Merge from mysql-5.5-bugteam to mysql-5.5-runtime.

2025-01-16 12:02:42 +01:00 · 2010-10-06 11:29:44 +02:00 · 2010-10-06 11:29:44 +02:00 · 4386615050
commit 4386615050
parent 653f14c265 cc15347239
137 changed files with 8555 additions and 1658 deletions
--- a/Makefile.am
+++ b/Makefile.am
@ -268,7 +268,9 @@ API_PREPROCESSOR_HEADER = $(top_srcdir)/include/mysql/plugin_audit.h \
 			$(top_srcdir)/include/mysql/plugin_ftparser.h \
 			$(top_srcdir)/include/mysql.h \
 			$(top_srcdir)/include/mysql/psi/psi_abi_v1.h \
-			$(top_srcdir)/include/mysql/psi/psi_abi_v2.h
+			$(top_srcdir)/include/mysql/psi/psi_abi_v2.h \
                        $(top_srcdir)/include/mysql/client_plugin.h \
                        $(top_srcdir)/include/mysql/plugin_auth.h
 #
 # Rules for checking that the abi/api has not changed.
--- a/client/CMakeLists.txt
+++ b/client/CMakeLists.txt
@ -72,3 +72,5 @@ ENDIF(WIN32)
 SET_TARGET_PROPERTIES (mysqlcheck mysqldump mysqlimport mysql_upgrade mysqlshow mysqlslap 
 PROPERTIES HAS_CXX TRUE)
 ADD_DEFINITIONS(-DHAVE_DLOPEN)
--- a/client/client_priv.h
+++ b/client/client_priv.h
@ -84,6 +84,8 @@ enum options_client
  OPT_DEBUG_INFO, OPT_DEBUG_CHECK, OPT_COLUMN_TYPES, OPT_ERROR_LOG_FILE,
  OPT_WRITE_BINLOG, OPT_DUMP_DATE,
  OPT_INIT_COMMAND,
  OPT_PLUGIN_DIR,
  OPT_DEFAULT_PLUGIN,
  OPT_MAX_CLIENT_OPTION
 };
--- a/client/mysql.cc
+++ b/client/mysql.cc
@ -166,6 +166,7 @@ static int wait_time = 5;
 static STATUS status;
 static ulong select_limit,max_join_size,opt_connect_timeout=0;
 static char mysql_charsets_dir[FN_REFLEN+1];
 static char *opt_plugin_dir= 0, *opt_default_auth;
 static const char *xmlmeta[] = {
  "&", "&amp;",
  "<", "&lt;",
@ -1564,6 +1565,13 @@ static struct my_option my_long_options[] =
  {"show-warnings", OPT_SHOW_WARNINGS, "Show warnings after every statement.",
    &show_warnings, &show_warnings, 0, GET_BOOL, NO_ARG,
    0, 0, 0, 0, 0, 0},
  {"plugin_dir", OPT_PLUGIN_DIR, "Directory for client-side plugins.",
   (uchar**) &opt_plugin_dir, (uchar**) &opt_plugin_dir, 0,
   GET_STR, REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
  {"default_auth", OPT_PLUGIN_DIR,
    "Default authentication client-side plugin to use.",
   (uchar**) &opt_default_auth, (uchar**) &opt_default_auth, 0,
   GET_STR, REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
  { 0, 0, 0, 0, 0, 0, GET_NO_ARG, NO_ARG, 0, 0, 0, 0, 0, 0}
 };
@ -4295,9 +4303,15 @@ sql_real_connect(char *host,char *database,char *user,char *password,
  mysql_options(&mysql, MYSQL_SET_CHARSET_NAME, default_charset);
  if (opt_plugin_dir && *opt_plugin_dir)
    mysql_options(&mysql, MYSQL_PLUGIN_DIR, opt_plugin_dir);
  if (opt_default_auth && *opt_default_auth)
    mysql_options(&mysql, MYSQL_DEFAULT_AUTH, opt_default_auth);
  if (!mysql_real_connect(&mysql, host, user, password,
-			  database, opt_mysql_port, opt_mysql_unix_port,
+                          database, opt_mysql_port, opt_mysql_unix_port,
-			  connect_flag | CLIENT_MULTI_STATEMENTS))
+                          connect_flag | CLIENT_MULTI_STATEMENTS))
  {
    if (!silent ||
 	(mysql_errno(&mysql) != CR_CONN_HOST_ERROR &&
--- a/client/mysqltest.cc
+++ b/client/mysqltest.cc
@ -36,6 +36,7 @@
 #include "client_priv.h"
 #include <mysql_version.h>
 #include <mysqld_error.h>
 #include <sql_common.h>
 #include <m_ctype.h>
 #include <my_dir.h>
 #include <hash.h>
@ -191,6 +192,8 @@ static ulonglong timer_now(void);
 static ulong connection_retry_sleep= 100000; /* Microseconds */
 static char *opt_plugin_dir= 0;
 /* Precompiled re's */
 static my_regex_t ps_re;     /* the query can be run using PS protocol */
 static my_regex_t sp_re;     /* the query can be run as a SP */
@ -3897,13 +3900,15 @@ void do_change_user(struct st_command *command)
  }
  if (!ds_user.length)
  {
    dynstr_set(&ds_user, mysql->user);
-  if (!ds_passwd.length)
+    if (!ds_passwd.length)
-    dynstr_set(&ds_passwd, mysql->passwd);
+      dynstr_set(&ds_passwd, mysql->passwd);
-  if (!ds_db.length)
+    if (!ds_db.length)
-    dynstr_set(&ds_db, mysql->db);
+      dynstr_set(&ds_db, mysql->db);
  }
  DBUG_PRINT("info",("connection: '%s' user: '%s' password: '%s' database: '%s'",
                      cur_con->name, ds_user.str, ds_passwd.str, ds_db.str));
@ -5272,6 +5277,7 @@ void do_connect(struct st_command *command)
  static DYNAMIC_STRING ds_port;
  static DYNAMIC_STRING ds_sock;
  static DYNAMIC_STRING ds_options;
  static DYNAMIC_STRING ds_default_auth;
 #ifdef HAVE_SMEM
  static DYNAMIC_STRING ds_shm;
 #endif
@ -5283,7 +5289,8 @@ void do_connect(struct st_command *command)
    { "database", ARG_STRING, FALSE, &ds_database, "Database to select after connect" },
    { "port", ARG_STRING, FALSE, &ds_port, "Port to connect to" },
    { "socket", ARG_STRING, FALSE, &ds_sock, "Socket to connect with" },
-    { "options", ARG_STRING, FALSE, &ds_options, "Options to use while connecting" }
+    { "options", ARG_STRING, FALSE, &ds_options, "Options to use while connecting" },
    { "default_auth", ARG_STRING, FALSE, &ds_default_auth, "Default authentication to use" }
  };
  DBUG_ENTER("do_connect");
@ -5433,6 +5440,12 @@ void do_connect(struct st_command *command)
  if (ds_database.length == 0)
    dynstr_set(&ds_database, opt_db);
  if (opt_plugin_dir && *opt_plugin_dir)
    mysql_options(&con_slot->mysql, MYSQL_PLUGIN_DIR, opt_plugin_dir);
  if (ds_default_auth.length)
    mysql_options(&con_slot->mysql, MYSQL_DEFAULT_AUTH, ds_default_auth.str);
  /* Special database to allow one to connect without a database name */
  if (ds_database.length && !strcmp(ds_database.str,"*NO-ONE*"))
    dynstr_set(&ds_database, "");
@ -6231,6 +6244,9 @@ static struct my_option my_long_options[] =
   "Number of seconds before connection timeout.",
   &opt_connect_timeout, &opt_connect_timeout, 0, GET_UINT, REQUIRED_ARG,
   120, 0, 3600 * 12, 0, 0, 0},
  {"plugin_dir", OPT_PLUGIN_DIR, "Directory for client-side plugins.",
   (uchar**) &opt_plugin_dir, (uchar**) &opt_plugin_dir, 0,
   GET_STR, REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
  { 0, 0, 0, 0, 0, 0, GET_NO_ARG, NO_ARG, 0, 0, 0, 0, 0, 0}
 };
--- a/cmake/os/WindowsCache.cmake
+++ b/cmake/os/WindowsCache.cmake
@ -131,6 +131,7 @@ SET(HAVE_PASE_ENVIRONMENT CACHE  INTERNAL "")
 SET(HAVE_PATHS_H CACHE  INTERNAL "")
 SET(HAVE_PCLOSE CACHE  INTERNAL "")
 SET(HAVE_PERROR 1 CACHE  INTERNAL "")
 SET(HAVE_PEERCRED CACHE INTERNAL "")
 SET(HAVE_POLL_H CACHE  INTERNAL "")
 SET(HAVE_POPEN CACHE  INTERNAL "")
 SET(HAVE_POLL CACHE INTERNAL "")
--- a/config.h.cmake
+++ b/config.h.cmake
@ -602,6 +602,8 @@
 #cmakedefine PLUGINDIR "@PLUGINDIR@"
 #cmakedefine DEFAULT_SYSCONFDIR "@DEFAULT_SYSCONFDIR@"
 #cmakedefine SO_EXT "@CMAKE_SHARED_MODULE_SUFFIX@"
 #define PACKAGE "mysql"
 #define PACKAGE_BUGREPORT ""
 #define PACKAGE_NAME "MySQL Server"
--- a/configure.in
+++ b/configure.in
@ -1617,9 +1617,8 @@ case "$with_mysqld_ldflags " in
    ;;
  *)
-    # Check for dlopen, needed for user definable functions
+    # Check for dlopen, needed for user definable functions and plugins
    # This must be checked after threads on AIX
    # We only need this for mysqld, not for the clients.
    my_save_LIBS="$LIBS"
    LIBS=""
--- a/include/Makefile.am
+++ b/include/Makefile.am
@ -24,7 +24,9 @@ HEADERS_ABI =		mysql.h mysql_com.h mysql_time.h \
 			my_list.h my_alloc.h typelib.h mysql/plugin.h \
 			mysql/plugin_audit.h mysql/plugin_ftparser.h
 pkginclude_HEADERS =	$(HEADERS_ABI) my_dbug.h m_string.h my_sys.h \
-			my_xml.h mysql_embed.h mysql/services.h \
+			my_xml.h mysql_embed.h mysql/plugin_auth.h \
                        mysql/client_plugin.h mysql/plugin_auth_common.h \
                        mysql/services.h \
 			mysql/service_my_snprintf.h mysql/service_thd_alloc.h \
 			mysql/service_thread_scheduler.h \
 			mysql/service_thd_wait.h \
@ -56,7 +58,8 @@ pkgpsiinclude_HEADERS = mysql/psi/psi.h mysql/psi/mysql_thread.h \
 EXTRA_DIST =        mysql.h.pp mysql/plugin.h.pp probes_mysql.d.base \
 			CMakeLists.txt \
 			mysql/psi/psi_abi_v1.h.pp \
-			mysql/psi/psi_abi_v2.h.pp
+			mysql/psi/psi_abi_v2.h.pp \
                        mysql/plugin_auth.h.pp mysql/client_plugin.h.pp
 # Remove built files and the symlinked directories
 CLEANFILES =            $(BUILT_SOURCES) readline openssl probes_mysql.d probes_mysql_nodtrace.h
--- a/include/errmsg.h
+++ b/include/errmsg.h
@ -101,7 +101,8 @@ extern const char *client_errors[];	/* Error messages */
 #define CR_STMT_CLOSED				2056
 #define CR_NEW_STMT_METADATA                    2057
 #define CR_ALREADY_CONNECTED                    2058
-#define CR_ERROR_LAST  /*Copy last error nr:*/  2058
+#define CR_AUTH_PLUGIN_CANNOT_LOAD              2059
 #define CR_ERROR_LAST  /*Copy last error nr:*/  2059
 /* Add error numbers before CR_ERROR_LAST and change it accordingly. */
 #endif /* ERRMSG_INCLUDED */
--- a/include/my_global.h
+++ b/include/my_global.h
@ -452,6 +452,16 @@ extern "C" int madvise(void *addr, size_t len, int behav);
 #define LINT_INIT(var)
 #endif
 #ifndef SO_EXT
 #ifdef _WIN32
 #define SO_EXT ".dll"
 #elif defined(__APPLE__)
 #define SO_EXT ".dylib"
 #else
 #define SO_EXT ".so"
 #endif
 #endif
 /*
   Suppress uninitialized variable warning without generating code.
