From e7e40b0179f135c753cab88573f27f1d08adbb97 Mon Sep 17 00:00:00 2001
From: Johan Wikman <johan.wikman@mariadb.com>
Date: Mon, 7 Oct 2019 14:33:53 +0300
Subject: [PATCH] MXS-2713 Classify SET PASSWORD as QUERY_TYPE_WRITE

A change of the password is replicated to the slaves, so it
must only be sent to the master.
---
 .../qc_mysqlembedded/qc_mysqlembedded.cc      | 44 ++++++++++++-------
 query_classifier/qc_sqlite/qc_sqlite.cc       | 10 +++++
 .../qc_sqlite/sqlite-src-3110100/src/parse.y  |  2 +-
 .../sqlite-src-3110100/tool/mkkeywordhash.c   |  1 +
 query_classifier/test/maxscale.test           |  3 ++
 5 files changed, 42 insertions(+), 18 deletions(-)

diff --git a/query_classifier/qc_mysqlembedded/qc_mysqlembedded.cc b/query_classifier/qc_mysqlembedded/qc_mysqlembedded.cc
index 2d2e2f93e..3913d0a82 100644
--- a/query_classifier/qc_mysqlembedded/qc_mysqlembedded.cc
+++ b/query_classifier/qc_mysqlembedded/qc_mysqlembedded.cc
@@ -854,31 +854,41 @@ static uint32_t resolve_query_type(parsing_info_t* pi, THD* thd)
          */
         else if (lex->sql_command == SQLCOM_SET_OPTION)
         {
-            type |= QUERY_TYPE_SESSION_WRITE;
-
-            if (get_set_type(pi->pi_query_plain_str) == SET_TYPE_UNKNOWN)
+            switch (get_set_type(pi->pi_query_plain_str))
             {
-                /** Either user- or system variable write */
-                List_iterator<set_var_base> ilist(lex->var_list);
-                size_t n = 0;
+            case SET_TYPE_PASSWORD:
+                type |= QUERY_TYPE_WRITE;
+                break;
 
-                while (set_var_base* var = ilist++)
+            case SET_TYPE_UNKNOWN:
                 {
-                    if (var->is_system())
+                    type |= QUERY_TYPE_SESSION_WRITE;
+                    /** Either user- or system variable write */
+                    List_iterator<set_var_base> ilist(lex->var_list);
+                    size_t n = 0;
+
+                    while (set_var_base* var = ilist++)
+                    {
+                        if (var->is_system())
+                        {
+                            type |= QUERY_TYPE_GSYSVAR_WRITE;
+                        }
+                        else
+                        {
+                            type |= QUERY_TYPE_USERVAR_WRITE;
+                        }
+                        ++n;
+                    }
+
+                    if (n == 0)
                     {
                         type |= QUERY_TYPE_GSYSVAR_WRITE;
                     }
-                    else
-                    {
-                        type |= QUERY_TYPE_USERVAR_WRITE;
-                    }
-                    ++n;
                 }
+                break;
 
-                if (n == 0)
-                {
-                    type |= QUERY_TYPE_GSYSVAR_WRITE;
-                }
+            default:
+                type |= QUERY_TYPE_SESSION_WRITE;
             }
         }
         else
diff --git a/query_classifier/qc_sqlite/qc_sqlite.cc b/query_classifier/qc_sqlite/qc_sqlite.cc
index e86d9e414..42acdc8ec 100644
--- a/query_classifier/qc_sqlite/qc_sqlite.cc
+++ b/query_classifier/qc_sqlite/qc_sqlite.cc
@@ -2730,6 +2730,13 @@ public:
                 }
                 break;
 
+            case TK_SET:
+                if (m_keyword_2 == TK_PASSWORD)
+                {
+                    m_type_mask = QUERY_TYPE_WRITE;
+                }
+                break;
+
             case TK_START:
                 switch (m_keyword_2)
                 {
@@ -2932,6 +2939,9 @@ public:
                                 && pVariable->op == TK_ID
                                 && strcasecmp(pVariable->u.zToken, "password") == 0)
                             {
+                                // Even though SET PASSWORD looks like a session command it
+                                // is not, the password change will be replicated to slaves.
+                                m_type_mask = QUERY_TYPE_WRITE;
                                 // Ok, it was, so we break out.
                                 i = pList->nExpr;
                                 break;
diff --git a/query_classifier/qc_sqlite/sqlite-src-3110100/src/parse.y b/query_classifier/qc_sqlite/sqlite-src-3110100/src/parse.y
index 0537d09f7..755ee9d5f 100644
--- a/query_classifier/qc_sqlite/sqlite-src-3110100/src/parse.y
+++ b/query_classifier/qc_sqlite/sqlite-src-3110100/src/parse.y
@@ -633,7 +633,7 @@ columnid(A) ::= nm(X). {
   NAMES NEXT
   NO
   OF OFFSET OPEN
-  PARTITIONS PREVIOUS
+  PARTITIONS PASSWORD PREVIOUS
   QUICK
   RAISE RECURSIVE /*REINDEX*/ RELEASE /*RENAME*/ /*REPLACE*/ RESTRICT ROLLBACK ROLLUP ROW
   SAVEPOINT SELECT_OPTIONS_KW /*SEQUENCE*/ SLAVE /*START*/ STATEMENT STATUS
diff --git a/query_classifier/qc_sqlite/sqlite-src-3110100/tool/mkkeywordhash.c b/query_classifier/qc_sqlite/sqlite-src-3110100/tool/mkkeywordhash.c
index bd813c1bc..fb224da7a 100644
--- a/query_classifier/qc_sqlite/sqlite-src-3110100/tool/mkkeywordhash.c
+++ b/query_classifier/qc_sqlite/sqlite-src-3110100/tool/mkkeywordhash.c
@@ -380,6 +380,7 @@ static Keyword aKeywordTable[] = {
 #ifdef MAXSCALE
   { "PARTITION",        "TK_PARTITION",    ALWAYS                 },
   { "PARTITIONS",       "TK_PARTITIONS",   ALWAYS                 },
+  { "PASSWORD",         "TK_PASSWORD",     ALWAYS                 },
   { "PERSISTENT",       "TK_PERSISTENT",   ALWAYS                 },
 #endif
 #ifndef MAXSCALE
diff --git a/query_classifier/test/maxscale.test b/query_classifier/test/maxscale.test
index a94d7ad11..ada173a15 100644
--- a/query_classifier/test/maxscale.test
+++ b/query_classifier/test/maxscale.test
@@ -136,3 +136,6 @@ SET @saved_cs_client= @@character_set_client;
 # MXS-2699
 SELECT NEXTVAL(id_generator), context FROM t1 WHERE (a,b,c) >= (1,2,3);
 select soundex(_utf8mb4 0xD091D092D093) as vx, gray_user_tag from user_extends where user_id > last_insert_id();
+
+# MXS-2713
+SET PASSWORD FOR 'user'@'10.0.0.1'='*C50EB75D7CB4C76B5264218B92BC69E6815B057A';