SET PASSWORD bugfixes:

* work as documented, use CURRENT_USER() * move the check for ER_PASSWORD_ANONYMOUS_USER where it can actually work
author: Sergei Golubchik <sergii@pisem.net> 2013-10-18 11:41:40 -0700
committer: Sergei Golubchik <sergii@pisem.net> 2013-10-18 11:41:40 -0700
commit: ac6877d420a70e215c59f1c85cfe80c6a71cf349 (patch)
tree: eacddfe96382dcd8f07d60b5e171049381247c58 /sql/sql_parse.cc
parent: 4cc8cda346bdd63c7e3882d687ba01143856b5dd (diff)
download: mariadb-git-ac6877d420a70e215c59f1c85cfe80c6a71cf349.tar.gz
1 files changed, 28 insertions, 12 deletions
diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc
index 7aecdff761a..e414921765d 100644
--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@@ -3791,38 +3791,54 @@ end_with_restore_list:
 
     if (thd->security_ctx->user)              // If not replication
     {
-      LEX_USER *user, *tmp_user;
+      LEX_USER *user;
       bool first_user= TRUE;
 
       List_iterator <LEX_USER> user_list(lex->users_list);
-      while ((tmp_user= user_list++))
+      while ((user= user_list++))
       {
-        if (!(user= get_current_user(thd, tmp_user)))
-          goto error;
         if (specialflag & SPECIAL_NO_RESOLVE &&
             hostname_requires_resolving(user->host.str))
           push_warning_printf(thd, MYSQL_ERROR::WARN_LEVEL_WARN,
                               ER_WARN_HOSTNAME_WONT_WORK,
                               ER(ER_WARN_HOSTNAME_WONT_WORK));
-        // Are we trying to change a password of another user
-        DBUG_ASSERT(user->host.str != 0);
 
         /*
           GRANT/REVOKE PROXY has the target user as a first entry in the list. 
          */
         if (lex->type == TYPE_ENUM_PROXY && first_user)
         {
+          if (!(user= get_current_user(thd, user)) || !user->host.str)
+            goto error;
+
           first_user= FALSE;
           if (acl_check_proxy_grant_access (thd, user->host.str, user->user.str,
                                         lex->grant & GRANT_ACL))
             goto error;
         } 
-        else if (is_acl_user(user->host.str, user->user.str) &&
-                 user->password.str &&
-                 check_change_password (thd, user->host.str, user->user.str, 
-                                        user->password.str, 
-                                        user->password.length))
-          goto error;
+        else if (user->password.str)
+        {
+          // Are we trying to change a password of another user?
+          const char *hostname= user->host.str, *username=user->user.str;
+          bool userok;
+          if (username == current_user.str)
+          {
+            username= thd->security_ctx->priv_user;
+            hostname= thd->security_ctx->priv_host;
+            userok= true;
+          }
+          else
+          {
+            if (!hostname)
+              hostname= host_not_specified.str;
+            userok= is_acl_user(hostname, username);
+          }
+
+          if (userok && check_change_password (thd, hostname, username, 
+                                               user->password.str, 
+                                               user->password.length))
+            goto error;
+        }
       }
     }
     if (first_table)
author	Sergei Golubchik <sergii@pisem.net>	2013-10-18 11:41:40 -0700
committer	Sergei Golubchik <sergii@pisem.net>	2013-10-18 11:41:40 -0700
commit	ac6877d420a70e215c59f1c85cfe80c6a71cf349 (patch)
tree	eacddfe96382dcd8f07d60b5e171049381247c58 /sql/sql_parse.cc
parent	4cc8cda346bdd63c7e3882d687ba01143856b5dd (diff)
download	mariadb-git-ac6877d420a70e215c59f1c85cfe80c6a71cf349.tar.gz