MDEV-17950 SHOW GRANTS FOR does not work for a user identified with non-existing plugin

Revert the side effect of 7c40996cc8.
Do not convert password hash to its binary representation when a user
entry is loaded. Do it lazily on the first authenticatation attempt.

As a collateral - force all authentication plugins to follow the
protocol and read_packet at least once before accessing info->username
(username is not available before first client handshake packet is read).

Fix PAM and GSSAPI plugins to behave.

plugin/auth_gssapi/gssapi_server.cc

@@ -145,7 +145,7 @@ int plugin_deinit()
 }
 
 
-int auth_server(MYSQL_PLUGIN_VIO *vio,const char *user, size_t userlen, int use_full_name)
+int auth_server(MYSQL_PLUGIN_VIO *vio, MYSQL_SERVER_AUTH_INFO *auth_info)
 {
 
   int rc= CR_ERROR; /* return code */
@@ -157,6 +157,9 @@ int auth_server(MYSQL_PLUGIN_VIO *vio,const char *user, size_t userlen, int use_
   gss_name_t client_name;
   gss_buffer_desc client_name_buf, input, output;
   char *client_name_str;
+  const char *user= 0;
+  size_t userlen;
+  int use_full_name;
 
   /* server acquires credential */
   major= gss_acquire_cred(&minor, service_name, GSS_C_INDEFINITE,
@@ -180,6 +183,21 @@ int auth_server(MYSQL_PLUGIN_VIO *vio,const char *user, size_t userlen, int use_
       log_error(0, 0, "fail to read token from client");
       goto cleanup;
     }
+    if (!user)
+    {
+      if (auth_info->auth_string_length > 0)
+      {
+        use_full_name= 1;
+        user= auth_info->auth_string;
+        userlen= auth_info->auth_string_length;
+      }
+      else
+      {
+        use_full_name= 0;
+        user= auth_info->user_name;
+        userlen= auth_info->user_name_length;
+      }
+    }
 
     input.length= len;
     major= gss_accept_sec_context(&minor, &ctxt, cred, &input,