@ -1355,8 +1365,10 @@ do { doubleget_union _tmp; \
 #define dlsym(lib, name) (void*)GetProcAddress((HMODULE)lib, name)
 #define dlopen(libname, unused) LoadLibraryEx(libname, NULL, 0)
 #define dlclose(lib) FreeLibrary((HMODULE)lib)
 #ifndef HAVE_DLOPEN
 #define HAVE_DLOPEN
 #endif
 #endif
 #ifdef HAVE_DLOPEN
 #if defined(HAVE_DLFCN_H)
@ -1365,7 +1377,11 @@ do { doubleget_union _tmp; \
 #endif
 #ifndef HAVE_DLERROR
 #ifdef _WIN32
 #define dlerror() ""
 #else
 #define dlerror() "No support for dynamic loading (static build?)"
 #endif
 #endif
--- a/include/my_no_pthread.h
+++ b/include/my_no_pthread.h
@ -47,6 +47,7 @@
 #define rw_wrlock(A)
 #define rw_unlock(A)
 #define rwlock_destroy(A)
 #define safe_mutex_assert_owner(mp)
 #define mysql_mutex_init(A, B, C) do {} while (0)
 #define mysql_mutex_lock(A) do {} while (0)
--- a/include/my_sys.h
+++ b/include/my_sys.h
@ -197,7 +197,7 @@ extern void my_large_free(uchar *ptr);
 #define my_alloca(SZ) alloca((size_t) (SZ))
 #define my_afree(PTR) {}
 #else
-#define my_alloca(SZ) my_malloc(SZ,MYF(0))
+#define my_alloca(SZ) my_malloc(SZ,MYF(MY_FAE))
 #define my_afree(PTR) my_free(PTR)
 #endif /* HAVE_ALLOCA */
@ -824,6 +824,10 @@ extern void set_prealloc_root(MEM_ROOT *root, char *ptr);
 extern void reset_root_defaults(MEM_ROOT *mem_root, size_t block_size,
                                size_t prealloc_size);
 extern char *strdup_root(MEM_ROOT *root,const char *str);
 static inline char *safe_strdup_root(MEM_ROOT *root, const char *str)
 {
  return str ? strdup_root(root, str) : 0;
 }
 extern char *strmake_root(MEM_ROOT *root,const char *str,size_t len);
 extern void *memdup_root(MEM_ROOT *root,const void *str, size_t len);
 extern int get_defaults_options(int argc, char **argv,
--- a/include/mysql.h
+++ b/include/mysql.h
@ -167,9 +167,15 @@ enum mysql_option
  MYSQL_OPT_USE_REMOTE_CONNECTION, MYSQL_OPT_USE_EMBEDDED_CONNECTION,
  MYSQL_OPT_GUESS_CONNECTION, MYSQL_SET_CLIENT_IP, MYSQL_SECURE_AUTH,
  MYSQL_REPORT_DATA_TRUNCATION, MYSQL_OPT_RECONNECT,
-  MYSQL_OPT_SSL_VERIFY_SERVER_CERT
+  MYSQL_OPT_SSL_VERIFY_SERVER_CERT, MYSQL_PLUGIN_DIR, MYSQL_DEFAULT_AUTH
 };
 /**
  @todo remove the "extension", move st_mysql_options completely
  out of mysql.h
 */
 struct st_mysql_options_extention; 
 struct st_mysql_options {
  unsigned int connect_timeout, read_timeout, write_timeout;
  unsigned int port, protocol;
@ -203,7 +209,7 @@ struct st_mysql_options {
  void (*local_infile_end)(void *);
  int (*local_infile_error)(void *, char *, unsigned int);
  void *local_infile_userdata;
-  void *extension;
+  struct st_mysql_options_extention *extension;
 };
 enum mysql_status 
@ -639,38 +645,6 @@ enum enum_stmt_attr_type
 };
 typedef struct st_mysql_methods
 {
  my_bool (*read_query_result)(MYSQL *mysql);
  my_bool (*advanced_command)(MYSQL *mysql,
 			      enum enum_server_command command,
 			      const unsigned char *header,
 			      unsigned long header_length,
 			      const unsigned char *arg,
 			      unsigned long arg_length,
 			      my_bool skip_check,
                              MYSQL_STMT *stmt);
  MYSQL_DATA *(*read_rows)(MYSQL *mysql,MYSQL_FIELD *mysql_fields,
 			   unsigned int fields);
  MYSQL_RES * (*use_result)(MYSQL *mysql);
  void (*fetch_lengths)(unsigned long *to, 
 			MYSQL_ROW column, unsigned int field_count);
  void (*flush_use_result)(MYSQL *mysql, my_bool flush_all_results);
 #if !defined(MYSQL_SERVER) || defined(EMBEDDED_LIBRARY)
  MYSQL_FIELD * (*list_fields)(MYSQL *mysql);
  my_bool (*read_prepare_result)(MYSQL *mysql, MYSQL_STMT *stmt);
  int (*stmt_execute)(MYSQL_STMT *stmt);
  int (*read_binary_rows)(MYSQL_STMT *stmt);
  int (*unbuffered_fetch)(MYSQL *mysql, char **row);
  void (*free_embedded_thd)(MYSQL *mysql);
  const char *(*read_statistics)(MYSQL *mysql);
  my_bool (*next_result)(MYSQL *mysql);
  int (*read_change_user_result)(MYSQL *mysql, char *buff, const char *passwd);
  int (*read_rows_from_cursor)(MYSQL_STMT *stmt);
 #endif
 } MYSQL_METHODS;
 MYSQL_STMT * STDCALL mysql_stmt_init(MYSQL *mysql);
 int STDCALL mysql_stmt_prepare(MYSQL_STMT *stmt, const char *query,
                               unsigned long length);
@ -733,18 +707,6 @@ int		STDCALL mysql_drop_db(MYSQL *mysql, const char *DB);
 #endif
 #define HAVE_MYSQL_REAL_CONNECT
 /*
  The following functions are mainly exported because of mysqlbinlog;
  They are not for general usage
 */
 #define simple_command(mysql, command, arg, length, skip_check) \
  (*(mysql)->methods->advanced_command)(mysql, command, 0,  \
                                        0, arg, length, skip_check, NULL)
 #define stmt_command(mysql, command, arg, length, stmt) \
  (*(mysql)->methods->advanced_command)(mysql, command, 0,  \
                                        0, arg, length, 1, stmt)
 #ifdef	__cplusplus
 }
 #endif
--- a/include/mysql.h.pp
+++ b/include/mysql.h.pp
@ -130,13 +130,13 @@ void create_random_string(char *to, unsigned int length, struct rand_struct *ran
 void hash_password(unsigned long *to, const char *password, unsigned int password_len);
 void make_scrambled_password_323(char *to, const char *password);
 void scramble_323(char *to, const char *message, const char *password);
-my_bool check_scramble_323(const char *, const char *message,
+my_bool check_scramble_323(const unsigned char *reply, const char *message,
                           unsigned long *salt);
 void get_salt_from_password_323(unsigned long *res, const char *password);
 void make_password_from_salt_323(char *to, const unsigned long *salt);
 void make_scrambled_password(char *to, const char *password);
 void scramble(char *to, const char *message, const char *password);
-my_bool check_scramble(const char *reply, const char *message,
+my_bool check_scramble(const unsigned char *reply, const char *message,
                       const unsigned char *hash_stage2);
 void get_salt_from_password(unsigned char *res, const char *password);
 void make_password_from_salt(char *to, const unsigned char *hash_stage2);
@ -262,8 +262,9 @@ enum mysql_option
  MYSQL_OPT_USE_REMOTE_CONNECTION, MYSQL_OPT_USE_EMBEDDED_CONNECTION,
  MYSQL_OPT_GUESS_CONNECTION, MYSQL_SET_CLIENT_IP, MYSQL_SECURE_AUTH,
  MYSQL_REPORT_DATA_TRUNCATION, MYSQL_OPT_RECONNECT,
-  MYSQL_OPT_SSL_VERIFY_SERVER_CERT
+  MYSQL_OPT_SSL_VERIFY_SERVER_CERT, MYSQL_PLUGIN_DIR, MYSQL_DEFAULT_AUTH
 };
 struct st_mysql_options_extention;
 struct st_mysql_options {
  unsigned int connect_timeout, read_timeout, write_timeout;
  unsigned int port, protocol;
@ -293,7 +294,7 @@ struct st_mysql_options {
  void (*local_infile_end)(void *);
  int (*local_infile_error)(void *, char *, unsigned int);
  void *local_infile_userdata;
-  void *extension;
+  struct st_mysql_options_extention *extension;
 };
 enum mysql_status
 {
@ -548,34 +549,6 @@ enum enum_stmt_attr_type
  STMT_ATTR_CURSOR_TYPE,
  STMT_ATTR_PREFETCH_ROWS
 };
 typedef struct st_mysql_methods
 {
  my_bool (*read_query_result)(MYSQL *mysql);
  my_bool (*advanced_command)(MYSQL *mysql,
         enum enum_server_command command,
         const unsigned char *header,
         unsigned long header_length,
         const unsigned char *arg,
         unsigned long arg_length,
         my_bool skip_check,
                              MYSQL_STMT *stmt);
  MYSQL_DATA *(*read_rows)(MYSQL *mysql,MYSQL_FIELD *mysql_fields,
      unsigned int fields);
  MYSQL_RES * (*use_result)(MYSQL *mysql);
  void (*fetch_lengths)(unsigned long *to,
   MYSQL_ROW column, unsigned int field_count);
  void (*flush_use_result)(MYSQL *mysql, my_bool flush_all_results);
  MYSQL_FIELD * (*list_fields)(MYSQL *mysql);
  my_bool (*read_prepare_result)(MYSQL *mysql, MYSQL_STMT *stmt);
  int (*stmt_execute)(MYSQL_STMT *stmt);
  int (*read_binary_rows)(MYSQL_STMT *stmt);
  int (*unbuffered_fetch)(MYSQL *mysql, char **row);
  void (*free_embedded_thd)(MYSQL *mysql);
  const char *(*read_statistics)(MYSQL *mysql);
  my_bool (*next_result)(MYSQL *mysql);
  int (*read_change_user_result)(MYSQL *mysql, char *buff, const char *passwd);
  int (*read_rows_from_cursor)(MYSQL_STMT *stmt);
 } MYSQL_METHODS;
 MYSQL_STMT * mysql_stmt_init(MYSQL *mysql);
 int mysql_stmt_prepare(MYSQL_STMT *stmt, const char *query,
                               unsigned long length);
--- a/include/mysql/client_plugin.h
+++ b/include/mysql/client_plugin.h
@ -0,0 +1,164 @@
 #ifndef MYSQL_CLIENT_PLUGIN_INCLUDED
 /* Copyright (C) 2010 Sun Microsystems, Inc.
