Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-25197

The statement set password=password('') executed in PS mode fails in case it is run by a user with expired password

    XMLWordPrintable

    Details

      Description

      A user with an expired password connected to a server can't assign new password with the statement "SET password=..." if the statement is run in PS mode, for example when it is submitted to server via binary protocol.

      Test case is below.

      CREATE USER user1@localhost PASSWORD EXPIRE
      SET GLOBAL disconnect_on_expired_password=OFF;
      connect(con1,localhost,user1);
      connection con1;
      --error ER_MUST_CHANGE_PASSWORD
      select 1;
       
      -- The following statement fails with the error ER_MUST_CHANGE_PASSWORD.
      PREPARE stmt FROM "SET password=password('')";
      

      In case the statement

      SET password=password('');
      

      is run as a regular statement it is executed successfully.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              shulga Dmitry Shulga
              Reporter:
              shulga Dmitry Shulga
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: