Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
MDEV-25197: The statement set password=password('') executed in PS mo…
…de fails in case it is run by a user with expired password A user connected to a server with an expired password can't change password with the statement "SET password=..." if this statement is run in PS mode. In mentioned use case a user gets the error ER_MUST_CHANGE_PASSWORD on attempt to run the statement PREPARE stmt FOR "SET password=..."; The reason of failure to reset password by a locked user using the statement PREPARE stmt FOR "SET password=..." is that PS-related statements are not listed among the commands allowed for execution by a user with expired password. However, simple adding of PS-related statements (PREPARE FOR/EXECUTE/DEALLOCATE PREPARE ) to the list of statements allowed for execution by a locked user is not enough to solve problems, since it opens the opportunity for a locked user to execute any statement in the PS mode. To exclude this opportunity, additional checking that the statement being prepared for execution in PS-mode is the SET statement has to be added. This extra checking has been added by this patch into the method Prepared_statement::prepared() that executed on preparing any statement for execution in PS-mode.
- Loading branch information
1 parent
e14b682
commit 61f84bb
Showing
4 changed files
with
85 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters