From 5f0510225aa149377b8563f6e96b74d05d41f080 Mon Sep 17 00:00:00 2001 From: Sergei Golubchik Date: Mon, 18 Jun 2018 21:00:25 +0200 Subject: [PATCH] MDEV-16238 root/localhost authn prioritizes authentication_string over Password Don't let SET PASSWORD to set the password, if auth_string is set. Now SET PASSWORD always sets the plugin/auth_string fields and clears the password field (on pre-plugin mysql.user table it works as before). --- mysql-test/r/grant2.result | 8 +-- ...plugin-9835.result => set_password.result} | 33 ++++++--- .../r/show_grants_with_plugin-7985.result | 6 +- .../rpl/include/rpl_mixed_check_user.inc | 4 +- mysql-test/suite/rpl/r/rpl_do_grant.result | 14 ++-- .../suite/rpl/r/rpl_innodb_mixed_dml.result | 68 +++++++++---------- mysql-test/suite/rpl/t/rpl_do_grant.test | 8 +-- mysql-test/t/grant2.test | 4 +- ...ord_plugin-9835.test => set_password.test} | 14 ++++ .../t/show_grants_with_plugin-7985.test | 2 +- sql/sql_acl.cc | 13 ++-- .../rpl/r/rpl_tokudb_mixed_dml.result | 68 +++++++++---------- 12 files changed, 138 insertions(+), 104 deletions(-) rename mysql-test/r/{set_password_plugin-9835.result => set_password.result} (75%) rename mysql-test/t/{set_password_plugin-9835.test => set_password.test} (86%) diff --git a/mysql-test/r/grant2.result b/mysql-test/r/grant2.result index d7e42f9b7aa..ffb41c1b5f8 100644 --- a/mysql-test/r/grant2.result +++ b/mysql-test/r/grant2.result @@ -372,8 +372,8 @@ mysqltest_1@127.0.0.1 set password = password('changed'); disconnect b12302; connection default; -select host, length(password) from mysql.user where user like 'mysqltest\_1'; -host length(password) +select host, length(authentication_string) from mysql.user where user like 'mysqltest\_1'; +host length(authentication_string) 127.0.0.1 41 revoke all on mysqltest_1.* from mysqltest_1@'127.0.0.1'; delete from mysql.user where user like 'mysqltest\_1'; @@ -387,8 +387,8 @@ mysqltest_1@127.0.0.0/255.0.0.0 set password = password('changed'); disconnect b12302_2; connection default; -select host, length(password) from mysql.user where user like 'mysqltest\_1'; -host length(password) +select host, length(authentication_string) from mysql.user where user like 'mysqltest\_1'; +host length(authentication_string) 127.0.0.0/255.0.0.0 41 revoke all on mysqltest_1.* from mysqltest_1@'127.0.0.0/255.0.0.0'; delete from mysql.user where user like 'mysqltest\_1'; diff --git a/mysql-test/r/set_password_plugin-9835.result b/mysql-test/r/set_password.result similarity index 75% rename from mysql-test/r/set_password_plugin-9835.result rename to mysql-test/r/set_password.result index 3cc723957d8..f0faeda1974 100644 --- a/mysql-test/r/set_password_plugin-9835.result +++ b/mysql-test/r/set_password.result @@ -11,10 +11,10 @@ select user, host, password, plugin, authentication_string from mysql.user where user host password plugin authentication_string natauth localhost *94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29 newpass localhost *94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29 -newpassnat localhost *94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29 +newpassnat localhost mysql_native_password *94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29 oldauth localhost 378b243e220ca493 oldpass localhost 378b243e220ca493 -oldpassold localhost 378b243e220ca493 +oldpassold localhost mysql_old_password 378b243e220ca493 connect con,localhost,natauth,test,; select current_user(); current_user() @@ -86,12 +86,12 @@ set password for oldpass@localhost = PASSWORD('test2'); set password for oldpassold@localhost = PASSWORD('test2'); select user, host, password, plugin, authentication_string from mysql.user where user != 'root'; user host password plugin authentication_string -natauth localhost *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E -newpass localhost *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E -newpassnat localhost *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E -oldauth localhost *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E -oldpass localhost *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E -oldpassold localhost *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E +natauth localhost mysql_native_password *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E +newpass localhost mysql_native_password *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E +newpassnat localhost mysql_native_password *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E +oldauth localhost mysql_native_password *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E +oldpass localhost mysql_native_password *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E +oldpassold localhost mysql_native_password *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E connect con,localhost,natauth,test2,; select current_user(); current_user() @@ -158,3 +158,20 @@ connection default; drop user natauth@localhost, newpass@localhost, newpassnat@localhost; drop user oldauth@localhost, oldpass@localhost, oldpassold@localhost; set global secure_auth=default; +create user foo@localhost identified with mysql_native_password; +update mysql.user set authentication_string=password('foo'), plugin='mysql_native_password' where user='foo' and host='localhost'; +set password for 'foo'@'localhost' = password('bar'); +flush privileges; +connect foo, localhost, foo, bar; +select user(), current_user(); +user() current_user() +foo@localhost foo@localhost +show grants; +Grants for foo@localhost +GRANT USAGE ON *.* TO 'foo'@'localhost' IDENTIFIED BY PASSWORD '*E8D46CE25265E545D225A8A6F1BAF642FEBEE5CB' +disconnect foo; +connection default; +select user,host,password,plugin,authentication_string from mysql.user where user='foo'; +user host password plugin authentication_string +foo localhost mysql_native_password *E8D46CE25265E545D225A8A6F1BAF642FEBEE5CB +drop user foo@localhost; diff --git a/mysql-test/r/show_grants_with_plugin-7985.result b/mysql-test/r/show_grants_with_plugin-7985.result index 81880e5cc40..0f8e1e39969 100644 --- a/mysql-test/r/show_grants_with_plugin-7985.result +++ b/mysql-test/r/show_grants_with_plugin-7985.result @@ -71,7 +71,7 @@ connection default; set password for u1 = PASSWORD('SOMETHINGELSE'); select user, host, password, plugin, authentication_string from mysql.user where user = 'u1'; user host password plugin authentication_string -u1 % *054B7BBD2B9A553DA560520DCD3F76DA2D81B7C6 +u1 % mysql_native_password *054B7BBD2B9A553DA560520DCD3F76DA2D81B7C6 # # Here we should use the password field, as that primes over # the authentication_string field. @@ -112,7 +112,7 @@ connection default; # Now we remove the authentication plugin password, flush privileges and # try again. # -update mysql.user set authentication_string = '' where user='u1'; +update mysql.user set password=authentication_string, plugin='', authentication_string='' where user='u1'; select user, host, password, plugin, authentication_string from mysql.user where user = 'u1'; user host password plugin authentication_string u1 % *054B7BBD2B9A553DA560520DCD3F76DA2D81B7C6 @@ -172,7 +172,7 @@ connection default; set password for u1 = ''; select user, host, password, plugin, authentication_string from mysql.user where user = 'u1'; user host password plugin authentication_string -u1 % +u1 % mysql_native_password # # Test no password connect. # diff --git a/mysql-test/suite/rpl/include/rpl_mixed_check_user.inc b/mysql-test/suite/rpl/include/rpl_mixed_check_user.inc index 8bf5a4eea1e..548fdf789da 100644 --- a/mysql-test/suite/rpl/include/rpl_mixed_check_user.inc +++ b/mysql-test/suite/rpl/include/rpl_mixed_check_user.inc @@ -5,9 +5,9 @@ # Requirements: ######################################### -SELECT host, user, password, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; +SELECT host, user, password, plugin, authentication_string, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; sync_slave_with_master; USE test_rpl; -SELECT host, user, password, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; +SELECT host, user, password, plugin, authentication_string, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; connection master; diff --git a/mysql-test/suite/rpl/r/rpl_do_grant.result b/mysql-test/suite/rpl/r/rpl_do_grant.result index aed8bba3bc0..9eca21b38e4 100644 --- a/mysql-test/suite/rpl/r/rpl_do_grant.result +++ b/mysql-test/suite/rpl/r/rpl_do_grant.result @@ -20,21 +20,21 @@ GRANT DROP ON `test`.* TO 'rpl_do_grant'@'localhost' connection master; set password for rpl_do_grant@localhost=password("does it work?"); connection slave; -select password<>_binary'' from mysql.user where user=_binary'rpl_do_grant'; -password<>_binary'' +select authentication_string<>_binary'' from mysql.user where user=_binary'rpl_do_grant'; +authentication_string<>_binary'' 1 connection master; -update mysql.user set password='' where user='rpl_do_grant'; +update mysql.user set authentication_string='' where user='rpl_do_grant'; flush privileges; -select password<>'' from mysql.user where user='rpl_do_grant'; -password<>'' +select authentication_string<>'' from mysql.user where user='rpl_do_grant'; +authentication_string<>'' 0 set sql_mode='ANSI_QUOTES'; set password for rpl_do_grant@localhost=password('does it work?'); set sql_mode=''; connection slave; -select password<>'' from mysql.user where user='rpl_do_grant'; -password<>'' +select authentication_string<>'' from mysql.user where user='rpl_do_grant'; +authentication_string<>'' 1 connection master; delete from mysql.user where user=_binary'rpl_do_grant'; diff --git a/mysql-test/suite/rpl/r/rpl_innodb_mixed_dml.result b/mysql-test/suite/rpl/r/rpl_innodb_mixed_dml.result index 1f6a9370090..24ce8899e2c 100644 --- a/mysql-test/suite/rpl/r/rpl_innodb_mixed_dml.result +++ b/mysql-test/suite/rpl/r/rpl_innodb_mixed_dml.result @@ -480,72 +480,72 @@ SET TRANSACTION ISOLATION LEVEL SERIALIZABLE; ******************** CREATE USER ******************** CREATE USER 'user_test_rpl'@'localhost' IDENTIFIED BY PASSWORD '*1111111111111111111111111111111111111111'; -SELECT host, user, password, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; -host user password select_priv -localhost user_test_rpl *1111111111111111111111111111111111111111 N +SELECT host, user, password, plugin, authentication_string, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; +host user password plugin authentication_string select_priv +localhost user_test_rpl *1111111111111111111111111111111111111111 N connection slave; USE test_rpl; -SELECT host, user, password, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; -host user password select_priv -localhost user_test_rpl *1111111111111111111111111111111111111111 N +SELECT host, user, password, plugin, authentication_string, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; +host user password plugin authentication_string select_priv +localhost user_test_rpl *1111111111111111111111111111111111111111 N connection master; ******************** GRANT ******************** GRANT SELECT ON *.* TO 'user_test_rpl'@'localhost'; -SELECT host, user, password, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; -host user password select_priv -localhost user_test_rpl *1111111111111111111111111111111111111111 Y +SELECT host, user, password, plugin, authentication_string, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; +host user password plugin authentication_string select_priv +localhost user_test_rpl *1111111111111111111111111111111111111111 Y connection slave; USE test_rpl; -SELECT host, user, password, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; -host user password select_priv -localhost user_test_rpl *1111111111111111111111111111111111111111 Y +SELECT host, user, password, plugin, authentication_string, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; +host user password plugin authentication_string select_priv +localhost user_test_rpl *1111111111111111111111111111111111111111 Y connection master; ******************** REVOKE ******************** REVOKE SELECT ON *.* FROM 'user_test_rpl'@'localhost'; -SELECT host, user, password, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; -host user password select_priv -localhost user_test_rpl *1111111111111111111111111111111111111111 N +SELECT host, user, password, plugin, authentication_string, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; +host user password plugin authentication_string select_priv +localhost user_test_rpl *1111111111111111111111111111111111111111 N connection slave; USE test_rpl; -SELECT host, user, password, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; -host user password select_priv -localhost user_test_rpl *1111111111111111111111111111111111111111 N +SELECT host, user, password, plugin, authentication_string, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; +host user password plugin authentication_string select_priv +localhost user_test_rpl *1111111111111111111111111111111111111111 N connection master; ******************** SET PASSWORD ******************** SET PASSWORD FOR 'user_test_rpl'@'localhost' = '*0000000000000000000000000000000000000000'; -SELECT host, user, password, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; -host user password select_priv -localhost user_test_rpl *0000000000000000000000000000000000000000 N +SELECT host, user, password, plugin, authentication_string, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; +host user password plugin authentication_string select_priv +localhost user_test_rpl mysql_native_password *0000000000000000000000000000000000000000 N connection slave; USE test_rpl; -SELECT