#!/usr/bin/env perl BEGIN { die "The PERCONA_TOOLKIT_BRANCH environment variable is not set.\n" unless $ENV{PERCONA_TOOLKIT_BRANCH} && -d $ENV{PERCONA_TOOLKIT_BRANCH}; unshift @INC, "$ENV{PERCONA_TOOLKIT_BRANCH}/lib"; }; use strict; use warnings FATAL => 'all'; use English qw(-no_match_vars); use Test::More; use PerconaTest; use Sandbox; require "$trunk/bin/pt-find"; require VersionParser; my $dp = new DSNParser(opts=>$dsn_opts); my $sb = new Sandbox(basedir => '/tmp', DSNParser => $dp); my $dbh = $sb->get_dbh_for('source'); if ( !$dbh ) { plan skip_all => 'Cannot connect to sandbox source'; } elsif ( $sandbox_version lt '8.0' ) { plan skip_all => "Requires MySQL 8.0 or newer"; } my $output; my $cnf = '/tmp/12345/my.sandbox.cnf'; my $cmd = "$trunk/bin/pt-find -F $cnf "; $sb->do_as_root( 'source', q/CREATE USER IF NOT EXISTS sha256_user@'%' IDENTIFIED WITH caching_sha2_password BY 'sha256_user%password' REQUIRE SSL/, q/GRANT ALL ON *.* TO sha256_user@'%'/, ); $output = `$cmd mysql --tblregex column --user=sha256_user --password=sha256_user%password --mysql_ssl=0 2>&1`; isnt( $?, 0, "Error raised when SSL connection is not used" ) or diag($output); like( $output, qr/Access denied/, 'Secure connection error raised when no SSL connection used' ) or diag($output); $output = `$cmd mysql --tblregex column --user=sha256_user --password=sha256_user%password --mysql_ssl=1 2>&1`; is( $?, 0, "Error raised when SSL connection is not used" ) or diag($output); unlike( $output, qr/Access denied/, 'Secure connection error raised when no SSL connection used' ) or diag($output); like($output, qr/`mysql`.`columns_priv`/, 'Found mysql.columns_priv'); # ############################################################################# # Done. # ############################################################################# $sb->do_as_root('source', q/DROP USER 'sha256_user'@'%'/); $sb->wipe_clean($dbh); ok($sb->ok(), "Sandbox servers") or BAIL_OUT(__FILE__ . " broke the sandbox"); done_testing; exit;