due to merge

mysql-test/include/have_plugin_interface.inc

@@ -0,0 +1,5 @@
+--disable_query_log
+--require r/true.require
+select (PLUGIN_LIBRARY LIKE 'qa_auth_interface%') as `TRUE` FROM INFORMATION_SCHEMA.PLUGINS
+  WHERE PLUGIN_NAME='qa_auth_interface';
+--enable_query_log

mysql-test/include/have_plugin_server.inc

@@ -0,0 +1,5 @@
+--disable_query_log
+--require r/true.require
+select (PLUGIN_LIBRARY LIKE 'qa_auth_server%') as `TRUE` FROM INFORMATION_SCHEMA.PLUGINS
+  WHERE PLUGIN_NAME='qa_auth_server';
+--enable_query_log

mysql-test/mysql-test-run.pl

@@ -131,6 +131,9 @@ my $opt_start_dirty;
 my $opt_start_exit;
 my $start_only;
 
+my $auth_interface_fn;          # the name of qa_auth_interface plugin
+my $auth_server_fn;             # the name of qa_auth_server plugin
+my $auth_client_fn;             # the name of qa_auth_client plugin
 my $auth_filename;              # the name of the authentication test plugin
 my $auth_plugin;                # the path to the authentication test plugin
 
@@ -1062,14 +1065,20 @@ sub command_line_setup {
                                     "$basedir/sql/share/charsets",
                                     "$basedir/share/charsets");
 
-  # Look for client test plugin 
+  # Look for auth test plugins 
   if (IS_WINDOWS)
   {
     $auth_filename = "auth_test_plugin.dll";
+    $auth_interface_fn = "qa_auth_interface.dll";
+    $auth_server_fn = "qa_auth_server.dll";
+    $auth_client_fn = "qa_auth_client.dll";
   }
   else
   {
     $auth_filename = "auth_test_plugin.so";
+    $auth_interface_fn = "qa_auth_interface.so";
+    $auth_server_fn = "qa_auth_server.so";
+    $auth_client_fn = "qa_auth_client.so";
   }
   $auth_plugin=
   mtr_file_exists(vs_config_dirs('plugin/auth/',$auth_filename),
@@ -1973,12 +1982,18 @@ sub environment_setup {
     $ENV{'PLUGIN_AUTH_OPT'}= "--plugin-dir=".dirname($auth_plugin);
 
     $ENV{'PLUGIN_AUTH_LOAD'}="--plugin_load=test_plugin_server=".$auth_filename;
+    $ENV{'PLUGIN_AUTH_INTERFACE'}="--plugin_load=qa_auth_interface=".$auth_interface_fn;
+    $ENV{'PLUGIN_AUTH_SERVER'}="--plugin_load=qa_auth_server=".$auth_server_fn;
+    $ENV{'PLUGIN_AUTH_CLIENT'}="--plugin_load=qa_auth_client=".$auth_client_fn;
   }
   else
   {
     $ENV{'PLUGIN_AUTH'}= "";
     $ENV{'PLUGIN_AUTH_OPT'}="--plugin-dir=";
     $ENV{'PLUGIN_AUTH_LOAD'}="";
+    $ENV{'PLUGIN_AUTH_INTERFACE'}="";
+    $ENV{'PLUGIN_AUTH_SERVER'}="";
+    $ENV{'PLUGIN_AUTH_CLIENT'}="";
   }
   
 

mysql-test/r/plugin_auth_qa.result

@@ -0,0 +1,327 @@
+CREATE DATABASE test_user_db;
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+========== test 1.1 ======================================================
+CREATE USER plug IDENTIFIED WITH test_plugin_server;
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plug	test_plugin_server	
+DROP USER plug;
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH test_plugin_server;
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plug	test_plugin_server	
+REVOKE ALL PRIVILEGES ON test_user_db.* FROM plug;
+DROP USER plug;
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plug	test_plugin_server	
+DROP USER plug;
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH 'test_plugin_server';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plug	test_plugin_server	
+REVOKE ALL PRIVILEGES ON test_user_db.* FROM plug;
+DROP USER plug;
+CREATE USER plug IDENTIFIED WITH test_plugin_server AS '';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plug	test_plugin_server	
+DROP USER plug;
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH test_plugin_server AS '';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plug	test_plugin_server	
+REVOKE ALL PRIVILEGES ON test_user_db.* FROM plug;
+DROP USER plug;
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS ;
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH 'test_plugin_server' AS;
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
+CREATE USER plug IDENTIFIED WITH test_plugin_server AS plug_dest;
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'plug_dest' at line 1
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH test_plugin_server AS plug_dest;
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'plug_dest' at line 1
+========== test 1.1 syntax errors ========================================
+CREATE USER plug IDENTIFIED WITH AS plug_dest;
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'AS plug_dest' at line 1
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH AS plug_dest;
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'AS plug_dest' at line 1
+CREATE USER plug IDENTIFIED WITH;
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH;
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
+CREATE USER plug IDENTIFIED AS '';
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'AS ''' at line 1
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED AS '';
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'AS ''' at line 1
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' IDENTIFIED WITH 'test_plugin_server';
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'IDENTIFIED WITH 'test_plugin_server'' at line 1
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug 
+IDENTIFIED WITH 'test_plugin_server' IDENTIFIED WITH 'test_plugin_server';
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'IDENTIFIED WITH 'test_plugin_server'' at line 2
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS '' AS 'plug_dest';
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'AS 'plug_dest'' at line 1
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug AS '' AS 'plug_dest';
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'AS '' AS 'plug_dest'' at line 1
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS '' 
+IDENTIFIED WITH test_plugin_server   AS 'plug_dest';
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'IDENTIFIED WITH test_plugin_server   AS 'plug_dest'' at line 2
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH 'test_plugin_server' AS ''
+                 IDENTIFIED WITH test_plugin_server   AS 'plug_dest';
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'IDENTIFIED WITH test_plugin_server   AS 'plug_dest'' at line 2
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd' 
+IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'' at line 2
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED BY 'plug_dest_passwd'
+                      IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'' at line 2
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest' 
+USER plug_dest IDENTIFIED by 'plug_dest_pwd';
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'USER plug_dest IDENTIFIED by 'plug_dest_pwd'' at line 2
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'
+       USER plug_dest IDENTIFIED by 'plug_dest_pwd';
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'USER plug_dest IDENTIFIED by 'plug_dest_pwd'' at line 2
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest' 
+plug_dest IDENTIFIED by 'plug_dest_pwd';
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'plug_dest IDENTIFIED by 'plug_dest_pwd'' at line 2
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'
+       plug_dest IDENTIFIED by 'plug_dest_pwd';
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'plug_dest IDENTIFIED by 'plug_dest_pwd'' at line 2
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest' 
+IDENTIFIED by 'plug_dest_pwd';
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'IDENTIFIED by 'plug_dest_pwd'' at line 2
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'
+       IDENTIFIED by 'plug_dest_pwd';
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'IDENTIFIED by 'plug_dest_pwd'' at line 2
+========== test 1.1  combinations ==========================
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+========== test 1.1.1.6/1.1.2.5 ============================
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plug	test_plugin_server	plug_dest
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plug	test_plugin_server	plug_dest
+plug_dest		
+DROP USER plug, plug_dest;
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plug	test_plugin_server	plug_dest
+DROP USER plug;
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plug_dest		
+DROP USER plug_dest;
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plug	test_plugin_server	plug_dest
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plug	test_plugin_server	plug_dest
+plug_dest		
+DROP USER plug, plug_dest;
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plug	test_plugin_server	plug_dest
+DROP USER plug;
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plug_dest		
+DROP USER plug_dest;
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plug	test_plugin_server	plug_dest
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug_dest IDENTIFIED BY 'plug_dest_passwd';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plug	test_plugin_server	plug_dest
+plug_dest		
+DROP USER plug, plug_dest;
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plug	test_plugin_server	plug_dest
+DROP USER plug;
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug_dest IDENTIFIED BY 'plug_dest_passwd';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plug_dest		
+DROP USER plug_dest;
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+ERROR HY000: GRANT with IDENTIFIED WITH is illegal because the user plug already exists
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH 'test_plugin_server';
+ERROR HY000: GRANT with IDENTIFIED WITH is illegal because the user plug already exists
+DROP USER plug;
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+ERROR HY000: Operation CREATE USER failed for 'plug'@'%'
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server';
+ERROR HY000: Operation CREATE USER failed for 'plug'@'%'
+DROP USER plug;
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+SELECT user,plugin,authentication_string,password FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string	password
+plug	test_plugin_server	plug_dest	
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED BY 'plug_dest_passwd';
+SELECT user,plugin,authentication_string,password FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string	password
+plug	test_plugin_server	plug_dest	*939AEE68989794C0F408277411C26055CDF41119
+DROP USER plug;
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+CREATE USER plug IDENTIFIED BY 'plug_dest_passwd';
+ERROR HY000: Operation CREATE USER failed for 'plug'@'%'
+DROP USER plug;
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+CREATE USER plug_dest IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+SELECT user,plugin,authentication_string,password FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string	password
+plug	test_plugin_server	plug_dest	
+plug_dest	test_plugin_server	plug_dest	
+DROP USER plug,plug_dest;
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+SELECT user,plugin,authentication_string,password FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string	password
+plug	test_plugin_server	plug_dest	
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug_dest 
+IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+SELECT user,plugin,authentication_string,password FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string	password
+plug	test_plugin_server	plug_dest	
+plug_dest	test_plugin_server	plug_dest	
+DROP USER plug,plug_dest;
+========== test 1.1.1.1/1.1.2.1/1.1.1.5 ====================
+SET NAMES utf8;
+CREATE USER plüg IDENTIFIED WITH 'test_plugin_server' AS 'plüg_dest';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plüg	test_plugin_server	plüg_dest
+DROP USER plüg;
+CREATE USER plüg_dest IDENTIFIED BY 'plug_dest_passwd';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plüg_dest		
+DROP USER plüg_dest;
+SET NAMES ascii;
+CREATE USER 'plüg' IDENTIFIED WITH 'test_plugin_server' AS 'plüg_dest';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+pl??g	test_plugin_server	pl??g_dest
+DROP USER 'plüg';
+CREATE USER 'plüg_dest' IDENTIFIED BY 'plug_dest_passwd';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+pl??g_dest		
+DROP USER 'plüg_dest';
+SET NAMES latin1;
+========== test 1.1.1.5 ====================================
+CREATE USER 'plüg' IDENTIFIED WITH 'test_plügin_server' AS 'plüg_dest';
+ERROR HY000: Plugin 'test_plügin_server' is not loaded
+CREATE USER 'plug' IDENTIFIED WITH 'test_plugin_server' AS 'plüg_dest';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plug	test_plugin_server	plüg_dest
+DROP USER 'plug';
+CREATE USER 'plüg_dest' IDENTIFIED BY 'plug_dest_passwd';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plüg_dest		
+DROP USER 'plüg_dest';
+SET NAMES utf8;
+CREATE USER plüg IDENTIFIED WITH 'test_plügin_server' AS 'plüg_dest';
+ERROR HY000: Plugin 'test_plügin_server' is not loaded
+CREATE USER 'plüg' IDENTIFIED WITH 'test_plugin_server' AS 'plüg_dest';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plüg	test_plugin_server	plüg_dest
+DROP USER 'plüg';
+CREATE USER 'plüg_dest' IDENTIFIED BY 'plug_dest_passwd';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plüg_dest		
+DROP USER 'plüg_dest';
+CREATE USER plüg IDENTIFIED WITH test_plugin_server AS 'plüg_dest';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plüg	test_plugin_server	plüg_dest
+DROP USER plüg;
+CREATE USER plüg_dest IDENTIFIED BY 'plug_dest_passwd';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plüg_dest		
+DROP USER plüg_dest;
+========== test 1.1.1.2/1.1.2.2=============================
+SET @auth_name= 'test_plugin_server';
+CREATE USER plug IDENTIFIED WITH @auth_name AS 'plug_dest';
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@auth_name AS 'plug_dest'' at line 1
+SET @auth_string= 'plug_dest';
+CREATE USER plug IDENTIFIED WITH test_plugin_server AS @auth_string;
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@auth_string' at line 1
+========== test 1.1.1.3/1.1.2.3=============================
+CREATE USER plug IDENTIFIED WITH 'hh''s_test_plugin_server' AS 'plug_dest';
+ERROR HY000: Plugin 'hh's_test_plugin_server' is not loaded
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'hh''s_plug_dest';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plug	test_plugin_server	hh's_plug_dest
+DROP USER plug;
+CREATE USER 'hh''s_plug_dest' IDENTIFIED BY 'plug_dest_passwd';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+hh's_plug_dest		
+DROP USER 'hh''s_plug_dest';
+========== test 1.1.1.4 ====================================
+CREATE USER plug IDENTIFIED WITH hh''s_test_plugin_server AS 'plug_dest';
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '''s_test_plugin_server AS 'plug_dest'' at line 1
+========== test 1.1.3.1 ====================================
+GRANT INSERT ON test_user_db.* TO grant_user IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+grant_user	test_plugin_server	plug_dest
+CREATE USER plug_dest;
+DROP USER plug_dest;
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug_dest;
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+grant_user	test_plugin_server	plug_dest
+plug_dest		
+DROP USER grant_user,plug_dest;
+set @save_sql_mode= @@sql_mode;
+SET @@sql_mode=no_auto_create_user;
+GRANT INSERT ON test_user_db.* TO grant_user IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+grant_user	test_plugin_server	plug_dest
+CREATE USER plug_dest;
+DROP USER plug_dest;
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug_dest;
+ERROR 42000: Can't find any matching row in the user table
+DROP USER grant_user;
+GRANT INSERT ON test_user_db.* TO grant_user IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+grant_user	test_plugin_server	plug_dest
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
+SELECT user,plugin,authentication_string,password FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string	password
+grant_user	test_plugin_server	plug_dest	
+plug_dest			*939AEE68989794C0F408277411C26055CDF41119
+DROP USER plug_dest;
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug_dest IDENTIFIED BY 'plug_user_passwd';
+SELECT user,plugin,authentication_string,password FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string	password
+grant_user	test_plugin_server	plug_dest	
+plug_dest			*560881EB651416CEF77314D07D55EDCD5FC1BD6D
+DROP USER grant_user,plug_dest;
+set @@sql_mode= @save_sql_mode;
+DROP DATABASE test_user_db;

