revision-id: 725c3df53e2a73879ecfb77fca8f4efe9ebbcd72 (mariadb-10.3.6-37-g725c3df) parent(s): de745ecf29721795710910a19bd0ea3389da804c committer: Alexey Botchkov timestamp: 2018-07-04 21:52:01 +0400 message: MDEV-15471 Isolate/sandbox PAM modules, so that they can't crash the server tests fixed. --- mysql-test/suite/plugins/r/pam_v1.result | 25 +++++++++++++++++++++++++ mysql-test/suite/plugins/t/pam.test | 2 +- mysql-test/suite/plugins/t/pam_init.inc | 4 ++-- mysql-test/suite/plugins/t/pam_init_v1.inc | 14 -------------- mysql-test/suite/plugins/t/pam_v1.test | 8 +------- 5 files changed, 29 insertions(+), 24 deletions(-) diff --git a/mysql-test/suite/plugins/r/pam_v1.result b/mysql-test/suite/plugins/r/pam_v1.result new file mode 100644 index 0000000..bf4c024 --- /dev/null +++ b/mysql-test/suite/plugins/r/pam_v1.result @@ -0,0 +1,25 @@ +install plugin pam soname 'auth_pam_v1.so'; +create user test_pam identified via pam using 'mariadb_mtr'; +create user pam_test; +grant proxy on pam_test to test_pam; +# +# athentication is successful, challenge/pin are ok +# note that current_user() differs from user() +# +Challenge input first. +Enter: not very secret challenge +Now, the magic number! +PIN: **** +select user(), current_user(), database(); +user() current_user() database() +test_pam@localhost pam_test@% test +# +# athentication is unsuccessful +# +Challenge input first. +Enter: not very secret challenge +Now, the magic number! +PIN: **** +drop user test_pam; +drop user pam_test; +uninstall plugin pam; diff --git a/mysql-test/suite/plugins/t/pam.test b/mysql-test/suite/plugins/t/pam.test index 852f165..6bb282f 100644 --- a/mysql-test/suite/plugins/t/pam.test +++ b/mysql-test/suite/plugins/t/pam.test @@ -1,4 +1,4 @@ - +let $PAM_PLUGIN_VERSION= $AUTH_PAM_SO; --source pam_init.inc --write_file $MYSQLTEST_VARDIR/tmp/pam_good.txt diff --git a/mysql-test/suite/plugins/t/pam_init.inc b/mysql-test/suite/plugins/t/pam_init.inc index 281666d..131b787 100644 --- a/mysql-test/suite/plugins/t/pam_init.inc +++ b/mysql-test/suite/plugins/t/pam_init.inc @@ -1,11 +1,11 @@ --source include/not_embedded.inc -if (!$AUTH_PAM_SO) { +if (!$PAM_PLUGIN_VERSION) { skip No pam auth plugin; } -eval install plugin pam soname '$AUTH_PAM_SO'; +eval install plugin pam soname '$PAM_PLUGIN_VERSION'; create user test_pam identified via pam using 'mariadb_mtr'; create user pam_test; grant proxy on pam_test to test_pam; diff --git a/mysql-test/suite/plugins/t/pam_init_v1.inc b/mysql-test/suite/plugins/t/pam_init_v1.inc deleted file mode 100644 index 4861d4f..0000000 --- a/mysql-test/suite/plugins/t/pam_init_v1.inc +++ /dev/null @@ -1,14 +0,0 @@ - ---source include/not_embedded.inc - -if (!$AUTH_PAM_V1_SO) { - skip No pam auth plugin; -} - -eval install plugin pam soname '$AUTH_PAM_V1_SO'; -create user test_pam identified via pam using 'mariadb_mtr'; -create user pam_test; -grant proxy on pam_test to test_pam; - -let $plugindir=`SELECT @@global.plugin_dir`; - diff --git a/mysql-test/suite/plugins/t/pam_v1.test b/mysql-test/suite/plugins/t/pam_v1.test index f8a346e..d908e3a 100644 --- a/mysql-test/suite/plugins/t/pam_v1.test +++ b/mysql-test/suite/plugins/t/pam_v1.test @@ -1,4 +1,4 @@ - +let $PAM_PLUGIN_VERSION= $AUTH_PAM_V1_SO; --source pam_init.inc --write_file $MYSQLTEST_VARDIR/tmp/pam_good.txt @@ -25,12 +25,6 @@ EOF --error 1 --exec $MYSQL_TEST -u test_pam --plugin-dir=$plugindir < $MYSQLTEST_VARDIR/tmp/pam_bad.txt ---echo # ---echo # pam module crashes ---echo # ---error 1 ---exec $MYSQL_TEST -u crash_pam_tool --plugin-dir=$plugindir < $MYSQLTEST_VARDIR/tmp/pam_good.txt - --remove_file $MYSQLTEST_VARDIR/tmp/pam_good.txt --remove_file $MYSQLTEST_VARDIR/tmp/pam_bad.txt drop user test_pam;