From 5cef59cf106611cae723c00447beb2ee8b652795 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sat, 30 May 2020 21:05:25 +0100 Subject: [PATCH] Testsuite: MySQL: use password on account used for test access Forced on us by security tightning in Mariadb 10.4 --- src/src/exim.c | 2 ++ test/confs/2610 | 2 +- test/scripts/2610-MySQL/2610 | 32 +++++++++++++------ test/stderr/2610 | 61 +++++++++++++++++++----------------- test/stdout/2610 | 8 +++++ 5 files changed, 65 insertions(+), 40 deletions(-) diff --git a/src/src/exim.c b/src/src/exim.c index 920e9e226..a60488e95 100644 --- a/src/src/exim.c +++ b/src/src/exim.c @@ -4326,8 +4326,10 @@ else if (!(unprivileged || removed_privilege)) exim_fail("exim: changing group failed: %s\n", strerror(errno)); else + { DEBUG(D_any) debug_printf("changing group to %ld failed: %s\n", (long int)exim_gid, strerror(errno)); + } } /* Handle a request to scan a file for malware */ diff --git a/test/confs/2610 b/test/confs/2610 index 5a964276e..98a93b63b 100644 --- a/test/confs/2610 +++ b/test/confs/2610 @@ -12,7 +12,7 @@ hostlist relay_hosts = net-mysql;select * from them where id='$sender_host_add acl_smtp_rcpt = check_recipient PARTIAL = 127.0.0.1::PORT_N -SSPEC = PARTIAL/test/root/ +SSPEC = PARTIAL/test/root/pass mysql_servers = SSPEC diff --git a/test/scripts/2610-MySQL/2610 b/test/scripts/2610-MySQL/2610 index c9e0d5977..ec7b4548f 100644 --- a/test/scripts/2610-MySQL/2610 +++ b/test/scripts/2610-MySQL/2610 @@ -10,28 +10,40 @@ system 'mysql_install_db --no-defaults --datadir=DIR/mysql --user=CALLER'; **** sudo rm test-stdout test-stderr # -# start a db server +### start a db server echo Starting DB server background DIR/bin.sys/mysqld --datadir=DIR/mysql --log-error=DIR/mysql/log --bind-address=* --port=PORT_N --socket=DIR/mysql/sock --pid-file=DIR/mysql/pidfile **** # -# wait for db startup, insert some data +### wait for db startup, set password on the root user echo Waiting for DB server startup +sudo perl +system 'mysql --protocol=socket --socket=`pwd`/mysql/sock --connect_timeout=10 -u root -e "set password = password(\"pass\")"'; +**** +# +### create testdb and extra users +echo Create testdb and extra users perl -system 'mysqladmin --protocol=TCP -P PORT_N --connect_timeout=2 --wait=5 -u root create test'; +system 'mysqladmin --protocol=TCP -P PORT_N -u root -ppass create test'; my $fh; -open($fh, '-|', 'mysql --protocol=TCP -P PORT_N -u root -D test -e "select 1 from mysql.user where User = \'root\' and Host = \'HOSTIPV4\'"'); +open($fh, '-|', 'mysql --protocol=TCP -P PORT_N -u root -ppass -D test -e "select 1 from mysql.user where User = \'root\' and Host = \'HOSTIPV4\'"'); my $line = <$fh>; if (length($line) == 0) { - system 'mysql --protocol=TCP -P PORT_N -u root -D test -e "create user \'root\'@\'HOSTIPV4\'"'; + system 'mysql --protocol=TCP -P PORT_N -u root -ppass -D test -e "create user \'root\'@\'HOSTIPV4\'"'; } -open($fh, '-|', 'mysql --protocol=TCP -P PORT_N -u root -D test -e "select 1 from mysql.user where User = \'CALLER\' and Host = \'HOSTIPV4\'"'); +open($fh, '-|', 'mysql --protocol=TCP -P PORT_N -u root -ppass -D test -e "select 1 from mysql.user where User = \'CALLER\' and Host = \'HOSTIPV4\'"'); $line = <$fh>; if (length($line) == 0) { - system 'mysql --protocol=TCP -P PORT_N -u root -D test -e "create user \'CALLER\'@\'HOSTIPV4\'"'; + system 'mysql --protocol=TCP -P PORT_N -u root -ppass -D test -e "create user \'CALLER\'@\'HOSTIPV4\'"'; } -system 'mysql --protocol=TCP -P PORT_N -u root -D test \ +**** +# +# +# wait for db startup, insert some data +echo Insert some data +perl +system 'mysql --protocol=TCP -P PORT_N -u root -ppass -D test \ -e "CREATE TABLE them ( name text, id text ); \ INSERT INTO them VALUES ( \'Philip Hazel\', \'ph10\' ); \ INSERT INTO them VALUES ( \'Aristotle\', \'aaaa\' ); \ @@ -63,7 +75,7 @@ ${lookup mysql {servers=x:127.0.0.1::PORT_N; select name from them where id='ph1 ${lookup mysql {servers=127.0.0.1::PORT_N:x; select name from them where id='ph10';}} ${lookup mysql {servers=127.0.0.1::PORT_N/test/root/:x; select name from them where id='ph10';}} ${lookup mysql {servers=HOSTIPV4::PORT_N/test/root/:127.0.0.1::PORT_N; select name from them where id='ph10';}} -${lookup mysql {servers=localhost(DIR/mysql/sock)/test/root/; select name from them where id='ph10';}} +${lookup mysql {servers=localhost(DIR/mysql/sock)/test/root/pass; select name from them where id='ph10';}} x ${lookup mysql {SELECT name FROM them WHERE id IN ('ph10', 'aaaa');}} ${lookup mysql {SELECT * FROM them WHERE id IN ('ph10', 'aaaa');}} @@ -80,7 +92,7 @@ Test message **** # perl -system 'mysqladmin --protocol=TCP -P PORT_N -u root shutdown'; +system 'mysqladmin --protocol=TCP -P PORT_N -u root -ppass shutdown'; **** killdaemon sudo rm -fr DIR/mysql diff --git a/test/stderr/2610 b/test/stderr/2610 index 39071aef5..925fb914b 100644 --- a/test/stderr/2610 +++ b/test/stderr/2610 @@ -1,3 +1,6 @@ +### start a db server +### wait for db startup, set password on the root user +### create testdb and extra users Exim version x.yz .... configuration file is TESTSUITE/test-config admin user @@ -161,12 +164,12 @@ dropping to exim gid; retaining priv uid search_open: mysql "NULL" cached open search_find: file="NULL" - key="servers=localhost(TESTSUITE/mysql/sock)/test/root/; select name from them where id='ph10';" partial=-1 affix=NULL starflags=0 opts=NULL + key="servers=localhost(TESTSUITE/mysql/sock)/test/root/pass; select name from them where id='ph10';" partial=-1 affix=NULL starflags=0 opts=NULL LRU list: internal_search_find: file="NULL" - type=mysql key="servers=localhost(TESTSUITE/mysql/sock)/test/root/; select name from them where id='ph10';" opts=NULL - database lookup required for servers=localhost(TESTSUITE/mysql/sock)/test/root/; select name from them where id='ph10'; - MySQL query: "servers=localhost(TESTSUITE/mysql/sock)/test/root/; select name from them where id='ph10';" opts 'NULL' + type=mysql key="servers=localhost(TESTSUITE/mysql/sock)/test/root/pass; select name from them where id='ph10';" opts=NULL + database lookup required for servers=localhost(TESTSUITE/mysql/sock)/test/root/pass; select name from them where id='ph10'; + MySQL query: "servers=localhost(TESTSUITE/mysql/sock)/test/root/pass; select name from them where id='ph10';" opts 'NULL' MYSQL new connection: host=localhost port=0 socket=TESTSUITE/mysql/sock database=test user=root lookup yielded: Philip Hazel search_open: mysql "NULL" @@ -260,16 +263,16 @@ check set acl_m0 = ok: ${lookup mysql {select name from the search_open: mysql "NULL" cached open search_find: file="NULL" - key="select name from them where id = 'c'" partial=-1 affix=NULL starflags=0 opts="servers=127.0.0.1::1223/test/root/" + key="select name from them where id = 'c'" partial=-1 affix=NULL starflags=0 opts="servers=127.0.0.1::1223/test/root/pass" LRU list: internal_search_find: file="NULL" - type=mysql key="select name from them where id = 'c'" opts="servers=127.0.0.1::1223/test/root/" + type=mysql key="select name from them where id = 'c'" opts="servers=127.0.0.1::1223/test/root/pass" cached data found but wrong opts; database lookup required for select name