mysql-test/r/plugin_auth_qa_1.result

@@ -0,0 +1,335 @@
+CREATE DATABASE test_user_db;
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+========== test 1.1.3.2 ====================================
+CREATE USER plug_user IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
+GRANT PROXY ON plug_dest TO plug_user;
+current_user()
+plug_dest@%
+user()
+plug_user@localhost
+Tables_in_test_user_db
+t1
+REVOKE PROXY ON plug_dest FROM plug_user;
+ERROR 1045 (28000): Access denied for user 'plug_user'@'localhost' (using password: YES)
+DROP USER plug_user,plug_dest;
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug_user
+IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug_dest IDENTIFIED BY 'plug_dest_passwd';
+GRANT PROXY ON plug_dest TO plug_user;
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plug_dest		
+plug_user	test_plugin_server	plug_dest
+1)
+current_user()
+plug_dest@%
+user()
+plug_user@localhost
+Tables_in_test_user_db
+t1
+REVOKE ALL PRIVILEGES ON test_user_db.* FROM 'plug_user'
+                         IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+2)
+current_user()
+plug_dest@%
+user()
+plug_user@localhost
+Tables_in_test_user_db
+t1
+REVOKE PROXY ON plug_dest FROM plug_user;
+3)
+ERROR 1045 (28000): Access denied for user 'plug_user'@'localhost' (using password: YES)
+DROP USER plug_user,plug_dest;
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug_user
+IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
+1)
+ERROR 1045 (28000): Access denied for user 'plug_user'@'localhost' (using password: YES)
+GRANT PROXY ON plug_dest TO plug_user;
+2)
+current_user()
+plug_dest@%
+user()
+plug_user@localhost
+Tables_in_test_user_db
+t1
+REVOKE ALL PRIVILEGES ON test_user_db.* FROM 'plug_user'
+                         IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+DROP USER plug_user,plug_dest;
+========== test 1.2 ========================================
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug_user
+IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
+GRANT PROXY ON plug_dest TO plug_user;
+current_user()
+plug_dest@%
+user()
+plug_user@localhost
+RENAME USER plug_dest TO new_dest;
+ERROR 1045 (28000): Access denied for user 'plug_user'@'localhost' (using password: YES)
+GRANT PROXY ON new_dest TO plug_user;
+ERROR 1045 (28000): Access denied for user 'plug_user'@'localhost' (using password: YES)
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+new_dest		
+plug_user	test_plugin_server	plug_dest
+DROP USER plug_user,new_dest;
+CREATE USER plug_user
+IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
+ERROR 1045 (28000): Access denied for user 'plug_user'@'localhost' (using password: YES)
+GRANT PROXY ON plug_dest TO plug_user;
+current_user()
+plug_dest@%
+user()
+plug_user@localhost
+RENAME USER plug_dest TO new_dest;
+ERROR 1045 (28000): Access denied for user 'plug_user'@'localhost' (using password: YES)
+GRANT PROXY ON new_dest TO plug_user;
+ERROR 1045 (28000): Access denied for user 'plug_user'@'localhost' (using password: YES)
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+new_dest		
+plug_user	test_plugin_server	plug_dest
+DROP USER plug_user,new_dest;
+CREATE USER plug_user
+IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
+GRANT PROXY ON plug_dest TO plug_user;
+connect(plug_user,localhost,plug_user,plug_dest);
+select USER(),CURRENT_USER();
+USER()	CURRENT_USER()
+plug_user@localhost	plug_dest@%
+connection default;
+disconnect plug_user;
+RENAME USER plug_user TO new_user;
+connect(plug_user,localhost,new_user,plug_dest);
+select USER(),CURRENT_USER();
+USER()	CURRENT_USER()
+new_user@localhost	plug_dest@%
+connection default;
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+new_user	test_plugin_server	plug_dest
+plug_dest		
+disconnect plug_user;
+UPDATE mysql.user SET user='plug_user' WHERE user='new_user';
+FLUSH PRIVILEGES;
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plug_dest		
+plug_user	test_plugin_server	plug_dest
+DROP USER plug_dest,plug_user;
+========== test 1.3 ========================================
+CREATE USER plug_user
+IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
+GRANT PROXY ON plug_dest TO plug_user;
+connect(plug_user,localhost,plug_user,plug_dest);
+select USER(),CURRENT_USER();
+USER()	CURRENT_USER()
+plug_user@localhost	plug_dest@%
+connection default;
+disconnect plug_user;
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+plug_dest		
+plug_user	test_plugin_server	plug_dest
+UPDATE mysql.user SET user='new_user' WHERE user='plug_user';
+FLUSH PRIVILEGES;
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+new_user	test_plugin_server	plug_dest
+plug_dest		
+UPDATE mysql.user SET authentication_string='new_dest' WHERE user='new_user';
+FLUSH PRIVILEGES;
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+new_user	test_plugin_server	new_dest
+plug_dest		
+UPDATE mysql.user SET plugin='new_plugin_server' WHERE user='new_user';
+FLUSH PRIVILEGES;
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+new_user	new_plugin_server	new_dest
+plug_dest		
+connect(plug_user,localhost,new_user,new_dest);
+ERROR HY000: Plugin 'new_plugin_server' is not loaded
+UPDATE mysql.user SET plugin='test_plugin_server' WHERE user='new_user';
+UPDATE mysql.user SET USER='new_dest' WHERE user='plug_dest';
+FLUSH PRIVILEGES;
+GRANT PROXY ON new_dest TO new_user;
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+new_dest		
+new_user	test_plugin_server	new_dest
+connect(plug_user,localhost,new_user,new_dest);
+select USER(),CURRENT_USER();
+USER()	CURRENT_USER()
+new_user@localhost	new_dest@%
+connection default;
+disconnect plug_user;
+UPDATE mysql.user SET USER='plug_dest' WHERE user='new_dest';
+FLUSH PRIVILEGES;
+CREATE USER new_dest IDENTIFIED BY 'new_dest_passwd';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+new_dest		
+new_user	test_plugin_server	new_dest
+plug_dest		
+GRANT ALL PRIVILEGES ON test.* TO new_user;
+connect(plug_user,localhost,new_dest,new_dest_passwd);
+select USER(),CURRENT_USER();
+USER()	CURRENT_USER()
+new_dest@localhost	new_dest@%
+connection default;
+disconnect plug_user;
+DROP USER new_user,new_dest,plug_dest;
+========== test 2, 2.1, 2.2 ================================
+CREATE USER ''@'' IDENTIFIED WITH test_plugin_server AS 'proxied_user';
+CREATE USER proxied_user IDENTIFIED BY 'proxied_user_passwd';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+	test_plugin_server	proxied_user
+proxied_user		
+connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
+SELECT USER(),CURRENT_USER();
+USER()	CURRENT_USER()
+proxied_user@localhost	proxied_user@%
+========== test 2.2.1 ======================================
+SELECT @@proxy_user;
+@@proxy_user
+NULL
+connection default;
+disconnect proxy_con;
+connect(proxy_con,localhost,proxy_user,proxied_user);
+ERROR 28000: Access denied for user 'proxy_user'@'localhost' (using password: YES)
+GRANT PROXY ON proxied_user TO ''@'';
+connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
+SELECT USER(),CURRENT_USER();
+USER()	CURRENT_USER()
+proxied_user@localhost	proxied_user@%
+connection default;
+disconnect proxy_con;
+connect(proxy_con,localhost,proxy_user,proxied_user);
+SELECT USER(),CURRENT_USER();
+USER()	CURRENT_USER()
+proxy_user@localhost	proxied_user@%
+========== test 2.2.1 ======================================
+SELECT @@proxy_user;
+@@proxy_user
+''@''
+connection default;
+disconnect proxy_con;
+DROP USER ''@'',proxied_user;
+GRANT ALL PRIVILEGES ON test_user_db.* TO ''@'' 
+IDENTIFIED WITH test_plugin_server AS 'proxied_user';
+CREATE USER proxied_user IDENTIFIED BY 'proxied_user_passwd';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+	test_plugin_server	proxied_user
+proxied_user		
+connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
+SELECT USER(),CURRENT_USER();
+USER()	CURRENT_USER()
+proxied_user@localhost	proxied_user@%
+SELECT @@proxy_user;
+@@proxy_user
+NULL
+connection default;
+disconnect proxy_con;
+connect(proxy_con,localhost,proxy_user,proxied_user);
+ERROR 28000: Access denied for user 'proxy_user'@'localhost' (using password: YES)
+GRANT PROXY ON proxied_user TO ''@'';
+connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
+SELECT USER(),CURRENT_USER();
+USER()	CURRENT_USER()
+proxied_user@localhost	proxied_user@%
+connection default;
+disconnect proxy_con;
+connect(proxy_con,localhost,proxy_user,proxied_user);
+SELECT USER(),CURRENT_USER();
+USER()	CURRENT_USER()
+proxy_user@localhost	proxied_user@%
+SELECT @@proxy_user;
+@@proxy_user
+''@''
+connection default;
+disconnect proxy_con;
+DROP USER ''@'',proxied_user;
+CREATE USER ''@'' IDENTIFIED WITH test_plugin_server AS 'proxied_user';
+CREATE USER proxied_user_1 IDENTIFIED BY 'proxied_user_1_pwd';
+CREATE USER proxied_user_2 IDENTIFIED BY 'proxied_user_2_pwd';
+CREATE USER proxied_user_3 IDENTIFIED BY 'proxied_user_3_pwd';
+CREATE USER proxied_user_4 IDENTIFIED BY 'proxied_user_4_pwd';
+CREATE USER proxied_user_5 IDENTIFIED BY 'proxied_user_5_pwd';
+GRANT PROXY ON proxied_user_1 TO ''@'';
+GRANT PROXY ON proxied_user_2 TO ''@'';
+GRANT PROXY ON proxied_user_3 TO ''@'';
+GRANT PROXY ON proxied_user_4 TO ''@'';
+GRANT PROXY ON proxied_user_5 TO ''@'';
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+	test_plugin_server	proxied_user
+proxied_user_1		
+proxied_user_2		
+proxied_user_3		
+proxied_user_4		
+proxied_user_5		
+connect(proxy_con_1,localhost,proxied_user_1,'proxied_user_1_pwd');
+connect(proxy_con_2,localhost,proxied_user_2,proxied_user_2_pwd);
+connect(proxy_con_3,localhost,proxied_user_3,proxied_user_3_pwd);
+connect(proxy_con_4,localhost,proxied_user_4,proxied_user_4_pwd);
+connect(proxy_con_5,localhost,proxied_user_5,proxied_user_5_pwd);
+connection proxy_con_1;
+SELECT USER(),CURRENT_USER();
+USER()	CURRENT_USER()
+proxied_user_1@localhost	proxied_user_1@%
+SELECT @@proxy_user;
+@@proxy_user
+NULL
+connection proxy_con_2;
+SELECT USER(),CURRENT_USER();
+USER()	CURRENT_USER()
+proxied_user_2@localhost	proxied_user_2@%
+SELECT @@proxy_user;
+@@proxy_user
+NULL
+connection proxy_con_3;
+SELECT USER(),CURRENT_USER();
+USER()	CURRENT_USER()
+proxied_user_3@localhost	proxied_user_3@%
+SELECT @@proxy_user;
+@@proxy_user
+NULL
+connection proxy_con_4;
+SELECT USER(),CURRENT_USER();
+USER()	CURRENT_USER()
+proxied_user_4@localhost	proxied_user_4@%
+SELECT @@proxy_user;
+@@proxy_user
+NULL
+connection proxy_con_5;
+SELECT USER(),CURRENT_USER();
+USER()	CURRENT_USER()
+proxied_user_5@localhost	proxied_user_5@%
+SELECT @@proxy_user;
+@@proxy_user
+NULL
+connection default;
+disconnect proxy_con_1;
+disconnect proxy_con_2;
+disconnect proxy_con_3;
+disconnect proxy_con_4;
+disconnect proxy_con_5;
+DROP USER ''@'',proxied_user_1,proxied_user_2,proxied_user_3,proxied_user_4,proxied_user_5;
+========== test 3 ==========================================
+GRANT ALL PRIVILEGES ON *.* TO plug_user
+IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
+GRANT PROXY ON plug_dest TO plug_user;
+FLUSH PRIVILEGES;
+DROP USER plug_user, plug_dest;
+DROP DATABASE test_user_db;

