Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-5910

MySQL Bug #16083276 GRANT IS SUCCESSFUL FOR ROOT USER TO MAKE IT AS PAM WITH IDENTIFIED WITH CLAUSE

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Minor
    • Resolution: Won't Fix
    • Affects Version/s: 10.0.9
    • Fix Version/s: N/A
    • Component/s: OTHER
    • Labels:

      Description

      There is no distinct test case for this bug fix, instead other tests were adjusted to work with this fix. They would fail in MariaDB 10.0. Please check if this fix is applicable to MariaDB.

      revno: 5005
      committer: Vamsikrishna Bhagi <vamsikrishna.bhagi@oracle.com>
      branch nick: mysql-5.6
      timestamp: Wed 2013-04-10 12:05:51 +0530
      message:
        Bug #16083276 GRANT IS SUCCESSFUL FOR ROOT USER TO MAKE IT
                      AS PAM WITH IDENTIFIED WITH CLAUSE
       
        Problem: GRANT statement allows 'IDENTIFIED WITH' clause but
                 with a restriction that plugin mentioned in the
                 query should match with the original value of the
                 user. For instance, if a user uses
                 mysql_native_password plugin, GRANT query should
                 have the same plugin in it. This is verified by
                 checking the value of plugin field in mysql.user
                 table. Whenever plugin field is left empty for any
                 particular user, GRANT statement gets confused.
                 The same is observed for root as the root account
                 doesn't have any value in plugin field.
       
                 Along with the raised issue, few inconsistencies
                 between the execution of SET PASSWORD and
                 GRANT using IDENTIFIED BY are found while switching
                 between mysql_native_password and
                 mysql_old_password plugins.
       
        Solution: GRANT statement using the clause IDENTIFIED WITH
                  is no more allowed for existing users since the
                  basic purpose of this clause is to create a user
                  and should rightly throw an error if user is
                  already present.
       
                  Changes are made in the code in such a way that
                  both SET PASSWORD and GRANT using IDENTIFIED BY
                  can be used to switch between
                  mysql_native_password and
                  mysql_old_password plugins. The hashing is
                  determined by the old_passwords variable.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              svoj Sergey Vojtovich
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: