database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-07-30 16:24:05 +03:00
Code Activity

MDEV-17950 SHOW GRANTS FOR does not work for a user identified with non-existing plugin

Browse Source 
Revert the side effect of 7c40996cc8.
Do not convert password hash to its binary representation when a user
entry is loaded. Do it lazily on the first authenticatation attempt.

As a collateral - force all authentication plugins to follow the
protocol and read_packet at least once before accessing info->username
(username is not available before first client handshake packet is read).

Fix PAM and GSSAPI plugins to behave.
This commit is contained in:
Sergei Golubchik
2019-01-12 15:56:25 +01:00
parent 3742f6f9aa
commit c94ec9fc67
13 changed files with 186 additions and 145 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
mysql-test/main/grant5.test
View File

@ -66,29 +66,21 @@ update mysql.global_priv set priv=json_set(priv, '$.authentication_string', 'bad
update mysql.global_priv set priv=json_set(priv, '$.authentication_string', 'bad') where user='u5';
update mysql.global_priv set priv=json_set(priv, '$.plugin', 'nonexistent') where user='u8';
flush privileges;
# invalid entries are skipped, users don't exist
error ER_PASSWORD_NO_MATCH;
show create user u1@h;
show create user u2@h;
show create user u3@h;
show create user u4@h;
error ER_PASSWORD_NO_MATCH;
show create user u5@h;
show create user u6@h;
show create user u7@h;
error ER_PASSWORD_NO_MATCH;
show create user u8@h;
#grants don't work either
error ER_PASSWORD_NO_MATCH;
grant select on *.* to u1@h;
grant select on *.* to u2@h;
grant select on *.* to u3@h;
grant select on *.* to u4@h;
error ER_PASSWORD_NO_MATCH;
grant select on *.* to u5@h;
grant select on *.* to u6@h;
grant select on *.* to u7@h;
error ER_PASSWORD_NO_MATCH;
grant select on *.* to u8@h;
select user,select_priv,plugin,authentication_string from mysql.user where user like 'u_';