mysql-test/r/plugin_auth_qa_2.result

@@ -0,0 +1,146 @@
+CREATE DATABASE test_user_db;
+========== test 1.1.3.2 ====================================
+=== check contens of components of info ====================
+CREATE USER qa_test_1_user IDENTIFIED WITH qa_auth_interface AS 'qa_test_1_dest';
+CREATE USER qa_test_1_dest IDENTIFIED BY 'dest_passwd';
+GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_1_dest identified by 'dest_passwd';
+GRANT PROXY ON qa_test_1_dest TO qa_test_1_user;
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+qa_test_1_dest		
+qa_test_1_user	qa_auth_interface	qa_test_1_dest
+SELECT @@proxy_user;
+@@proxy_user
+NULL
+SELECT @@external_user;
+@@external_user
+NULL
+exec MYSQL PLUGIN_AUTH_OPT -h localhost -P 13000 -u qa_test_1_user --password=qa_test_1_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+current_user()	user()	@@local.proxy_user	@@local.external_user
+qa_test_1_user@%	qa_test_1_user@localhost	NULL	NULL
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+qa_test_1_dest		
+qa_test_1_user	qa_auth_interface	qa_test_1_dest
+DROP USER qa_test_1_user;
+DROP USER qa_test_1_dest;
+=== Assign values to components of info ====================
+CREATE USER qa_test_2_user IDENTIFIED WITH qa_auth_interface AS 'qa_test_2_dest';
+CREATE USER qa_test_2_dest IDENTIFIED BY 'dest_passwd';
+CREATE USER authenticated_as IDENTIFIED BY 'dest_passwd';
+GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_2_dest identified by 'dest_passwd';
+GRANT PROXY ON qa_test_2_dest TO qa_test_2_user;
+GRANT PROXY ON authenticated_as TO qa_test_2_user;
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+authenticated_as		
+qa_test_2_dest		
+qa_test_2_user	qa_auth_interface	qa_test_2_dest
+SELECT @@proxy_user;
+@@proxy_user
+NULL
+SELECT @@external_user;
+@@external_user
+NULL
+exec MYSQL PLUGIN_AUTH_OPT -h localhost -P 13000 -u qa_test_2_user --password=qa_test_2_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+current_user()	user()	@@local.proxy_user	@@local.external_user
+authenticated_as@%	user_name@localhost	'qa_test_2_user'@'%'	'qa_test_2_user'@'%'
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string
+authenticated_as		
+qa_test_2_dest		
+qa_test_2_user	qa_auth_interface	qa_test_2_dest
+DROP USER qa_test_2_user;
+DROP USER qa_test_2_dest;
+DROP USER authenticated_as;
+=== Assign too high values for *length, which should have no effect ====
+CREATE USER qa_test_3_user IDENTIFIED WITH qa_auth_interface AS 'qa_test_3_dest';
+CREATE USER qa_test_3_dest IDENTIFIED BY 'dest_passwd';
+GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_3_dest identified by 'dest_passwd';
+GRANT PROXY ON qa_test_3_dest TO qa_test_3_user;
+exec MYSQL PLUGIN_AUTH_OPT -h localhost -P 13000 -u qa_test_3_user --password=qa_test_3_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+current_user()	user()	@@local.proxy_user	@@local.external_user
+qa_test_3_dest@%	qa_test_3_user@localhost	'qa_test_3_user'@'%'	'qa_test_3_user'@'%'
+DROP USER qa_test_3_user;
+DROP USER qa_test_3_dest;
+=== Assign too low values for *length, which should have no effect ====
+CREATE USER qa_test_4_user IDENTIFIED WITH qa_auth_interface AS 'qa_test_4_dest';
+CREATE USER qa_test_4_dest IDENTIFIED BY 'dest_passwd';
+GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_4_dest identified by 'dest_passwd';
+GRANT PROXY ON qa_test_4_dest TO qa_test_4_user;
+exec MYSQL PLUGIN_AUTH_OPT -h localhost -P 13000 -u qa_test_4_user --password=qa_test_4_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+current_user()	user()	@@local.proxy_user	@@local.external_user
+qa_test_4_dest@%	qa_test_4_user@localhost	'qa_test_4_user'@'%'	'qa_test_4_user'@'%'
+DROP USER qa_test_4_user;
+DROP USER qa_test_4_dest;
+=== Assign empty string especially to authenticated_as (in plugin) ====
+CREATE USER qa_test_5_user IDENTIFIED WITH qa_auth_interface AS 'qa_test_5_dest';
+CREATE USER qa_test_5_dest IDENTIFIED BY 'dest_passwd';
+CREATE USER ''@'localhost' IDENTIFIED BY 'dest_passwd';
+GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_5_dest identified by 'dest_passwd';
+GRANT ALL PRIVILEGES ON test_user_db.* TO ''@'localhost' identified by 'dest_passwd';
+GRANT PROXY ON qa_test_5_dest TO qa_test_5_user;
+GRANT PROXY ON qa_test_5_dest TO ''@'localhost';
+SELECT user,plugin,authentication_string,password FROM mysql.user WHERE user != 'root';
+user	plugin	authentication_string	password
+			*DFCACE76914AD7BD801FC1A1ECF6562272621A22
+qa_test_5_user	qa_auth_interface	qa_test_5_dest	
+qa_test_5_dest			*DFCACE76914AD7BD801FC1A1ECF6562272621A22
+exec MYSQL PLUGIN_AUTH_OPT -h localhost -P 13000 --user=qa_test_5_user  --password=qa_test_5_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+ERROR 1045 (28000): Access denied for user 'qa_test_5_user'@'localhost' (using password: YES)
+DROP USER qa_test_5_user;
+DROP USER qa_test_5_dest;
+DROP USER ''@'localhost';
+=== Assign 'root' especially to authenticated_as (in plugin) ====
+CREATE USER qa_test_6_user IDENTIFIED WITH qa_auth_interface AS 'qa_test_6_dest';
+CREATE USER qa_test_6_dest IDENTIFIED BY 'dest_passwd';
+GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_6_dest identified by 'dest_passwd';
+GRANT PROXY ON qa_test_6_dest TO qa_test_6_user;
+SELECT user,plugin,authentication_string,password FROM mysql.user;
+user	plugin	authentication_string	password
+root			
+root			
+root			
+qa_test_6_user	qa_auth_interface	qa_test_6_dest	
+qa_test_6_dest			*DFCACE76914AD7BD801FC1A1ECF6562272621A22
+exec MYSQL PLUGIN_AUTH_OPT -h localhost -P 13000 --user=qa_test_6_user  --password=qa_test_6_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+ERROR 1045 (28000): Access denied for user 'qa_test_6_user'@'localhost' (using password: YES)
+GRANT PROXY ON qa_test_6_dest TO root IDENTIFIED WITH qa_auth_interface AS 'qa_test_6_dest';
+SELECT user,plugin,authentication_string,password FROM mysql.user;
+user	plugin	authentication_string	password
+root			
+root			
+root			
+qa_test_6_user	qa_auth_interface	qa_test_6_dest	
+qa_test_6_dest			*DFCACE76914AD7BD801FC1A1ECF6562272621A22
+root	qa_auth_interface	qa_test_6_dest	
+exec MYSQL PLUGIN_AUTH_OPT -h localhost -P 13000 --user=root  --password=qa_test_6_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
+REVOKE PROXY ON qa_test_6_dest FROM root;
+SELECT user,plugin,authentication_string FROM mysql.user;
+user	plugin	authentication_string
+root		
+root		
+root		
+qa_test_6_user	qa_auth_interface	qa_test_6_dest
+qa_test_6_dest		
+root	qa_auth_interface	qa_test_6_dest
+exec MYSQL PLUGIN_AUTH_OPT -h localhost -P 13000 --user=root  --password=qa_test_6_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
+DROP USER qa_test_6_user;
+DROP USER qa_test_6_dest;
+DELETE FROM mysql.user WHERE user='root' AND plugin='qa_auth_interface';
+SELECT user,plugin,authentication_string,password FROM mysql.user;
+user	plugin	authentication_string	password
+root			
+root			
+root			
+=== Test of the --default_auth option for clients ====
+CREATE USER qa_test_11_user IDENTIFIED WITH qa_auth_interface AS 'qa_test_11_dest';
+CREATE USER qa_test_11_dest IDENTIFIED BY 'dest_passwd';
+GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_11_dest identified by 'dest_passwd';
+GRANT PROXY ON qa_test_11_dest TO qa_test_11_user;
+exec MYSQL PLUGIN_AUTH_OPT --default_auth=qa_auth_client -h localhost -P 13000 -u qa_test_11_user --password=qa_test_11_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+ERROR 1045 (28000): Access denied for user 'qa_test_11_user'@'localhost' (using password: YES)
+DROP USER qa_test_11_user, qa_test_11_dest;
+DROP DATABASE test_user_db;

