Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-26647

Include password validation plugin information in the error message if the SQL statement is not satisfied password policy

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Stalled (View Workflow)
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 10.2, 10.3, 10.4, 10.5, 10.6, 10.7
    • Fix Version/s: 10.2, 10.3, 10.4, 10.5, 10.6, 10.7
    • Component/s: Plugins
    • Labels:
      None

      Description

      Currently simple_password_check and password_reuse_check shows same error message if the query does not satisfy the plugin policy. I think we should separate the error message on the basis of failure.

      simple_password_check password validation

      10.7.0-opt>SET PASSWORD FOR user_name@localhost = PASSWORD('test@123');
      ERROR 1819 (HY000): Your password does not satisfy the current policy requirements
      10.7.0-opt>
      10.7.0-opt>UNINSTALL SONAME 'simple_password_check';
      Query OK, 0 rows affected (0.005 sec)
      

      password_reuse_check password validation

      10.7.0-opt>SET PASSWORD FOR user_name@localhost = PASSWORD('test@123');
      Query OK, 0 rows affected (0.011 sec)
       
      10.7.0-opt>SET PASSWORD FOR user_name@localhost = PASSWORD('test@123');
      ERROR 1819 (HY000): Your password does not satisfy the current policy requirements
      10.7.0-opt>
      

      Similarly ALTER USER also shows different error message.

      10.7.0-opt>alter user user_name@localhost identified by 'test_pwd2';
      ERROR 1396 (HY000): Operation ALTER USER failed for 'user_name'@'localhost'
      10.7.0-opt>
      10.7.0-opt>show warnings;
      +-------+------+----------------------------------------------------------------+
      | Level | Code | Message                                                        |
      +-------+------+----------------------------------------------------------------+
      | Error | 1819 | Your password does not satisfy the current policy requirements |
      | Error | 1396 | Operation ALTER USER failed for 'user_name'@'localhost'        |
      +-------+------+----------------------------------------------------------------+
      2 rows in set (0.000 sec)
       
      10.7.0-opt>
      

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              sanja Oleksandr Byelkin
              Reporter:
              ramesh Ramesh Sivaraman
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:

                  Git Integration