handle a case when a user connects with a password to a passwordless account

author: Sergei Golubchik <sergii@pisem.net> 2010-06-02 17:53:12 +0200
committer: Sergei Golubchik <sergii@pisem.net> 2010-06-02 17:53:12 +0200
commit: cdebfd3892af178dfeaddc5c0ddd284753905ba0 (patch)
tree: 01453593376bddb8104cf5d81b8831ca8ffbe433 /sql/sql_acl.cc
parent: ffc8f62b08982cc1f2fabf8b4b38bd124c115a97 (diff)
download: mariadb-git-cdebfd3892af178dfeaddc5c0ddd284753905ba0.tar.gz
1 files changed, 4 insertions, 2 deletions
diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc
index 55e31b18e7f..db20782037e 100644
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -8217,7 +8217,8 @@ static int native_password_authenticate(MYSQL_PLUGIN_VIO *vio,
 
   info->password_used = 1;
   if (pkt_len == SCRAMBLE_LENGTH)
-    return check_scramble(pkt, thd->scramble, mpvio->acl_user->salt) ?
+    return info->auth_string[0] == 0 ||
+           check_scramble(pkt, thd->scramble, mpvio->acl_user->salt) ?
              CR_ERROR : CR_OK;
 
   inc_host_errors(&mpvio->thd->net.vio->remote.sin_addr);
@@ -8268,7 +8269,8 @@ static int old_password_authenticate(MYSQL_PLUGIN_VIO *vio,
   info->password_used = 1;
 
   if (pkt_len == SCRAMBLE_LENGTH_323)
-    return check_scramble_323(pkt, thd->scramble,
+    return info->auth_string[0] == 0 ||
+           check_scramble_323(pkt, thd->scramble,
                              (ulong *)mpvio->acl_user->salt) ? CR_ERROR : CR_OK;
 
   inc_host_errors(&mpvio->thd->net.vio->remote.sin_addr);
author	Sergei Golubchik <sergii@pisem.net>	2010-06-02 17:53:12 +0200
committer	Sergei Golubchik <sergii@pisem.net>	2010-06-02 17:53:12 +0200
commit	cdebfd3892af178dfeaddc5c0ddd284753905ba0 (patch)
tree	01453593376bddb8104cf5d81b8831ca8ffbe433 /sql/sql_acl.cc
parent	ffc8f62b08982cc1f2fabf8b4b38bd124c115a97 (diff)
download	mariadb-git-cdebfd3892af178dfeaddc5c0ddd284753905ba0.tar.gz