mysql-test/r/plugin_auth_qa_3.result

@@ -0,0 +1,11 @@
+CREATE DATABASE test_user_db;
+CREATE USER qa_test_11_user IDENTIFIED WITH qa_auth_server AS 'qa_test_11_dest';
+GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_11_dest identified by 'dest_passwd';
+GRANT PROXY ON qa_test_11_dest TO qa_test_11_user;
+exec MYSQL PLUGIN_AUTH_OPT --default_auth=qa_auth_client -h localhost -P 13000 -u qa_test_11_user --password=qa_test_11_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+current_user()	user()	@@local.proxy_user	@@local.external_user
+qa_test_11_dest@%	qa_test_11_user@localhost	'qa_test_11_user'@'%'	'qa_test_11_user'@'%'
+exec MYSQL PLUGIN_AUTH_OPT --default_auth=qa_auth_client -h localhost -P 13000 -u qa_test_2_user --password=qa_test_11_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+ERROR 1045 (28000): Access denied for user 'qa_test_2_user'@'localhost' (using password: NO)
+DROP USER qa_test_11_user, qa_test_11_dest;
+DROP DATABASE test_user_db;

mysql-test/t/plugin_auth_qa-master.opt

@@ -0,0 +1,2 @@
+$PLUGIN_AUTH_OPT
+$PLUGIN_AUTH_LOAD

mysql-test/t/plugin_auth_qa.test

@@ -0,0 +1,338 @@
+# The numbers represent test cases of the test plan.
+
+--source include/have_plugin_auth.inc
+--source include/not_embedded.inc
+
+CREATE DATABASE test_user_db;
+
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+--echo ========== test 1.1 ======================================================
+# without '', without AS part
+CREATE USER plug IDENTIFIED WITH test_plugin_server;
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER plug;
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH test_plugin_server;
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+REVOKE ALL PRIVILEGES ON test_user_db.* FROM plug;
+DROP USER plug;
+# with '', without AS part
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER plug;
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH 'test_plugin_server';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+REVOKE ALL PRIVILEGES ON test_user_db.* FROM plug;
+DROP USER plug;
+# without '', AS part empty
+CREATE USER plug IDENTIFIED WITH test_plugin_server AS '';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER plug;
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH test_plugin_server AS '';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+REVOKE ALL PRIVILEGES ON test_user_db.* FROM plug;
+DROP USER plug;
+# with '', AS part empty without ''
+--error ER_PARSE_ERROR
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS ;
+--error ER_PARSE_ERROR
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH 'test_plugin_server' AS;
+# without '', AS part without ''
+--error ER_PARSE_ERROR
+CREATE USER plug IDENTIFIED WITH test_plugin_server AS plug_dest;
+--error ER_PARSE_ERROR
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH test_plugin_server AS plug_dest;
+--echo ========== test 1.1 syntax errors ========================================
+# without auth_name
+--error ER_PARSE_ERROR
+CREATE USER plug IDENTIFIED WITH AS plug_dest;
+--error ER_PARSE_ERROR
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH AS plug_dest;
+# without auth_name and AS part
+--error ER_PARSE_ERROR
+CREATE USER plug IDENTIFIED WITH;
+--error ER_PARSE_ERROR
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH;
+# without auth_name but AS part
+--error ER_PARSE_ERROR
+CREATE USER plug IDENTIFIED AS '';
+--error ER_PARSE_ERROR
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED AS '';
+# with 2 auth_name parts
+--error ER_PARSE_ERROR
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' IDENTIFIED WITH 'test_plugin_server';
+--error ER_PARSE_ERROR
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug 
+                 IDENTIFIED WITH 'test_plugin_server' IDENTIFIED WITH 'test_plugin_server';
+# with 2 AS parts
+--error ER_PARSE_ERROR
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS '' AS 'plug_dest';
+--error ER_PARSE_ERROR
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug AS '' AS 'plug_dest';
+# with 2 complete WITH parts
+--error ER_PARSE_ERROR
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS '' 
+                 IDENTIFIED WITH test_plugin_server   AS 'plug_dest';
+--error ER_PARSE_ERROR
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH 'test_plugin_server' AS ''
+                 IDENTIFIED WITH test_plugin_server   AS 'plug_dest';
+# with BY and WITH part
+--error ER_PARSE_ERROR
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd' 
+                      IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; 
+--error ER_PARSE_ERROR
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED BY 'plug_dest_passwd'
+                      IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+# with WITH part and BY part
+--error ER_PARSE_ERROR
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest' 
+       USER plug_dest IDENTIFIED by 'plug_dest_pwd';
+--error ER_PARSE_ERROR
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'
+       USER plug_dest IDENTIFIED by 'plug_dest_pwd';
+# with WITH part and BY part
+--error ER_PARSE_ERROR
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest' 
+       plug_dest IDENTIFIED by 'plug_dest_pwd';
+--error ER_PARSE_ERROR
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'
+       plug_dest IDENTIFIED by 'plug_dest_pwd';
+# with WITH part and BY part
+--error ER_PARSE_ERROR
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest' 
+       IDENTIFIED by 'plug_dest_pwd';
+--error ER_PARSE_ERROR
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'
+       IDENTIFIED by 'plug_dest_pwd';
+
+--echo ========== test 1.1  combinations ==========================
+# CREATE...WITH/CREATE...BY
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+--echo ========== test 1.1.1.6/1.1.2.5 ============================
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER plug, plug_dest;
+# 
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER plug;
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER plug_dest;
+#  GRANT...WITH/CREATE...BY
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER plug, plug_dest;
+# 
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER plug;
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER plug_dest;
+# CREATE...WITH/GRANT...BY
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug_dest IDENTIFIED BY 'plug_dest_passwd';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER plug, plug_dest;
+# 
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER plug;
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug_dest IDENTIFIED BY 'plug_dest_passwd';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER plug_dest;
+# 
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+--error 1700
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+--error 1700
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH 'test_plugin_server';
+DROP USER plug;
+#
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+--error ER_CANNOT_USER
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+--error ER_CANNOT_USER
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server';
+DROP USER plug;
+# 
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+--sorted_result
+SELECT user,plugin,authentication_string,password FROM mysql.user WHERE user != 'root';
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED BY 'plug_dest_passwd';
+--sorted_result
+SELECT user,plugin,authentication_string,password FROM mysql.user WHERE user != 'root';
+DROP USER plug;
+#
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+--error ER_CANNOT_USER
+CREATE USER plug IDENTIFIED BY 'plug_dest_passwd';
+DROP USER plug;
+#
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+CREATE USER plug_dest IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+--sorted_result
+SELECT user,plugin,authentication_string,password FROM mysql.user WHERE user != 'root';
+DROP USER plug,plug_dest;
+#
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+--sorted_result
+SELECT user,plugin,authentication_string,password FROM mysql.user WHERE user != 'root';
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug_dest 
+                        IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+--sorted_result
+SELECT user,plugin,authentication_string,password FROM mysql.user WHERE user != 'root';
+DROP USER plug,plug_dest;
+# 
+
+--echo ========== test 1.1.1.1/1.1.2.1/1.1.1.5 ====================
+
+SET NAMES utf8;
+# 
+CREATE USER plüg IDENTIFIED WITH 'test_plugin_server' AS 'plüg_dest';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER plüg;
+CREATE USER plüg_dest IDENTIFIED BY 'plug_dest_passwd';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER plüg_dest;
+
+SET NAMES ascii;
+# 
+CREATE USER 'plüg' IDENTIFIED WITH 'test_plugin_server' AS 'plüg_dest';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER 'plüg';
+CREATE USER 'plüg_dest' IDENTIFIED BY 'plug_dest_passwd';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER 'plüg_dest';
+
+SET NAMES latin1;
+# 
+--echo ========== test 1.1.1.5 ====================================
+--error ER_PLUGIN_IS_NOT_LOADED
+CREATE USER 'plüg' IDENTIFIED WITH 'test_plügin_server' AS 'plüg_dest';
+CREATE USER 'plug' IDENTIFIED WITH 'test_plugin_server' AS 'plüg_dest';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER 'plug';
+CREATE USER 'plüg_dest' IDENTIFIED BY 'plug_dest_passwd';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER 'plüg_dest';
+
+SET NAMES utf8;
+# 
+--error ER_PLUGIN_IS_NOT_LOADED
+CREATE USER plüg IDENTIFIED WITH 'test_plügin_server' AS 'plüg_dest';
+CREATE USER 'plüg' IDENTIFIED WITH 'test_plugin_server' AS 'plüg_dest';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER 'plüg';
+CREATE USER 'plüg_dest' IDENTIFIED BY 'plug_dest_passwd';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER 'plüg_dest';
+
+CREATE USER plüg IDENTIFIED WITH test_plugin_server AS 'plüg_dest';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER plüg;
+CREATE USER plüg_dest IDENTIFIED BY 'plug_dest_passwd';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER plüg_dest;
+
+--echo ========== test 1.1.1.2/1.1.2.2=============================
+
+SET @auth_name= 'test_plugin_server';
+--error ER_PARSE_ERROR
+CREATE USER plug IDENTIFIED WITH @auth_name AS 'plug_dest';
+
+SET @auth_string= 'plug_dest';
+--error ER_PARSE_ERROR
+CREATE USER plug IDENTIFIED WITH test_plugin_server AS @auth_string;
+
+--echo ========== test 1.1.1.3/1.1.2.3=============================
+
+--error ER_PLUGIN_IS_NOT_LOADED
+CREATE USER plug IDENTIFIED WITH 'hh''s_test_plugin_server' AS 'plug_dest';
+
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'hh''s_plug_dest';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER plug;
+CREATE USER 'hh''s_plug_dest' IDENTIFIED BY 'plug_dest_passwd';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER 'hh''s_plug_dest';
+
+--echo ========== test 1.1.1.4 ====================================
+
+--error ER_PARSE_ERROR
+CREATE USER plug IDENTIFIED WITH hh''s_test_plugin_server AS 'plug_dest';
+
+--echo ========== test 1.1.3.1 ====================================
+
+GRANT INSERT ON test_user_db.* TO grant_user IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+CREATE USER plug_dest; 
+DROP USER plug_dest;
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug_dest;
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER grant_user,plug_dest;
+#
+set @save_sql_mode= @@sql_mode;
+SET @@sql_mode=no_auto_create_user;
+GRANT INSERT ON test_user_db.* TO grant_user IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+CREATE USER plug_dest; 
+DROP USER plug_dest;
+--error ER_PASSWORD_NO_MATCH
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug_dest;
+DROP USER grant_user;
+#
+GRANT INSERT ON test_user_db.* TO grant_user IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; 
+--sorted_result
+SELECT user,plugin,authentication_string,password FROM mysql.user WHERE user != 'root';
+DROP USER plug_dest;
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug_dest IDENTIFIED BY 'plug_user_passwd';
+--sorted_result
+SELECT user,plugin,authentication_string,password FROM mysql.user WHERE user != 'root';
+DROP USER grant_user,plug_dest;
+set @@sql_mode= @save_sql_mode;
+#
+DROP DATABASE test_user_db;
+--exit
+

