 'native'@'%'; +GRANT ALL PRIVILEGES ON test.* TO 'native'@'%'; +ALTER USER 'native'@'%' IDENTIFIED WITH mysql_native_password BY '';