maria-developers team mailing list archive

Thread
Date

Re: doubt about mariadb dialog plugin at server and client side

To: Roberto Spadim <roberto@xxxxxxxxxxxxx>
From: Sergei Golubchik <serg@xxxxxxxxxxx>
Date: Thu, 23 Oct 2014 07:56:36 +0200
Cc: "maria-developers@xxxxxxxxxxxxxxxxxxx" <maria-developers@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <CAH3kUhGr+kOHuh6M_PGo6ToaJ_ALEyBYkUz18dTAOuAWfUszNA@mail.gmail.com>
User-agent: Mutt/1.5.23 (2014-03-12)

Hi, Roberto!

On Oct 22, Roberto Spadim wrote:
> Hi guys
> I'm with a doubt at dialog plugin
> I created a user at mariadb server:
> 
> ---SQL
> INSTALL PLUGIN three_attempts SONAME 'dialog_examples.so';
> CREATE USER test_dialog IDENTIFIED VIA three_attempts USING 'SECRET';
> FLUSH PRIVILEGES;
> ---
> 
> now i'm trying to connect as user test_dialog:
> 
> ---SHELL
> $mysql
> *--plugin-dir=/home/rspadim/mariadb/mariadb-10.0.14/plugin/auth_dialog*
> --user=test_dialog --host=spd1.spadim.com.br --password
> 
> Enter password:  (i just hit enter)
> [mariadb] Password, please:  (enter again)
> [mariadb] Password, please:  (SECRET enter)
> Welcome to the MariaDB monitor.  Commands end with ; or \g.
> Your MariaDB connection id is 49243
> Server version: 5.5.5-10.0.14-MariaDB-log Source distribution
> 
> Copyright (c) 2000, 2012, Oracle, Monty Program Ab and others.
> 
> Reading history-file /home/beto/.mysql_history
> Type 'help;' or '\h' for help. Type '\c' to clear the current input
> statement.
> 
> MariaDB [(none)]> quit
> Writing history-file /home/beto/.mysql_history
> ---
> 
> ---SHELL
> $ls /home/rspadim/mariadb/mariadb-10.0.14/plugin/auth_dialog
> CMakeFiles  cmake_install.cmake  CMakeLists.txt  CTestTestfile.cmake
>  dialog.c  *dialog.so*  Makefile
> ---
> 
> ---MYSQL.USER table
> || *Host* || *User* || *Password* || *Select_priv* || *Insert_priv* ||
> *Update_priv* || *Delete_priv* || *Create_priv* || *Drop_priv* ||
> *Reload_priv* || *Shutdown_priv* || *Process_priv* || *File_priv* ||
> *Grant_priv* || *References_priv* || *Index_priv* || *Alter_priv* ||
> *Show_db_priv* || *Super_priv* || *Create_tmp_table_priv* ||
> *Lock_tables_priv* || *Execute_priv* || *Repl_slave_priv* ||
> *Repl_client_priv* || *Create_view_priv* || *Show_view_priv* ||
> *Create_routine_priv* || *Alter_routine_priv* || *Create_user_priv* ||
> *Event_priv* || *Trigger_priv* || *Create_tablespace_priv* || *ssl_type* ||
> *ssl_cipher* || *x509_issuer* || *x509_subject* || *max_questions* ||
> *max_updates* || *max_connections* || *max_user_connections* || *plugin* ||
> *auth_string* ||
> || % || test_dialog || >>>CHECK NO PASSWORD!<<< || N || N || N || N || N ||
> N || N || N || N || N || N || N || N || N || N || N || N || N || N || N ||
> N || N || N || N || N || N || N || N || N ||  ||  ||  ||  || 0 || 0 || 0 ||
> 0 || three_attempts || SECRET ||
> ---
> 
> the doubts:
> 1) why it accept my login with password? i *don't* have a password at
> mysql.user schema

See, you SECRET is in the last column. Password field is MySQL protocol
password, from before auth plugin times.

When you specify VIA xxx USING yyy the whole 'yyy' string goes into the
column mysql.user.auth_string. It cannot go into Password, it might be
very long.

> 2) why i didn't received a dialog like in heidisql?

what do you mean? you should've had a dialog popup in heidisql.

> 3) there's a auth trace or auth verbose option at client side? or any other
> command to check if i loaded the dialog plugin?

No, I don't think so. But as you were asked questions ("Password,
please"), you can be sure that dialog plugin was loaded.
If it weren't, you'd get an error message and wouldn't be able to
connect.

Regards,
Sergei

Follow ups

Re: doubt about mariadb dialog plugin at server and client side
From: Roberto Spadim, 2014-10-23

References

doubt about mariadb dialog plugin at server and client side
From: Roberto Spadim, 2014-10-22