mysql-test/t/plugin_auth_qa_1-master.opt

@@ -0,0 +1,2 @@
+$PLUGIN_AUTH_OPT
+$PLUGIN_AUTH_LOAD

mysql-test/t/plugin_auth_qa_1.test

@@ -0,0 +1,334 @@
+# The numbers represent test cases of the test plan.
+
+--source include/have_plugin_auth.inc
+--source include/not_embedded.inc
+
+CREATE DATABASE test_user_db;
+
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+
+--echo ========== test 1.1.3.2 ====================================
+
+# CREATE...WITH/CREATE...BY/GRANT
+CREATE USER plug_user IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
+GRANT PROXY ON plug_dest TO plug_user;
+--exec $MYSQL -S var/tmp/mysqld.1.sock -u plug_user $PLUGIN_AUTH_OPT --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1
+REVOKE PROXY ON plug_dest FROM plug_user;
+--error 1
+--exec $MYSQL -S var/tmp/mysqld.1.sock -u plug_user $PLUGIN_AUTH_OPT --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1
+DROP USER plug_user,plug_dest;
+#
+# GRANT...WITH
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug_user
+  IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug_dest IDENTIFIED BY 'plug_dest_passwd';
+GRANT PROXY ON plug_dest TO plug_user;
+
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+--echo 1)
+--exec $MYSQL -S var/tmp/mysqld.1.sock -u plug_user $PLUGIN_AUTH_OPT --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1
+REVOKE ALL PRIVILEGES ON test_user_db.* FROM 'plug_user'
+                         IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+--echo 2)
+--exec $MYSQL -S var/tmp/mysqld.1.sock -u plug_user $PLUGIN_AUTH_OPT --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1
+REVOKE PROXY ON plug_dest FROM plug_user;
+--echo 3)
+--error 1
+--exec $MYSQL -S var/tmp/mysqld.1.sock -u plug_user $PLUGIN_AUTH_OPT --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1
+DROP USER plug_user,plug_dest;
+#
+# GRANT...WITH/CREATE...BY
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug_user
+  IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
+--echo 1)
+--error 1
+--exec $MYSQL -S var/tmp/mysqld.1.sock -u plug_user $PLUGIN_AUTH_OPT --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1
+GRANT PROXY ON plug_dest TO plug_user;
+--echo 2)
+--exec $MYSQL -S var/tmp/mysqld.1.sock -u plug_user $PLUGIN_AUTH_OPT --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1
+REVOKE ALL PRIVILEGES ON test_user_db.* FROM 'plug_user'
+                         IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+#REVOKE ALL PRIVILEGES ON test_user_db.* FROM 'plug_dest'
+#                         IDENTIFIED BY 'plug_dest_passwd';
+DROP USER plug_user,plug_dest;
+
+--echo ========== test 1.2 ========================================
+
+# GRANT...WITH/CREATE...BY
+GRANT ALL PRIVILEGES ON test_user_db.* TO plug_user
+  IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
+GRANT PROXY ON plug_dest TO plug_user;
+--exec $MYSQL -S var/tmp/mysqld.1.sock -u plug_user $PLUGIN_AUTH_OPT --password=plug_dest -e "SELECT current_user();SELECT user();" 2>&1
+RENAME USER plug_dest TO new_dest;
+--error 1
+--exec $MYSQL -S var/tmp/mysqld.1.sock -u plug_user $PLUGIN_AUTH_OPT --password=plug_dest -e "SELECT current_user();SELECT user();" 2>&1
+GRANT PROXY ON new_dest TO plug_user;
+--error 1
+--exec $MYSQL -S var/tmp/mysqld.1.sock -u plug_user $PLUGIN_AUTH_OPT --password=new_dest -e "SELECT current_user();SELECT user();" 2>&1
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER plug_user,new_dest;
+
+# CREATE...WITH/CREATE...BY
+CREATE USER plug_user
+  IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
+--error 1
+--exec $MYSQL -S var/tmp/mysqld.1.sock -u plug_user $PLUGIN_AUTH_OPT --password=plug_dest -e "SELECT current_user();SELECT user();" 2>&1
+GRANT PROXY ON plug_dest TO plug_user;
+--exec $MYSQL -S var/tmp/mysqld.1.sock -u plug_user $PLUGIN_AUTH_OPT --password=plug_dest -e "SELECT current_user();SELECT user();" 2>&1
+RENAME USER plug_dest TO new_dest;
+--error 1
+--exec $MYSQL -S var/tmp/mysqld.1.sock -u plug_user $PLUGIN_AUTH_OPT --password=plug_dest -e "SELECT current_user();SELECT user();" 2>&1
+GRANT PROXY ON new_dest TO plug_user;
+--error 1
+--exec $MYSQL -S var/tmp/mysqld.1.sock -u plug_user $PLUGIN_AUTH_OPT --password=new_dest -e "SELECT current_user();SELECT user();" 2>&1
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER plug_user,new_dest;
+# CREATE...WITH
+CREATE USER plug_user
+  IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
+GRANT PROXY ON plug_dest TO plug_user;
+--echo connect(plug_user,localhost,plug_user,plug_dest);
+connect(plug_user,localhost,plug_user,plug_dest);
+select USER(),CURRENT_USER();
+--echo connection default;
+connection default;
+--echo disconnect plug_user;
+disconnect plug_user;
+RENAME USER plug_user TO new_user;
+--echo connect(plug_user,localhost,new_user,plug_dest);
+connect(plug_user,localhost,new_user,plug_dest);
+select USER(),CURRENT_USER();
+--echo connection default;
+connection default;
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+--echo disconnect plug_user;
+disconnect plug_user;
+UPDATE mysql.user SET user='plug_user' WHERE user='new_user';
+FLUSH PRIVILEGES;
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+DROP USER plug_dest,plug_user;
+--echo ========== test 1.3 ========================================
+
+#
+CREATE USER plug_user
+  IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
+GRANT PROXY ON plug_dest TO plug_user;
+--echo connect(plug_user,localhost,plug_user,plug_dest);
+connect(plug_user,localhost,plug_user,plug_dest);
+select USER(),CURRENT_USER();
+--echo connection default;
+connection default;
+--echo disconnect plug_user;
+disconnect plug_user;
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+UPDATE mysql.user SET user='new_user' WHERE user='plug_user';
+FLUSH PRIVILEGES;
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+UPDATE mysql.user SET authentication_string='new_dest' WHERE user='new_user';
+FLUSH PRIVILEGES;
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+UPDATE mysql.user SET plugin='new_plugin_server' WHERE user='new_user';
+FLUSH PRIVILEGES;
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+--echo connect(plug_user,localhost,new_user,new_dest);
+--disable_query_log
+--error ER_PLUGIN_IS_NOT_LOADED
+connect(plug_user,localhost,new_user,new_dest);
+--enable_query_log
+UPDATE mysql.user SET plugin='test_plugin_server' WHERE user='new_user';
+UPDATE mysql.user SET USER='new_dest' WHERE user='plug_dest';
+FLUSH PRIVILEGES;
+GRANT PROXY ON new_dest TO new_user;
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+--echo connect(plug_user,localhost,new_user,new_dest);
+connect(plug_user,localhost,new_user,new_dest);
+select USER(),CURRENT_USER();
+--echo connection default;
+connection default;
+--echo disconnect plug_user;
+disconnect plug_user;
+UPDATE mysql.user SET USER='plug_dest' WHERE user='new_dest';
+FLUSH PRIVILEGES;
+CREATE USER new_dest IDENTIFIED BY 'new_dest_passwd';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+GRANT ALL PRIVILEGES ON test.* TO new_user;
+--echo connect(plug_user,localhost,new_dest,new_dest_passwd);
+connect(plug_user,localhost,new_dest,new_dest_passwd);
+select USER(),CURRENT_USER();
+--echo connection default;
+connection default;
+--echo disconnect plug_user;
+disconnect plug_user;
+DROP USER new_user,new_dest,plug_dest;
+
+--echo ========== test 2, 2.1, 2.2 ================================
+
+CREATE USER ''@'' IDENTIFIED WITH test_plugin_server AS 'proxied_user';
+CREATE USER proxied_user IDENTIFIED BY 'proxied_user_passwd';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+--echo connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
+connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
+SELECT USER(),CURRENT_USER();
+--echo ========== test 2.2.1 ======================================
+SELECT @@proxy_user;
+--echo connection default;
+connection default;
+--echo disconnect proxy_con;
+disconnect proxy_con;
+--echo connect(proxy_con,localhost,proxy_user,proxied_user);
+--disable_query_log
+--error ER_ACCESS_DENIED_ERROR : this should fail : no grant
+connect(proxy_con,localhost,proxy_user,proxied_user);
+--enable_query_log
+GRANT PROXY ON proxied_user TO ''@'';
+--echo connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
+connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
+SELECT USER(),CURRENT_USER();
+--echo connection default;
+connection default;
+--echo disconnect proxy_con;
+disconnect proxy_con;
+--echo connect(proxy_con,localhost,proxy_user,proxied_user);
+connect(proxy_con,localhost,proxy_user,proxied_user);
+SELECT USER(),CURRENT_USER();
+--echo ========== test 2.2.1 ======================================
+SELECT @@proxy_user;
+--echo connection default;
+connection default;
+--echo disconnect proxy_con;
+disconnect proxy_con;
+DROP USER ''@'',proxied_user;
+#
+GRANT ALL PRIVILEGES ON test_user_db.* TO ''@'' 
+                     IDENTIFIED WITH test_plugin_server AS 'proxied_user';
+CREATE USER proxied_user IDENTIFIED BY 'proxied_user_passwd';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+--echo connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
+connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
+SELECT USER(),CURRENT_USER();
+SELECT @@proxy_user;
+--echo connection default;
+connection default;
+--echo disconnect proxy_con;
+disconnect proxy_con;
+--echo connect(proxy_con,localhost,proxy_user,proxied_user);
+--disable_query_log
+--error ER_ACCESS_DENIED_ERROR : this should fail : no grant
+connect(proxy_con,localhost,proxy_user,proxied_user);
+--enable_query_log
+GRANT PROXY ON proxied_user TO ''@'';
+--echo connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
+connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
+SELECT USER(),CURRENT_USER();
+--echo connection default;
+connection default;
+--echo disconnect proxy_con;
+disconnect proxy_con;
+--echo connect(proxy_con,localhost,proxy_user,proxied_user);
+connect(proxy_con,localhost,proxy_user,proxied_user);
+SELECT USER(),CURRENT_USER();
+SELECT @@proxy_user;
+--echo connection default;
+connection default;
+--echo disconnect proxy_con;
+disconnect proxy_con;
+DROP USER ''@'',proxied_user;
+#
+CREATE USER ''@'' IDENTIFIED WITH test_plugin_server AS 'proxied_user';
+CREATE USER proxied_user_1 IDENTIFIED BY 'proxied_user_1_pwd';
+CREATE USER proxied_user_2 IDENTIFIED BY 'proxied_user_2_pwd';
+CREATE USER proxied_user_3 IDENTIFIED BY 'proxied_user_3_pwd';
+CREATE USER proxied_user_4 IDENTIFIED BY 'proxied_user_4_pwd';
+CREATE USER proxied_user_5 IDENTIFIED BY 'proxied_user_5_pwd';
+GRANT PROXY ON proxied_user_1 TO ''@'';
+GRANT PROXY ON proxied_user_2 TO ''@'';
+GRANT PROXY ON proxied_user_3 TO ''@'';
+GRANT PROXY ON proxied_user_4 TO ''@'';
+GRANT PROXY ON proxied_user_5 TO ''@'';
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+--echo connect(proxy_con_1,localhost,proxied_user_1,'proxied_user_1_pwd');
+connect(proxy_con_1,localhost,proxied_user_1,'proxied_user_1_pwd');
+--echo connect(proxy_con_2,localhost,proxied_user_2,proxied_user_2_pwd);
+connect(proxy_con_2,localhost,proxied_user_2,proxied_user_2_pwd);
+--echo connect(proxy_con_3,localhost,proxied_user_3,proxied_user_3_pwd);
+connect(proxy_con_3,localhost,proxied_user_3,proxied_user_3_pwd);
+--echo connect(proxy_con_4,localhost,proxied_user_4,proxied_user_4_pwd);
+connect(proxy_con_4,localhost,proxied_user_4,proxied_user_4_pwd);
+--echo connect(proxy_con_5,localhost,proxied_user_5,proxied_user_5_pwd);
+connect(proxy_con_5,localhost,proxied_user_5,proxied_user_5_pwd);
+--echo connection proxy_con_1;
+connection proxy_con_1;
+SELECT USER(),CURRENT_USER();
+SELECT @@proxy_user;
+--echo connection proxy_con_2;
+connection proxy_con_2;
+SELECT USER(),CURRENT_USER();
+SELECT @@proxy_user;
+--echo connection proxy_con_3;
+connection proxy_con_3;
+SELECT USER(),CURRENT_USER();
+SELECT @@proxy_user;
+--echo connection proxy_con_4;
+connection proxy_con_4;
+SELECT USER(),CURRENT_USER();
+SELECT @@proxy_user;
+--echo connection proxy_con_5;
+connection proxy_con_5;
+SELECT USER(),CURRENT_USER();
+SELECT @@proxy_user;
+--echo connection default;
+connection default;
+--echo disconnect proxy_con_1;
+disconnect proxy_con_1;
+--echo disconnect proxy_con_2;
+disconnect proxy_con_2;
+--echo disconnect proxy_con_3;
+disconnect proxy_con_3;
+--echo disconnect proxy_con_4;
+disconnect proxy_con_4;
+--echo disconnect proxy_con_5;
+disconnect proxy_con_5;
+DROP USER ''@'',proxied_user_1,proxied_user_2,proxied_user_3,proxied_user_4,proxied_user_5;
+
+--echo ========== test 3 ==========================================
+
+GRANT ALL PRIVILEGES ON *.* TO plug_user
+  IDENTIFIED WITH test_plugin_server AS 'plug_dest';
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
+GRANT PROXY ON plug_dest TO plug_user;
+FLUSH PRIVILEGES;
+
+# Not working with the patch.
+
+#--replace_result $MYSQLADMIN MYSQLADMIN $MASTER_MYPORT MYPORT $MASTER_MYSOCK MYSOCK
+#--exec $MYSQLADMIN $PLUGIN_AUTH_OPT -h localhost -P $MASTER_MYPORT -S $MASTER_MYSOCK -u plug_user --password=plug_dest ping 2>&1
+#--replace_result $MYSQL_CHECK MYSQL_CHECK $MASTER_MYPORT MYPORT
+#--exec $MYSQL_CHECK $PLUGIN_AUTH_OPT -h localhost -P $MASTER_MYPORT  -u plug_user --password=plug_dest test
+#--replace_result $MYSQL_DUMP MYSQL_DUMP $MASTER_MYPORT MYPORT
+#--exec $MYSQL_DUMP -h localhost -P $MASTER_MYPORT $PLUGIN_AUTH_OPT -u plug_user --password=plug_dest test
+#--replace_result $MYSQL_SHOW MYSQL_SHOW $MASTER_MYPORT MYPORT
+#--exec $MYSQL_SHOW $PLUGIN_AUTH_OPT -h localhost -P $MASTER_MYPORT --plugin_dir=../plugin/auth -u plug_user --password=plug_dest 2>&1
+DROP USER plug_user, plug_dest;
+DROP DATABASE test_user_db;
+--exit

