From: Ashish Agarwal
Date: May 10 2012 2:15pm
Subject: bzr push into mysql-trunk branch (ashish.y.agarwal:3884 to 3885)
List-Archive: http://lists.mysql.com/commits/143901
Message-Id: <201205101415.q4AEFxPp020267@acsmt357.oracle.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

 3885 Ashish Agarwal	2012-05-10
      wl2739: Auditing Password Security
              Build failure in windows.

    modified:
      include/mysql/plugin_audit.h.pp
      include/mysql/plugin_auth.h.pp
      include/mysql/plugin_ftparser.h.pp
      include/mysql/service_password_string.h
      mysql-test/r/validate_password_plugin.result
      mysql-test/t/validate_password_plugin.test
      plugin/password_validation/validate_password.cc
      sql/share/CMakeLists.txt
 3884 Ashish Agarwal	2012-05-10
      wl2739: Auditing Password Security
              Impementing review comments.

    removed:
      plugin/password_validation/dictionary.txt
    added:
      include/mysql/service_password_string.h
      libservices/password_string_service.c
      sql/share/dictionary.txt
    modified:
      include/mysql/plugin.h
      include/mysql/plugin_audit.h.pp
      include/mysql/plugin_auth.h.pp
      include/mysql/plugin_ftparser.h.pp
      include/mysql/plugin_validate_password.h
      include/mysql/services.h
      include/service_versions.h
      libservices/CMakeLists.txt
      mysql-test/r/validate_password_plugin.result
      mysql-test/t/validate_password_plugin.test
      plugin/password_validation/CMakeLists.txt
      plugin/password_validation/validate_password.cc
      sql/item_func.cc
      sql/share/CMakeLists.txt
      sql/sql_acl.cc
      sql/sql_plugin.h
      sql/sql_plugin_services.h
      support-files/CMakeLists.txt
      support-files/my-huge.cnf.sh
      support-files/my-large.cnf.sh
      support-files/my-medium.cnf.sh
      support-files/my-small.cnf.sh
=== modified file 'include/mysql/plugin_audit.h.pp'
--- a/include/mysql/plugin_audit.h.pp	2012-05-10 10:54:37 +0000
+++ b/include/mysql/plugin_audit.h.pp	2012-05-10 14:15:01 +0000
@@ -76,10 +76,10 @@ int my_plugin_log_message(MYSQL_PLUGIN *
 #include <mysql/service_password_string.h>
 struct password_char_case
 {
-  size_t has_numbers;
-  size_t has_lower;
-  size_t has_upper;
-  size_t has_special_chars;
+  int has_numbers;
+  int has_lower;
+  int has_upper;
+  int has_special_chars;
 };
 typedef struct password_char_case PASSWORD_CHAR_CASE;
 extern struct password_string_service_st {

=== modified file 'include/mysql/plugin_auth.h.pp'
--- a/include/mysql/plugin_auth.h.pp	2012-05-10 10:54:37 +0000
+++ b/include/mysql/plugin_auth.h.pp	2012-05-10 14:15:01 +0000
@@ -76,10 +76,10 @@ int my_plugin_log_message(MYSQL_PLUGIN *
 #include <mysql/service_password_string.h>
 struct password_char_case
 {
-  size_t has_numbers;
-  size_t has_lower;
-  size_t has_upper;
-  size_t has_special_chars;
+  int has_numbers;
+  int has_lower;
+  int has_upper;
+  int has_special_chars;
 };
 typedef struct password_char_case PASSWORD_CHAR_CASE;
 extern struct password_string_service_st {

=== modified file 'include/mysql/plugin_ftparser.h.pp'
--- a/include/mysql/plugin_ftparser.h.pp	2012-05-10 10:54:37 +0000
+++ b/include/mysql/plugin_ftparser.h.pp	2012-05-10 14:15:01 +0000
@@ -76,10 +76,10 @@ int my_plugin_log_message(MYSQL_PLUGIN *
 #include <mysql/service_password_string.h>
 struct password_char_case
 {
-  size_t has_numbers;
-  size_t has_lower;
-  size_t has_upper;
-  size_t has_special_chars;
+  int has_numbers;
+  int has_lower;
+  int has_upper;
+  int has_special_chars;
 };
 typedef struct password_char_case PASSWORD_CHAR_CASE;
 extern struct password_string_service_st {

=== modified file 'include/mysql/service_password_string.h'
--- a/include/mysql/service_password_string.h	2012-05-10 10:54:37 +0000
+++ b/include/mysql/service_password_string.h	2012-05-10 14:15:01 +0000
@@ -31,10 +31,10 @@ extern "C" {
 
 struct password_char_case
 {
-  size_t has_numbers;
-  size_t has_lower;
-  size_t has_upper;
-  size_t has_special_chars;
+  int has_numbers;
+  int has_lower;
+  int has_upper;
+  int has_special_chars;
 };
 
 typedef struct password_char_case PASSWORD_CHAR_CASE;

=== modified file 'mysql-test/r/validate_password_plugin.result'
--- a/mysql-test/r/validate_password_plugin.result	2012-05-10 10:54:37 +0000
+++ b/mysql-test/r/validate_password_plugin.result	2012-05-10 14:15:01 +0000
@@ -35,7 +35,7 @@ GRANT USAGE ON *.* TO 'base_user'@'local
 SET @@global.validate_password_special_char_count= 1;
 # password policy strong
 # default_file : dictionary.txt
-SET@@global.validate_password_dictionary_file='/home/ashish/mysql-rp/mysql-trunk-wl2739/sql/share//dictionary.txt';
+SET@@global.validate_password_dictionary_file='MYSQL_ERRMSG_BASEDIR/dictionary.txt';
 SET @@global.validate_password_policy_number= 3;
 CREATE USER 'user'@'localhost' IDENTIFIED BY 'password';
 ERROR HY000: not a valid password 'password'