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; version 2 of the License.
   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.
   You should have received a copy of the GNU General Public License
   along with this program; if not, write to the Free Software
   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA */
 /**
  @file
  MySQL Client Plugin API
  This file defines the API for plugins that work on the client side
 */
 #define MYSQL_CLIENT_PLUGIN_INCLUDED
 #include <stdarg.h>
 #include <stdlib.h>
 /* known plugin types */
 #define MYSQL_CLIENT_reserved1               0
 #define MYSQL_CLIENT_reserved2               1
 #define MYSQL_CLIENT_AUTHENTICATION_PLUGIN   2
 #define MYSQL_CLIENT_AUTHENTICATION_PLUGIN_INTERFACE_VERSION  0x0100
 #define MYSQL_CLIENT_MAX_PLUGINS             3
 #define mysql_declare_client_plugin(X)          \
     MYSQL_PLUGIN_EXPORT struct st_mysql_client_plugin_ ## X        \
        _mysql_client_plugin_declaration_ = {   \
          MYSQL_CLIENT_ ## X ## _PLUGIN,        \
          MYSQL_CLIENT_ ## X ## _PLUGIN_INTERFACE_VERSION,
 #define mysql_end_client_plugin             }
 /* generic plugin header structure */
 #define MYSQL_CLIENT_PLUGIN_HEADER                      \
  int type;                                             \
  unsigned int interface_version;                       \
  const char *name;                                     \
  const char *author;                                   \
  const char *desc;                                     \
  unsigned int version[3];                              \
  const char *license;                                  \
  void *mysql_api;                                      \
  int (*init)(char *, size_t, int, va_list);            \
  int (*deinit)();                                      \
  int (*options)(const char *option, const void *);
 struct st_mysql_client_plugin
 {
  MYSQL_CLIENT_PLUGIN_HEADER
 };
 struct st_mysql;
 /******** authentication plugin specific declarations *********/
 #include <mysql/plugin_auth_common.h>
 struct st_mysql_client_plugin_AUTHENTICATION
 {
  MYSQL_CLIENT_PLUGIN_HEADER
  int (*authenticate_user)(MYSQL_PLUGIN_VIO *vio, struct st_mysql *mysql);
 };
 /******** using plugins ************/
 /**
  loads a plugin and initializes it
  @param mysql  MYSQL structure. only MYSQL_PLUGIN_DIR option value is used,
                and last_errno/last_error, for error reporting
  @param name   a name of the plugin to load
  @param type   type of plugin that should be loaded, -1 to disable type check
  @param argc   number of arguments to pass to the plugin initialization
                function
  @param ...    arguments for the plugin initialization function
  @retval
  a pointer to the loaded plugin, or NULL in case of a failure
 */
 struct st_mysql_client_plugin *
 mysql_load_plugin(struct st_mysql *mysql, const char *name, int type,
                  int argc, ...);
 /**
  loads a plugin and initializes it, taking va_list as an argument
  This is the same as mysql_load_plugin, but take va_list instead of
  a list of arguments.
  @param mysql  MYSQL structure. only MYSQL_PLUGIN_DIR option value is used,
                and last_errno/last_error, for error reporting
  @param name   a name of the plugin to load
  @param type   type of plugin that should be loaded, -1 to disable type check
  @param argc   number of arguments to pass to the plugin initialization
                function
  @param args   arguments for the plugin initialization function
  @retval
  a pointer to the loaded plugin, or NULL in case of a failure
 */
 struct st_mysql_client_plugin *
 mysql_load_plugin_v(struct st_mysql *mysql, const char *name, int type,
                    int argc, va_list args);
 /**
  finds an already loaded plugin by name, or loads it, if necessary
  @param mysql  MYSQL structure. only MYSQL_PLUGIN_DIR option value is used,
                and last_errno/last_error, for error reporting
  @param name   a name of the plugin to load
  @param type   type of plugin that should be loaded
  @retval
  a pointer to the plugin, or NULL in case of a failure
 */
 struct st_mysql_client_plugin *
 mysql_client_find_plugin(struct st_mysql *mysql, const char *name, int type);
 /**
  adds a plugin structure to the list of loaded plugins
  This is useful if an application has the necessary functionality
  (for example, a special load data handler) statically linked into
  the application binary. It can use this function to register the plugin
  directly, avoiding the need to factor it out into a shared object.
  @param mysql  MYSQL structure. It is only used for error reporting
  @param plugin an st_mysql_client_plugin structure to register
  @retval
  a pointer to the plugin, or NULL in case of a failure
 */
 struct st_mysql_client_plugin *
 mysql_client_register_plugin(struct st_mysql *mysql,
                             struct st_mysql_client_plugin *plugin);
 /**
  set plugin options
  Can be used to set extra options and affect behavior for a plugin.
  This function may be called multiple times to set several options
  @param plugin an st_mysql_client_plugin structure
  @param option a string which specifies the option to set
  @param value  value for the option.
  @retval 0 on success, 1 in case of failure
 **/
 int STDCALL mysql_plugin_options(struct st_mysql_client_plugin *plugin,
                                 const char *option,
                                 const void *value);
 #endif
--- a/include/mysql/client_plugin.h.pp
+++ b/include/mysql/client_plugin.h.pp
@ -0,0 +1,42 @@
 #include <stdarg.h>
 #include <stdlib.h>
 struct st_mysql_client_plugin
 {
  int type; unsigned int interface_version; const char *name; const char *author; const char *desc; unsigned int version[3]; const char *license; void *mysql_api; int (*init)(char *, size_t, int, va_list); int (*deinit)(); int (*options)(const char *option, const void *);
 };
 struct st_mysql;
 #include <mysql/plugin_auth_common.h>
 typedef struct st_plugin_vio_info
 {
  enum { MYSQL_VIO_INVALID, MYSQL_VIO_TCP, MYSQL_VIO_SOCKET,
         MYSQL_VIO_PIPE, MYSQL_VIO_MEMORY } protocol;
  int socket;
 } MYSQL_PLUGIN_VIO_INFO;
 typedef struct st_plugin_vio
 {
  int (*read_packet)(struct st_plugin_vio *vio,
                     unsigned char **buf);
  int (*write_packet)(struct st_plugin_vio *vio,
                      const unsigned char *packet,
                      int packet_len);
  void (*info)(struct st_plugin_vio *vio, struct st_plugin_vio_info *info);
 } MYSQL_PLUGIN_VIO;
 struct st_mysql_client_plugin_AUTHENTICATION
 {
  int type; unsigned int interface_version; const char *name; const char *author; const char *desc; unsigned int version[3]; const char *license; void *mysql_api; int (*init)(char *, size_t, int, va_list); int (*deinit)(); int (*options)(const char *option, const void *);
  int (*authenticate_user)(MYSQL_PLUGIN_VIO *vio, struct st_mysql *mysql);
 };
 struct st_mysql_client_plugin *
 mysql_load_plugin(struct st_mysql *mysql, const char *name, int type,
                  int argc, ...);
 struct st_mysql_client_plugin *
 mysql_load_plugin_v(struct st_mysql *mysql, const char *name, int type,
                    int argc, va_list args);
 struct st_mysql_client_plugin *
 mysql_client_find_plugin(struct st_mysql *mysql, const char *name, int type);
 struct st_mysql_client_plugin *
 mysql_client_register_plugin(struct st_mysql *mysql,
                             struct st_mysql_client_plugin *plugin);
 int STDCALL mysql_plugin_options(struct st_mysql_client_plugin *plugin,
                                 const char *option,
                                 const void *value);
--- a/include/mysql/plugin.h
+++ b/include/mysql/plugin.h
@ -83,7 +83,8 @@ typedef struct st_mysql_xid MYSQL_XID;
 #define MYSQL_INFORMATION_SCHEMA_PLUGIN  4  /* The I_S plugin type */
 #define MYSQL_AUDIT_PLUGIN           5  /* The Audit plugin type        */
 #define MYSQL_REPLICATION_PLUGIN     6	/* The replication plugin type */
-#define MYSQL_MAX_PLUGIN_TYPE_NUM    7  /* The number of plugin types   */
+#define MYSQL_AUTHENTICATION_PLUGIN  7  /* The authentication plugin type */
 #define MYSQL_MAX_PLUGIN_TYPE_NUM    8  /* The number of plugin types   */
 /* We use the following strings to define licenses for plugins */
 #define PLUGIN_LICENSE_PROPRIETARY 0
--- a/include/mysql/plugin_auth.h
+++ b/include/mysql/plugin_auth.h
@ -0,0 +1,125 @@
 #ifndef MYSQL_PLUGIN_AUTH_INCLUDED
 /* Copyright (C) 2010 Sun Microsystems, Inc.
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; version 2 of the License.
   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.
   You should have received a copy of the GNU General Public License
   along with this program; if not, write to the Free Software
   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA */
 /**
  @file
  Authentication Plugin API.
  This file defines the API for server authentication plugins.
 */
 #define MYSQL_PLUGIN_AUTH_INCLUDED
 #include <mysql/plugin.h>
 #define MYSQL_AUTHENTICATION_INTERFACE_VERSION 0x0100
 #include <mysql/plugin_auth_common.h>
 /* defines for MYSQL_SERVER_AUTH_INFO.password_used */
 #define PASSWORD_USED_NO         0
 #define PASSWORD_USED_YES        1
 #define PASSWORD_USED_NO_MENTION 2
 /**
  Provides server plugin access to authentication information
 */
 typedef struct st_mysql_server_auth_info
 {
  /**
    User name as sent by the client and shown in USER().
    NULL if the client packet with the user name was not received yet.
  */
  char *user_name;
  /**
    Length of user_name
  */
  unsigned int user_name_length;
  /**
    A corresponding column value from the mysql.user table for the
    matching account name
  */
  const char *auth_string;
  /**
    Length of auth_string
  */
  unsigned long auth_string_length;
  /**
    Matching account name as found in the mysql.user table.
    A plugin can override it with another name that will be
    used by MySQL for authorization, and shown in CURRENT_USER()
  */
  char authenticated_as[MYSQL_USERNAME_LENGTH+1]; 
  /**
    The unique user name that was used by the plugin to authenticate.
    Plugins should put null-terminated UTF-8 here.
    Available through the @@EXTERNAL_USER variable.
  */  
  char external_user[512];
  /**
    This only affects the "Authentication failed. Password used: %s"
    error message. has the following values : 
    0 : %s will be NO.
    1 : %s will be YES.
    2 : there will be no %s.
    Set it as appropriate or ignore at will.
