diff --git a/mysql-test/r/plugin_auth.result b/mysql-test/r/plugin_auth.result index cf3eb43..29f4e37 100644 --- a/mysql-test/r/plugin_auth.result +++ b/mysql-test/r/plugin_auth.result @@ -234,7 +234,7 @@ NULL # in connection plug_con SELECT @@LOCAL.external_user; @@LOCAL.external_user -'plug'@'%' +plug_dest # in connection default WL#5706 -- show the above got logged/rewritten correctly SELECT argument FROM mysql.general_log WHERE argument LIKE CONCAT('%IDENTIFIED ','WITH %'); diff --git a/mysql-test/r/plugin_auth_qa_2.result b/mysql-test/r/plugin_auth_qa_2.result index f2c68fa..36d25fd 100644 --- a/mysql-test/r/plugin_auth_qa_2.result +++ b/mysql-test/r/plugin_auth_qa_2.result @@ -46,7 +46,7 @@ NULL exec MYSQL PLUGIN_AUTH_OPT -h localhost -P MASTER_MYPORT -u qa_test_2_user --password=qa_test_2_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1 Warning: Using a password on the command line interface can be insecure. current_user() user() @@local.proxy_user @@local.external_user -authenticated_as@% user_name@localhost 'qa_test_2_user'@'%' 'qa_test_2_user'@'%' +authenticated_as@% user_name@localhost 'qa_test_2_user'@'%' externaluser SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; user plugin authentication_string authenticated_as mysql_native_password @@ -63,7 +63,7 @@ GRANT PROXY ON qa_test_3_dest TO qa_test_3_user; exec MYSQL PLUGIN_AUTH_OPT -h localhost -P MASTER_MYPORT -u qa_test_3_user --password=qa_test_3_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1 Warning: Using a password on the command line interface can be insecure. current_user() user() @@local.proxy_user @@local.external_user -qa_test_3_dest@% qa_test_3_user@localhost 'qa_test_3_user'@'%' 'qa_test_3_user'@'%' +qa_test_3_dest@% qa_test_3_user@localhost 'qa_test_3_user'@'%' qa_test_3_dest DROP USER qa_test_3_user; DROP USER qa_test_3_dest; === Assign too low values for *length, which should have no effect ==== @@ -74,7 +74,7 @@ GRANT PROXY ON qa_test_4_dest TO qa_test_4_user; exec MYSQL PLUGIN_AUTH_OPT -h localhost -P MASTER_MYPORT -u qa_test_4_user --password=qa_test_4_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1 Warning: Using a password on the command line interface can be insecure. current_user() user() @@local.proxy_user @@local.external_user -qa_test_4_dest@% qa_test_4_user@localhost 'qa_test_4_user'@'%' 'qa_test_4_user'@'%' +qa_test_4_dest@% qa_test_4_user@localhost 'qa_test_4_user'@'%' qa_test_4_dest DROP USER qa_test_4_user; DROP USER qa_test_4_dest; === Assign empty string especially to authenticated_as (in plugin) ==== diff --git a/mysql-test/r/plugin_auth_qa_3.result b/mysql-test/r/plugin_auth_qa_3.result index 14e45fe..6c57ed5 100644 --- a/mysql-test/r/plugin_auth_qa_3.result +++ b/mysql-test/r/plugin_auth_qa_3.result @@ -5,7 +5,7 @@ GRANT PROXY ON qa_test_11_dest TO qa_test_11_user; exec MYSQL PLUGIN_AUTH_OPT --default_auth=qa_auth_client -h localhost -P MASTER_MYPORT -u qa_test_11_user --password=qa_test_11_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1 Warning: Using a password on the command line interface can be insecure. current_user() user() @@local.proxy_user @@local.external_user -qa_test_11_dest@% qa_test_11_user@localhost 'qa_test_11_user'@'%' 'qa_test_11_user'@'%' +qa_test_11_dest@% qa_test_11_user@localhost 'qa_test_11_user'@'%' NULL exec MYSQL PLUGIN_AUTH_OPT --default_auth=qa_auth_client -h localhost -P MASTER_MYPORT -u qa_test_2_user --password=qa_test_11_dest test_user_db -e "SELECT current_user(),user(),@@local.proxy_user,@@local.external_user;" 2>&1 Warning: Using a password on the command line interface can be insecure. ERROR 1045 (28000): Access denied for user 'qa_test_2_user'@'localhost' (using password: YES) diff --git a/sql/sys_vars.h b/sql/sys_vars.h index 8cde229..a1add9a 100644 --- a/sql/sys_vars.h +++ b/sql/sys_vars.h @@ -576,8 +576,8 @@ public: protected: virtual uchar *session_value_ptr(THD *thd, LEX_STRING *base) { - return thd->security_ctx->proxy_user[0] ? - (uchar *) &(thd->security_ctx->proxy_user[0]) : NULL; + return thd->security_ctx->get_external_user()->length() ? + (uchar *) thd->security_ctx->get_external_user()->ptr() : NULL; } };