1--TEST-- 2PAM: SHA-256 3--SKIPIF-- 4<?php 5require_once('skipif.inc'); 6require_once('skipifemb.inc'); 7require_once('skipifconnectfailure.inc'); 8 9ob_start(); 10phpinfo(INFO_MODULES); 11$tmp = ob_get_contents(); 12ob_end_clean(); 13if (!stristr($tmp, "auth_plugin_sha256_password")) 14 die("skip SHA256 auth plugin not built-in to mysqlnd"); 15 16require_once('connect.inc'); 17if (!$link = my_mysqli_connect($host, $user, $passwd, $db, $port, $socket)) 18 die(printf("skip: [%d] %s\n", mysqli_connect_errno(), mysqli_connect_error())); 19 20if (mysqli_get_server_version($link) < 50606) 21 die("skip: SHA-256 requires MySQL 5.6.6+"); 22 23if (!($res = $link->query("SHOW PLUGINS"))) { 24 die(sprintf("skip [%d] %s\n", $link->errno, $link->error)); 25} 26 27$found = false; 28while ($row = $res->fetch_assoc()) { 29 if (($row['Name'] == 'sha256_password') && ($row['Status'] == 'ACTIVE')) { 30 $found = true; 31 break; 32 } 33} 34if (!$found) 35 die("skip SHA-256 server plugin unavailable"); 36 37if (!($res = $link->query("SHOW STATUS LIKE 'Rsa_public_key'"))) { 38 die(sprintf("skip [%d] %s\n", $link->errno, $link->error)); 39} 40 41if (!($row = $res->fetch_assoc())) { 42 die(sprintf("skip Failed to check RSA pub key, [%d] %s\n", $link->errno, $link->error)); 43} 44 45if (strlen($row['Value']) < 100) { 46 die(sprintf("skip Server misconfiguration? RSA pub key is suspicious, [%d] %s\n", $link->errno, $link->error)); 47} 48 49if (!$link->query("SET @@session.old_passwords=2")) { 50 die(sprintf("skip Cannot set @@session.old_passwords=2 [%d] %s", $link->errno, $link->error)); 51} 52 53$link->query('DROP USER shatest'); 54$link->query("DROP USER shatest@localhost"); 55 56 57if (!$link->query('CREATE USER shatest@"%" IDENTIFIED WITH sha256_password') || 58 !$link->query('CREATE USER shatest@"localhost" IDENTIFIED WITH sha256_password')) { 59 die(sprintf("skip CREATE USER failed [%d] %s", $link->errno, $link->error)); 60} 61 62if (!$link->query('SET PASSWORD FOR shatest@"%" = PASSWORD("shatest")') || 63 !$link->query('SET PASSWORD FOR shatest@"localhost" = PASSWORD("shatest")')) { 64 die(sprintf("skip SET PASSWORD failed [%d] %s", $link->errno, $link->error)); 65} 66 67if (!$link->query("DROP TABLE IF EXISTS test") || 68 !$link->query("CREATE TABLE test (id INT)") || 69 !$link->query("INSERT INTO test(id) VALUES (1), (2), (3)")) 70 die(sprintf("SKIP [%d] %s\n", $link->errno, $link->error)); 71 72 73if (!$link->query(sprintf("GRANT SELECT ON TABLE %s.test TO shatest@'%%'", $db)) || 74 !$link->query(sprintf("GRANT SELECT ON TABLE %s.test TO shatest@'localhost'", $db))) { 75 die(sprintf("skip Cannot grant SELECT to user [%d] %s", mysqli_errno($link), mysqli_error($link))); 76} 77 78$link->close(); 79?> 80--FILE-- 81<?php 82 require_once("connect.inc"); 83 84 if (!$link = my_mysqli_connect($host, 'shatest', 'shatest', $db, $port, $socket)) { 85 printf("[001] Cannot connect to the server using host=%s, user=%s, passwd=***, dbname=%s, port=%s, socket=%s\n", 86 $host, "shatest", $db, $port, $socket); 87 } else { 88 89 if (!$res = $link->query("SELECT id FROM test WHERE id = 1")) 90 printf("[002] [%d] %s\n", $link->errno, $link->error); 91 92 if (!$row = mysqli_fetch_assoc($res)) { 93 printf("[003] [%d] %s\n", $link->errno, $link->error); 94 } 95 96 if ($row['id'] != 1) { 97 printf("[004] Expecting 1 got %s/'%s'", gettype($row['id']), $row['id']); 98 } 99 100 $res->close(); 101 $link->close(); 102 } 103 104 print "done!"; 105?> 106--CLEAN-- 107<?php 108 require_once("clean_table.inc"); 109 $link->query('DROP USER shatest'); 110 $link->query('DROP USER shatest@localhost'); 111?> 112--EXPECT-- 113done! 114