revno: 5005

committer: Vamsikrishna Bhagi <vamsikrishna.bhagi@oracle.com>

branch nick: mysql-5.6

timestamp: Wed 2013-04-10 12:05:51 +0530

message:

  Bug #16083276 GRANT IS SUCCESSFUL FOR ROOT USER TO MAKE IT

                AS PAM WITH IDENTIFIED WITH CLAUSE

  Problem: GRANT statement allows 'IDENTIFIED WITH' clause but

           with a restriction that plugin mentioned in the

           query should match with the original value of the

           user. For instance, if a user uses

           mysql_native_password plugin, GRANT query should

           have the same plugin in it. This is verified by

           checking the value of plugin field in mysql.user

           table. Whenever plugin field is left empty for any

           particular user, GRANT statement gets confused.

           The same is observed for root as the root account

           doesn't have any value in plugin field.

           Along with the raised issue, few inconsistencies

           between the execution of SET PASSWORD and

           GRANT using IDENTIFIED BY are found while switching

           between mysql_native_password and

           mysql_old_password plugins.

  Solution: GRANT statement using the clause IDENTIFIED WITH

            is no more allowed for existing users since the

            basic purpose of this clause is to create a user

            and should rightly throw an error if user is

            already present.

            Changes are made in the code in such a way that

            both SET PASSWORD and GRANT using IDENTIFIED BY

            can be used to switch between

            mysql_native_password and

            mysql_old_password plugins. The hashing is

            determined by the old_passwords variable.