host, user, password, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; -host user password select_priv -localhost user_test_rpl *0000000000000000000000000000000000000000 N +SELECT host, user, password, plugin, authentication_string, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; +host user password plugin authentication_string select_priv +localhost user_test_rpl mysql_native_password *0000000000000000000000000000000000000000 N connection master; ******************** RENAME USER ******************** RENAME USER 'user_test_rpl'@'localhost' TO 'user_test_rpl_2'@'localhost'; -SELECT host, user, password, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; -host user password select_priv -localhost user_test_rpl_2 *0000000000000000000000000000000000000000 N +SELECT host, user, password, plugin, authentication_string, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; +host user password plugin authentication_string select_priv +localhost user_test_rpl_2 mysql_native_password *0000000000000000000000000000000000000000 N connection slave; USE test_rpl; -SELECT host, user, password, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; -host user password select_priv -localhost user_test_rpl_2 *0000000000000000000000000000000000000000 N +SELECT host, user, password, plugin, authentication_string, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; +host user password plugin authentication_string select_priv +localhost user_test_rpl_2 mysql_native_password *0000000000000000000000000000000000000000 N connection master; ******************** DROP USER ******************** DROP USER 'user_test_rpl_2'@'localhost'; -SELECT host, user, password, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; -host user password select_priv +SELECT host, user, password, plugin, authentication_string, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; +host user password plugin authentication_string select_priv connection slave; USE test_rpl; -SELECT host, user, password, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; -host user password select_priv +SELECT host, user, password, plugin, authentication_string, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; +host user password plugin authentication_string select_priv connection master; INSERT INTO t1 VALUES(100, 'test'); diff --git a/mysql-test/suite/rpl/t/rpl_do_grant.test b/mysql-test/suite/rpl/t/rpl_do_grant.test index 83b9a84744f..0024c7039e4 100644 --- a/mysql-test/suite/rpl/t/rpl_do_grant.test +++ b/mysql-test/suite/rpl/t/rpl_do_grant.test @@ -27,20 +27,20 @@ show grants for rpl_do_grant@localhost; connection master; set password for rpl_do_grant@localhost=password("does it work?"); sync_slave_with_master; -select password<>_binary'' from mysql.user where user=_binary'rpl_do_grant'; +select authentication_string<>_binary'' from mysql.user where user=_binary'rpl_do_grant'; # # Bug#24158 SET PASSWORD in binary log fails under ANSI_QUOTES # connection master; -update mysql.user set password='' where user='rpl_do_grant'; +update mysql.user set authentication_string='' where user='rpl_do_grant'; flush privileges; -select password<>'' from mysql.user where user='rpl_do_grant'; +select authentication_string<>'' from mysql.user where user='rpl_do_grant'; set sql_mode='ANSI_QUOTES'; set password for rpl_do_grant@localhost=password('does it work?'); set sql_mode=''; sync_slave_with_master; -select password<>'' from mysql.user where user='rpl_do_grant'; +select authentication_string<>'' from mysql.user where user='rpl_do_grant'; # clear what we have done, to not influence other tests. diff --git a/mysql-test/t/grant2.test b/mysql-test/t/grant2.test index cee5df089df..1f7450df6c1 100644 --- a/mysql-test/t/grant2.test +++ b/mysql-test/t/grant2.test @@ -385,7 +385,7 @@ select current_user(); set password = password('changed'); disconnect b12302; connection default; -select host, length(password) from mysql.user where user like 'mysqltest\_1'; +select host, length(authentication_string) from mysql.user where user like 'mysqltest\_1'; revoke all on mysqltest_1.* from mysqltest_1@'127.0.0.1'; delete from mysql.user where user like 'mysqltest\_1'; flush privileges; @@ -396,7 +396,7 @@ select current_user(); set password = password('changed'); disconnect b12302_2; connection default; -select host, length(password) from mysql.user where user like 'mysqltest\_1'; +select host, length(authentication_string) from mysql.user where user like 'mysqltest\_1'; revoke all on mysqltest_1.