from them where id = 'c' - MySQL query: "select name from them where id = 'c'" opts 'servers=127.0.0.1::1223/test/root/' + MySQL query: "select name from them where id = 'c'" opts 'servers=127.0.0.1::1223/test/root/pass' MYSQL using cached connection for 127.0.0.1:1223/test/root MYSQL: no data found lookup failed -check set acl_m0 = ok: ${lookup mysql,servers=127.0.0.1::1223/test/root/ {select name from them where id = '$local_part'}} +check set acl_m0 = ok: ${lookup mysql,servers=127.0.0.1::1223/test/root/pass {select name from them where id = '$local_part'}} = ok: search_open: mysql "NULL" cached open @@ -288,16 +291,16 @@ check set acl_m0 = ok: ${lookup mysql,servers=127.0.0.1::1223 {select name search_open: mysql "NULL" cached open search_find: file="NULL" - key="servers=127.0.0.1::1223/test/root/; select name from them where id = 'c'" partial=-1 affix=NULL starflags=0 opts=NULL + key="servers=127.0.0.1::1223/test/root/pass; select name from them where id = 'c'" partial=-1 affix=NULL starflags=0 opts=NULL LRU list: internal_search_find: file="NULL" - type=mysql key="servers=127.0.0.1::1223/test/root/; select name from them where id = 'c'" opts=NULL - database lookup required for servers=127.0.0.1::1223/test/root/; select name from them where id = 'c' - MySQL query: "servers=127.0.0.1::1223/test/root/; select name from them where id = 'c'" opts 'NULL' - lookup deferred: MySQL server "127.0.0.1:1223/test/root/" is tainted + type=mysql key="servers=127.0.0.1::1223/test/root/pass; select name from them where id = 'c'" opts=NULL + database lookup required for servers=127.0.0.1::1223/test/root/pass; select name from them where id = 'c' + MySQL query: "servers=127.0.0.1::1223/test/root/pass; select name from them where id = 'c'" opts 'NULL' + lookup deferred: MySQL server "127.0.0.1:1223/test/root/pass" is tainted warn: condition test deferred in ACL "check_recipient" LOG: MAIN - H=[10.0.0.0] Warning: ACL "warn" statement skipped: condition test deferred: MySQL server "127.0.0.1:1223/test/root/" is tainted + H=[10.0.0.0] Warning: ACL "warn" statement skipped: condition test deferred: MySQL server "127.0.0.1:1223/test/root/pass" is tainted processing "warn" (TESTSUITE/test-config 36) check set acl_m0 = ok: hostlist check hosts = net-mysql;select * from them where id='$local_part' @@ -317,38 +320,38 @@ host in "net-mysql;select * from them where id='c'"? no (end of list) warn: condition test failed in ACL "check_recipient" processing "warn" (TESTSUITE/test-config 39) check set acl_m0 = FAIL: hostlist -check hosts = <& net-mysql;servers=127.0.0.1::1223/test/root/; select * from them where id='$local_part' +check hosts = <& net-mysql;servers=127.0.0.1::1223/test/root/pass; select * from them where id='$local_part' search_open: mysql "NULL" cached open search_find: file="NULL" - key="servers=127.0.0.1::1223/test/root/; select * from them where id='c'" partial=-1 affix=NULL starflags=0 opts=NULL + key="servers=127.0.0.1::1223/test/root/pass; select * from them where id='c'" partial=-1 affix=NULL starflags=0 opts=NULL LRU list: internal_search_find: file="NULL" - type=mysql key="servers=127.0.0.1::1223/test/root/; select * from them where id='c'" opts=NULL -database lookup required for servers=127.0.0.1::1223/test/root/; select * from them where id='c' -MySQL query: "servers=127.0.0.1::1223/test/root/; select * from them where id='c'" opts 'NULL' -lookup deferred: MySQL server "127.0.0.1:1223/test/root/" is tainted -host in "<& net-mysql;servers=127.0.0.1::1223/test/root/; select * from them where id='c'"? list match deferred for