MXS-2111: Use authentication_string when password is empty

If the password field in mysql.user is empty, it is possible that the actual password is stored in the authentication_string field. Most of the time this happens due to MDEV-16774 which causes the password to be stored in the authentication_string field. Also added a test case that verifies the problem and that it is fixed by this commit.
2018-10-26 15:12:54 +03:00
parent 2594a0d913
commit 93b9ed744f
3 changed files with 41 additions and 2 deletions
--- a/server/modules/authenticator/MySQLAuth/dbusers.c
+++ b/server/modules/authenticator/MySQLAuth/dbusers.c
@ -56,11 +56,15 @@
 const char* mariadb_102_users_query =
    // `t` is users that are not roles
    "WITH RECURSIVE t AS ( "
-    "  SELECT u.user, u.host, d.db, u.select_priv, u.password AS password, u.is_role, u.default_role"
+    "  SELECT u.user, u.host, d.db, u.select_priv, "
+    "         IF(u.password <> '', u.password, u.authentication_string) AS password, "
+    "         u.is_role, u.default_role"
    "  FROM mysql.user AS u LEFT JOIN mysql.db AS d "
    "  ON (u.user = d.user AND u.host = d.host) "
    "  UNION "
-    "  SELECT u.user, u.host, t.db, u.select_priv, u.password AS password, u.is_role, u.default_role "
+    "  SELECT u.user, u.host, t.db, u.select_priv, "
+    "         IF(u.password <> '', u.password, u.authentication_string), "
+    "         u.is_role, u.default_role "
    "  FROM mysql.user AS u LEFT JOIN mysql.tables_priv AS t "
    "  ON (u.user = t.user AND u.host = t.host)"
    "), users AS ("