1--TEST--
2PAM: SHA-256
3--SKIPIF--
4<?php
5require_once('skipif.inc');
6require_once('skipifconnectfailure.inc');
7
8ob_start();
9phpinfo(INFO_MODULES);
10$tmp = ob_get_contents();
11ob_end_clean();
12if (!stristr($tmp, "auth_plugin_sha256_password"))
13    die("skip SHA256 auth plugin not built-in to mysqlnd");
14
15require_once('connect.inc');
16if (!$link = my_mysqli_connect($host, $user, $passwd, $db, $port, $socket))
17        die(printf("skip: [%d] %s\n", mysqli_connect_errno(), mysqli_connect_error()));
18
19if (mysqli_get_server_version($link) < 50606)
20    die("skip: SHA-256 requires MySQL 5.6.6+");
21
22if (!($res = $link->query("SHOW PLUGINS"))) {
23    die(sprintf("skip [%d] %s\n", $link->errno, $link->error));
24}
25
26$found = false;
27while ($row = $res->fetch_assoc()) {
28    if (($row['Name'] == 'sha256_password') && ($row['Status'] == 'ACTIVE')) {
29        $found = true;
30        break;
31    }
32}
33if (!$found)
34    die("skip SHA-256 server plugin unavailable");
35
36if (!($res = $link->query("SHOW STATUS LIKE 'Rsa_public_key'"))) {
37    die(sprintf("skip [%d] %s\n", $link->errno, $link->error));
38}
39
40if (!($row = $res->fetch_assoc())) {
41    die(sprintf("skip Failed to check RSA pub key, [%d] %s\n", $link->errno, $link->error));
42}
43
44if (strlen($row['Value']) < 100) {
45    die(sprintf("skip Server misconfiguration? RSA pub key is suspicious, [%d] %s\n", $link->errno, $link->error));
46}
47
48if (!$link->query("SET @@session.old_passwords=2")) {
49    die(sprintf("skip Cannot set @@session.old_passwords=2 [%d] %s", $link->errno, $link->error));
50}
51
52$link->query('DROP USER shatest');
53$link->query("DROP USER shatest@localhost");
54
55
56if (!$link->query('CREATE USER shatest@"%" IDENTIFIED WITH sha256_password') ||
57    !$link->query('CREATE USER shatest@"localhost" IDENTIFIED WITH sha256_password')) {
58    die(sprintf("skip CREATE USER failed [%d] %s", $link->errno, $link->error));
59}
60
61if (!$link->query('SET PASSWORD FOR shatest@"%" = PASSWORD("shatest")') ||
62    !$link->query('SET PASSWORD FOR shatest@"localhost" = PASSWORD("shatest")')) {
63    die(sprintf("skip SET PASSWORD failed [%d] %s", $link->errno, $link->error));
64}
65
66if (!$link->query("DROP TABLE IF EXISTS test") ||
67    !$link->query("CREATE TABLE test (id INT)") ||
68    !$link->query("INSERT INTO test(id) VALUES (1), (2), (3)"))
69    die(sprintf("SKIP [%d] %s\n", $link->errno, $link->error));
70
71
72if (!$link->query(sprintf("GRANT SELECT ON TABLE %s.test TO shatest@'%%'", $db)) ||
73    !$link->query(sprintf("GRANT SELECT ON TABLE %s.test TO shatest@'localhost'", $db))) {
74    die(sprintf("skip Cannot grant SELECT to user [%d] %s", mysqli_errno($link), mysqli_error($link)));
75}
76
77$link->close();
78?>
79--FILE--
80<?php
81    require_once("connect.inc");
82
83    if (!$link = my_mysqli_connect($host, 'shatest', 'shatest', $db, $port, $socket)) {
84        printf("[001] Cannot connect to the server using host=%s, user=%s, passwd=***, dbname=%s, port=%s, socket=%s\n",
85            $host, "shatest", $db, $port, $socket);
86    } else {
87
88      if (!$res = $link->query("SELECT id FROM test WHERE id = 1"))
89          printf("[002] [%d] %s\n", $link->errno, $link->error);
90
91      if (!$row = mysqli_fetch_assoc($res)) {
92          printf("[003] [%d] %s\n", $link->errno, $link->error);
93      }
94
95      if ($row['id'] != 1) {
96          printf("[004] Expecting 1 got %s/'%s'", gettype($row['id']), $row['id']);
97      }
98
99      $res->close();
100      $link->close();
101    }
102
103    print "done!";
104?>
105--CLEAN--
106<?php
107    require_once("clean_table.inc");
108    $link->query('DROP USER shatest');
109    $link->query('DROP USER shatest@localhost');
110?>
111--EXPECT--
112done!
113