  */
  int  password_used;
  /**
    Set to the name of the connected client if it can be resolved, or to 
    the address otherwise
  */
  const char *host_or_ip;
  /**
    Length of host_or_ip
  */
  unsigned int host_or_ip_length;
 } MYSQL_SERVER_AUTH_INFO;
 /**
  Server authentication plugin descriptor
 */
 struct st_mysql_auth
 {
  int interface_version;                        /**< version plugin uses */
  /**
    A plugin that a client must use for authentication with this server
    plugin. Can be NULL to mean "any plugin".
  */
  const char *client_auth_plugin;
  /**
    Function provided by the plugin which should perform authentication (using
    the vio functions if necessary) and return 0 if successful. The plugin can
    also fill the info.authenticated_as field if a different username should be
    used for authorization.
  */
  int (*authenticate_user)(MYSQL_PLUGIN_VIO *vio, MYSQL_SERVER_AUTH_INFO *info);
 };
 #endif
--- a/include/mysql/plugin_auth.h.pp
+++ b/include/mysql/plugin_auth.h.pp
@ -0,0 +1,224 @@
 #include <mysql/plugin.h>
 #include <mysql/services.h>
 #include <mysql/service_my_snprintf.h>
 extern struct my_snprintf_service_st {
  size_t (*my_snprintf_type)(char*, size_t, const char*, ...);
  size_t (*my_vsnprintf_type)(char *, size_t, const char*, va_list);
 } *my_snprintf_service;
 size_t my_snprintf(char* to, size_t n, const char* fmt, ...);
 size_t my_vsnprintf(char *to, size_t n, const char* fmt, va_list ap);
 #include <mysql/service_thd_alloc.h>
 struct st_mysql_lex_string
 {
  char *str;
  size_t length;
 };
 typedef struct st_mysql_lex_string MYSQL_LEX_STRING;
 extern struct thd_alloc_service_st {
  void *(*thd_alloc_func)(void*, unsigned int);
  void *(*thd_calloc_func)(void*, unsigned int);
  char *(*thd_strdup_func)(void*, const char *);
  char *(*thd_strmake_func)(void*, const char *, unsigned int);
  void *(*thd_memdup_func)(void*, const void*, unsigned int);
  MYSQL_LEX_STRING *(*thd_make_lex_string_func)(void*, MYSQL_LEX_STRING *,
                                        const char *, unsigned int, int);
 } *thd_alloc_service;
 void *thd_alloc(void* thd, unsigned int size);
 void *thd_calloc(void* thd, unsigned int size);
 char *thd_strdup(void* thd, const char *str);
 char *thd_strmake(void* thd, const char *str, unsigned int size);
 void *thd_memdup(void* thd, const void* str, unsigned int size);
 MYSQL_LEX_STRING *thd_make_lex_string(void* thd, MYSQL_LEX_STRING *lex_str,
                                      const char *str, unsigned int size,
                                      int allocate_lex_string);
 #include <mysql/service_thd_wait.h>
 typedef enum _thd_wait_type_e {
  THD_WAIT_MUTEX= 1,
  THD_WAIT_DISKIO= 2,
  THD_WAIT_ROW_TABLE_LOCK= 3,
  THD_WAIT_GLOBAL_LOCK= 4
 } thd_wait_type;
 extern struct thd_wait_service_st {
  void (*thd_wait_begin_func)(void*, thd_wait_type);
  void (*thd_wait_end_func)(void*);
 } *thd_wait_service;
 void thd_wait_begin(void* thd, thd_wait_type wait_type);
 void thd_wait_end(void* thd);
 #include <mysql/service_thread_scheduler.h>
 struct scheduler_functions;
 extern struct my_thread_scheduler_service {
  int (*set)(struct scheduler_functions *scheduler);
  int (*reset)();
 } *my_thread_scheduler_service;
 int my_thread_scheduler_set(struct scheduler_functions *scheduler);
 int my_thread_scheduler_reset();
 struct st_mysql_xid {
  long formatID;
  long gtrid_length;
  long bqual_length;
  char data[128];
 };
 typedef struct st_mysql_xid MYSQL_XID;
 enum enum_mysql_show_type
 {
  SHOW_UNDEF, SHOW_BOOL, SHOW_INT, SHOW_LONG,
  SHOW_LONGLONG, SHOW_CHAR, SHOW_CHAR_PTR,
  SHOW_ARRAY, SHOW_FUNC, SHOW_DOUBLE,
  SHOW_always_last
 };
 struct st_mysql_show_var {
  const char *name;
  char *value;
  enum enum_mysql_show_type type;
 };
 typedef int (*mysql_show_var_func)(void*, struct st_mysql_show_var*, char *);
 struct st_mysql_sys_var;
 struct st_mysql_value;
 typedef int (*mysql_var_check_func)(void* thd,
                                    struct st_mysql_sys_var *var,
                                    void *save, struct st_mysql_value *value);
 typedef void (*mysql_var_update_func)(void* thd,
                                      struct st_mysql_sys_var *var,
                                      void *var_ptr, const void *save);
 struct st_mysql_plugin
 {
  int type;
  void *info;
  const char *name;
  const char *author;
  const char *descr;
  int license;
  int (*init)(void *);
  int (*deinit)(void *);
  unsigned int version;
  struct st_mysql_show_var *status_vars;
  struct st_mysql_sys_var **system_vars;
  void * __reserved1;
 };
 #include "plugin_ftparser.h"
 #include "plugin.h"
 enum enum_ftparser_mode
 {
  MYSQL_FTPARSER_SIMPLE_MODE= 0,
  MYSQL_FTPARSER_WITH_STOPWORDS= 1,
  MYSQL_FTPARSER_FULL_BOOLEAN_INFO= 2
 };
 enum enum_ft_token_type
 {
  FT_TOKEN_EOF= 0,
  FT_TOKEN_WORD= 1,
  FT_TOKEN_LEFT_PAREN= 2,
  FT_TOKEN_RIGHT_PAREN= 3,
  FT_TOKEN_STOPWORD= 4
 };
 typedef struct st_mysql_ftparser_boolean_info
 {
  enum enum_ft_token_type type;
  int yesno;
  int weight_adjust;
  char wasign;
  char trunc;
  char prev;
  char *quot;
 } MYSQL_FTPARSER_BOOLEAN_INFO;
 typedef struct st_mysql_ftparser_param
 {
  int (*mysql_parse)(struct st_mysql_ftparser_param *,
                     char *doc, int doc_len);
  int (*mysql_add_word)(struct st_mysql_ftparser_param *,
                        char *word, int word_len,
                        MYSQL_FTPARSER_BOOLEAN_INFO *boolean_info);
  void *ftparser_state;
  void *mysql_ftparam;
  struct charset_info_st *cs;
  char *doc;
  int length;
  int flags;
  enum enum_ftparser_mode mode;
 } MYSQL_FTPARSER_PARAM;
 struct st_mysql_ftparser
 {
  int interface_version;
  int (*parse)(MYSQL_FTPARSER_PARAM *param);
  int (*init)(MYSQL_FTPARSER_PARAM *param);
  int (*deinit)(MYSQL_FTPARSER_PARAM *param);
 };
 struct st_mysql_daemon
 {
  int interface_version;
 };
 struct st_mysql_information_schema
 {
  int interface_version;
 };
 struct st_mysql_storage_engine
 {
  int interface_version;
 };
 struct handlerton;
 struct Mysql_replication {
   int interface_version;
 };
 struct st_mysql_value
 {
  int (*value_type)(struct st_mysql_value *);
  const char *(*val_str)(struct st_mysql_value *, char *buffer, int *length);
  int (*val_real)(struct st_mysql_value *, double *realbuf);
  int (*val_int)(struct st_mysql_value *, long long *intbuf);
  int (*is_unsigned)(struct st_mysql_value *);
 };
 int thd_in_lock_tables(const void* thd);
 int thd_tablespace_op(const void* thd);
 long long thd_test_options(const void* thd, long long test_options);
 int thd_sql_command(const void* thd);
 const char *thd_proc_info(void* thd, const char *info);
 void **thd_ha_data(const void* thd, const struct handlerton *hton);
 void thd_storage_lock_wait(void* thd, long long value);
 int thd_tx_isolation(const void* thd);
 char *thd_security_context(void* thd, char *buffer, unsigned int length,
                           unsigned int max_query_len);
 void thd_inc_row_count(void* thd);
 int mysql_tmpfile(const char *prefix);
 int thd_killed(const void* thd);
 unsigned long thd_get_thread_id(const void* thd);
 void thd_get_xid(const void* thd, MYSQL_XID *xid);
 void mysql_query_cache_invalidate4(void* thd,
                                   const char *key, unsigned int key_length,
                                   int using_trx);
 void *thd_get_ha_data(const void* thd, const struct handlerton *hton);
 void thd_set_ha_data(void* thd, const struct handlerton *hton,
                     const void *ha_data);
 #include <mysql/plugin_auth_common.h>
 typedef struct st_plugin_vio_info
 {
  enum { MYSQL_VIO_INVALID, MYSQL_VIO_TCP, MYSQL_VIO_SOCKET,
         MYSQL_VIO_PIPE, MYSQL_VIO_MEMORY } protocol;
  int socket;
 } MYSQL_PLUGIN_VIO_INFO;
 typedef struct st_plugin_vio
 {
  int (*read_packet)(struct st_plugin_vio *vio,
                     unsigned char **buf);
  int (*write_packet)(struct st_plugin_vio *vio,
                      const unsigned char *packet,
                      int packet_len);
  void (*info)(struct st_plugin_vio *vio, struct st_plugin_vio_info *info);
 } MYSQL_PLUGIN_VIO;
 typedef struct st_mysql_server_auth_info
 {
  char *user_name;
  unsigned int user_name_length;
  const char *auth_string;
  unsigned long auth_string_length;
  char authenticated_as[48 +1];
  char external_user[512];
  int password_used;
  const char *host_or_ip;
  unsigned int host_or_ip_length;
 } MYSQL_SERVER_AUTH_INFO;
 struct st_mysql_auth
 {
  int interface_version;
  const char *client_auth_plugin;
  int (*authenticate_user)(MYSQL_PLUGIN_VIO *vio, MYSQL_SERVER_AUTH_INFO *info);
 };
--- a/include/mysql/plugin_auth_common.h
+++ b/include/mysql/plugin_auth_common.h
@ -0,0 +1,105 @@
 #ifndef MYSQL_PLUGIN_AUTH_COMMON_INCLUDED
 /* Copyright (C) 2010 Sun Microsystems, Inc.
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; version 2 of the License.
   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.
   You should have received a copy of the GNU General Public License
   along with this program; if not, write to the Free Software
   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA */
 /**
  @file
  This file defines constants and data structures that are the same for
  both client- and server-side authentication plugins.
 */
 #define MYSQL_PLUGIN_AUTH_COMMON_INCLUDED
 /** the max allowed length for a user name */
 #define MYSQL_USERNAME_LENGTH 48
 /**
  return values of the plugin authenticate_user() method.
 */
 /**
  Authentication failed. Additionally, all other CR_xxx values
  (libmysql error code) can be used too.
  The client plugin may set the error code and the error message directly
  in the MYSQL structure and return CR_ERROR. If a CR_xxx specific error
  code was returned, an error message in the MYSQL structure will be
  overwritten. If CR_ERROR is returned without setting the error in MYSQL,
  CR_UNKNOWN_ERROR will be user.
 */
 #define CR_ERROR 0
 /**
  Authentication (client part) was successful. It does not mean that the
  authentication as a whole was successful, usually it only means
  that the client was able to send the user name and the password to the
  server. If CR_OK is returned, the libmysql reads the next packet expecting
  it to be one of OK, ERROR, or CHANGE_PLUGIN packets.
