1--TEST--
2PAM: SHA-256
3--SKIPIF--
4<?php
5require_once('skipif.inc');
6require_once('skipifemb.inc');
7require_once('skipifconnectfailure.inc');
8
9ob_start();
10phpinfo(INFO_MODULES);
11$tmp = ob_get_contents();
12ob_end_clean();
13if (!stristr($tmp, "auth_plugin_sha256_password"))
14	die("skip SHA256 auth plugin not built-in to mysqlnd");
15
16require_once('connect.inc');
17if (!$link = my_mysqli_connect($host, $user, $passwd, $db, $port, $socket))
18		die(printf("skip: [%d] %s\n", mysqli_connect_errno(), mysqli_connect_error()));
19
20if (mysqli_get_server_version($link) < 50606)
21	die("skip: SHA-256 requires MySQL 5.6.6+");
22
23if (!($res = $link->query("SHOW PLUGINS"))) {
24	die(sprintf("skip [%d] %s\n", $link->errno, $link->error));
25}
26
27$found = false;
28while ($row = $res->fetch_assoc()) {
29	if (($row['Name'] == 'sha256_password') && ($row['Status'] == 'ACTIVE')) {
30		$found = true;
31		break;
32	}
33}
34if (!$found)
35	die("skip SHA-256 server plugin unavailable");
36
37if (!($res = $link->query("SHOW STATUS LIKE 'Rsa_public_key'"))) {
38	die(sprintf("skip [%d] %s\n", $link->errno, $link->error));
39}
40
41if (!($row = $res->fetch_assoc())) {
42	die(sprintf("skip Failed to check RSA pub key, [%d] %s\n", $link->errno, $link->error));
43}
44
45if (strlen($row['Value']) < 100) {
46	die(sprintf("skip Server misconfiguration? RSA pub key is suspicious, [%d] %s\n", $link->errno, $link->error));
47}
48
49if (!$link->query("SET @@session.old_passwords=2")) {
50	die(sprintf("skip Cannot set @@session.old_passwords=2 [%d] %s", $link->errno, $link->error));
51}
52
53$link->query('DROP USER shatest');
54$link->query("DROP USER shatest@localhost");
55
56
57if (!$link->query('CREATE USER shatest@"%" IDENTIFIED WITH sha256_password') ||
58	!$link->query('CREATE USER shatest@"localhost" IDENTIFIED WITH sha256_password')) {
59	die(sprintf("skip CREATE USER failed [%d] %s", $link->errno, $link->error));
60}
61
62if (!$link->query('SET PASSWORD FOR shatest@"%" = PASSWORD("shatest")') ||
63	!$link->query('SET PASSWORD FOR shatest@"localhost" = PASSWORD("shatest")')) {
64	die(sprintf("skip SET PASSWORD failed [%d] %s", $link->errno, $link->error));
65}
66
67if (!$link->query("DROP TABLE IF EXISTS test") ||
68	!$link->query("CREATE TABLE test (id INT)") ||
69	!$link->query("INSERT INTO test(id) VALUES (1), (2), (3)"))
70	die(sprintf("SKIP [%d] %s\n", $link->errno, $link->error));
71
72
73if (!$link->query(sprintf("GRANT SELECT ON TABLE %s.test TO shatest@'%%'", $db)) ||
74	!$link->query(sprintf("GRANT SELECT ON TABLE %s.test TO shatest@'localhost'", $db))) {
75	die(sprintf("skip Cannot grant SELECT to user [%d] %s", mysqli_errno($link), mysqli_error($link)));
76}
77
78$link->close();
79?>
80--FILE--
81<?php
82	require_once("connect.inc");
83
84	if (!$link = my_mysqli_connect($host, 'shatest', 'shatest', $db, $port, $socket)) {
85		printf("[001] Cannot connect to the server using host=%s, user=%s, passwd=***, dbname=%s, port=%s, socket=%s\n",
86			$host, "shatest", $db, $port, $socket);
87	} else {
88
89	  if (!$res = $link->query("SELECT id FROM test WHERE id = 1"))
90		  printf("[002] [%d] %s\n", $link->errno, $link->error);
91
92	  if (!$row = mysqli_fetch_assoc($res)) {
93		  printf("[003] [%d] %s\n", $link->errno, $link->error);
94	  }
95
96	  if ($row['id'] != 1) {
97		  printf("[004] Expecting 1 got %s/'%s'", gettype($row['id']), $row['id']);
98	  }
99
100	  $res->close();
101	  $link->close();
102	}
103
104	print "done!";
105?>
106--CLEAN--
107<?php
108	require_once("clean_table.inc");
109	$link->query('DROP USER shatest');
110	$link->query('DROP USER shatest@localhost');
111?>
112--EXPECT--
113done!
114