Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

executor: disable password validation for tidb_auth_token users | tidb-test=pr/2136 #44101

Merged
merged 4 commits into from
May 24, 2023
Merged

executor: disable password validation for tidb_auth_token users | tidb-test=pr/2136 #44101

merged 4 commits into from
May 24, 2023

Conversation

CbcWestwolf
Copy link
Member

@CbcWestwolf CbcWestwolf commented May 23, 2023
edited
Loading

What problem does this PR solve?

Issue Number: close #44098

Problem Summary:

Password validation should only take effect for users that authenticate with a password, like mysql_native_password, caching_sha2_password and tidb_sm3_password

What is changed and how it works?

Disable password validation for users without clear text password

Check List

Tests

  • Unit test
  • Integration test
  • Manual test (add detailed scripts or steps below)
  • No code

Side effects

  • Performance regression: Consumes more CPU
  • Performance regression: Consumes more Memory
  • Breaking backward compatibility

Documentation

  • Affects user behaviors
  • Contains syntax changes
  • Contains variable changes
  • Contains experimental features
  • Changes MySQL compatibility

Release note

Fix a bug that validates passwords for users with `tidb_auth_token`

@ti-chi-bot
Copy link

ti-chi-bot bot commented May 23, 2023
edited
Loading

[REVIEW NOTIFICATION]

This pull request has been approved by:

  • hawkingrei
  • xhebox

To complete the pull request process, please ask the reviewers in the list to review by filling /cc @reviewer in the comment.
After your PR has acquired the required number of LGTMs, you can assign this pull request to the committer in the list by filling /assign @committer in the comment to help you merge this pull request.

The full list of commands accepted by this bot can be found here.

Reviewer can indicate their review by submitting an approval review.
Reviewer can cancel approval by submitting a request changes review.

@ti-chi-bot ti-chi-bot bot added release-note Denotes a PR that will be considered when it comes time to generate release notes. do-not-merge/needs-triage-completed size/M Denotes a PR that changes 30-99 lines, ignoring generated files. needs-cherry-pick-release-6.5 Should cherry pick this PR to release-6.5 branch. needs-cherry-pick-release-7.1 Should cherry pick this PR to release-7.1 branch. and removed do-not-merge/needs-triage-completed labels May 23, 2023
@CbcWestwolf CbcWestwolf changed the title executor: disable password validation for tidb_auth_token users executor: disable password validation for tidb_auth_token users | tidb-test=pr/2136 May 23, 2023
@CbcWestwolf
Copy link
Member Author

/retest all

@ti-chi-bot
Copy link

ti-chi-bot bot commented May 23, 2023

@CbcWestwolf: The /retest command does not accept any targets.
The following commands are available to trigger required jobs:

  • /test build
  • /test canary-scan-security
  • /test check-dev
  • /test check-dev2
  • /test mysql-test
  • /test pull-integration-mysql-test
  • /test unit-test

Use /test all to run the following jobs that were automatically triggered:

  • pingcap/tidb/ghpr_build
  • pingcap/tidb/ghpr_check
  • pingcap/tidb/ghpr_check2
  • pingcap/tidb/ghpr_mysql_test
  • pingcap/tidb/ghpr_unit_test

In response to this:

/retest all

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@CbcWestwolf
Copy link
Member Author

/retest

@CbcWestwolf
Copy link
Member Author

/cc xhebox hawkingrei
PTAL

@ti-chi-bot ti-chi-bot bot requested review from hawkingrei and xhebox May 23, 2023 11:58
@ti-chi-bot ti-chi-bot bot added the status/LGT1 Indicates that a PR has LGTM 1. label May 24, 2023
@ti-chi-bot ti-chi-bot bot added status/LGT2 Indicates that a PR has LGTM 2. and removed status/LGT1 Indicates that a PR has LGTM 1. labels May 24, 2023
@hawkingrei
Copy link
Member

/merge

@ti-chi-bot
Copy link

ti-chi-bot bot commented May 24, 2023

This pull request has been accepted and is ready to merge.

Commit hash: 876452f

@ti-chi-bot ti-chi-bot bot added the status/can-merge Indicates a PR has been approved by a committer. label May 24, 2023
@CbcWestwolf
Copy link
Member Author

/retest-required

@hawkingrei
Copy link
Member

/retest

@ti-chi-bot ti-chi-bot bot merged commit a98e98e into pingcap:master May 24, 2023
@ti-chi-bot ti-chi-bot mentioned this pull request May 24, 2023
Merged
12 tasks
@ti-chi-bot
Copy link
Member

In response to a cherrypick label: new pull request created to branch release-7.1: #44142.

@ti-chi-bot ti-chi-bot mentioned this pull request May 24, 2023
Merged
12 tasks
@ti-chi-bot
Copy link
Member

In response to a cherrypick label: new pull request created to branch release-6.5: #44144.

ti-chi-bot pushed a commit to ti-chi-bot/tidb that referenced this pull request May 24, 2023
@CbcWestwolf @ti-chi-bot
This is an automated cherry-pick of pingcap#44101
15e7e0d 
Signed-off-by: ti-chi-bot <ti-community-prow-bot@tidb.io>
ti-chi-bot bot pushed a commit that referenced this pull request May 24, 2023
@ti-chi-bot
executor: disable password validation for tidb_auth_token users | t…
683ea67 
…idb-test=pr/2138 (#44101) (#44142)

close #44098
ti-chi-bot bot pushed a commit that referenced this pull request May 24, 2023
@ti-chi-bot
executor: disable password validation for tidb_auth_token users (#4…
cdf21a1 
…4101) (#44144)

close #44098
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@xhebox xhebox xhebox approved these changes

@hawkingrei hawkingrei hawkingrei approved these changes

Assignees
No one assigned
Labels
needs-cherry-pick-release-6.5 Should cherry pick this PR to release-6.5 branch. needs-cherry-pick-release-7.1 Should cherry pick this PR to release-7.1 branch. release-note Denotes a PR that will be considered when it comes time to generate release notes. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. status/can-merge Indicates a PR has been approved by a committer. status/LGT2 Indicates that a PR has LGTM 2.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Create user with tidb_auth_token should not validate password
4 participants
@CbcWestwolf @hawkingrei @ti-chi-bot @xhebox