 */
 #define CR_OK -1
 /**
  Authentication was successful.
  It means that the client has done its part successfully and also that
  a plugin has read the last packet (one of OK, ERROR, CHANGE_PLUGIN).
  In this case, libmysql will not read a packet from the server,
  but it will use the data at mysql->net.read_pos.
  A plugin may return this value if the number of roundtrips in the
  authentication protocol is not known in advance, and the client plugin
  needs to read one packet more to determine if the authentication is finished
  or not.
 */
 #define CR_OK_HANDSHAKE_COMPLETE -2
 typedef struct st_plugin_vio_info
 {
  enum { MYSQL_VIO_INVALID, MYSQL_VIO_TCP, MYSQL_VIO_SOCKET,
         MYSQL_VIO_PIPE, MYSQL_VIO_MEMORY } protocol;
  int socket;     /**< it's set, if the protocol is SOCKET or TCP */
 #ifdef _WIN32
  HANDLE handle;  /**< it's set, if the protocol is PIPE or MEMORY */
 #endif
 } MYSQL_PLUGIN_VIO_INFO;
 /**
  Provides plugin access to communication channel
 */
 typedef struct st_plugin_vio
 {
  /**
    Plugin provides a pointer reference and this function sets it to the
    contents of any incoming packet. Returns the packet length, or -1 if
    the plugin should terminate.
  */
  int (*read_packet)(struct st_plugin_vio *vio, 
                     unsigned char **buf);
  /**
    Plugin provides a buffer with data and the length and this
    function sends it as a packet. Returns 0 on success, 1 on failure.
  */
  int (*write_packet)(struct st_plugin_vio *vio, 
                      const unsigned char *packet, 
                      int packet_len);
  /**
    Fills in a st_plugin_vio_info structure, providing the information
    about the connection.
  */
  void (*info)(struct st_plugin_vio *vio, struct st_plugin_vio_info *info);
 } MYSQL_PLUGIN_VIO;
 #endif
--- a/include/mysql_com.h
+++ b/include/mysql_com.h
@ -162,9 +162,17 @@ enum enum_server_command
 #define CLIENT_MULTI_RESULTS    (1UL << 17) /* Enable/disable multi-results */
 #define CLIENT_PS_MULTI_RESULTS (1UL << 18) /* Multi-results in PS-protocol */
 #define CLIENT_PLUGIN_AUTH  (1UL << 19) /* Client supports plugin authentication */
 #define CLIENT_SSL_VERIFY_SERVER_CERT (1UL << 30)
 #define CLIENT_REMEMBER_OPTIONS (1UL << 31)
 #ifdef HAVE_COMPRESS
 #define CAN_CLIENT_COMPRESS CLIENT_COMPRESS
 #else
 #define CAN_CLIENT_COMPRESS 0
 #endif
 /* Gather all possible capabilites (flags) supported by the server */
 #define CLIENT_ALL_FLAGS  (CLIENT_LONG_PASSWORD | \
                           CLIENT_FOUND_ROWS | \
@ -186,7 +194,8 @@ enum enum_server_command
                           CLIENT_MULTI_RESULTS | \
                           CLIENT_PS_MULTI_RESULTS | \
                           CLIENT_SSL_VERIFY_SERVER_CERT | \
-                           CLIENT_REMEMBER_OPTIONS)
+                           CLIENT_REMEMBER_OPTIONS | \
                           CLIENT_PLUGIN_AUTH)
 /*
  Switch off the flags that are optional and depending on build flags
@ -518,14 +527,14 @@ void create_random_string(char *to, unsigned int length, struct rand_struct *ran
 void hash_password(unsigned long *to, const char *password, unsigned int password_len);
 void make_scrambled_password_323(char *to, const char *password);
 void scramble_323(char *to, const char *message, const char *password);
-my_bool check_scramble_323(const char *, const char *message,
+my_bool check_scramble_323(const unsigned char *reply, const char *message,
                           unsigned long *salt);
 void get_salt_from_password_323(unsigned long *res, const char *password);
 void make_password_from_salt_323(char *to, const unsigned long *salt);
 void make_scrambled_password(char *to, const char *password);
 void scramble(char *to, const char *message, const char *password);
-my_bool check_scramble(const char *reply, const char *message,
+my_bool check_scramble(const unsigned char *reply, const char *message,
                       const unsigned char *hash_stage2);
 void get_salt_from_password(unsigned char *res, const char *password);
 void make_password_from_salt(char *to, const unsigned char *hash_stage2);
--- a/include/sha1.h
+++ b/include/sha1.h
@ -9,12 +9,13 @@
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 GNU General Public License for more details.
 You should have received a copy of the GNU General Public License
 along with this program; if not, write to the Free Software
- Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA */
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
 */
 /*
 This is the header file for code which implements the Secure
@ -28,6 +29,38 @@
 Please read the file sha1.c for more information.
 Modified 2002 by Peter Zaitsev to better follow MySQL standards
  Original Source from: http://www.faqs.org/rfcs/rfc3174.html
  Copyright (C) The Internet Society (2001).  All Rights Reserved.
  This document and translations of it may be copied and furnished to
  others, and derivative works that comment on or otherwise explain it
  or assist in its implementation may be prepared, copied, published
  and distributed, in whole or in part, without restriction of any
  kind, provided that the above copyright notice and this paragraph are
  included on all such copies and derivative works.  However, this
  document itself may not be modified in any way, such as by removing
  the copyright notice or references to the Internet Society or other
  Internet organizations, except as needed for the purpose of
  developing Internet standards in which case the procedures for
  copyrights defined in the Internet Standards process must be
  followed, or as required to translate it into languages other than
  English.
  The limited permissions granted above are perpetual and will not be
  revoked by the Internet Society or its successors or assigns.
  This document and the information contained herein is provided on an
  "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
  TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
  BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
  HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
  MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
  Acknowledgement 
  Funding for the RFC Editor function is currently provided by the 
  Internet Society. 
 */
--- a/include/sql_common.h
+++ b/include/sql_common.h
@ -16,14 +16,60 @@
   along with this program; if not, write to the Free Software
   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA */
 #define SQL_COMMON_INCLUDED
 #ifdef	__cplusplus
 extern "C" {
 #endif
 #include <mysql.h>
 extern const char	*unknown_sqlstate;
 extern const char	*cant_connect_sqlstate;
 extern const char	*not_error_sqlstate;
-#ifdef	__cplusplus
+struct st_mysql_options_extention {
-extern "C" {
+  char *plugin_dir;
  char *default_auth;
 };
 typedef struct st_mysql_methods
 {
  my_bool (*read_query_result)(MYSQL *mysql);
  my_bool (*advanced_command)(MYSQL *mysql,
 			      enum enum_server_command command,
 			      const unsigned char *header,
 			      unsigned long header_length,
 			      const unsigned char *arg,
 			      unsigned long arg_length,
 			      my_bool skip_check,
                              MYSQL_STMT *stmt);
  MYSQL_DATA *(*read_rows)(MYSQL *mysql,MYSQL_FIELD *mysql_fields,
 			   unsigned int fields);
  MYSQL_RES * (*use_result)(MYSQL *mysql);
  void (*fetch_lengths)(unsigned long *to, 
 			MYSQL_ROW column, unsigned int field_count);
  void (*flush_use_result)(MYSQL *mysql, my_bool flush_all_results);
  int (*read_change_user_result)(MYSQL *mysql);
 #if !defined(MYSQL_SERVER) || defined(EMBEDDED_LIBRARY)
  MYSQL_FIELD * (*list_fields)(MYSQL *mysql);
  my_bool (*read_prepare_result)(MYSQL *mysql, MYSQL_STMT *stmt);
  int (*stmt_execute)(MYSQL_STMT *stmt);
  int (*read_binary_rows)(MYSQL_STMT *stmt);
  int (*unbuffered_fetch)(MYSQL *mysql, char **row);
  void (*free_embedded_thd)(MYSQL *mysql);
  const char *(*read_statistics)(MYSQL *mysql);
  my_bool (*next_result)(MYSQL *mysql);
  int (*read_rows_from_cursor)(MYSQL_STMT *stmt);
 #endif
 } MYSQL_METHODS;
 #define simple_command(mysql, command, arg, length, skip_check) \
  (*(mysql)->methods->advanced_command)(mysql, command, 0,  \
                                        0, arg, length, skip_check, NULL)
 #define stmt_command(mysql, command, arg, length, stmt) \
  (*(mysql)->methods->advanced_command)(mysql, command, 0,  \
                                        0, arg, length, 1, stmt)
 extern CHARSET_INFO *default_client_charset_info;
 MYSQL_FIELD *unpack_fields(MYSQL_DATA *data,MEM_ROOT *alloc,uint fields,
@ -45,6 +91,19 @@ void set_stmt_errmsg(MYSQL_STMT *stmt, NET *net);
 void set_stmt_error(MYSQL_STMT *stmt, int errcode, const char *sqlstate,
                    const char *err);
 void set_mysql_error(MYSQL *mysql, int errcode, const char *sqlstate);
 void set_mysql_extended_error(MYSQL *mysql, int errcode, const char *sqlstate,
                              const char *format, ...);
 /* client side of the pluggable authentication */
 struct st_plugin_vio_info;
 void mpvio_info(Vio *vio, struct st_plugin_vio_info *info);
 int run_plugin_auth(MYSQL *mysql, char *data, uint data_len,
                    const char *data_plugin, const char *db);
 int mysql_client_plugin_init();
 void mysql_client_plugin_deinit();
 struct st_mysql_client_plugin;
 extern struct st_mysql_client_plugin *mysql_client_builtins[];
 #ifdef	__cplusplus
 }
 #endif
--- a/libmysql/CMakeLists.txt
+++ b/libmysql/CMakeLists.txt
@ -140,6 +140,7 @@ SET(CLIENT_SOURCES
  errmsg.c
  ../sql-common/client.c 
  ../sql-common/my_time.c 
  ../sql-common/client_plugin.c 
  ../sql/net_serv.cc
  ../sql-common/pack.c 
  ../sql/password.c
@ -148,7 +149,7 @@ ADD_CONVENIENCE_LIBRARY(clientlib ${CLIENT_SOURCES})
 DTRACE_INSTRUMENT(clientlib)
 ADD_DEPENDENCIES(clientlib GenError)
-SET(LIBS clientlib dbug strings vio mysys ${ZLIB_LIBRARY} ${SSL_LIBRARIES})
+SET(LIBS clientlib dbug strings vio mysys ${ZLIB_LIBRARY} ${SSL_LIBRARIES} ${LIBDL})
 # Merge several convenience libraries into one big mysqlclient
 # and link them together into shared library.
--- a/libmysql/Makefile.shared
+++ b/libmysql/Makefile.shared
@ -23,6 +23,7 @@
 MYSQLDATAdir =			$(localstatedir)
 MYSQLSHAREdir =			$(pkgdatadir)
 MYSQLBASEdir=			$(prefix)
