#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include "client/include/client_priv.h"
#include "m_string.h"
#include "my_alloc.h"
#include "my_compiler.h"
#include "my_dbug.h"
#include "my_default.h"
#include "my_inttypes.h"
#include "my_macros.h"
#include "my_shm_defaults.h"
#include "mysql/service_mysql_alloc.h"
#include "mysqld_error.h"
#include "nulls.h"
#include "print_version.h"
#include "typelib.h"
#include "welcome_copyright_notice.h"
#include "client/include/sslopt-vars.h"
#include "client/include/sslopt-longopts.h"
#include "client/include/sslopt-case.h"

Functions
static void	usage ()

static void	free_resources ()

static bool	my_arguments_get_one_option (int optid, const struct my_option opt, char argument)

static void	init_connection_options (MYSQL *mysql)

static int	get_response (const char *opt_message, int default_answer=-1)
	Reads the response from stdin and returns the first character. More...

static void	execute_query_with_message (const char query, const char opt_message)
	Takes a mysql query and an optional message as arguments. More...

static bool	execute_query (const char **query, size_t length)
	Takes a mysql query and the length of the query in bytes as the input. More...

static bool	validate_password_exists ()
	Checks if the validate_password component is installed and returns true if it is. More...

static int	install_password_validation_component ()
	Installs validate_password component and sets the password validation policy. More...

static void	estimate_password_strength (char *password_string)
	Checks the password strength and displays it to the user. More...

static bool	mysql_set_password (MYSQL mysql, char password)
	During rpm deployments the password expires immediately and needs to be renewed before the DBA can set the final password. More...

static bool	mysql_expire_password (MYSQL *mysql)
	Expires the password for all users if executed with sufficient privileges. More...

static void	set_opt_user_password (int component_set)
	Sets the user password with the string provided during the flow of the method. More...

static int	get_opt_user_password ()
	Takes the opt_user's password as an input from the user and checks its validity by trying to connect to the server with it. More...

static void	drop_users (MYSQL_RES *result)
	Takes the user and the host from result set and drops those users. More...

static void	remove_anonymous_users ()
	Removes all the anonymous users for better security. More...

static void	remove_remote_root ()
	Drops all the root users with a remote host. More...

static void	remove_test_database ()
	Removes test database and deletes the rows corresponding to them from mysql.db table. More...

static void	reload_privilege_tables ()
	Refreshes the in-memory details through FLUSH PRIVILEGES. More...

int	main (int argc, char *argv[])

Variables
static MEM_ROOT	argv_alloc {PSI_NOT_INSTRUMENTED, 512}

static char *	opt_host = nullptr

static char *	opt_user = nullptr

static uint	opt_port = 0

static uint	opt_protocol = 0

static char *	opt_socket = nullptr

static MYSQL	mysql_handle

static char *	password = nullptr

static bool	password_provided = false

static bool	g_expire_password_on_exit = false

static bool	opt_use_default = false

static const char *	load_default_groups []

static struct my_option	my_connection_options []

Function Documentation

◆ drop_users()

static void drop_users ( MYSQL_RES * result )

static

Takes the user and the host from result set and drops those users.

Parameters

result The result set from which rows are to be fetched.

◆ estimate_password_strength()

static void estimate_password_strength ( char * password_string )

static

Checks the password strength and displays it to the user.

Parameters

password_string Password string whose strength is to be estimated

◆ execute_query()

static bool execute_query	(	const char **	query,
		size_t	length
	)

static

Takes a mysql query and the length of the query in bytes as the input.

If the query fails on running, a message along with the failure details is displayed.

Parameters

query	The mysql query which is to be executed.
length	Length of the query in bytes.

Returns: false in case of success true in case of failure

◆ execute_query_with_message()

static void execute_query_with_message	(	const char *	query,
		const char *	opt_message
	)

static

Takes a mysql query and an optional message as arguments.

It displays the message if provided one and then runs the query. If the query is run successfully, the success message is displayed. Else, the failure message along with the actual failure is displayed. If the server is not found running, the program is exited.

Parameters

query	The mysql query which is to be executed.
opt_message	The optional message to be displayed.

◆ free_resources()

static void free_resources ( )

static

◆ get_opt_user_password()

static int get_opt_user_password ( )

static

Takes the opt_user's password as an input from the user and checks its validity by trying to connect to the server with it.

The connection to the server is opened in this function.

Returns: Returns 1 if a password already exists and 0 if it doesn't.

◆ get_response()

static int get_response	(	const char *	opt_message,
		int	default_answer = `-1`
	)

static

Reads the response from stdin and returns the first character.

If global variable opt_use_default is true then the default_answer is returned instead.

Parameters

opt_message	Optional message do be displayed.
default_answer	Answer to be given if no interactivity is allowed.

Returns: First character of input string

◆ init_connection_options()

static void init_connection_options ( MYSQL * mysql )

static

◆ install_password_validation_component()

static int install_password_validation_component ( )

static

Installs validate_password component and sets the password validation policy.

Returns: Returns 1 on successfully setting the component and 0 in case of of any error.

◆ main()

int main	(	int	argc,
		char *	argv[]
	)

◆ my_arguments_get_one_option()

static bool my_arguments_get_one_option	(	int	optid,
		const struct my_option *	opt,
		char *	argument
	)

static

◆ mysql_expire_password()

static bool mysql_expire_password ( MYSQL * mysql )

static

Expires the password for all users if executed with sufficient privileges.

This is primarily used as a helper function during rpm deployments.

Parameters

mysql The MYSQL handle

Function might fail with an error message which can be retrieved using mysql_error(mysql)

Returns: Success or failure

Return values

true	success
false	failure

◆ mysql_set_password()

static bool mysql_set_password	(	MYSQL *	mysql,
		char *	password
	)

static

During rpm deployments the password expires immediately and needs to be renewed before the DBA can set the final password.

This helper subroutine will use an active connection to set a password.

Parameters

mysql	The MYSQL handle
password	A password character string

Function might fail with an error message which can be retrieved using mysql_error(mysql)

Returns: Success or failure

Return values

true	success
false	failure

◆ reload_privilege_tables()

static void reload_privilege_tables ( )

static

Refreshes the in-memory details through FLUSH PRIVILEGES.

◆ remove_anonymous_users()

static void remove_anonymous_users ( )

static

Removes all the anonymous users for better security.

◆ remove_remote_root()

static void remove_remote_root ( )

static

Drops all the root users with a remote host.

◆ remove_test_database()

static void remove_test_database ( )

static

Removes test database and deletes the rows corresponding to them from mysql.db table.

◆ set_opt_user_password()

static void set_opt_user_password ( int component_set )

static

Sets the user password with the string provided during the flow of the method.

It checks for the strength of the password before changing it and displays the same to the user. The user can decide if he wants to continue with the password, or provide a new one, depending on the strength displayed.

Parameters

component_set 1 if validate_password component is set and 0 if it is not.

◆ usage()

static void usage ( void )

static

◆ validate_password_exists()

static bool validate_password_exists ( )

static

Checks if the validate_password component is installed and returns true if it is.

Variable Documentation

◆ argv_alloc

MEM_ROOT argv_alloc {PSI_NOT_INSTRUMENTED, 512}

static

◆ g_expire_password_on_exit

bool g_expire_password_on_exit = false

static

◆ load_default_groups

const char* load_default_groups[]

static

Initial value:

= {"mysql_secure_installation",

"mysql", "client", nullptr}

◆ my_connection_options

struct my_option my_connection_options[]

static

◆ mysql_handle

MYSQL mysql_handle

static

◆ opt_host

char* opt_host = nullptr

static

◆ opt_port

uint opt_port = 0

static

◆ opt_protocol

uint opt_protocol = 0

static

◆ opt_socket

char* opt_socket = nullptr

static

◆ opt_use_default

bool opt_use_default = false

static

◆ opt_user

char* opt_user = nullptr

static

◆ password

char* password = nullptr

static

◆ password_provided

bool password_provided = false

static

Functions

Variables

Function Documentation

◆ drop_users()

◆ estimate_password_strength()

◆ execute_query()

◆ execute_query_with_message()

◆ free_resources()

◆ get_opt_user_password()

◆ get_response()

◆ init_connection_options()

◆ install_password_validation_component()

◆ main()

◆ my_arguments_get_one_option()

◆ mysql_expire_password()

◆ mysql_set_password()

◆ reload_privilege_tables()

◆ remove_anonymous_users()

◆ remove_remote_root()

◆ remove_test_database()

◆ set_opt_user_password()

◆ usage()

◆ validate_password_exists()

Variable Documentation

◆ argv_alloc

◆ g_expire_password_on_exit

◆ load_default_groups

◆ my_connection_options

◆ mysql_handle

◆ opt_host

◆ opt_port

◆ opt_protocol

◆ opt_socket

◆ opt_use_default

◆ opt_user

◆ password

◆ password_provided