← Back to team overview

maria-developers team mailing list archive

MDEV-14031 Password policy causes replication failure

 

Hi Sergei,

Please review a patch for MDEV-14031.

Thanks!
diff --git a/mysql-test/suite/plugins/r/binlog-simple_plugin_check.result b/mysql-test/suite/plugins/r/binlog-simple_plugin_check.result
new file mode 100644
index 0000000..0094c37
--- /dev/null
+++ b/mysql-test/suite/plugins/r/binlog-simple_plugin_check.result
@@ -0,0 +1,19 @@
+INSTALL SONAME "simple_password_check";
+SELECT PLUGIN_NAME FROM INFORMATION_SCHEMA.PLUGINS
+WHERE PLUGIN_NAME='simple_password_check';
+PLUGIN_NAME
+simple_password_check
+#
+# Password policy causes replication failure
+#
+CREATE USER user1@localhost IDENTIFIED BY 'BsG9#9.cem#!85';
+CREATE USER user2@localhost IDENTIFIED BY 'bsg9#d.cem#!85';
+ERROR HY000: Your password does not satisfy the current policy requirements
+DROP USER user1@localhost;
+include/show_binlog_events.inc
+Log_name	Pos	Event_type	Server_id	End_log_pos	Info
+master-bin.000001	#	Gtid	#	#	GTID #-#-#
+master-bin.000001	#	Query	#	#	use `test`; CREATE USER user1@localhost IDENTIFIED BY 'BsG9#9.cem#!85'
+master-bin.000001	#	Gtid	#	#	GTID #-#-#
+master-bin.000001	#	Query	#	#	use `test`; DROP USER user1@localhost
+UNINSTALL PLUGIN simple_password_check;
diff --git a/mysql-test/suite/plugins/t/binlog-simple_plugin_check.test b/mysql-test/suite/plugins/t/binlog-simple_plugin_check.test
new file mode 100644
index 0000000..326e2f2
--- /dev/null
+++ b/mysql-test/suite/plugins/t/binlog-simple_plugin_check.test
@@ -0,0 +1,31 @@
+--source include/not_embedded.inc
+--source include/have_binlog_format_statement.inc
+
+if (!$SIMPLE_PASSWORD_CHECK_SO) {
+  skip No SIMPLE_PASSWORD_CHECK plugin;
+}
+
+INSTALL SONAME "simple_password_check";
+SELECT PLUGIN_NAME FROM INFORMATION_SCHEMA.PLUGINS
+WHERE PLUGIN_NAME='simple_password_check';
+
+
+--echo #
+--echo # Password policy causes replication failure
+--echo #
+
+--disable_query_log
+RESET MASTER; # get rid of previous tests binlog
+--enable_query_log
+
+CREATE USER user1@localhost IDENTIFIED BY 'BsG9#9.cem#!85';
+
+--error ER_NOT_VALID_PASSWORD
+CREATE USER user2@localhost IDENTIFIED BY 'bsg9#d.cem#!85';
+
+DROP USER user1@localhost;
+
+--let $binlog_file = LAST
+source include/show_binlog_events.inc;
+
+UNINSTALL PLUGIN simple_password_check;
diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc
index 5ccc5f7..6029f4e 100644
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -9507,13 +9507,13 @@ bool mysql_create_user(THD *thd, List <LEX_USER> &list, bool handle_as_role)
       }
     }
 
-    binlog= true;
     if (replace_user_table(thd, tables[USER_TABLE].table, *user_name, 0, 0, 1, 0))
     {
       append_user(thd, &wrong_users, user_name);
       result= TRUE;
       continue;
     }
+    binlog= true;
 
     // every created role is automatically granted to its creator-admin
     if (handle_as_role)