Bug#14588148: PASSWORD VALIDATION PLUGIN DOES NOT

Ashish Agarwal · Ashish Agarwal · commit afe1585f7122 · 2012-11-22T18:22:15.000+05:30
WARN ON INVALID DICTIONARY FILE

PROBLEM: No warnings generated when dictionary
         file constraints are violated.

SOLUTION: Warnings are generated when constraints
          are violated. File must be in lower-case,
          uppercase letters are not compared. Mixed
          case dictionary file will be implemented
          as another feature request.
diff --git a/mysql-test/r/validate_password_plugin.result b/mysql-test/r/validate_password_plugin.result
@@ -1,3 +1,4 @@
+call mtr.add_suppression("Dictionary file not specified");
 CREATE USER 'base_user'@'localhost' IDENTIFIED BY 'pass';
 GRANT ALL ON mysql.* TO 'user1'@'localhost' IDENTIFIED BY 'pass';
 INSTALL PLUGIN validate_password SONAME 'validate_password.so';
diff --git a/mysql-test/t/validate_password_plugin.test b/mysql-test/t/validate_password_plugin.test
@@ -1,6 +1,7 @@
 --source include/not_embedded.inc
 --source include/have_validate_password_plugin.inc
 
+call mtr.add_suppression("Dictionary file not specified");
 let $MYSQL_ERRMSG_BASEDIR=`select @@lc_messages_dir`;
 
 # plugin is not installed so even 'pass' (very weak)
diff --git a/plugin/password_validation/validate_password.cc b/plugin/password_validation/validate_password.cc
@@ -35,6 +35,12 @@
 #define MIN_DICTIONARY_WORD_LENGTH    4
 #define MAX_PASSWORD_LENGTH           100
 
+/*
+  Handle assigned when loading the plugin.
+  Used with the error reporting functions.
+*/
+
+static MYSQL_PLUGIN plugin_info_ptr;
 /*  
   These are the 3 password policies that this plugin allow to set
   and configure as per the requirements.
@@ -72,16 +78,27 @@ static void read_dictionary_file()
   long file_length;
 
   if (validate_password_dictionary_file == NULL)
+  {
+    my_plugin_log_message(&plugin_info_ptr, MY_WARNING_LEVEL,
+                          "Dictionary file not specified");
     return;
+  }
   std::ifstream dictionary_stream(validate_password_dictionary_file);
   if (!dictionary_stream)
+  {
+    my_plugin_log_message(&plugin_info_ptr, MY_WARNING_LEVEL,
+                          "Dictionary file not loaded");
     return;
+  }
   dictionary_stream.seekg(0, std::ios::end);
   file_length= dictionary_stream.tellg();
   dictionary_stream.seekg(0, std::ios::beg);
   if (file_length > MAX_DICTIONARY_FILE_LENGTH)
   {
     dictionary_stream.close();
+    my_plugin_log_message(&plugin_info_ptr, MY_WARNING_LEVEL,
+                          "Dictionary file size exceed",
+                          "MAX_DICTIONARY_FILE_LENGTH, not loaded");
     return;
   }
   while (dictionary_stream.good())
@@ -240,8 +257,9 @@ static struct st_mysql_validate_password validate_password_descriptor=
   read dictionary file into std::set.
 */
 
-static int validate_password_init(void *arg __attribute__((unused)))
+static int validate_password_init(MYSQL_PLUGIN plugin_info)
 {
+  plugin_info_ptr= plugin_info;
   read_dictionary_file();
   return (0);
 }

Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,4 @@`
	`1`	`+call mtr.add_suppression("Dictionary file not specified");`
`1`	`2`	`CREATE USER 'base_user'@'localhost' IDENTIFIED BY 'pass';`
`2`	`3`	`GRANT ALL ON mysql.* TO 'user1'@'localhost' IDENTIFIED BY 'pass';`
`3`	`4`	`INSTALL PLUGIN validate_password SONAME 'validate_password.so';`