* from mysqltest_1@'127.0.0.0/255.0.0.0'; delete from mysql.user where user like 'mysqltest\_1'; flush privileges; diff --git a/mysql-test/t/set_password_plugin-9835.test b/mysql-test/t/set_password.test similarity index 86% rename from mysql-test/t/set_password_plugin-9835.test rename to mysql-test/t/set_password.test index 6afccd74f9d..4d8010d3b25 100644 --- a/mysql-test/t/set_password_plugin-9835.test +++ b/mysql-test/t/set_password.test @@ -129,3 +129,17 @@ drop user natauth@localhost, newpass@localhost, newpassnat@localhost; drop user oldauth@localhost, oldpass@localhost, oldpassold@localhost; set global secure_auth=default; +# +# MDEV-16238 root/localhost authn prioritizes authentication_string over Password +# +create user foo@localhost identified with mysql_native_password; +update mysql.user set authentication_string=password('foo'), plugin='mysql_native_password' where user='foo' and host='localhost'; +set password for 'foo'@'localhost' = password('bar'); +flush privileges; +--connect foo, localhost, foo, bar +select user(), current_user(); +show grants; +--disconnect foo +--connection default +select user,host,password,plugin,authentication_string from mysql.user where user='foo'; +drop user foo@localhost; diff --git a/mysql-test/t/show_grants_with_plugin-7985.test b/mysql-test/t/show_grants_with_plugin-7985.test index 84f71c72667..85952870254 100644 --- a/mysql-test/t/show_grants_with_plugin-7985.test +++ b/mysql-test/t/show_grants_with_plugin-7985.test @@ -91,7 +91,7 @@ show grants; --echo # Now we remove the authentication plugin password, flush privileges and --echo # try again. --echo # -update mysql.user set authentication_string = '' where user='u1'; +update mysql.user set password=authentication_string, plugin='', authentication_string='' where user='u1'; select user, host, password, plugin, authentication_string from mysql.user where user = 'u1'; flush privileges; show grants for u1; diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index 04191a0c8c8..d550aa1feb8 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -3919,13 +3919,16 @@ static bool update_user_table(THD *thd, const User_table& user_table, DBUG_RETURN(1); /* purecov: deadcode */ } store_record(table,record[1]); - /* If the password column is missing, we use the - authentication_string column. */ - if (user_table.password()) - user_table.password()->store(new_password, new_password_len, system_charset_info); - else + + if (user_table.plugin()) + { set_authentication_plugin_from_password(user_table, new_password, new_password_len); + new_password_len= 0; + } + + if (user_table.password()) + user_table.password()->store(new_password, new_password_len, system_charset_info); if ((error=table->file->ha_update_row(table->record[1],table->record[0])) && diff --git a/storage/tokudb/mysql-test/rpl/r/rpl_tokudb_mixed_dml.result b/storage/tokudb/mysql-test/rpl/r/rpl_tokudb_mixed_dml.result index 7f8b9dd5104..a5060d9e3bf 100644 --- a/storage/tokudb/mysql-test/rpl/r/rpl_tokudb_mixed_dml.result +++ b/storage/tokudb/mysql-test/rpl/r/rpl_tokudb_mixed_dml.result @@ -483,72 +483,72 @@ SET TRANSACTION ISOLATION LEVEL SERIALIZABLE; ******************** CREATE USER ******************** CREATE USER 'user_test_rpl'@'localhost' IDENTIFIED BY PASSWORD '*1111111111111111111111111111111111111111'; -SELECT host, user, password, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; -host user password select_priv -localhost user_test_rpl *1111111111111111111111111111111111111111 N +SELECT host, user, password, plugin, authentication_string, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; +host user password plugin authentication_string select_priv +localhost user_test_rpl *1111111111111111111111111111111111111111 N connection slave; USE test_rpl; -SELECT host, user, password, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; -host user password select_priv -localhost user_test_rpl *1111111111111111111111111111111111111111 N +SELECT host, user, password, plugin, authentication_string, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; +host user password plugin authentication_string select_priv +localhost user_test_rpl *1111111111111111111111111111111111111111 N connection master; ******************** GRANT ******************** GRANT SELECT ON *.