Description:
The pluggable authentication code (WL#1054) is setting up wrong credentials and host name when it's using a proxy user.
It sets the correct user name (the proxied user name) in the sctx->priv_user, but uses the access mask and the host name of the proxy user.
It will also erroneously use the proxy (instead of the proxied user) when checking the access restrictions and the ssl credentials.

How to repeat:
Consider the following mysqltest script:

--source include/have_plugin_auth.inc
GRANT ALL PRIVILEGES ON *.* TO power_user;
GRANT USAGE ON anonymous_db.* TO ''@'' 
  IDENTIFIED WITH 'test_plugin_server' AS 'power_user';
GRANT PROXY ON power_user TO ''@'';
CREATE DATABASE confidential_db;
CREATE TABLE confidential_db.t1 (a INT);

connect(plug_con,localhost, test_login_user, power_user, confidential_db);

This results in the connect() command failing with an error.

Suggested fix:
Use the proxied user credentials and data consistently  (once established) wherever there's a check while logging in.

A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/118314

3083 Georgi Kodinov	2010-09-15
      Bug #56798 : Wrong credentials assigned when using a proxy user.
      
      Fixed incorrect handling of user credentials when authenticating
      via proxy user. Now the server will use the proxies user's 
      access mask and host to update the security context runtime 
      structure when logging in.
      
      Fixed a compilation warning with the embedded library.

A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/118593

3083 Georgi Kodinov	2010-09-20
      Bug #56798 : Wrong credentials assigned when using a proxy user.
      
      Fixed incorrect handling of user credentials when authenticating
      via proxy user. Now the server will use the proxies user's 
      access mask and host to update the security context runtime 
      structure when logging in.
      
      Fixed a compilation warning with the embedded library.
      
      Fixed a crash when doing a second GRANT PROXY on ''@'' due to 
      incomplete equality check logic.

A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/118604

3082 Georgi Kodinov	2010-09-20
      Bug #56798 : Wrong credentials assigned when using a proxy user.
      
      Fixed incorrect handling of user credentials when authenticating
      via proxy user. Now the server will use the proxies user's 
      access mask and host to update the security context runtime 
      structure when logging in.
      
      Fixed a compilation warning with the embedded library.
      
      Fixed a crash when doing a second GRANT PROXY on ''@'' due to 
      incomplete equality check logic.

Problem does not occur in any released version.

Pushed into mysql-5.5 5.5.7-rc (revid:sunanda.menon@sun.com-20101109182959-otkxq8vo2dcd13la) (version source revid:sunanda.menon@sun.com-20101109182959-otkxq8vo2dcd13la) (merge vers: 5.5.7-rc) (pib:21)

Pushed into mysql-trunk 5.6.99-m5 (revid:alexander.nozdrin@oracle.com-20101113155825-czmva9kg4n31anmu) (version source revid:alexander.nozdrin@oracle.com-20101113152450-2zzcm50e7i4j35v7) (merge vers: 5.6.1-m4) (pib:21)

Pushed into mysql-next-mr (revid:alexander.nozdrin@oracle.com-20101113160336-atmtmfb3mzm4pz4i) (version source revid:vasil.dimov@oracle.com-20100629074804-359l9m9gniauxr94) (pib:21)