156 lines
5.1 KiB
Plaintext
156 lines
5.1 KiB
Plaintext
#
|
|
# WL#5706/Bug#58712/Bug#11746378
|
|
# Encrypt or remove passwords from slow, query, and binary logs
|
|
# (see sql/sql_rewrite.cc for bulk of implementation)
|
|
#
|
|
|
|
# make sure we start with a clean slate. log_tables.test says this is OK.
|
|
TRUNCATE TABLE mysql.general_log;
|
|
|
|
--echo --------------- general log ---------------------------------------
|
|
|
|
SET @old_log_output= @@global.log_output;
|
|
SET @old_general_log= @@global.general_log;
|
|
SET @old_general_log_file= @@global.general_log_file;
|
|
|
|
--replace_result $MYSQLTEST_VARDIR ...
|
|
eval SET GLOBAL general_log_file = '$MYSQLTEST_VARDIR/log/rewrite_general.log';
|
|
SET GLOBAL log_output = 'FILE,TABLE';
|
|
SET GLOBAL general_log= 'ON';
|
|
|
|
# SET NAMES / SET CHARSET
|
|
# keep these in lower case so we can tell them from the upper case rewrites!
|
|
set character set 'hebrew';
|
|
set charset default,@dummy='A';
|
|
set names 'latin1',@dummy='B';
|
|
set names 'latin1' collate 'latin1_german2_ci';
|
|
set names default,@dummy='c';
|
|
|
|
# 1.1.1.1
|
|
|
|
CREATE TABLE t1(f1 INT, f2 INT, f3 INT, f4 INT);
|
|
CREATE PROCEDURE proc_rewrite_1() INSERT INTO test.t1 VALUES ("hocus pocus");
|
|
CREATE FUNCTION func_rewrite_1(i INT) RETURNS INT DETERMINISTIC RETURN i+1;
|
|
|
|
CREATE USER test_user1 IDENTIFIED BY 'azundris1';
|
|
GRANT SELECT(f2), INSERT(f3), INDEX, UPDATE(f1,f3, f2, f4), ALTER on
|
|
test.t1 TO test_user1;
|
|
GRANT ALL ON PROCEDURE test.proc_rewrite_1 TO test_user1;
|
|
GRANT EXECUTE ON FUNCTION test.func_rewrite_1 TO test_user1;
|
|
|
|
CREATE USER test_user3@localhost IDENTIFIED BY 'meow' REQUIRE SSL;
|
|
GRANT SELECT,USAGE ON test.* TO test_user3@localhost;
|
|
ALTER USER test_user3@localhost IDENTIFIED BY 'meow'
|
|
REQUIRE X509 WITH
|
|
MAX_QUERIES_PER_HOUR 1 MAX_UPDATES_PER_HOUR 2
|
|
MAX_CONNECTIONS_PER_HOUR 3 MAX_USER_CONNECTIONS 4;
|
|
GRANT USAGE ON test.* TO test_user3@localhost WITH GRANT OPTION;
|
|
ALTER USER test_user3@localhost REQUIRE NONE;
|
|
|
|
DROP PROCEDURE proc_rewrite_1;
|
|
DROP FUNCTION func_rewrite_1;
|
|
DROP TABLE t1;
|
|
|
|
# 1.1.1.2
|
|
CREATE USER test_user2 IDENTIFIED BY 'azundris2';
|
|
|
|
# 1.1.1.3
|
|
--disable_warnings
|
|
CHANGE MASTER TO MASTER_PASSWORD='azundris3';
|
|
--enable_warnings
|
|
|
|
# 1.1.1.4
|
|
CREATE USER 'test_user4'@'localhost';
|
|
ALTER USER 'test_user4'@'localhost' IDENTIFIED BY 'azundris4';
|
|
|
|
# clean-up
|
|
SET GLOBAL general_log= 'OFF';
|
|
|
|
DROP USER 'test_user4'@'localhost';
|
|
DROP USER 'test_user3'@'localhost';
|
|
DROP USER test_user2;
|
|
DROP USER test_user1;
|
|
|
|
# show general-logging to file is correct
|
|
CREATE TABLE test_log (argument TEXT);
|
|
--replace_result $MYSQLTEST_VARDIR ...
|
|
eval LOAD DATA LOCAL INFILE '$MYSQLTEST_VARDIR/log/rewrite_general.log'
|
|
INTO TABLE test_log FIELDS TERMINATED BY '\n' LINES TERMINATED BY '\n';
|
|
|
|
# all passwords ('azundris%') must have been obfuscated -> empty result set
|
|
--echo This line should be followed by two SELECTs with empty result sets
|
|
--replace_regex /.*Query *//i
|
|
SELECT argument FROM test_log WHERE argument LIKE CONCAT('%azun','dris%');
|
|
|
|
# same for logging to table
|
|
SELECT argument FROM mysql.general_log WHERE argument LIKE CONCAT('%azun','dris%');
|
|
|
|
--echo Show that we logged stuff at all:
|
|
--echo ------ from file ------
|
|
SELECT TRIM(LEADING '\t' FROM MID(argument,LOCATE('Query',argument)+5)) FROM test_log WHERE argument LIKE '%AS %';
|
|
--echo ------ from table ------
|
|
SELECT argument FROM mysql.general_log WHERE argument LIKE '%AS %';
|
|
--echo ------ done ------
|
|
|
|
--echo ------ rewrite ------
|
|
SELECT argument FROM mysql.general_log WHERE argument LIKE CONCAT('set ','character set %');
|
|
SELECT argument FROM mysql.general_log WHERE argument LIKE CONCAT('set ','names %');
|
|
SELECT argument FROM mysql.general_log WHERE argument LIKE 'GRANT %';
|
|
--echo ------ done ------ see log_tables.test for more proof! :)
|
|
|
|
# Sanity check -- prove we log the correct hash. Must return one row.
|
|
SELECT argument FROM mysql.general_log WHERE argument LIKE 'GRANT SELECT%' AND argument LIKE CONCAT('%AS %');
|
|
|
|
--echo Bug#13958454 -- show we print SET @a:=5, but SELECT (@a:=5)
|
|
# We need the () in EXPLAIN extended, for (@e:=80)+5.
|
|
# In SET however, they'd break syntax.
|
|
# VIEWs do not accepted variables at this time.
|
|
EXPLAIN EXTENDED SELECT @a=5,@b:=10,@c:=20,@d:=40+5,(@e:=80)+5;
|
|
|
|
--echo
|
|
--echo End of 5.6 tests!
|
|
--echo
|
|
|
|
|
|
--echo #
|
|
--echo # Bug#16953758: PREPARED STATEMENT IS WRITTEN TO GENERAL QUERY LOG AFTER ITS EXECUTION IS FINISH
|
|
--echo #
|
|
TRUNCATE TABLE mysql.general_log;
|
|
SET GLOBAL general_log='ON';
|
|
SET @sql='SELECT command_type, argument FROM mysql.general_log WHERE argument LIKE "%Bug#16953758%"';
|
|
PREPARE stmt FROM @sql;
|
|
EXECUTE stmt;
|
|
DEALLOCATE PREPARE stmt;
|
|
|
|
|
|
--echo #
|
|
--echo # Bug#18616826: PREPARED STATEMENTS WHOSE EXECUTION FAIL ARE NOT LOGGED TO THE GENERAL LOG
|
|
--echo #
|
|
TRUNCATE TABLE mysql.general_log;
|
|
SET @sql='DROP TABLE 18616826_does_not_exist';
|
|
PREPARE stmt FROM @sql;
|
|
--error ER_BAD_TABLE_ERROR
|
|
EXECUTE stmt;
|
|
DEALLOCATE PREPARE stmt;
|
|
SELECT command_type, argument FROM mysql.general_log WHERE argument LIKE "DROP TABLE 18616826_does_not_exist";
|
|
|
|
|
|
--echo
|
|
--echo End of 5.7 tests!
|
|
--echo
|
|
|
|
|
|
# cleanup
|
|
DROP TABLE test_log;
|
|
|
|
--remove_file $MYSQLTEST_VARDIR/log/rewrite_general.log
|
|
|
|
SET GLOBAL general_log_file= @old_general_log_file;
|
|
SET GLOBAL general_log= @old_general_log;
|
|
SET GLOBAL log_output= @old_log_output;
|
|
|
|
--echo
|
|
--echo End of 5.7 tests!
|
|
--echo
|
|
|