=== modified file 'mysql-test/t/validate_password_plugin.test'
--- a/mysql-test/t/validate_password_plugin.test	2012-05-10 10:54:37 +0000
+++ b/mysql-test/t/validate_password_plugin.test	2012-05-10 14:15:01 +0000
@@ -52,8 +52,9 @@ SET @@global.validate_password_special_c
 --echo # password policy strong
 --echo # default_file : dictionary.txt
 # file should contain 1 word per line
-# error if substring of password is a dictionary word 
+# error if substring of password is a dictionary word
 
+--replace_result $MYSQL_ERRMSG_BASEDIR MYSQL_ERRMSG_BASEDIR
 eval SET@@global.validate_password_dictionary_file='$MYSQL_ERRMSG_BASEDIR/dictionary.txt';
 SET @@global.validate_password_policy_number= 3;
 --error ER_NOT_VALID_PASSWORD

=== modified file 'plugin/password_validation/validate_password.cc'
--- a/plugin/password_validation/validate_password.cc	2012-05-10 10:54:37 +0000
+++ b/plugin/password_validation/validate_password.cc	2012-05-10 14:15:01 +0000
@@ -13,6 +13,7 @@
    along with this program; if not, write to the Free Software
    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */
 
+#include <stdlib.h>
 #include <string>
 #include <mysql/plugin_validate_password.h>
 #include <set>
@@ -31,11 +32,11 @@ typedef std::set<string_type> set_type;
 set_type dictionary_words;
 
 static char *dictionary_file= NULL;
-static uint validate_password_length;
-static uint validate_password_number_count;
-static uint validate_password_mixed_case_count;
-static uint validate_password_special_char_count;
-static uint validate_password_policy_number;
+static int validate_password_length;
+static int validate_password_number_count;
+static int validate_password_mixed_case_count;
+static int validate_password_special_char_count;
+static int validate_password_policy_number;
 static char *validate_password_dictionary_file;
 
 /* To read dictionary file into std::set */
@@ -75,8 +76,8 @@ static void free_dictionary_file()
 */
 static int validate_dictionary_check(string_handle password, size_t length)
 {
-  uint substr_pos= 0;
-  uint substr_length= length;
+  size_t substr_pos= 0;
+  size_t substr_length= length;
   string_type password_str= password_string_casedn(password);
   string_type password_substr;
   set_type::iterator itr;
@@ -110,7 +111,7 @@ static int validate_dictionary_check(str
 }
 
 static int validate_password_policy(string_handle password, size_t length,
-                                     uint policy)
+                                     int policy)
 {
   PASSWORD_CHAR_CASE chars_case;
   chars_case.has_numbers= 0;
@@ -118,7 +119,7 @@ static int validate_password_policy(stri
   chars_case.has_upper= 0;
   chars_case.has_special_chars= 0;
 
-  if (length >= validate_password_length)
+  if ((int)length >= validate_password_length)
   {
     if (policy == PASSWORD_STRENGTH_LOW)
       return 1;
@@ -191,27 +192,27 @@ static int validate_password_deinit(void
   Plugin system variables.
 */
 
-static MYSQL_SYSVAR_UINT(length, validate_password_length,
+static MYSQL_SYSVAR_INT(length, validate_password_length,
   PLUGIN_VAR_RQCMDARG,
   "Password validate length to check for minimum password_length",
   NULL, NULL, 8, 0, 0, 0);
 
-static MYSQL_SYSVAR_UINT(number_count, validate_password_number_count,
+static MYSQL_SYSVAR_INT(number_count, validate_password_number_count,
   PLUGIN_VAR_RQCMDARG,
   "password validate digit to ensure minimum numeric character in password",
   NULL, NULL, 1, 0, 0, 0);
 
-static MYSQL_SYSVAR_UINT(mixed_case_count, validate_password_mixed_case_count,
+static MYSQL_SYSVAR_INT(mixed_case_count, validate_password_mixed_case_count,
   PLUGIN_VAR_RQCMDARG,
   "Password validate mixed case to ensure minimum upper/lower case in password",
   NULL, NULL, 1, 0, 0, 0);
 
-static MYSQL_SYSVAR_UINT(special_char_count,
+static MYSQL_SYSVAR_INT(special_char_count,
                       validate_password_special_char_count, PLUGIN_VAR_RQCMDARG,
   "password validate special to ensure minimum special character in password",
   NULL, NULL, 1, 0, 0, 0);
 
-static MYSQL_SYSVAR_UINT(policy_number, validate_password_policy_number,
+static MYSQL_SYSVAR_INT(policy_number, validate_password_policy_number,
   PLUGIN_VAR_RQCMDARG,
   "password_validate_policy choosen policy to validate password",
   NULL, NULL, 2, 1, 3, 0);

=== modified file 'sql/share/CMakeLists.txt'
--- a/sql/share/CMakeLists.txt	2012-05-10 10:54:37 +0000
+++ b/sql/share/CMakeLists.txt	2012-05-10 14:15:01 +0000
@@ -52,5 +52,5 @@ ENDFOREACH()
 INSTALL(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/charsets DESTINATION ${INSTALL_MYSQLSHAREDIR} COMPONENT Server
   PATTERN "languages.html" EXCLUDE
 )
-
+CONFIGURE_FILE(dictionary.txt ${CMAKE_BINARY_DIR}/sql/share/dictionary.txt)
 INSTALL(FILES ${files} DESTINATION ${INSTALL_MYSQLSHAREDIR} COMPONENT Server)

No bundle (reason: useless for push emails).