Use the hostname with which the user authenticated when determining which

user to update with 'SET PASSWORD = ...'. (Bug #12302)


mysql-test/r/grant2.result:
  Add new results
mysql-test/t/grant2.test:
  Add new tests
sql/set_var.cc:
  Pass priv_host into check_change_password().
sql/sql_acl.cc:
  Add exact flag for find_acl_user, so we can specify that we want
  an exact match on the hostname.

mysql-test/r/grant2.result

@@ -94,5 +94,31 @@ i
 2
 3
 REVOKE ALL ON mysqltest_1.t1 FROM mysqltest_1@'127.0.0.0/255.0.0.0';
+delete from mysql.user where user like 'mysqltest\_1';
+flush privileges;
 drop table mysqltest_1.t1;
+grant all on mysqltest_1.* to mysqltest_1@'127.0.0.1';
+select current_user();
+current_user()
+mysqltest_1@127.0.0.1
+set password = password('changed');
+select host, length(password) from mysql.user where user like 'mysqltest\_1';
+host	length(password)
+127.0.0.1	41
+revoke all on mysqltest_1.* from mysqltest_1@'127.0.0.1';
+delete from mysql.user where user like 'mysqltest\_1';
+flush privileges;
+grant all on mysqltest_1.* to mysqltest_1@'127.0.0.0/255.0.0.0';
+select current_user();
+current_user()
+mysqltest_1@127.0.0.0/255.0.0.0
+set password = password('changed');
+select host, length(password) from mysql.user where user like 'mysqltest\_1';
+host	length(password)
+127.0.0.0/255.0.0.0	41
+revoke all on mysqltest_1.* from mysqltest_1@'127.0.0.0/255.0.0.0';
+delete from mysql.user where user like 'mysqltest\_1';
+flush privileges;
 drop database mysqltest_1;
+set password = password("changed");
+ERROR 42000: Access denied for user ''@'localhost' to database 'mysql'

mysql-test/t/grant2.test

@@ -122,7 +122,45 @@ select * from t1;
 disconnect n1;
 connection default;
 REVOKE ALL ON mysqltest_1.t1 FROM mysqltest_1@'127.0.0.0/255.0.0.0';
+delete from mysql.user where user like 'mysqltest\_1';
+flush privileges;
 drop table mysqltest_1.t1;
+
+#
+# Bug #12302: 'SET PASSWORD = ...' didn't work if connecting hostname !=
+# hostname the current user is authenticated as. Note that a test for this
+# was also added to the test above.
+#
+grant all on mysqltest_1.* to mysqltest_1@'127.0.0.1';
+connect (b12302,127.0.0.1,mysqltest_1,,mysqltest_1,$MASTER_MYPORT,);
+connection b12302;
+select current_user();
+set password = password('changed');
+disconnect b12302;
+connection default;
+select host, length(password) from mysql.user where user like 'mysqltest\_1';
+revoke all on mysqltest_1.* from mysqltest_1@'127.0.0.1';
+delete from mysql.user where user like 'mysqltest\_1';
+flush privileges;
+grant all on mysqltest_1.* to mysqltest_1@'127.0.0.0/255.0.0.0';
+connect (b12302_2,127.0.0.1,mysqltest_1,,mysqltest_1,$MASTER_MYPORT,);
+connection b12302_2;
+select current_user();
+set password = password('changed');
+disconnect b12302_2;
+connection default;
+select host, length(password) from mysql.user where user like 'mysqltest\_1';
+revoke all on mysqltest_1.* from mysqltest_1@'127.0.0.0/255.0.0.0';
+delete from mysql.user where user like 'mysqltest\_1';
+flush privileges;
 drop database mysqltest_1;
 
+# But anonymous users can't change their password
+connect (n5,localhost,test,,test,$MASTER_MYPORT,$MASTER_MYSOCK);
+connection n5;
+--error 1044
+set password = password("changed");
+disconnect n5;
+connection default;
+
 # End of 4.1 tests