-
Kristofer Pettersson authored
Bug #13010061/Bug # 14506305: SERVER SHOULD WARN WHEN NEEDED AUTHENTICATION PLUGIN IS NOT LOADED This fix fixes the above two bugs by introducing a new check at server startup and FLUSH PRIVILEGES that iterates over the list of the user accounts, checks if one of the conditions described in the above two bugs is met and logs an appropriate warning in the server log. In particular warnings will be generated for users with sha256 and server started without ssl/rsa config. The check will slow down FLUSH PRIVILEGES and server startup, so a new boolean command line option --validate-user-plugins=[ON|OFF], default ON is added to allow turning it off for installations that don't need this additional safety net. Test cases for various combinations of options added. Existing test results updated as needed.Kristofer Pettersson authoredBug #13010061/Bug # 14506305: SERVER SHOULD WARN WHEN NEEDED AUTHENTICATION PLUGIN IS NOT LOADED This fix fixes the above two bugs by introducing a new check at server startup and FLUSH PRIVILEGES that iterates over the list of the user accounts, checks if one of the conditions described in the above two bugs is met and logs an appropriate warning in the server log. In particular warnings will be generated for users with sha256 and server started without ssl/rsa config. The check will slow down FLUSH PRIVILEGES and server startup, so a new boolean command line option --validate-user-plugins=[ON|OFF], default ON is added to allow turning it off for installations that don't need this additional safety net. Test cases for various combinations of options added. Existing test results updated as needed.
Loading