diff options
-rw-r--r-- | mysql-test/main/password_expiration_unix_socket.result | 8 | ||||
-rw-r--r-- | mysql-test/main/password_expiration_unix_socket.test | 24 | ||||
-rw-r--r-- | sql/sql_acl.cc | 5 |
3 files changed, 35 insertions, 2 deletions
diff --git a/mysql-test/main/password_expiration_unix_socket.result b/mysql-test/main/password_expiration_unix_socket.result new file mode 100644 index 00000000000..5feee17f205 --- /dev/null +++ b/mysql-test/main/password_expiration_unix_socket.result @@ -0,0 +1,8 @@ +# +# A password cannot expire, if there is no password +# +create user USER identified via unix_socket; +alter user USER password expire; +1 +1 +drop user USER; diff --git a/mysql-test/main/password_expiration_unix_socket.test b/mysql-test/main/password_expiration_unix_socket.test new file mode 100644 index 00000000000..f2579aaf18f --- /dev/null +++ b/mysql-test/main/password_expiration_unix_socket.test @@ -0,0 +1,24 @@ +# +# Test password expiration +# + +--source include/not_embedded.inc +--source include/have_unix_socket.inc + +--echo # +--echo # A password cannot expire, if there is no password +--echo # + +--let $replace=create user $USER +--replace_result $replace "create user USER" +--eval create user $USER identified via unix_socket + +--let $replace=alter user $USER +--replace_result $replace "alter user USER" +--eval alter user $USER password expire + +--exec $MYSQL -u $USER -e 'select 1' + +--let $replace=drop user $USER +--replace_result $replace "drop user USER" +--eval drop user $USER diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index 0a5b2d3a226..ee07bfd2680 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -13843,8 +13843,9 @@ bool acl_authenticate(THD *thd, uint com_change_user_pkt_len) bool client_can_handle_exp_pass= thd->client_capabilities & CLIENT_CAN_HANDLE_EXPIRED_PASSWORDS; - bool password_expired= acl_user->password_expired || - check_password_lifetime(thd, *acl_user); + bool password_expired= thd->password != PASSWORD_USED_NO_MENTION + && (acl_user->password_expired || + check_password_lifetime(thd, *acl_user)); if (!client_can_handle_exp_pass && disconnect_on_expired_password && password_expired) |