database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-07-29 05:21:33 +03:00
Code Activity

MDEV-16238 root/localhost authn prioritizes authentication_string over Password

Browse Source 
Don't let SET PASSWORD to set the password, if auth_string is set.

Now SET PASSWORD always sets the plugin/auth_string fields and clears
the password field (on pre-plugin mysql.user table it works as before).
This commit is contained in:
Sergei Golubchik
2018-06-18 21:00:25 +02:00
parent b4db59ba47
commit 5f0510225a
12 changed files with 138 additions and 104 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
sql/sql_acl.cc
View File

@ -3919,13 +3919,16 @@ static bool update_user_table(THD *thd, const User_table& user_table,
DBUG_RETURN(1); /* purecov: deadcode */
}
store_record(table,record[1]);
/* If the password column is missing, we use the
authentication_string column. */
if (user_table.password())
user_table.password()->store(new_password, new_password_len, system_charset_info);
else
if (user_table.plugin())
{
set_authentication_plugin_from_password(user_table, new_password,
new_password_len);
new_password_len= 0;
}
if (user_table.password())
user_table.password()->store(new_password, new_password_len, system_charset_info);
if ((error=table->file->ha_update_row(table->record[1],table->record[0])) &&