From 521cce7c17ad2bd992a26cc1ab027937d109143e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Markus=20M=C3=A4kel=C3=A4?= <markus.makela@mariadb.com>
Date: Fri, 11 May 2018 13:03:42 +0300
Subject: [PATCH] Refresh users on failed reauthentication

If the reauthentication of a client that is performing a COM_CHANGE_USER
fails, the users need to be reloaded. Without the reloading, the
reauthentication will fail if new users were added after the last loading
of users.
---
 server/modules/authenticator/MySQLAuth/mysql_auth.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/server/modules/authenticator/MySQLAuth/mysql_auth.c b/server/modules/authenticator/MySQLAuth/mysql_auth.c
index 57b6f2fb7..62ea6bb3c 100644
--- a/server/modules/authenticator/MySQLAuth/mysql_auth.c
+++ b/server/modules/authenticator/MySQLAuth/mysql_auth.c
@@ -645,6 +645,11 @@ int mysql_auth_reauthenticate(DCB *dcb, const char *user,
     MYSQL_AUTH *instance = (MYSQL_AUTH*)dcb->listener->auth_instance;
     int rc = validate_mysql_user(instance, dcb, &temp, scramble, scramble_len);
 
+    if (rc != MXS_AUTH_SUCCEEDED && service_refresh_users(dcb->service) == 0)
+    {
+        rc = validate_mysql_user(instance, dcb, &temp, scramble, scramble_len);
+    }
+
     if (rc == MXS_AUTH_SUCCEEDED)
     {
         memcpy(output_token, temp.client_sha1, output_token_len);