 pkgplugindir =			$(pkglibdir)/plugin
 ## We'll use CLIENT_EXTRA_LDFLAGS for threaded and non-threaded
 ## until someone complains that they need separate options.
 LDADD =				@CLIENT_EXTRA_LDFLAGS@ $(target)
@ -70,26 +71,27 @@ mysysobjects1 =		my_init.lo my_static.lo my_malloc.lo \
 			my_rename.lo my_chsize.lo my_sync.lo \
 			my_getsystime.lo my_symlink2.lo mf_same.lo
 sqlobjects =		net.lo
-sql_cmn_objects =	pack.lo client.lo my_time.lo
+sql_cmn_objects =	pack.lo client.lo my_time.lo client_plugin.lo
 # Not needed in the minimum library
 mysysobjects2 =		my_lib.lo mf_qsort.lo
 mysysobjects =		$(mysysobjects1) $(mysysobjects2)
 target_libadd =		$(mysysobjects) $(mystringsobjects) $(dbugobjects) \
 $(sql_cmn_objects) $(vio_objects) $(sqlobjects)
-target_ldflags = -version-info @SHARED_LIB_VERSION@ @LD_VERSION_SCRIPT@ 
+target_ldflags = -version-info @SHARED_LIB_VERSION@ @LD_VERSION_SCRIPT@ @LIBDL@
 vio_objects= vio.lo viosocket.lo viossl.lo viosslfactories.lo
 BUILT_SOURCES		= link_sources
 CLEANFILES =		$(target_libadd) $(SHLIBOBJS) \
 			$(target) $(BUILT_SOURCES)
-DEFS =			-DDEFAULT_CHARSET_HOME="\"$(MYSQLBASEdir)\"" \
+DEFS =			-DDEFAULT_CHARSET_HOME='"$(MYSQLBASEdir)"' \
-			-DMYSQL_DATADIR="\"$(MYSQLDATAdir)\"" \
+			-DMYSQL_DATADIR='"$(MYSQLDATAdir)"' \
 			-DDEFAULT_HOME_ENV=MYSQL_HOME \
 			-DPLUGINDIR='"$(pkgplugindir)"' \
 			-DDEFAULT_GROUP_SUFFIX_ENV=MYSQL_GROUP_SUFFIX \
-			-DDEFAULT_SYSCONFDIR="\"$(sysconfdir)\"" \
+			-DDEFAULT_SYSCONFDIR='"$(sysconfdir)"' \
-			-DSHAREDIR="\"$(MYSQLSHAREdir)\"" -DDISABLE_DTRACE \
+			-DSHAREDIR='"$(MYSQLSHAREdir)"' -DDISABLE_DTRACE \
 			$(target_defs)
 if HAVE_YASSL
--- a/libmysql/client_settings.h
+++ b/libmysql/client_settings.h
@ -28,7 +28,8 @@ extern char *	mysql_unix_port;
                             CLIENT_PROTOCOL_41 | \
                             CLIENT_SECURE_CONNECTION | \
                             CLIENT_MULTI_RESULTS | \
-                             CLIENT_PS_MULTI_RESULTS)
+                             CLIENT_PS_MULTI_RESULTS | \
                             CLIENT_PLUGIN_AUTH)
 sig_handler my_pipe_sig_handler(int sig);
 void read_user_name(char *name);
@ -67,7 +68,7 @@ int cli_stmt_execute(MYSQL_STMT *stmt);
 int cli_read_binary_rows(MYSQL_STMT *stmt);
 int cli_unbuffered_fetch(MYSQL *mysql, char **row);
 const char * cli_read_statistics(MYSQL *mysql);
-int cli_read_change_user_result(MYSQL *mysql, char *buff, const char *passwd);
+int cli_read_change_user_result(MYSQL *mysql);
 #ifdef EMBEDDED_LIBRARY
 int init_embedded_server(int argc, char **argv, char **groups);
--- a/libmysql/errmsg.c
+++ b/libmysql/errmsg.c
@ -84,7 +84,8 @@ const char *client_errors[]=
  "Lost connection to MySQL server at '%s', system error: %d",
  "Statement closed indirectly because of a preceeding %s() call",
  "The number of columns in the result set differs from the number of bound buffers. You must reset the statement, rebind the result set columns, and execute the statement again",
-  "This handle is already connected. Use a separate handle for each connection."
+  "This handle is already connected. Use a separate handle for each connection.",
  "Authentication plugin '%s' cannot be loaded: %s",
  ""
 };
--- a/libmysql/libmysql.c
+++ b/libmysql/libmysql.c
@ -126,6 +126,8 @@ int STDCALL mysql_server_init(int argc __attribute__((unused)),
    if (my_init())				/* Will init threads */
      return 1;
    init_client_errs();
    if (mysql_client_plugin_init())
      return 1;
    if (!mysql_port)
    {
      char *env;
@ -196,6 +198,8 @@ void STDCALL mysql_server_end()
  if (!mysql_client_init)
    return;
  mysql_client_plugin_deinit();
 #ifdef EMBEDDED_LIBRARY
  end_embedded_server();
 #endif
@ -345,44 +349,14 @@ mysql_connect(MYSQL *mysql,const char *host,
  Change user and database
 **************************************************************************/
 int cli_read_change_user_result(MYSQL *mysql, char *buff, const char *passwd)
 {
  NET *net= &mysql->net;
  ulong pkt_length;
  pkt_length= cli_safe_read(mysql);
  if (pkt_length == packet_error)
    return 1;
  if (pkt_length == 1 && net->read_pos[0] == 254 &&
      mysql->server_capabilities & CLIENT_SECURE_CONNECTION)
  {
    /*
      By sending this very specific reply server asks us to send scrambled
      password in old format. The reply contains scramble_323.
    */
    scramble_323(buff, mysql->scramble, passwd);
    if (my_net_write(net, (uchar*) buff, SCRAMBLE_LENGTH_323 + 1) ||
        net_flush(net))
    {
      set_mysql_error(mysql, CR_SERVER_LOST, unknown_sqlstate);
      return 1;
    }
    /* Read what server thinks about out new auth message report */
    if (cli_safe_read(mysql) == packet_error)
      return 1;
  }
  return 0;
 }
 my_bool	STDCALL mysql_change_user(MYSQL *mysql, const char *user,
 				  const char *passwd, const char *db)
 {
  char buff[USERNAME_LENGTH+SCRAMBLED_PASSWORD_CHAR_LENGTH+NAME_LEN+2];
  char *end= buff;
  int rc;
  CHARSET_INFO *saved_cs= mysql->charset;
  char *saved_user= mysql->user;
  char *saved_passwd= mysql->passwd;
  char *saved_db= mysql->db;
  DBUG_ENTER("mysql_change_user");
@ -396,49 +370,11 @@ my_bool	STDCALL mysql_change_user(MYSQL *mysql, const char *user,
  /* Use an empty string instead of NULL. */
-  if (!user)
+  mysql->user= (char*)(user ? user : "");
-    user="";
+  mysql->passwd= (char*)(passwd ? passwd : "");
-  if (!passwd)
+  mysql->db= 0;
    passwd="";
-  /*
+  rc= run_plugin_auth(mysql, 0, 0, 0, db);
    Store user into the buffer.
    Advance position as strmake returns a pointer to the closing NUL.
  */
  end= strmake(end, user, USERNAME_LENGTH) + 1;
  /* write scrambled password according to server capabilities */
  if (passwd[0])
  {
    if (mysql->server_capabilities & CLIENT_SECURE_CONNECTION)
    {
      *end++= SCRAMBLE_LENGTH;
      scramble(end, mysql->scramble, passwd);
      end+= SCRAMBLE_LENGTH;
    }
    else
    {
      scramble_323(end, mysql->scramble, passwd);
      end+= SCRAMBLE_LENGTH_323 + 1;
    }
  }
  else
    *end++= '\0';                               /* empty password */
  /* Add database if needed */
  end= strmake(end, db ? db : "", NAME_LEN) + 1;
  /* Add character set number. */
  if (mysql->server_capabilities & CLIENT_SECURE_CONNECTION)
  {
    int2store(end, (ushort) mysql->charset->number);
    end+= 2;
  }
  /* Write authentication package */
  simple_command(mysql,COM_CHANGE_USER, (uchar*) buff, (ulong) (end-buff), 1);
  rc= (*mysql->methods->read_change_user_result)(mysql, buff, passwd);
  /*
    The server will close all statements no matter was the attempt
@ -448,18 +384,21 @@ my_bool	STDCALL mysql_change_user(MYSQL *mysql, const char *user,
  if (rc == 0)
  {
    /* Free old connect information */
-    my_free(mysql->user);
+    my_free(saved_user);
-    my_free(mysql->passwd);
+    my_free(saved_passwd);
-    my_free(mysql->db);
+    my_free(saved_db);
    /* alloc new connect information */
-    mysql->user=  my_strdup(user,MYF(MY_WME));
+    mysql->user= my_strdup(mysql->user, MYF(MY_WME));
-    mysql->passwd=my_strdup(passwd,MYF(MY_WME));
+    mysql->passwd= my_strdup(mysql->passwd, MYF(MY_WME));
-    mysql->db=    db ? my_strdup(db,MYF(MY_WME)) : 0;
+    mysql->db= db ? my_strdup(db, MYF(MY_WME)) : 0;
  }
  else
  {
    mysql->charset= saved_cs;
    mysql->user= saved_user;
    mysql->passwd= saved_passwd;
    mysql->db= saved_db;
  }
  DBUG_RETURN(rc);
--- a/libmysql/libmysql.def
+++ b/libmysql/libmysql.def
@ -104,3 +104,4 @@ EXPORTS
 	mysql_server_end
 	mysql_set_character_set
 	mysql_get_character_set_info
        mysql_plugin_options
--- a/libmysqld/CMakeLists.txt
+++ b/libmysqld/CMakeLists.txt
@ -42,6 +42,7 @@ SET(SQL_EMBEDDED_SOURCES emb_qcache.cc libmysqld.c lib_sql.cc
           ../libmysql/libmysql.c ../libmysql/errmsg.c ../client/get_password.c
           ../sql-common/client.c ../sql-common/my_time.c 
           ../sql-common/my_user.c ../sql-common/pack.c
           ../sql-common/client_plugin.c
           ../sql/password.c ../sql/discover.cc ../sql/derror.cc 
           ../sql/field.cc ../sql/field_conv.cc
           ../sql/filesort.cc ../sql/gstream.cc
--- a/libmysqld/Makefile.am
+++ b/libmysqld/Makefile.am
@ -39,7 +39,7 @@ pkglib_LIBRARIES =	libmysqld.a
 SUBDIRS =		. examples
 libmysqld_sources=	libmysqld.c lib_sql.cc emb_qcache.cc
 libmysqlsources =	errmsg.c get_password.c libmysql.c client.c pack.c \
-                        my_time.c
+                        my_time.c client_plugin.c
 noinst_HEADERS =	embedded_priv.h emb_qcache.h
--- a/libmysqld/embedded_priv.h
+++ b/libmysqld/embedded_priv.h
@ -15,6 +15,8 @@
 /* Prototypes for the embedded version of MySQL */
 #include <sql_common.h>
 C_MODE_START
 void lib_connection_phase(NET *net, int phase);
 void init_embedded_mysql(MYSQL *mysql, int client_flag);
--- a/libmysqld/lib_sql.cc
+++ b/libmysqld/lib_sql.cc
@ -35,7 +35,6 @@ C_MODE_START
 #include <mysql.h>
 #undef ER
 #include "errmsg.h"
 #include <sql_common.h>
 #include "embedded_priv.h"
 extern unsigned int mysql_server_last_errno;
@ -414,11 +413,10 @@ static MYSQL_RES * emb_store_result(MYSQL *mysql)