* TO 'user_test_rpl'@'localhost'; -SELECT host, user, password, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; -host user password select_priv -localhost user_test_rpl *1111111111111111111111111111111111111111 Y +SELECT host, user, password, plugin, authentication_string, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; +host user password plugin authentication_string select_priv +localhost user_test_rpl *1111111111111111111111111111111111111111 Y connection slave; USE test_rpl; -SELECT host, user, password, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; -host user password select_priv -localhost user_test_rpl *1111111111111111111111111111111111111111 Y +SELECT host, user, password, plugin, authentication_string, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; +host user password plugin authentication_string select_priv +localhost user_test_rpl *1111111111111111111111111111111111111111 Y connection master; ******************** REVOKE ******************** REVOKE SELECT ON *.* FROM 'user_test_rpl'@'localhost'; -SELECT host, user, password, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; -host user password select_priv -localhost user_test_rpl *1111111111111111111111111111111111111111 N +SELECT host, user, password, plugin, authentication_string, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; +host user password plugin authentication_string select_priv +localhost user_test_rpl *1111111111111111111111111111111111111111 N connection slave; USE test_rpl; -SELECT host, user, password, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; -host user password select_priv -localhost user_test_rpl *1111111111111111111111111111111111111111 N +SELECT host, user, password, plugin, authentication_string, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; +host user password plugin authentication_string select_priv +localhost user_test_rpl *1111111111111111111111111111111111111111 N connection master; ******************** SET PASSWORD ******************** SET PASSWORD FOR 'user_test_rpl'@'localhost' = '*0000000000000000000000000000000000000000'; -SELECT host, user, password, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; -host user password select_priv -localhost user_test_rpl *0000000000000000000000000000000000000000 N +SELECT host, user, password, plugin, authentication_string, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; +host user password plugin authentication_string select_priv +localhost user_test_rpl mysql_native_password *0000000000000000000000000000000000000000 N connection slave; USE test_rpl; -SELECT host, user, password, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; -host user password select_priv -localhost user_test_rpl *0000000000000000000000000000000000000000 N +SELECT host, user, password, plugin, authentication_string, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; +host user password plugin authentication_string select_priv +localhost user_test_rpl mysql_native_password *0000000000000000000000000000000000000000 N connection master; ******************** RENAME USER ******************** RENAME USER 'user_test_rpl'@'localhost' TO 'user_test_rpl_2'@'localhost'; -SELECT host, user, password, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; -host user password select_priv -localhost user_test_rpl_2 *0000000000000000000000000000000000000000 N +SELECT host, user, password, plugin, authentication_string, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; +host user password plugin authentication_string select_priv +localhost user_test_rpl_2 mysql_native_password *0000000000000000000000000000000000000000 N connection slave; USE test_rpl; -SELECT host, user, password, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; -host user password select_priv -localhost user_test_rpl_2 *0000000000000000000000000000000000000000 N +SELECT host, user, password, plugin, authentication_string, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; +host user password plugin authentication_string select_priv +localhost user_test_rpl_2 mysql_native_password *0000000000000000000000000000000000000000 N connection master; ******************** DROP USER ******************** DROP USER 'user_test_rpl_2'@'localhost'; -SELECT host, user, password, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; -host user password select_priv +SELECT host, user, password, plugin, authentication_string, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; +host user password plugin authentication_string select_priv connection slave; USE test_rpl; -SELECT host, user, password, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; -host user password select_priv +SELECT host, user, password, plugin, authentication_string, select_priv FROM mysql.user WHERE user LIKE 'user_test_rpl%'; +host user password plugin authentication_string select_priv connection master; INSERT INTO t1 VALUES(100, 'test');