diff options
Diffstat (limited to 'sql/sql_acl.cc')
| -rw-r--r-- | sql/sql_acl.cc | 54 |
1 files changed, 49 insertions, 5 deletions
diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index 106036e1e83..e67a019d1f7 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -2559,7 +2559,9 @@ int check_alter_user(THD *thd, const char *host, const char *user) my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0), "--skip-grant-tables"); goto end; } - if (!thd->slave_thread && !thd->security_ctx->priv_user[0]) + + if (IF_WSREP((!WSREP(thd) || !thd->wsrep_applier), 1) && + !thd->slave_thread && !thd->security_ctx->priv_user[0]) { my_message(ER_PASSWORD_ANONYMOUS_USER, ER(ER_PASSWORD_ANONYMOUS_USER), MYF(0)); @@ -2570,7 +2572,9 @@ int check_alter_user(THD *thd, const char *host, const char *user) my_error(ER_PASSWORD_NO_MATCH, MYF(0)); goto end; } + if (!thd->slave_thread && + IF_WSREP((!WSREP(thd) || !thd->wsrep_applier),1) && (strcmp(thd->security_ctx->priv_user, user) || my_strcasecmp(system_charset_info, host, thd->security_ctx->priv_host))) @@ -2635,10 +2639,12 @@ bool change_password(THD *thd, const char *host, const char *user, TABLE_LIST tables[TABLES_MAX]; /* Buffer should be extended when password length is extended. */ char buff[512]; - ulong query_length; + ulong query_length=0; enum_binlog_format save_binlog_format; uint new_password_len= (uint) strlen(new_password); - int result; + int result=0; + const CSET_STRING query_save = thd->query_string; + DBUG_ENTER("change_password"); DBUG_PRINT("enter",("host: '%s' user: '%s' new_password: '%s'", host,user,new_password)); @@ -2647,6 +2653,19 @@ bool change_password(THD *thd, const char *host, const char *user, if (check_change_password(thd, host, user, new_password, new_password_len)) DBUG_RETURN(1); +#ifdef WITH_WSREP + if (WSREP(thd) && !thd->wsrep_applier) + { + query_length= sprintf(buff, "SET PASSWORD FOR '%-.120s'@'%-.120s'='%-.120s'", + user ? user : "", + host ? host : "", + new_password); + thd->set_query_inner(buff, query_length, system_charset_info); + + WSREP_TO_ISOLATION_BEGIN(WSREP_MYSQL_DB, (char*)"user", NULL); + } +#endif /* WITH_WSREP */ + if ((result= open_grant_tables(thd, tables, TL_WRITE, Table_user))) DBUG_RETURN(result != 1); @@ -2708,9 +2727,23 @@ bool change_password(THD *thd, const char *host, const char *user, } end: close_mysql_tables(thd); +#ifdef WITH_WSREP + if (WSREP(thd) && !thd->wsrep_applier) + { + WSREP_TO_ISOLATION_END; + + thd->query_string = query_save; + thd->wsrep_exec_mode = LOCAL_STATE; + } +#endif /* WITH_WSREP */ thd->restore_stmt_binlog_format(save_binlog_format); DBUG_RETURN(result); + +error: + WSREP_ERROR("Repliation of SET PASSWORD failed: %s", buff); + DBUG_RETURN(result); + } int acl_check_set_default_role(THD *thd, const char *host, const char *user) @@ -2727,8 +2760,9 @@ int acl_set_default_role(THD *thd, const char *host, const char *user, int result= 1; int error; bool clear_role= FALSE; + char buff[512]; enum_binlog_format save_binlog_format; - + const CSET_STRING query_save = thd->query_string; DBUG_ENTER("acl_set_default_role"); DBUG_PRINT("enter",("host: '%s' user: '%s' rolename: '%s'", @@ -2823,7 +2857,6 @@ int acl_set_default_role(THD *thd, const char *host, const char *user, result= 0; if (mysql_bin_log.is_open()) { - char buff[512]; int query_length= sprintf(buff,"SET DEFAULT ROLE '%-.120s' FOR '%-.120s'@'%-.120s'", safe_str(acl_user->default_rolename.str), @@ -2835,6 +2868,17 @@ int acl_set_default_role(THD *thd, const char *host, const char *user, } end: close_mysql_tables(thd); + +#ifdef WITH_WSREP + if (WSREP(thd) && !thd->wsrep_applier) + { + WSREP_TO_ISOLATION_END; + + thd->query_string = query_save; + thd->wsrep_exec_mode = LOCAL_STATE; + } +#endif /* WITH_WSREP */ + thd->restore_stmt_binlog_format(save_binlog_format); DBUG_RETURN(result); |