  return mysql_store_result(mysql);
 }
-int emb_read_change_user_result(MYSQL *mysql, 
+int emb_read_change_user_result(MYSQL *mysql)
 				char *buff __attribute__((unused)),
 				const char *passwd __attribute__((unused)))
 {
-  return mysql_errno(mysql);
+  mysql->net.read_pos= (uchar*)""; // fake an OK packet
  return mysql_errno(mysql) ? packet_error : 1 /* length of the OK packet */;
 }
 MYSQL_METHODS embedded_methods= 
@ -429,6 +427,7 @@ MYSQL_METHODS embedded_methods=
  emb_store_result,
  emb_fetch_lengths, 
  emb_flush_use_result,
  emb_read_change_user_result,
  emb_list_fields,
  emb_read_prepare_result,
  emb_stmt_execute,
@ -437,7 +436,6 @@ MYSQL_METHODS embedded_methods=
  emb_free_embedded_thd,
  emb_read_statistics,
  emb_read_query_result,
  emb_read_change_user_result,
  emb_read_rows_from_cursor
 };
@ -605,6 +603,7 @@ void init_embedded_mysql(MYSQL *mysql, int client_flag)
  THD *thd = (THD *)mysql->thd;
  thd->mysql= mysql;
  mysql->server_version= server_version;
  mysql->client_flag= client_flag;
  init_alloc_root(&mysql->field_alloc, 8192, 0);
 }
@ -668,14 +667,20 @@ err:
 int check_embedded_connection(MYSQL *mysql, const char *db)
 {
  int result;
  LEX_STRING db_str = { (char*)db, db ? strlen(db) : 0 };
  THD *thd= (THD*)mysql->thd;
  thd_init_client_charset(thd, mysql->charset->number);
  thd->update_charset();
  Security_context *sctx= thd->security_ctx;
  sctx->host_or_ip= sctx->host= (char*) my_localhost;
  strmake(sctx->priv_host, (char*) my_localhost,  MAX_HOSTNAME-1);
-  sctx->priv_user= sctx->user= my_strdup(mysql->user, MYF(0));
+  strmake(sctx->priv_user, mysql->user,  USERNAME_LENGTH-1);
-  result= check_user(thd, COM_CONNECT, NULL, 0, db, true);
+  sctx->user= my_strdup(mysql->user, MYF(0));
  sctx->proxy_user[0]= 0;
  sctx->master_access= GLOBAL_ACLS;       // Full rights
  /* Change database if necessary */
  if (!(result= (db && db[0] && mysql_change_db(thd, &db_str, FALSE))))
    my_ok(thd);
  thd->protocol->end_statement();
  emb_read_query_result(mysql);
  return result;
@ -684,14 +689,15 @@ int check_embedded_connection(MYSQL *mysql, const char *db)
 #else
 int check_embedded_connection(MYSQL *mysql, const char *db)
 {
  /*
    we emulate a COM_CHANGE_USER user here,
    it's easier than to emulate the complete 3-way handshake
  */
  char buf[USERNAME_LENGTH + SCRAMBLE_LENGTH + 1 + 2*NAME_LEN + 2], *end;
  NET *net= &mysql->net;
  THD *thd= (THD*)mysql->thd;
  Security_context *sctx= thd->security_ctx;
  int result;
  char scramble_buff[SCRAMBLE_LENGTH];
  int passwd_len;
  thd_init_client_charset(thd, mysql->charset->number);
  thd->update_charset();
  if (mysql->options.client_ip)
  {
    sctx->host= my_strdup(mysql->options.client_ip, MYF(0));
@ -702,37 +708,43 @@ int check_embedded_connection(MYSQL *mysql, const char *db)
  sctx->host_or_ip= sctx->host;
  if (acl_check_host(sctx->host, sctx->ip))
  {
    result= ER_HOST_NOT_PRIVILEGED;
    goto err;
  }
-  sctx->user= my_strdup(mysql->user, MYF(0));
+  /* construct a COM_CHANGE_USER packet */
  end= strmake(buf, mysql->user, USERNAME_LENGTH) + 1;
  memset(thd->scramble, 55, SCRAMBLE_LENGTH); // dummy scramble
  thd->scramble[SCRAMBLE_LENGTH]= 0;
  if (mysql->passwd && mysql->passwd[0])
  {
-    memset(thd->scramble, 55, SCRAMBLE_LENGTH); // dummy scramble
+    *end++= SCRAMBLE_LENGTH;
-    thd->scramble[SCRAMBLE_LENGTH]= 0;
+    scramble(end, thd->scramble, mysql->passwd);
-    scramble(scramble_buff, thd->scramble, mysql->passwd);
+    end+= SCRAMBLE_LENGTH;
    passwd_len= SCRAMBLE_LENGTH;
  }
  else
-    passwd_len= 0;
+    *end++= 0;
-  if((result= check_user(thd, COM_CONNECT, 
+  end= strmake(end, db ? db : "", NAME_LEN) + 1;
 			 scramble_buff, passwd_len, db, true)))
     goto err;
  int2store(end, (ushort) mysql->charset->number);
  end+= 2;
  /* acl_authenticate() takes the data from thd->net->read_pos */
  thd->net.read_pos= (uchar*)buf;
  if (acl_authenticate(thd, 0, end - buf))
  {
    x_free(thd->security_ctx->user);
    goto err;
  }
  return 0;
 err:
-  {
+  strmake(net->last_error, thd->main_da.message(), sizeof(net->last_error)-1);
-    NET *net= &mysql->net;
+  memcpy(net->sqlstate,
-    strmake(net->last_error, thd->stmt_da->message(),
+         mysql_errno_to_sqlstate(thd->main_da.sql_errno()),
-            sizeof(net->last_error)-1);
+         sizeof(net->sqlstate)-1);
-    memcpy(net->sqlstate,
+  return 1;
           mysql_errno_to_sqlstate(thd->stmt_da->sql_errno()),
           sizeof(net->sqlstate)-1);
  }
  return result;
 }
 #endif
--- a/libmysqld/libmysqld.c
+++ b/libmysqld/libmysqld.c
@ -17,7 +17,6 @@
 #include <mysql.h>
 #include <mysqld_error.h>
 #include <my_pthread.h>
 #include "embedded_priv.h"
 #include <my_sys.h>
 #include <mysys_err.h>
 #include <m_string.h>
@ -28,6 +27,7 @@
 #include <signal.h>
 #include <time.h>
 #include <sql_common.h>
 #include "embedded_priv.h"
 #include "client_settings.h"
 #ifdef	 HAVE_PWD_H
 #include <pwd.h>
@ -165,7 +165,11 @@ mysql_real_connect(MYSQL *mysql,const char *host, const char *user,
  client_flag|=CLIENT_CAPABILITIES;
  if (client_flag & CLIENT_MULTI_STATEMENTS)
    client_flag|= CLIENT_MULTI_RESULTS;
-  client_flag&= ~CLIENT_COMPRESS;
+  /*
    no compression in embedded as we don't send any data,
    and no pluggable auth, as we cannot do a client-server dialog
  */
  client_flag&= ~(CLIENT_COMPRESS | CLIENT_PLUGIN_AUTH);
  if (db)
    client_flag|=CLIENT_CONNECT_WITH_DB;
--- a/mysql-test/collections/default.daily
+++ b/mysql-test/collections/default.daily
@ -2,5 +2,4 @@ perl mysql-test-run.pl --timer --force --parallel=auto --experimental=collection
 perl mysql-test-run.pl --timer --force --parallel=auto --experimental=collections/default.experimental --comment=ps_row         --vardir=var-ps_row   --ps-protocol --mysqld=--binlog-format=row
 perl mysql-test-run.pl --timer --force --parallel=auto --experimental=collections/default.experimental --comment=embedded       --vardir=var-emebbed  --embedded
 perl mysql-test-run.pl --timer --force --parallel=auto --experimental=collections/default.experimental --comment=funcs_1        --vardir=var-funcs_1                                              --suite=funcs_1
 perl mysql-test-run.pl --timer --force --parallel=auto                                                 --comment=rpl_ndb_row    --vardir=var-rpl_ndb_row            --mysqld=--binlog-format=row  --suite=rpl_ndb,ndb
 perl mysql-test-run.pl --timer --force --parallel=auto --experimental=collections/default.experimental --comment=rpl_binlog_row --vardir=var-rpl_binlog_row --mysqld=--binlog-format=row --suite=rpl,binlog --skip-ndb
--- a/mysql-test/include/have_plugin_auth.inc
+++ b/mysql-test/include/have_plugin_auth.inc
@ -0,0 +1,4 @@
 disable_query_log;
 --require r/true.require
 select (PLUGIN_LIBRARY LIKE 'auth_test_plugin%') as `TRUE` FROM INFORMATION_SCHEMA.PLUGINS 
  WHERE PLUGIN_NAME='test_plugin_server';
--- a/mysql-test/lib/mtr_cases.pm
+++ b/mysql-test/lib/mtr_cases.pm
@ -926,7 +926,7 @@ sub collect_one_test_case {
    {
      # Ndb is not supported, skip it
      $tinfo->{'skip'}= 1;
-      $tinfo->{'comment'}= "No ndbcluster support";
+      $tinfo->{'comment'}= "No ndbcluster support or ndb tests not enabled";
      return $tinfo;
    }
    elsif ( $::opt_skip_ndbcluster )
--- a/mysql-test/mysql-test-run.pl
+++ b/mysql-test/mysql-test-run.pl
@ -131,6 +131,9 @@ my $opt_start_dirty;
 my $opt_start_exit;
 my $start_only;
 my $auth_filename;              # the name of the authentication test plugin
 my $auth_plugin;                # the path to the authentication test plugin
 END {
  if ( defined $opt_tmpdir_pid and $opt_tmpdir_pid == $$ )
  {
@ -281,7 +284,8 @@ sub testcase_timeout ($) {
 our $opt_warnings= 1;
-our $opt_skip_ndbcluster= 0;
+our $opt_include_ndbcluster= 0;
 our $opt_skip_ndbcluster= 1;
 my $exe_ndbd;
 my $exe_ndb_mgmd;
@ -877,6 +881,7 @@ sub command_line_setup {
             # Control what test suites or cases to run
             'force'                    => \$opt_force,
             'with-ndbcluster-only'     => \&collect_option,
             'include-ndbcluster'       => \$opt_include_ndbcluster,
             'skip-ndbcluster|skip-ndb' => \$opt_skip_ndbcluster,
             'suite|suites=s'           => \$opt_suites,
             'skip-rpl'                 => \&collect_option,
@ -1057,6 +1062,22 @@ sub command_line_setup {
                                    "$basedir/sql/share/charsets",
                                    "$basedir/share/charsets");
  # Look for client test plugin 
  if (IS_WINDOWS)
  {
    $auth_filename = "auth_test_plugin.dll";
  }
  else
  {
    $auth_filename = "auth_test_plugin.so";
  }
  $auth_plugin=
  mtr_file_exists(vs_config_dirs('plugin/auth/',$auth_filename),
    "$basedir/plugin/auth/.libs/" . $auth_filename,
    "$basedir/lib/mysql/plugin/" . $auth_filename,
    "$basedir/lib/plugin/" . $auth_filename);
  if (using_extern())
  {
    # Connect to the running mysqld and find out what it supports
@ -1943,6 +1964,24 @@ sub environment_setup {
  $ENV{'UDF_EXAMPLE_LIB_OPT'}= "--plugin-dir=".
