mirror of
				https://github.com/ansible-collections/community.mysql.git
				synced 2025-10-26 13:56:12 -07:00 
			
		
		
		
	Update user.py (#676)
* Update user.py Added correct syntax to ed25519 password plugin. on create user on update user This only accepts cleartext passwords (PASSWORD(%s)) not pregenerated ed25519 hashes. * Update plugins/module_utils/user.py Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru> * Update plugins/module_utils/user.py Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru> * Update plugins/module_utils/user.py Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru> * Update plugins/module_utils/user.py Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru> * Update plugins/module_utils/user.py * Update plugins/module_utils/user.py --------- Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
This commit is contained in:
		
					parent
					
						
							
								7188bea0c8
							
						
					
				
			
			
				commit
				
					
						eec6e7091f
					
				
			
		
					 1 changed files with 6 additions and 2 deletions
				
			
		|  | @ -212,8 +212,10 @@ def user_add(cursor, user, host, host_all, password, encrypted, | ||||||
|         query_with_args = "CREATE USER %s@%s IDENTIFIED WITH %s AS %s", (user, host, plugin, plugin_hash_string) |         query_with_args = "CREATE USER %s@%s IDENTIFIED WITH %s AS %s", (user, host, plugin, plugin_hash_string) | ||||||
|     elif plugin and plugin_auth_string: |     elif plugin and plugin_auth_string: | ||||||
|         # Mysql and MariaDB differ in naming pam plugin and Syntax to set it |         # Mysql and MariaDB differ in naming pam plugin and Syntax to set it | ||||||
|         if plugin in ('pam', 'ed25519'):  # Used by MariaDB which requires the USING keyword, not BY |         if plugin == 'pam':  # Used by MariaDB which requires the USING keyword, not BY | ||||||
|             query_with_args = "CREATE USER %s@%s IDENTIFIED WITH %s USING %s", (user, host, plugin, plugin_auth_string) |             query_with_args = "CREATE USER %s@%s IDENTIFIED WITH %s USING %s", (user, host, plugin, plugin_auth_string) | ||||||
|  |         elif plugin == 'ed25519':  # Used by MariaDB which requires the USING keyword, not BY | ||||||
|  |             query_with_args = "CREATE USER %s@%s IDENTIFIED WITH %s USING PASSWORD(%s)", (user, host, plugin, plugin_auth_string) | ||||||
|         elif salt: |         elif salt: | ||||||
|             if plugin in ['caching_sha2_password', 'sha256_password']: |             if plugin in ['caching_sha2_password', 'sha256_password']: | ||||||
|                 generated_hash_string = mysql_sha256_password_hash_hex(password=plugin_auth_string, salt=salt) |                 generated_hash_string = mysql_sha256_password_hash_hex(password=plugin_auth_string, salt=salt) | ||||||
|  | @ -398,8 +400,10 @@ def user_mod(cursor, user, host, host_all, password, encrypted, | ||||||
|                     query_with_args = "ALTER USER %s@%s IDENTIFIED WITH %s AS %s", (user, host, plugin, plugin_hash_string) |                     query_with_args = "ALTER USER %s@%s IDENTIFIED WITH %s AS %s", (user, host, plugin, plugin_hash_string) | ||||||
|                 elif plugin_auth_string: |                 elif plugin_auth_string: | ||||||
|                     # Mysql and MariaDB differ in naming pam plugin and syntax to set it |                     # Mysql and MariaDB differ in naming pam plugin and syntax to set it | ||||||
|                     if plugin in ('pam', 'ed25519'): |                     if plugin == 'pam': | ||||||
|                         query_with_args = "ALTER USER %s@%s IDENTIFIED WITH %s USING %s", (user, host, plugin, plugin_auth_string) |                         query_with_args = "ALTER USER %s@%s IDENTIFIED WITH %s USING %s", (user, host, plugin, plugin_auth_string) | ||||||
|  |                     elif plugin == 'ed25519': | ||||||
|  |                         query_with_args = "ALTER USER %s@%s IDENTIFIED WITH %s USING PASSWORD(%s)", (user, host, plugin, plugin_auth_string) | ||||||
|                     elif salt: |                     elif salt: | ||||||
|                         if plugin in ['caching_sha2_password', 'sha256_password']: |                         if plugin in ['caching_sha2_password', 'sha256_password']: | ||||||
|                             generated_hash_string = mysql_sha256_password_hash_hex(password=plugin_auth_string, salt=salt) |                             generated_hash_string = mysql_sha256_password_hash_hex(password=plugin_auth_string, salt=salt) | ||||||
|  |  | ||||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue