database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-07-30 16:24:05 +03:00
Code Activity

don't consider the password "expired" if authentication is passwordless

Browse Source
This commit is contained in:
Sergei Golubchik
2019-02-19 01:03:16 +01:00
parent 1e6210161d
commit a94b20a8e0
3 changed files with 35 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
sql/sql_acl.cc
View File

@ -13843,8 +13843,9 @@ bool acl_authenticate(THD *thd, uint com_change_user_pkt_len)
bool client_can_handle_exp_pass= thd->client_capabilities &
CLIENT_CAN_HANDLE_EXPIRED_PASSWORDS;
bool password_expired= acl_user->password_expired ||
check_password_lifetime(thd, *acl_user);
bool password_expired= thd->password != PASSWORD_USED_NO_MENTION
&& (acl_user->password_expired ||
check_password_lifetime(thd, *acl_user));
if (!client_can_handle_exp_pass && disconnect_on_expired_password &&
password_expired)