mysql-test/t/plugin_auth_qa_2-master.opt

@@ -0,0 +1,2 @@
+$PLUGIN_AUTH_OPT
+$PLUGIN_AUTH_INTERFACE

mysql-test/t/plugin_auth_qa_2.test

@@ -0,0 +1,148 @@
+# Horst Hunger
+# Created: 2010-10-06
+# 
+# Test of the authentification interface. The plugin checks the expected values set
+# by this application and the application checks the values set the the plugin.
+--source include/have_plugin_interface.inc
+--source include/not_embedded.inc
+
+CREATE DATABASE test_user_db;
+
+--echo ========== test 1.1.3.2 ====================================
+--echo === check contens of components of info ====================
+
+CREATE USER qa_test_1_user IDENTIFIED WITH qa_auth_interface AS 'qa_test_1_dest';
+CREATE USER qa_test_1_dest IDENTIFIED BY 'dest_passwd';
+GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_1_dest identified by 'dest_passwd';
+GRANT PROXY ON qa_test_1_dest TO qa_test_1_user;
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+SELECT @@proxy_user;
+SELECT @@external_user;
+
+--echo exec MYSQL PLUGIN_AUTH_OPT -h localhost -P $MASTER_MYPORT -u qa_test_1_user --password=qa_test_1_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+--exec $MYSQL $PLUGIN_AUTH_OPT -h localhost -P $MASTER_MYPORT -u qa_test_1_user --password=qa_test_1_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+
+DROP USER qa_test_1_user;
+DROP USER qa_test_1_dest;
+
+--echo === Assign values to components of info ====================
+
+CREATE USER qa_test_2_user IDENTIFIED WITH qa_auth_interface AS 'qa_test_2_dest';
+CREATE USER qa_test_2_dest IDENTIFIED BY 'dest_passwd';
+CREATE USER authenticated_as IDENTIFIED BY 'dest_passwd';
+GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_2_dest identified by 'dest_passwd';
+GRANT PROXY ON qa_test_2_dest TO qa_test_2_user;
+GRANT PROXY ON authenticated_as TO qa_test_2_user;
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+SELECT @@proxy_user;
+SELECT @@external_user;
+
+--echo exec MYSQL PLUGIN_AUTH_OPT -h localhost -P $MASTER_MYPORT -u qa_test_2_user --password=qa_test_2_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+--exec $MYSQL $PLUGIN_AUTH_OPT -h localhost -P $MASTER_MYPORT -u qa_test_2_user --password=qa_test_2_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+
+--sorted_result
+SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root';
+
+DROP USER qa_test_2_user;
+DROP USER qa_test_2_dest;
+DROP USER authenticated_as;
+
+--echo === Assign too high values for *length, which should have no effect ====
+
+CREATE USER qa_test_3_user IDENTIFIED WITH qa_auth_interface AS 'qa_test_3_dest';
+CREATE USER qa_test_3_dest IDENTIFIED BY 'dest_passwd';
+GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_3_dest identified by 'dest_passwd';
+GRANT PROXY ON qa_test_3_dest TO qa_test_3_user;
+
+--echo exec MYSQL PLUGIN_AUTH_OPT -h localhost -P $MASTER_MYPORT -u qa_test_3_user --password=qa_test_3_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+--exec $MYSQL $PLUGIN_AUTH_OPT -h localhost -P $MASTER_MYPORT -u qa_test_3_user --password=qa_test_3_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+
+DROP USER qa_test_3_user;
+DROP USER qa_test_3_dest;
+
+--echo === Assign too low values for *length, which should have no effect ====
+
+CREATE USER qa_test_4_user IDENTIFIED WITH qa_auth_interface AS 'qa_test_4_dest';
+CREATE USER qa_test_4_dest IDENTIFIED BY 'dest_passwd';
+GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_4_dest identified by 'dest_passwd';
+GRANT PROXY ON qa_test_4_dest TO qa_test_4_user;
+
+--echo exec MYSQL PLUGIN_AUTH_OPT -h localhost -P $MASTER_MYPORT -u qa_test_4_user --password=qa_test_4_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+--exec $MYSQL $PLUGIN_AUTH_OPT -h localhost -P $MASTER_MYPORT -u qa_test_4_user --password=qa_test_4_dest  test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+
+DROP USER qa_test_4_user;
+DROP USER qa_test_4_dest;
+
+--echo === Assign empty string especially to authenticated_as (in plugin) ====
+
+CREATE USER qa_test_5_user IDENTIFIED WITH qa_auth_interface AS 'qa_test_5_dest';
+CREATE USER qa_test_5_dest IDENTIFIED BY 'dest_passwd';
+CREATE USER ''@'localhost' IDENTIFIED BY 'dest_passwd';
+GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_5_dest identified by 'dest_passwd';
+GRANT ALL PRIVILEGES ON test_user_db.* TO ''@'localhost' identified by 'dest_passwd';
+GRANT PROXY ON qa_test_5_dest TO qa_test_5_user;
+GRANT PROXY ON qa_test_5_dest TO ''@'localhost';
+
+SELECT user,plugin,authentication_string,password FROM mysql.user WHERE user != 'root';
+
+--echo exec MYSQL PLUGIN_AUTH_OPT -h localhost -P $MASTER_MYPORT --user=qa_test_5_user  --password=qa_test_5_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+--error 1
+--exec $MYSQL $PLUGIN_AUTH_OPT -h localhost -P $MASTER_MYPORT --user=qa_test_5_user --password=qa_test_5_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+
+DROP USER qa_test_5_user;
+DROP USER qa_test_5_dest;
+DROP USER ''@'localhost';
+
+--echo === Assign 'root' especially to authenticated_as (in plugin) ====
+
+CREATE USER qa_test_6_user IDENTIFIED WITH qa_auth_interface AS 'qa_test_6_dest';
+CREATE USER qa_test_6_dest IDENTIFIED BY 'dest_passwd';
+GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_6_dest identified by 'dest_passwd';
+GRANT PROXY ON qa_test_6_dest TO qa_test_6_user;
+
+SELECT user,plugin,authentication_string,password FROM mysql.user;
+
+--echo exec MYSQL PLUGIN_AUTH_OPT -h localhost -P $MASTER_MYPORT --user=qa_test_6_user  --password=qa_test_6_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+--error 1
+--exec $MYSQL $PLUGIN_AUTH_OPT -h localhost -P $MASTER_MYPORT --user=qa_test_6_user --password=qa_test_6_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+
+GRANT PROXY ON qa_test_6_dest TO root IDENTIFIED WITH qa_auth_interface AS 'qa_test_6_dest';
+SELECT user,plugin,authentication_string,password FROM mysql.user;
+
+--echo exec MYSQL PLUGIN_AUTH_OPT -h localhost -P $MASTER_MYPORT --user=root  --password=qa_test_6_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+--error 1
+--exec $MYSQL $PLUGIN_AUTH_OPT -h localhost -P $MASTER_MYPORT --user=root --password=qa_test_6_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+
+REVOKE PROXY ON qa_test_6_dest FROM root;
+SELECT user,plugin,authentication_string FROM mysql.user;
+
+--echo exec MYSQL PLUGIN_AUTH_OPT -h localhost -P $MASTER_MYPORT --user=root  --password=qa_test_6_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+--error 1
+--exec $MYSQL $PLUGIN_AUTH_OPT -h localhost -P $MASTER_MYPORT --user=root --password=qa_test_6_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+
+DROP USER qa_test_6_user;
+DROP USER qa_test_6_dest;
+DELETE FROM mysql.user WHERE user='root' AND plugin='qa_auth_interface';
+SELECT user,plugin,authentication_string,password FROM mysql.user;
+
+
+--echo === Test of the --default_auth option for clients ====
+
+CREATE USER qa_test_11_user IDENTIFIED WITH qa_auth_interface AS 'qa_test_11_dest';
+CREATE USER qa_test_11_dest IDENTIFIED BY 'dest_passwd';
+GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_11_dest identified by 'dest_passwd';
+GRANT PROXY ON qa_test_11_dest TO qa_test_11_user;
+
+--echo exec MYSQL PLUGIN_AUTH_OPT --default_auth=qa_auth_client -h localhost -P $MASTER_MYPORT -u qa_test_11_user --password=qa_test_11_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+--error 1
+--exec $MYSQL $PLUGIN_AUTH_OPT --default_auth=qa_auth_client -h localhost -P $MASTER_MYPORT -u qa_test_11_user --password=qa_test_11_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+
+DROP USER qa_test_11_user, qa_test_11_dest;
+DROP DATABASE test_user_db;
+
+--exit

mysql-test/t/plugin_auth_qa_3-master.opt

@@ -0,0 +1,2 @@
+$PLUGIN_AUTH_OPT
+$PLUGIN_AUTH_SERVER

mysql-test/t/plugin_auth_qa_3.test

@@ -0,0 +1,25 @@
+# Horst Hunger
+# Created: 2010-10-06
+# 
+# Test of the authentification interface. The plugin checks the expected values set
+# by this application and the application checks the values set the the plugin.
+--source include/have_plugin_server.inc
+--source include/not_embedded.inc
+
+CREATE DATABASE test_user_db;
+
+CREATE USER qa_test_11_user IDENTIFIED WITH qa_auth_server AS 'qa_test_11_dest';
+GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_11_dest identified by 'dest_passwd';
+GRANT PROXY ON qa_test_11_dest TO qa_test_11_user;
+
+--echo exec MYSQL PLUGIN_AUTH_OPT --default_auth=qa_auth_client -h localhost -P $MASTER_MYPORT -u qa_test_11_user --password=qa_test_11_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+--exec $MYSQL $PLUGIN_AUTH_OPT --default_auth=qa_auth_client -h localhost -P $MASTER_MYPORT -u qa_test_11_user --password=qa_test_11_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+
+--echo exec MYSQL PLUGIN_AUTH_OPT --default_auth=qa_auth_client -h localhost -P $MASTER_MYPORT -u qa_test_2_user --password=qa_test_11_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+--error 1
+--exec $MYSQL $PLUGIN_AUTH_OPT --default_auth=qa_auth_client -h localhost -P $MASTER_MYPORT -u qa_test_2_user --password=qa_test_2_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1
+
+DROP USER qa_test_11_user, qa_test_11_dest;
+DROP DATABASE test_user_db;
+
+--exit

plugin/auth/CMakeLists.txt

@@ -18,6 +18,14 @@ MYSQL_ADD_PLUGIN(auth dialog.c
   MODULE_ONLY)
 MYSQL_ADD_PLUGIN(auth_test_plugin test_plugin.c 
   MODULE_ONLY)
+MYSQL_ADD_PLUGIN(qa_auth_interface qa_auth_interface.c
+  MODULE_ONLY)
+
+MYSQL_ADD_PLUGIN(qa_auth_server qa_auth_server.c
+  MODULE_ONLY)
+
+MYSQL_ADD_PLUGIN(qa_auth_client qa_auth_client.c
+  MODULE_ONLY)
 
 CHECK_CXX_SOURCE_COMPILES(
 "#define _GNU_SOURCE

plugin/auth/Makefile.am

@@ -3,10 +3,14 @@ pkgplugindir=$(pkglibdir)/plugin
 AM_LDFLAGS=-module -rpath $(pkgplugindir)
 AM_CPPFLAGS=-DMYSQL_DYNAMIC_PLUGIN -Wno-pointer-sign -I$(top_srcdir)/include
 
-pkgplugin_LTLIBRARIES=  auth.la auth_test_plugin.la
+pkgplugin_LTLIBRARIES=  auth.la auth_test_plugin.la qa_auth_interface.la qa_auth_server.la qa_auth_client.la
 auth_la_SOURCES= dialog.c
 auth_test_plugin_la_SOURCES= test_plugin.c
 
+qa_auth_interface_la_SOURCES= qa_auth_interface.c
+qa_auth_server_la_SOURCES= qa_auth_server.c
+qa_auth_client_la_SOURCES= qa_auth_client.c
+
 if HAVE_PEERCRED
 pkgplugin_LTLIBRARIES+= auth_socket.la
 auth_socket_la_SOURCES= auth_socket.c

plugin/auth/qa_auth_client.c

@@ -0,0 +1,127 @@
+/*  Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
+    
+    This program is free software; you can redistribute it and/or
+    modify it under the terms of the GNU General Public License as
+    published by the Free Software Foundation; version 2 of the
+    License.
+    
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+    GNU General Public License for more details.
+    
+    You should have received a copy of the GNU General Public License
+    along with this program; if not, write to the Free Software
+    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
+
+#include <my_global.h>
+#include <mysql/plugin_auth.h>
+#include <mysql/client_plugin.h>
+#include <string.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+/**
+  first byte of the question string is the question "type".
+  It can be a "ordinary" or a "password" question.
+  The last bit set marks a last question in the authentication exchange.
+*/
+#define ORDINARY_QUESTION       "\2"
+#define LAST_QUESTION           "\3"
+#define LAST_PASSWORD           "\4"
+#define PASSWORD_QUESTION       "\5"
+
+/********************* CLIENT SIDE ***************************************/
+/*
+  client plugin used for testing the plugin API
+*/
+#include <mysql.h>
+
+/**
+  The main function of the test plugin.
+
+  Reads the prompt, check if the handshake is done and if the prompt is a
+  password request and returns the password. Otherwise return error.
+
+  @note
+   1. this plugin shows how a client authentication plugin
+      may read a MySQL protocol OK packet internally - which is important
+      where a number of packets is not known in advance.
+   2. the first byte of the prompt is special. it is not
+      shown to the user, but signals whether it is the last question
+      (prompt[0] & 1 == 1) or not last (prompt[0] & 1 == 0),
+      and whether the input is a password (not echoed).
+   3. the prompt is expected to be sent zero-terminated
+*/
+static int test_plugin_client(MYSQL_PLUGIN_VIO *vio, MYSQL *mysql)
+{
+  unsigned char *pkt, cmd= 0;
+  int pkt_len, res;
+  char *reply;
+
+  do
+  {
+    /* read the prompt */
+    pkt_len= vio->read_packet(vio, &pkt);
+    if (pkt_len < 0)
+      return CR_ERROR;
+
+    if (pkt == 0)
+    {
+      /*
+        in mysql_change_user() the client sends the first packet, so
+        the first vio->read_packet() does nothing (pkt == 0).
+
+        We send the "password", assuming the client knows what its doing.
+        (in other words, the dialog plugin should be only set as a default
+        authentication plugin on the client if the first question
+        asks for a password - which will be sent in cleat text, by the way)
+      */
+      reply= mysql->passwd;
+    }
+    else
+    {
+      cmd= *pkt++;
+
+      /* is it MySQL protocol (0=OK or 254=need old password) packet ? */
+      if (cmd == 0 || cmd == 254)
+        return CR_OK_HANDSHAKE_COMPLETE; /* yes. we're done */
+
+      /*
+        asking for a password with an empty prompt means mysql->password
+        otherwise return an error
+      */
+      if ((cmd == LAST_PASSWORD[0] || cmd == PASSWORD_QUESTION[0]) && *pkt == 0)
+        reply= mysql->passwd;
+      else
+        return CR_ERROR;
+    }
+    if (!reply)
+      return CR_ERROR;
+    /* send the reply to the server */
+    res= vio->write_packet(vio, (const unsigned char *) reply, 
+                           strlen(reply) + 1);
+
+    if (res)
+      return CR_ERROR;
+
+    /* repeat unless it was the last question */
+  } while (cmd != LAST_QUESTION[0] && cmd != PASSWORD_QUESTION[0]);
+
+  /* the job of reading the ok/error packet is left to the server */
+  return CR_OK;
+}
+
+
+mysql_declare_client_plugin(AUTHENTICATION)
+  "qa_auth_client",
+  "Horst Hunger",
+  "Dialog Client Authentication Plugin",
+  {0,1,0},
+  "GPL",
+  NULL,
+  NULL,
+  NULL,
+  NULL,
+  test_plugin_client
+mysql_end_client_plugin;

