11 files changed, 226 insertions, 11 deletions
diff --git a/include/mysql/plugin_auth.h b/include/mysql/plugin_auth.h
index 75e7fba5266..156fb386aae 100644
--- a/include/mysql/plugin_auth.h
+++ b/include/mysql/plugin_auth.h
@@ -27,7 +27,7 @@
 
 #include <mysql/plugin.h>
 
-#define MYSQL_AUTHENTICATION_INTERFACE_VERSION 0x0100
+#define MYSQL_AUTHENTICATION_INTERFACE_VERSION 0x0200
 
 #include <mysql/plugin_auth_common.h>
 
@@ -78,7 +78,7 @@ typedef struct st_mysql_server_auth_info
     Not used by the server.
     Available through the @@EXTERNAL_USER variable.
   */  
-  char external_user[512];
+  char external_user[MYSQL_USERNAME_LENGTH+1];
 
   /**
     This only affects the "Authentication failed. Password used: %s"
diff --git a/include/mysql/plugin_auth.h.pp b/include/mysql/plugin_auth.h.pp
index 23153198a7d..55b6055ef2f 100644
--- a/include/mysql/plugin_auth.h.pp
+++ b/include/mysql/plugin_auth.h.pp
@@ -266,8 +266,8 @@ typedef struct st_mysql_server_auth_info
   unsigned int user_name_length;
   const char *auth_string;
   unsigned long auth_string_length;
-  char authenticated_as[48 +1];
-  char external_user[512];
+  char authenticated_as[512 +1];
+  char external_user[512 +1];
   int password_used;
   const char *host_or_ip;
   unsigned int host_or_ip_length;
diff --git a/include/mysql/plugin_auth_common.h b/include/mysql/plugin_auth_common.h
index 820d299bf88..c0b61730d0d 100644
--- a/include/mysql/plugin_auth_common.h
+++ b/include/mysql/plugin_auth_common.h
@@ -28,7 +28,7 @@
 #define MYSQL_PLUGIN_AUTH_COMMON_INCLUDED
 
 /** the max allowed length for a user name */
-#define MYSQL_USERNAME_LENGTH 48
+#define MYSQL_USERNAME_LENGTH 512
 
 /**
   return values of the plugin authenticate_user() method.
diff --git a/mysql-test/suite/plugins/r/auth_v0100.result b/mysql-test/suite/plugins/r/auth_v0100.result
new file mode 100644
index 00000000000..53affc94947
--- /dev/null
+++ b/mysql-test/suite/plugins/r/auth_v0100.result
@@ -0,0 +1,18 @@
+install soname 'auth_0x0100';
+select plugin_name, plugin_type_version from information_schema.plugins where plugin_type='authentication' order by plugin_name;
+plugin_name	plugin_type_version
+auth_0x0100	1.0
+mysql_native_password	2.0
+mysql_old_password	2.0
+create user tt identified via auth_0x0100;
+grant select on test.* to zzzzzzzzzzzzzzzz;
+connect(localhost,tt,,test,MASTER_MYPORT,MASTER_MYSOCK);
+ERROR 28000: Access denied for user 'tt'@'localhost' (using password: YES)
+grant proxy on zzzzzzzzzzzzzzzz to tt;
+select user(), current_user(), @@external_user;
+user()	tt@localhost
+current_user()	zzzzzzzzzzzzzzzz@%
+@@external_user	oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo.
+drop user tt;
+drop user zzzzzzzzzzzzzzzz;
+uninstall plugin auth_0x0100;
diff --git a/mysql-test/suite/plugins/t/auth_v0100.test b/mysql-test/suite/plugins/t/auth_v0100.test
new file mode 100644
index 00000000000..3cf93ba67f2
--- /dev/null
+++ b/mysql-test/suite/plugins/t/auth_v0100.test
@@ -0,0 +1,26 @@
+--source include/not_embedded.inc
+
+if (!$AUTH_0X0100_SO) {
+  skip No auth_0x0100 plugin;
+}
+
+install soname 'auth_0x0100';
+
+select plugin_name, plugin_type_version from information_schema.plugins where plugin_type='authentication' order by plugin_name;
+
+create user tt identified via auth_0x0100;
+grant select on test.* to zzzzzzzzzzzzzzzz;
+
+--replace_result $MASTER_MYSOCK MASTER_MYSOCK $MASTER_MYPORT MASTER_MYPORT
+--error ER_ACCESS_DENIED_ERROR
+connect (c0,localhost,tt);
+
+grant proxy on zzzzzzzzzzzzzzzz to tt;
+connect (c1,localhost,tt);
+connection c1;
+
+--query_vertical select user(), current_user(), @@external_user
+connection default;
+drop user tt;
+drop user zzzzzzzzzzzzzzzz;
+uninstall plugin auth_0x0100;
diff --git a/plugin/auth_examples/CMakeLists.txt b/plugin/auth_examples/CMakeLists.txt
index fb27289770f..f6c2b637067 100644
--- a/plugin/auth_examples/CMakeLists.txt
+++ b/plugin/auth_examples/CMakeLists.txt
@@ -27,5 +27,7 @@ MYSQL_ADD_PLUGIN(qa_auth_server qa_auth_server.c
 MYSQL_ADD_PLUGIN(qa_auth_client qa_auth_client.c
   MODULE_ONLY COMPONENT Test)
 
