1 2# 3# WL#5706/Bug#58712/Bug#11746378 4# Encrypt or remove passwords from slow, query, and binary logs 5# (see sql/sql_rewrite.cc for bulk of implementation) 6# 7 8-- source include/have_log_bin.inc 9 10RESET MASTER; 11 12#--------------- bin log ------------------------------------------- 13 14# misc rewrites. 15 16# Show that when we completely re-synthesize commands, 17# we get all the particles right! 18 19CREATE USER user1@localhost IDENTIFIED BY 'secret'; 20CREATE USER user2@localhost IDENTIFIED BY 'secret'; 21SET PASSWORD FOR user1@localhost = 'secret'; 22 23--echo # Test the password is encrypted in binary log 24--echo # when granting privileges on tables. 25GRANT UPDATE ON *.* TO user1@localhost IDENTIFIED BY 'secret' WITH GRANT OPTION; 26GRANT UPDATE ON *.* /*before to*/TO/*after to*/ user1@localhost IDENTIFIED BY 'secret', user2@localhost IDENTIFIED BY 'secret2' /*before with*/WITH/*after with*/MAX_QUERIES_PER_HOUR 90; 27GRANT UPDATE ON *.* /*before to*/TO/*after to*/ user1@localhost IDENTIFIED BY 'secret', user2@localhost IDENTIFIED BY 'secret2' /*before require*/REQUIRE SSL/*after require*/ /*before with*/WITH/*after with*/MAX_QUERIES_PER_HOUR 90; 28GRANT UPDATE ON *.* TO user1@localhost IDENTIFIED BY 'secret', user2@localhost IDENTIFIED BY 'secret2'; 29REVOKE UPDATE ON *.* FROM user1@localhost, user2@localhost; 30 31--echo # Test the password is encrypted in binary log 32--echo # when granting privileges on procedure. 33CREATE PROCEDURE p1() SQL SECURITY INVOKER SELECT 1; 34GRANT EXECUTE ON PROCEDURE p1 TO user1@localhost IDENTIFIED BY 'secret', user2@localhost IDENTIFIED BY 'secret2' /*before with*/ WITH MAX_QUERIES_PER_HOUR 90; 35GRANT EXECUTE ON PROCEDURE p1 /*before to*/TO/*after to*/ user1@localhost IDENTIFIED BY 'secret', user2@localhost IDENTIFIED BY 'secret2' /*before require*/REQUIRE SSL/*after require*/ /*before with*/WITH/*after with*/MAX_QUERIES_PER_HOUR 90; 36GRANT EXECUTE ON PROCEDURE p1 TO user1@localhost IDENTIFIED BY 'secret', user2@localhost IDENTIFIED BY 'secret2'; 37REVOKE EXECUTE ON PROCEDURE p1 FROM user1@localhost, user2@localhost; 38 39--echo # Test the password is encrypted in binary log 40--echo # when granting privileges on function. 41CREATE FUNCTION f1() RETURNS INT RETURN 123; 42GRANT EXECUTE ON FUNCTION f1 /*before to*/TO/*after to*/ user1@localhost IDENTIFIED BY 'secret' /*!10000 , user2@localhost IDENTIFIED BY 'secret2' */ /*!99999 THIS_WOULD_BREAK */ /*before require*/REQUIRE SSL/*after require*/ /*before with*/WITH/*after with*/MAX_QUERIES_PER_HOUR 90; 43REVOKE EXECUTE ON FUNCTION f1 FROM user1@localhost, user2@localhost; 44 45DROP USER user1@localhost, user2@localhost; 46DROP FUNCTION f1; 47DROP PROCEDURE p1; 48 49# 1.1.1.1 50GRANT ALL on *.* TO test_user1 IDENTIFIED BY 'azundris1'; 51 52# 1.1.1.2 53CREATE USER test_user2 IDENTIFIED BY 'azundris2'; 54 55# 1.1.1.3 56CHANGE MASTER TO MASTER_PASSWORD='azundris3'; 57 58# 1.1.1.4 59CREATE USER 'test_user4'@'localhost'; 60SET PASSWORD FOR 'test_user4'@'localhost' = 'azundris4'; 61 62--source include/show_binlog_events.inc 63 64DROP USER 'test_user4'@'localhost'; 65DROP USER test_user2; 66DROP USER test_user1; 67 68--echo End of 5.6 tests! 69