plugin/auth/qa_auth_interface.c

@@ -0,0 +1,262 @@
+/*  Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
+    
+    This program is free software; you can redistribute it and/or
+    modify it under the terms of the GNU General Public License as
+    published by the Free Software Foundation; version 2 of the
+    License.
+    
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+    GNU General Public License for more details.
+    
+    You should have received a copy of the GNU General Public License
+    along with this program; if not, write to the Free Software
+    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
+
+#include <my_global.h>
+#include <mysql/plugin_auth.h>
+#include <mysql/client_plugin.h>
+#include <string.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+/**
+  first byte of the question string is the question "type".
+  It can be a "ordinary" or a "password" question.
+  The last bit set marks a last question in the authentication exchange.
+*/
+#define ORDINARY_QUESTION       "\2"
+#define LAST_QUESTION           "\3"
+#define LAST_PASSWORD           "\4"
+#define PASSWORD_QUESTION       "\5"
+
+/********************* SERVER SIDE ****************************************/
+
+static int qa_auth_interface (MYSQL_PLUGIN_VIO *vio, MYSQL_SERVER_AUTH_INFO *info)
+{
+  unsigned char *pkt;
+  int pkt_len, err= CR_OK;
+
+  /* send a password question */
+  if (vio->write_packet(vio, (const unsigned char *) PASSWORD_QUESTION, 1))
+    return CR_ERROR;
+
+  /* read the answer */
+  if ((pkt_len= vio->read_packet(vio, &pkt)) < 0)
+    return CR_ERROR;
+
+  info->password_used= PASSWORD_USED_YES;
+
+  /* fail if the password is wrong */
+  if (strcmp((const char *) pkt, info->auth_string))
+    return CR_ERROR;
+
+/* Check the contens of components of info */
+  if (strcmp(info->user_name, "qa_test_1_user")== 0)
+  {
+    if (info->user_name_length != 14)
+       err= CR_ERROR;
+    if (strcmp(info->auth_string, "qa_test_1_dest"))
+       err= CR_ERROR;
+    if (info->auth_string_length != 14)
+       err= CR_ERROR;
+/* To be set by the plugin */
+//    if (strcmp(info->authenticated_as, "qa_test_1_user"))
+//       err= CR_ERROR;
+/* To be set by the plugin */
+//    if (strcmp(info->external_user, ""))
+//       err= CR_ERROR;
+    if (info->password_used != PASSWORD_USED_YES)
+       err= CR_ERROR;
+    if (strcmp(info->host_or_ip, "localhost"))
+       err= CR_ERROR;
+    if (info->host_or_ip_length != 9)
+       err= CR_ERROR;
+  }
+/* Assign values to the components of info even if not intended and watch the effect */
+  else if (strcmp(info->user_name, "qa_test_2_user")== 0)
+  {
+    /* Overwriting not intended, but with effect on USER() */
+     strcpy(info->user_name, "user_name");
+     info->user_name_length= 9;
+    /* Overwriting not intended, effect not visible */
+     strcpy((char *)info->auth_string, "auth_string");
+     info->auth_string_length= 11;
+    /* Assign with account for authorization, effect on CURRENT_USER() */
+     strcpy(info->authenticated_as, "authenticated_as");
+    /* Assign with an external account, effect on @@local.EXTERNAL_USER */
+     strcpy(info->external_user, "externaluser");
+    /* Overwriting will cause a core dump */
+//     strcpy(info->host_or_ip, "host_or_ip");
+//     info->host_or_ip_length= 10;
+  }
+/* Invalid, means too high values for length */
+  else if (strcmp(info->user_name, "qa_test_3_user")== 0)
+  {
+/* Original value is 14. Test runs also with higher value. Changes have no effect.*/
+     info->user_name_length= 28;
+     strcpy((char *)info->auth_string, "qa_test_3_dest");
+/* Original value is 14. Test runs also with higher value. Changes have no effect.*/
+     info->auth_string_length= 28;
+     strcpy(info->authenticated_as, info->auth_string);
+     strcpy(info->external_user, info->auth_string);
+  }
+/* Invalid, means too low values for length */
+  else if (strcmp(info->user_name, "qa_test_4_user")== 0)
+  {
+/* Original value is 14. Test runs also with lower value. Changes have no effect.*/
+     info->user_name_length= 8;
+     strcpy((char *)info->auth_string, "qa_test_4_dest");
+/* Original value is 14. Test runs also with lower value. Changes have no effect.*/
+     info->auth_string_length= 8;
+     strcpy(info->authenticated_as, info->auth_string);
+     strcpy(info->external_user, info->auth_string);
+  }
+/* Overwrite with empty values */
+  else if (strcmp(info->user_name, "qa_test_5_user")== 0)  
+  {
+/* This assignment has no effect.*/
+     strcpy(info->user_name, "");
+     info->user_name_length= 0;
+/* This assignment has no effect.*/
+     strcpy((char *)info->auth_string, "");
+     info->auth_string_length= 0;
+/* This assignment caused an error or an "empty" user */
+     strcpy(info->authenticated_as, "");
+/* This assignment has no effect.*/
+     strcpy(info->external_user, "");
+    /* Overwriting will cause a core dump */
+//     strcpy(info->host_or_ip, "");
+//     info->host_or_ip_length= 0;
+  }
+/* Set to 'root' */
+  else if (strcmp(info->user_name, "qa_test_6_user")== 0)
+  {
+     strcpy(info->authenticated_as, "root");
+  }
+  else
+  {
+     err= CR_ERROR;
+  }
+  return err;
+}
+
+static struct st_mysql_auth qa_auth_test_handler=
+{
+  MYSQL_AUTHENTICATION_INTERFACE_VERSION,
+  "qa_auth_interface", /* requires test_plugin client's plugin */
+  qa_auth_interface
+};
+
+mysql_declare_plugin(test_plugin)
+{
+  MYSQL_AUTHENTICATION_PLUGIN,
+  &qa_auth_test_handler,
+  "qa_auth_interface",
+  "Horst Hunger",
+  "plugin API test plugin",
+  PLUGIN_LICENSE_GPL,
+  NULL,
+  NULL,
+  0x0100,
+  NULL,
+  NULL,
+  NULL
+}
+mysql_declare_plugin_end;
+
+/********************* CLIENT SIDE ***************************************/
+/*
+  client plugin used for testing the plugin API
+*/
+#include <mysql.h>
+
+/**
+  The main function of the test plugin.
+
+  Reads the prompt, check if the handshake is done and if the prompt is a
+  password request and returns the password. Otherwise return error.
+
+  @note
+   1. this plugin shows how a client authentication plugin
+      may read a MySQL protocol OK packet internally - which is important
+      where a number of packets is not known in advance.
+   2. the first byte of the prompt is special. it is not
+      shown to the user, but signals whether it is the last question
+      (prompt[0] & 1 == 1) or not last (prompt[0] & 1 == 0),
+      and whether the input is a password (not echoed).
+   3. the prompt is expected to be sent zero-terminated
+*/
+static int test_plugin_client(MYSQL_PLUGIN_VIO *vio, MYSQL *mysql)
+{
+  unsigned char *pkt, cmd= 0;
+  int pkt_len, res;
+  char *reply;
+
+  do
+  {
+    /* read the prompt */
+    pkt_len= vio->read_packet(vio, &pkt);
+    if (pkt_len < 0)
+      return CR_ERROR;
+
+    if (pkt == 0)
+    {
+      /*
+        in mysql_change_user() the client sends the first packet, so
+        the first vio->read_packet() does nothing (pkt == 0).
+
+        We send the "password", assuming the client knows what its doing.
+        (in other words, the dialog plugin should be only set as a default
+        authentication plugin on the client if the first question
+        asks for a password - which will be sent in cleat text, by the way)
+      */
+      reply= mysql->passwd;
+    }
+    else
+    {
+      cmd= *pkt++;
+
+      /* is it MySQL protocol (0=OK or 254=need old password) packet ? */
+      if (cmd == 0 || cmd == 254)
+        return CR_OK_HANDSHAKE_COMPLETE; /* yes. we're done */
+
+      /*
+        asking for a password with an empty prompt means mysql->password
+        otherwise return an error
+      */
+      if ((cmd == LAST_PASSWORD[0] || cmd == PASSWORD_QUESTION[0]) && *pkt == 0)
+        reply= mysql->passwd;
+      else
+        return CR_ERROR;
+    }
+    if (!reply)
+      return CR_ERROR;
+    /* send the reply to the server */
+    res= vio->write_packet(vio, (const unsigned char *) reply, 
+                           strlen(reply) + 1);
+
+    if (res)
+      return CR_ERROR;
+
+    /* repeat unless it was the last question */
+  } while (cmd != LAST_QUESTION[0] && cmd != PASSWORD_QUESTION[0]);
+
+  /* the job of reading the ok/error packet is left to the server */
+  return CR_OK;
+}
+
+
+mysql_declare_client_plugin(AUTHENTICATION)
+  "qa_auth_interface",
+  "Horst Hunger",
+  "Dialog Client Authentication Plugin",
+  {0,1,0},
+  "GPL",
+  NULL,
+  NULL,
+  NULL,
+  NULL,
+  test_plugin_client
+mysql_end_client_plugin;

plugin/auth/qa_auth_server.c

@@ -0,0 +1,87 @@
+/*  Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
+    
+    This program is free software; you can redistribute it and/or
+    modify it under the terms of the GNU General Public License as
+    published by the Free Software Foundation; version 2 of the
+    License.
+    
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+    GNU General Public License for more details.
+    
+    You should have received a copy of the GNU General Public License
+    along with this program; if not, write to the Free Software
+    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
+
+#include <my_global.h>
+#include <mysql/plugin_auth.h>
+#include <mysql/client_plugin.h>
+#include <string.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+/**
+  first byte of the question string is the question "type".
+  It can be a "ordinary" or a "password" question.
+  The last bit set marks a last question in the authentication exchange.
+*/
+#define ORDINARY_QUESTION       "\2"
+#define LAST_QUESTION           "\3"
+#define LAST_PASSWORD           "\4"
+#define PASSWORD_QUESTION       "\5"
+
+/********************* SERVER SIDE ****************************************/
+
+static int qa_auth_interface (MYSQL_PLUGIN_VIO *vio, MYSQL_SERVER_AUTH_INFO *info)
+{
+  unsigned char *pkt;
+  int pkt_len, err= CR_OK;
+
+  /* send a password question */
+  if (vio->write_packet(vio, (const unsigned char *) PASSWORD_QUESTION, 1))
+    return CR_ERROR;
+
+  /* read the answer */
+  if ((pkt_len= vio->read_packet(vio, &pkt)) < 0)
+    return CR_ERROR;
+
+  info->password_used= PASSWORD_USED_YES;
+
+  /* fail if the password is wrong */
+  if (strcmp((const char *) pkt, info->auth_string))
+    return CR_ERROR;
+
+/* Test of default_auth */
+  if (strcmp(info->user_name, "qa_test_11_user")== 0)
+  {
+     strcpy(info->authenticated_as, "qa_test_11_dest");
+  }
+  else
+     err= CR_ERROR;
+  return err;
+}
+
+static struct st_mysql_auth qa_auth_test_handler=
+{
+  MYSQL_AUTHENTICATION_INTERFACE_VERSION,
+  "qa_auth_interface", /* requires test_plugin client's plugin */
+  qa_auth_interface
+};
+
+mysql_declare_plugin(test_plugin)
+{
+  MYSQL_AUTHENTICATION_PLUGIN,
+  &qa_auth_test_handler,
+  "qa_auth_server",
+  "Horst Hunger",
+  "plugin API test plugin",
+  PLUGIN_LICENSE_GPL,
+  NULL,
+  NULL,
+  0x0100,
+  NULL,
+  NULL,
+  NULL
+}
+mysql_declare_plugin_end;