net-mysql;servers=127.0.0.1::1223/test/root/; select * from them where id='c' + type=mysql key="servers=127.0.0.1::1223/test/root/pass; select * from them where id='c'" opts=NULL +database lookup required for servers=127.0.0.1::1223/test/root/pass; select * from them where id='c' +MySQL query: "servers=127.0.0.1::1223/test/root/pass; select * from them where id='c'" opts 'NULL' +lookup deferred: MySQL server "127.0.0.1:1223/test/root/pass" is tainted +host in "<& net-mysql;servers=127.0.0.1::1223/test/root/pass; select * from them where id='c'"? list match deferred for net-mysql;servers=127.0.0.1::1223/test/root/pass; select * from them where id='c' warn: condition test deferred in ACL "check_recipient" LOG: MAIN - H=[10.0.0.0] Warning: ACL "warn" statement skipped: condition test deferred: MySQL server "127.0.0.1:1223/test/root/" is tainted + H=[10.0.0.0] Warning: ACL "warn" statement skipped: condition test deferred: MySQL server "127.0.0.1:1223/test/root/pass" is tainted processing "warn" (TESTSUITE/test-config 44) check set acl_m0 = FAIL: hostlist -check hosts = <& net-mysql,servers=127.0.0.1::1223/test/root/; select * from them where id='$local_part' +check hosts = <& net-mysql,servers=127.0.0.1::1223/test/root/pass; select * from them where id='$local_part' search_open: mysql "NULL" cached open search_find: file="NULL" - key=" select * from them where id='c'" partial=-1 affix=NULL starflags=0 opts="servers=127.0.0.1::1223/test/root/" + key=" select * from them where id='c'" partial=-1 affix=NULL starflags=0 opts="servers=127.0.0.1::1223/test/root/pass" LRU list: internal_search_find: file="NULL" - type=mysql key=" select * from them where id='c'" opts="servers=127.0.0.1::1223/test/root/" + type=mysql key=" select * from them where id='c'" opts="servers=127.0.0.1::1223/test/root/pass" database lookup required for select * from them where id='c' -MySQL query: " select * from them where id='c'" opts 'servers=127.0.0.1::1223/test/root/' -lookup deferred: MySQL server "127.0.0.1:1223/test/root/" is tainted -host in "<& net-mysql,servers=127.0.0.1::1223/test/root/; select * from them where id='c'"? list match deferred for net-mysql,servers=127.0.0.1::1223/test/root/; select * from them where id='c' +MySQL query: " select * from them where id='c'" opts 'servers=127.0.0.1::1223/test/root/pass' +lookup deferred: MySQL server "127.0.0.1:1223/test/root/pass" is tainted +host in "<& net-mysql,servers=127.0.0.1::1223/test/root/pass; select * from them where id='c'"? list match deferred for net-mysql,servers=127.0.0.1::1223/test/root/pass; select * from them where id='c' warn: condition test deferred in ACL "check_recipient" LOG: MAIN - H=[10.0.0.0] Warning: ACL "warn" statement skipped: condition test deferred: MySQL server "127.0.0.1:1223/test/root/" is tainted + H=[10.0.0.0] Warning: ACL "warn" statement skipped: condition test deferred: MySQL server "127.0.0.1:1223/test/root/pass" is tainted processing "accept" (TESTSUITE/test-config 47) check domains = +local_domains d in "@"? no (end of list) diff --git a/test/stdout/2610 b/test/stdout/2610 index f0774a81a..fb89752f5 100644 --- a/test/stdout/2610 +++ b/test/stdout/2610 @@ -1,3 +1,6 @@ +### start a db server +### wait for db startup, set password on the root user +### create testdb and extra users > Philip Hazel > Philip Hazel > @@ -29,3 +32,8 @@ name=Aristotle id=aaaa 250 OK 550 relay not permitted 221 myhost.test.ex closing connection + +******** SERVER ******** +### start a db server +### wait for db startup, set password on the root user +### create testdb and extra users -- 2.30.2