Commit 0dfc8b22 authored by Magne Mahre's avatar Magne Mahre

Bug #5724 'mysqladmin password' should be allowed to prompt for password

Add support for being prompted for new passwords by mysqladmin instead of
specifying them on the command line. (Bug #5724, patch by Harrison Fisk)
parent bd97e771
...@@ -900,23 +900,38 @@ static int execute_commands(MYSQL *mysql,int argc, char **argv) ...@@ -900,23 +900,38 @@ static int execute_commands(MYSQL *mysql,int argc, char **argv)
{ {
char buff[128],crypted_pw[64]; char buff[128],crypted_pw[64];
time_t start_time; time_t start_time;
char *typed_password= NULL, *verified= NULL;
/* Do initialization the same way as we do in mysqld */ /* Do initialization the same way as we do in mysqld */
start_time=time((time_t*) 0); start_time=time((time_t*) 0);
randominit(&rand_st,(ulong) start_time,(ulong) start_time/2); randominit(&rand_st,(ulong) start_time,(ulong) start_time/2);
if (argc < 2) if (argc < 1)
{ {
my_printf_error(0, "Too few arguments to change password", error_flags); my_printf_error(0, "Too few arguments to change password", error_flags);
return 1; return 1;
} }
if (argv[1][0]) else if (argc == 1)
{
/* prompt for password */
typed_password= get_tty_password("New password: ");
verified= get_tty_password("Confirm new password: ");
if (strcmp(typed_password, verified) != 0)
{
my_printf_error(0,"Passwords don't match",MYF(ME_BELL));
return -1;
}
}
else
typed_password= argv[1];
if (typed_password[0])
{ {
char *pw= argv[1];
bool old= (find_type(argv[0], &command_typelib, 2) == bool old= (find_type(argv[0], &command_typelib, 2) ==
ADMIN_OLD_PASSWORD); ADMIN_OLD_PASSWORD);
#ifdef __WIN__ #ifdef __WIN__
uint pw_len= (uint) strlen(pw); uint pw_len= strlen(typed_password);
if (pw_len > 1 && pw[0] == '\'' && pw[pw_len-1] == '\'') if (pw_len > 1 && typed_password[0] == '\'' &&
typed_password[pw_len-1] == '\'')
printf("Warning: single quotes were not trimmed from the password by" printf("Warning: single quotes were not trimmed from the password by"
" your command\nline client, as you might have expected.\n"); " your command\nline client, as you might have expected.\n");
#endif #endif
...@@ -954,9 +969,9 @@ static int execute_commands(MYSQL *mysql,int argc, char **argv) ...@@ -954,9 +969,9 @@ static int execute_commands(MYSQL *mysql,int argc, char **argv)
} }
} }
if (old) if (old)
make_scrambled_password_323(crypted_pw, pw); make_scrambled_password_323(crypted_pw, typed_password);
else else
make_scrambled_password(crypted_pw, pw); make_scrambled_password(crypted_pw, typed_password);
} }
else else
crypted_pw[0]=0; /* No password */ crypted_pw[0]=0; /* No password */
...@@ -991,6 +1006,12 @@ static int execute_commands(MYSQL *mysql,int argc, char **argv) ...@@ -991,6 +1006,12 @@ static int execute_commands(MYSQL *mysql,int argc, char **argv)
return -1; return -1;
} }
} }
/* free up memory from prompted password */
if (typed_password != argv[1])
{
my_free(typed_password,MYF(MY_ALLOW_ZERO_PTR));
my_free(verified,MYF(MY_ALLOW_ZERO_PTR));
}
argc--; argv++; argc--; argv++;
break; break;
} }
...@@ -1082,8 +1103,8 @@ static void usage(void) ...@@ -1082,8 +1103,8 @@ static void usage(void)
kill id,id,... Kill mysql threads"); kill id,id,... Kill mysql threads");
#if MYSQL_VERSION_ID >= 32200 #if MYSQL_VERSION_ID >= 32200
puts("\ puts("\
password new-password Change old password to new-password, MySQL 4.1 hashing.\n\ password [new-password] Change old password to new-password in current format\n\
old-password new-password Change old password to new-password in old format.\n"); old-password [new-password] Change old password to new-password in old format");
#endif #endif
puts("\ puts("\
ping Check if mysqld is alive\n\ ping Check if mysqld is alive\n\
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment