Skip to content

Commit afe1585

Browse files
author
Ashish Agarwal
committed
Bug#14588148: PASSWORD VALIDATION PLUGIN DOES NOT
WARN ON INVALID DICTIONARY FILE PROBLEM: No warnings generated when dictionary file constraints are violated. SOLUTION: Warnings are generated when constraints are violated. File must be in lower-case, uppercase letters are not compared. Mixed case dictionary file will be implemented as another feature request.
1 parent 491e863 commit afe1585

3 files changed

Lines changed: 21 additions & 1 deletion

File tree

mysql-test/r/validate_password_plugin.result

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,4 @@
1+
call mtr.add_suppression("Dictionary file not specified");
12
CREATE USER 'base_user'@'localhost' IDENTIFIED BY 'pass';
23
GRANT ALL ON mysql.* TO 'user1'@'localhost' IDENTIFIED BY 'pass';
34
INSTALL PLUGIN validate_password SONAME 'validate_password.so';

mysql-test/t/validate_password_plugin.test

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
--source include/not_embedded.inc
22
--source include/have_validate_password_plugin.inc
33

4+
call mtr.add_suppression("Dictionary file not specified");
45
let $MYSQL_ERRMSG_BASEDIR=`select @@lc_messages_dir`;
56

67
# plugin is not installed so even 'pass' (very weak)

plugin/password_validation/validate_password.cc

Lines changed: 19 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,12 @@
3535
#define MIN_DICTIONARY_WORD_LENGTH 4
3636
#define MAX_PASSWORD_LENGTH 100
3737

38+
/*
39+
Handle assigned when loading the plugin.
40+
Used with the error reporting functions.
41+
*/
42+
43+
static MYSQL_PLUGIN plugin_info_ptr;
3844
/*
3945
These are the 3 password policies that this plugin allow to set
4046
and configure as per the requirements.
@@ -72,16 +78,27 @@ static void read_dictionary_file()
7278
long file_length;
7379

7480
if (validate_password_dictionary_file == NULL)
81+
{
82+
my_plugin_log_message(&plugin_info_ptr, MY_WARNING_LEVEL,
83+
"Dictionary file not specified");
7584
return;
85+
}
7686
std::ifstream dictionary_stream(validate_password_dictionary_file);
7787
if (!dictionary_stream)
88+
{
89+
my_plugin_log_message(&plugin_info_ptr, MY_WARNING_LEVEL,
90+
"Dictionary file not loaded");
7891
return;
92+
}
7993
dictionary_stream.seekg(0, std::ios::end);
8094
file_length= dictionary_stream.tellg();
8195
dictionary_stream.seekg(0, std::ios::beg);
8296
if (file_length > MAX_DICTIONARY_FILE_LENGTH)
8397
{
8498
dictionary_stream.close();
99+
my_plugin_log_message(&plugin_info_ptr, MY_WARNING_LEVEL,
100+
"Dictionary file size exceed",
101+
"MAX_DICTIONARY_FILE_LENGTH, not loaded");
85102
return;
86103
}
87104
while (dictionary_stream.good())
@@ -240,8 +257,9 @@ static struct st_mysql_validate_password validate_password_descriptor=
240257
read dictionary file into std::set.
241258
*/
242259

243-
static int validate_password_init(void *arg __attribute__((unused)))
260+
static int validate_password_init(MYSQL_PLUGIN plugin_info)
244261
{
262+
plugin_info_ptr= plugin_info;
245263
read_dictionary_file();
246264
return (0);
247265
}

0 commit comments

Comments
 (0)