+MYSQL_ADD_PLUGIN(auth_0x0100 auth_0x0100.c MODULE_ONLY COMPONENT Test)
+
 MYSQL_ADD_PLUGIN(mysql_clear_password clear_password_client.c
   MODULE_ONLY COMPONENT SharedLibraries)
diff --git a/plugin/auth_examples/auth_0x0100.c b/plugin/auth_examples/auth_0x0100.c
new file mode 100644
index 00000000000..d1373b8a0b4
--- /dev/null
+++ b/plugin/auth_examples/auth_0x0100.c
@@ -0,0 +1,91 @@
+/* Copyright (C) 2013 Sergei Golubchik and Monty Program Ab
+
+    This program is free software; you can redistribute it and/or
+    modify it under the terms of the GNU General Public License as
+    published by the Free Software Foundation; version 2 of the
+    License.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program; if not, write to the Free Software
+    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
+
+/**
+  @file
+
+  auth plugin that uses old structures as of
+  MYSQL_AUTHENTICATION_INTERFACE_VERSION 0x0100
+
+  To test the old version support.
+  It intentionally uses no constants like CR_OK ok PASSWORD_USED_YES.
+*/
+
+#include <mysql/plugin.h>
+#include <string.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+#if 0
+#include <mysql/plugin_auth.h>
+#else
+#define MYSQL_AUTHENTICATION_INTERFACE_VERSION 0x0100
+typedef void MYSQL_PLUGIN_VIO; /* we don't use it here */
+
+typedef struct st_mysql_server_auth_info
+{
+  char *user_name;
+  unsigned int user_name_length;
+  const char *auth_string;
+  unsigned long auth_string_length;
+  char authenticated_as[49]; 
+  char external_user[512];
+  int  password_used;
+  const char *host_or_ip;
+  unsigned int host_or_ip_length;
+} MYSQL_SERVER_AUTH_INFO;
+
+struct st_mysql_auth
+{
+  int interface_version;
+  const char *client_auth_plugin;
+  int (*authenticate_user)(MYSQL_PLUGIN_VIO *vio, MYSQL_SERVER_AUTH_INFO *info);
+};
+#endif
+
+static int do_auth_0x0100(MYSQL_PLUGIN_VIO *vio, MYSQL_SERVER_AUTH_INFO *info)
+{
+  info->password_used= 1;
+  strcpy(info->authenticated_as, "zzzzzzzzzzzzzzzz");
+  memset(info->external_user, 'o', 510);
+  info->external_user[510]='.';
+  info->external_user[511]=0;
+  return vio ? -1 : 0; /* use vio to avoid the 'unused' warning */
+}
+
+static struct st_mysql_auth auth_0x0100_struct=
+{
+  MYSQL_AUTHENTICATION_INTERFACE_VERSION, 0, do_auth_0x0100
+};
+
+maria_declare_plugin(auth_0x0100)
+{
+  MYSQL_AUTHENTICATION_PLUGIN,
+  &auth_0x0100_struct,
+  "auth_0x0100",
+  "Sergei Golubchik",
+  "Test for API 0x0100 support",
+  PLUGIN_LICENSE_GPL,
+  NULL,
+  NULL,
+  0x0100,
+  NULL,
+  NULL,
+  "1.0",
+  MariaDB_PLUGIN_MATURITY_EXPERIMENTAL,
+}
+maria_declare_plugin_end;
+
diff --git a/sql-common/client.c b/sql-common/client.c
index c257c7c96a7..3119236ef2d 100644
--- a/sql-common/client.c
+++ b/sql-common/client.c
@@ -2572,8 +2572,6 @@ static int send_client_reply_packet(MCPVIO_EXT *mpvio,
 		     mysql->server_version, mysql->server_capabilities,
 		     mysql->server_status, mysql->client_flag));
 
-  compile_time_assert(MYSQL_USERNAME_LENGTH == USERNAME_LENGTH);
-
   /* This needs to be changed as it's not useful with big packets */
   if (mysql->user[0])
     strmake(end, mysql->user, USERNAME_LENGTH);
diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc
index 04d797b3ba1..d1cdf35bb5a 100644
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -52,6 +52,8 @@
 #include "sql_db.h"
 #include "sql_array.h"
 
+#include "sql_plugin_compat.h"
+
 bool mysql_user_table_is_in_short_password_format= false;
 
 static const
@@ -9027,7 +9029,20 @@ static int do_auth_once(THD *thd, const LEX_STRING *auth_plugin_name,
   if (plugin)
   {
     st_mysql_auth *auth= (st_mysql_auth *) plugin_decl(plugin)->info;
-    res= auth->authenticate_user(mpvio, &mpvio->auth_info);
+    switch (auth->interface_version) {
+    case 0x0200:
+      res= auth->authenticate_user(mpvio, &mpvio->auth_info);
+      break;
+    case 0x0100:
+      {
+        MYSQL_SERVER_AUTH_INFO_0x0100 compat;
+        compat.downgrade(&mpvio->auth_info);
+        res= auth->authenticate_user(mpvio, (MYSQL_SERVER_AUTH_INFO *)&compat);
+        compat.upgrade(&mpvio->auth_info);
+      }
+      break;
+    default: DBUG_ASSERT(0);
+    }
 
     if (unlock_plugin)
       plugin_unlock(thd, plugin);
@@ -9078,8 +9093,6 @@ bool acl_authenticate(THD *thd, uint connect_errors,
                                                              : COM_CONNECT;
   DBUG_ENTER("acl_authenticate");
 
-  compile_time_assert(MYSQL_USERNAME_LENGTH == USERNAME_LENGTH);
-
   bzero(&mpvio, sizeof(mpvio));
   mpvio.read_packet= server_mpvio_read_packet;
   mpvio.write_packet= server_mpvio_write_packet;
diff --git a/sql/sql_plugin.cc b/sql/sql_plugin.cc
index bf3537c0ed9..f540431b4e9 100644
--- a/sql/sql_plugin.cc
+++ b/sql/sql_plugin.cc
@@ -35,6 +35,8 @@
 #include <mysql/plugin_auth.h>
 #include "lock.h"                               // MYSQL_LOCK_IGNORE_TIMEOUT
 #include <mysql/plugin_auth.h>
+#include "sql_plugin_compat.h"
+
 #define REPORT_TO_LOG  1
 #define REPORT_TO_USER 2
 
@@ -135,7 +137,7 @@ static int min_plugin_info_interface_version[MYSQL_MAX_PLUGIN_TYPE_NUM]=
   MYSQL_INFORMATION_SCHEMA_INTERFACE_VERSION,
   MYSQL_AUDIT_INTERFACE_VERSION,
   MYSQL_REPLICATION_INTERFACE_VERSION,
-  MYSQL_AUTHENTICATION_INTERFACE_VERSION
+  MIN_AUTHENTICATION_INTERFACE_VERSION
 };
 static int cur_plugin_info_interface_version[MYSQL_MAX_PLUGIN_TYPE_NUM]=
 {
diff --git a/sql/sql_plugin_compat.h b/sql/sql_plugin_compat.h
new file mode 100644
index 00000000000..8c6014f8dc6
--- /dev/null
+++ b/sql/sql_plugin_compat.h
@@ -0,0 +1,65 @@
+/* Copyright (C) 2013 Sergei Golubchik and Monty Program Ab
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; version 2 of the License.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */
+
+/* old plugin api structures, used for backward compatibility */
+
+#define upgrade_var(X) latest->X= X
+#define upgrade_str(X) strmake(latest->X, X, sizeof(X))
+#define downgrade_var(X) X= latest->X
+#define downgrade_str(X) strmake(X, latest->X, sizeof(X)-1)
+
+/**************************************************************/
+/* Authentication API, version 0x0100 *************************/
+#define MIN_AUTHENTICATION_INTERFACE_VERSION 0x0100
+
+struct MYSQL_SERVER_AUTH_INFO_0x0100 {
+  char *user_name;
+  unsigned int user_name_length;
+  const char *auth_string;
+  unsigned long auth_string_length;
+  char authenticated_as[49]; 
+  char external_user[512];
+  int  password_used;
+  const char *host_or_ip;
+  unsigned int host_or_ip_length;
+
+  void upgrade(MYSQL_SERVER_AUTH_INFO *latest)
+  {
+    upgrade_var(user_name);
+    upgrade_var(user_name_length);
+    upgrade_var(auth_string);
+    upgrade_var(auth_string_length);
+    upgrade_str(authenticated_as);
+    upgrade_str(external_user);
+    upgrade_var(password_used);
+    upgrade_var(host_or_ip);
+    upgrade_var(host_or_ip_length);
+  }
+  void downgrade(MYSQL_SERVER_AUTH_INFO *latest)
+  {
+    downgrade_var(user_name);
+    downgrade_var(user_name_length);
+    downgrade_var(auth_string);
+    downgrade_var(auth_string_length);
+    downgrade_str(authenticated_as);
+    downgrade_str(external_user);
+    downgrade_var(password_used);
+    downgrade_var(host_or_ip);
+    downgrade_var(host_or_ip_length);
+  }
+};
+
+/**************************************************************/
+