Adding upstream version 1:10.11.6.upstream/1%10.11.6

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 37 insertions, 0 deletions

diff --git a/mysql-test/main/failed_auth_3909.test b/mysql-test/main/failed_auth_3909.test
new file mode 100644
index 00000000..af65f46c
--- /dev/null
+++ b/mysql-test/main/failed_auth_3909.test
@@ -0,0 +1,37 @@
+source include/not_embedded.inc;
+
+#
+# MDEV-3909 remote user enumeration
+#
+# verify that for some failed login attemps (with wrong user names)
+# the server requests a plugin
+#
+create user foo identified via mysql_old_password;
+create user bar identified via mysql_old_password;
+create user baz identified via mysql_old_password;
+
+--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
+--error ER_ACCESS_DENIED_ERROR
+connect (fail,localhost,u1);
+
+--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
+--error ER_SERVER_IS_IN_SECURE_AUTH_MODE
+connect (fail,localhost,uu2);
+
+--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
+--error ER_SERVER_IS_IN_SECURE_AUTH_MODE
+connect (fail,localhost,uu2,password);
+
+--error ER_ACCESS_DENIED_ERROR
+change_user u1;
+
+--error ER_SERVER_IS_IN_SECURE_AUTH_MODE
+change_user uu2;
+
+--error ER_SERVER_IS_IN_SECURE_AUTH_MODE
+change_user uu2,password;
+
+delete from mysql.user where plugin = 'mysql_old_password';
+flush privileges;
+
+