    ($lib_udf_example ? dirname($lib_udf_example) : "");
  # --------------------------------------------------------------------------
  # Add the path where mysqld will find the auth test plugin (dialog.so/dll)
  # --------------------------------------------------------------------------
  if ($auth_plugin)
  {
    $ENV{'PLUGIN_AUTH'}= basename($auth_plugin);
    $ENV{'PLUGIN_AUTH_OPT'}= "--plugin-dir=".dirname($auth_plugin);
    $ENV{'PLUGIN_AUTH_LOAD'}="--plugin_load=test_plugin_server=".$auth_filename;
  }
  else
  {
    $ENV{'PLUGIN_AUTH'}= "";
    $ENV{'PLUGIN_AUTH_OPT'}="--plugin-dir=";
    $ENV{'PLUGIN_AUTH_LOAD'}="";
  }
  # --------------------------------------------------------------------------
  # Add the path where mysqld will find ha_example.so
  # --------------------------------------------------------------------------
@ -2471,6 +2510,11 @@ sub vs_config_dirs ($$) {
 sub check_ndbcluster_support ($) {
  my $mysqld_variables= shift;
  if ($opt_include_ndbcluster)
  {
    $opt_skip_ndbcluster= 0;
  }
  if ($opt_skip_ndbcluster)
  {
    mtr_report(" - skipping ndbcluster");
@ -5032,6 +5076,10 @@ sub start_mysqltest ($) {
  mtr_add_arg($args, "--tmpdir=%s", $opt_tmpdir);
  mtr_add_arg($args, "--character-sets-dir=%s", $path_charsetsdir);
  mtr_add_arg($args, "--logdir=%s/log", $opt_vardir);
  if ($auth_plugin)
  {
    mtr_add_arg($args, "--plugin_dir=%s", dirname($auth_plugin));
  }
  # Log line number and time  for each line in .test file
  mtr_add_arg($args, "--mark-progress")
@ -5510,7 +5558,8 @@ Options to control what test suites or cases to run
  force                 Continue to run the suite after failure
  with-ndbcluster-only  Run only tests that include "ndb" in the filename
-  skip-ndb[cluster]     Skip all tests that need cluster
+  skip-ndb[cluster]     Skip all tests that need cluster. Default.
  include-ndb[cluster]  Enable all tests that need cluster
  do-test=PREFIX or REGEX
                        Run test cases which name are prefixed with PREFIX
                        or fulfills REGEX
--- a/mysql-test/r/1st.result
+++ b/mysql-test/r/1st.result
@ -21,6 +21,7 @@ ndb_binlog_index
 plugin
 proc
 procs_priv
 proxy_priv
 servers
 slow_log
 tables_priv
--- a/mysql-test/r/change_user.result
+++ b/mysql-test/r/change_user.result
@ -1,3 +1,39 @@
 grant select on test.* to test_nopw;
 grant select on test.* to test_oldpw identified by password "09301740536db389";
 grant select on test.* to test_newpw identified by "newpw";
 select user(), current_user(), database();
 user()	current_user()	database()
 root@localhost	root@localhost	test
 select concat('<', user(), '>'), concat('<', current_user(), '>'), database();
 concat('<', user(), '>')	concat('<', current_user(), '>')	database()
 <root@localhost>	<root@localhost>	test
 select concat('<', user(), '>'), concat('<', current_user(), '>'), database();
 concat('<', user(), '>')	concat('<', current_user(), '>')	database()
 <test_nopw@localhost>	<test_nopw@%>	NULL
 select concat('<', user(), '>'), concat('<', current_user(), '>'), database();
 concat('<', user(), '>')	concat('<', current_user(), '>')	database()
 <test_oldpw@localhost>	<test_oldpw@%>	NULL
 select concat('<', user(), '>'), concat('<', current_user(), '>'), database();
 concat('<', user(), '>')	concat('<', current_user(), '>')	database()
 <test_newpw@localhost>	<test_newpw@%>	NULL
 select concat('<', user(), '>'), concat('<', current_user(), '>'), database();
 concat('<', user(), '>')	concat('<', current_user(), '>')	database()
 <root@localhost>	<root@localhost>	NULL
 select concat('<', user(), '>'), concat('<', current_user(), '>'), database();
 concat('<', user(), '>')	concat('<', current_user(), '>')	database()
 <test_nopw@localhost>	<test_nopw@%>	test
 select concat('<', user(), '>'), concat('<', current_user(), '>'), database();
 concat('<', user(), '>')	concat('<', current_user(), '>')	database()
 <test_oldpw@localhost>	<test_oldpw@%>	test
 select concat('<', user(), '>'), concat('<', current_user(), '>'), database();
 concat('<', user(), '>')	concat('<', current_user(), '>')	database()
 <test_newpw@localhost>	<test_newpw@%>	test
 select concat('<', user(), '>'), concat('<', current_user(), '>'), database();
 concat('<', user(), '>')	concat('<', current_user(), '>')	database()
 <root@localhost>	<root@localhost>	test
 drop user test_nopw;
 drop user test_oldpw;
 drop user test_newpw;
 Bug#20023
 SELECT @@session.sql_big_selects;
@@session.sql_big_selects
--- a/mysql-test/r/connect.result
+++ b/mysql-test/r/connect.result
@ -15,6 +15,7 @@ ndb_binlog_index
 plugin
 proc
 procs_priv
 proxy_priv
 servers
 slow_log
 tables_priv
@ -48,6 +49,7 @@ ndb_binlog_index
 plugin
 proc
 procs_priv
 proxy_priv
 servers
 slow_log
 tables_priv
@ -89,6 +91,7 @@ ndb_binlog_index
 plugin
 proc
 procs_priv
 proxy_priv
 servers
 slow_log
 tables_priv
--- a/mysql-test/r/events_bugs.result
+++ b/mysql-test/r/events_bugs.result
@ -568,6 +568,7 @@ USE test;
 SHOW GRANTS FOR CURRENT_USER;
 Grants for root@localhost
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION
 SET GLOBAL event_scheduler = ON;
 CREATE TABLE events_test.event_log
 (id int KEY AUTO_INCREMENT, ev_nm char(40), ev_cnt int, ev_tm timestamp)
--- a/mysql-test/r/grant.result
+++ b/mysql-test/r/grant.result
@ -13,8 +13,48 @@ GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' REQUIRE CIPHER 'EDH-RSA-DES-CBC3
 GRANT SELECT ON `mysqltest`.* TO 'mysqltest_1'@'localhost'
 grant delete on mysqltest.* to mysqltest_1@localhost;
 select * from mysql.user where user="mysqltest_1";
-Host	User	Password	Select_priv	Insert_priv	Update_priv	Delete_priv	Create_priv	Drop_priv	Reload_priv	Shutdown_priv	Process_priv	File_priv	Grant_priv	References_priv	Index_priv	Alter_priv	Show_db_priv	Super_priv	Create_tmp_table_priv	Lock_tables_priv	Execute_priv	Repl_slave_priv	Repl_client_priv	Create_view_priv	Show_view_priv	Create_routine_priv	Alter_routine_priv	Create_user_priv	Event_priv	Trigger_priv	Create_tablespace_priv	ssl_type	ssl_cipher	x509_issuer	x509_subject	max_questions	max_updates	max_connections	max_user_connections
+Host	localhost
-localhost	mysqltest_1		N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	SPECIFIED	EDH-RSA-DES-CBC3-SHA			0	0	0	0
+User	mysqltest_1
 Password	
 Select_priv	N
 Insert_priv	N
 Update_priv	N
 Delete_priv	N
 Create_priv	N
 Drop_priv	N
 Reload_priv	N
 Shutdown_priv	N
 Process_priv	N
 File_priv	N
 Grant_priv	N
 References_priv	N
 Index_priv	N
 Alter_priv	N
 Show_db_priv	N
 Super_priv	N
 Create_tmp_table_priv	N
 Lock_tables_priv	N
 Execute_priv	N
 Repl_slave_priv	N
 Repl_client_priv	N
 Create_view_priv	N
 Show_view_priv	N
 Create_routine_priv	N
 Alter_routine_priv	N
 Create_user_priv	N
 Event_priv	N
 Trigger_priv	N
 Create_tablespace_priv	N
 ssl_type	SPECIFIED
 ssl_cipher	EDH-RSA-DES-CBC3-SHA
 x509_issuer	
 x509_subject	
 max_questions	0
 max_updates	0
 max_connections	0
 max_user_connections	0
 plugin	
 authentication_string	
 show grants for mysqltest_1@localhost;
 Grants for mysqltest_1@localhost
 GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' REQUIRE CIPHER 'EDH-RSA-DES-CBC3-SHA'
@ -44,15 +84,95 @@ delete from mysql.user where user='mysqltest_1';
 flush privileges;
 grant usage on *.* to mysqltest_1@localhost with max_queries_per_hour 10;
 select * from mysql.user where user="mysqltest_1";
-Host	User	Password	Select_priv	Insert_priv	Update_priv	Delete_priv	Create_priv	Drop_priv	Reload_priv	Shutdown_priv	Process_priv	File_priv	Grant_priv	References_priv	Index_priv	Alter_priv	Show_db_priv	Super_priv	Create_tmp_table_priv	Lock_tables_priv	Execute_priv	Repl_slave_priv	Repl_client_priv	Create_view_priv	Show_view_priv	Create_routine_priv	Alter_routine_priv	Create_user_priv	Event_priv	Trigger_priv	Create_tablespace_priv	ssl_type	ssl_cipher	x509_issuer	x509_subject	max_questions	max_updates	max_connections	max_user_connections
+Host	localhost
-localhost	mysqltest_1		N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N					10	0	0	0
+User	mysqltest_1
 Password	
 Select_priv	N
 Insert_priv	N
 Update_priv	N
 Delete_priv	N
 Create_priv	N
 Drop_priv	N
 Reload_priv	N
 Shutdown_priv	N
 Process_priv	N
 File_priv	N
 Grant_priv	N
 References_priv	N
 Index_priv	N
 Alter_priv	N
 Show_db_priv	N
 Super_priv	N
 Create_tmp_table_priv	N
 Lock_tables_priv	N
 Execute_priv	N
 Repl_slave_priv	N
 Repl_client_priv	N
 Create_view_priv	N
 Show_view_priv	N
 Create_routine_priv	N
 Alter_routine_priv	N
 Create_user_priv	N
 Event_priv	N
 Trigger_priv	N
 Create_tablespace_priv	N
 ssl_type	
 ssl_cipher	
 x509_issuer	
 x509_subject	
 max_questions	10
 max_updates	0
 max_connections	0
 max_user_connections	0
 plugin	
 authentication_string	
 show grants for mysqltest_1@localhost;
 Grants for mysqltest_1@localhost
 GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' WITH MAX_QUERIES_PER_HOUR 10
 grant usage on *.* to mysqltest_1@localhost with max_updates_per_hour 20 max_connections_per_hour 30;
 select * from mysql.user where user="mysqltest_1";
-Host	User	Password	Select_priv	Insert_priv	Update_priv	Delete_priv	Create_priv	Drop_priv	Reload_priv	Shutdown_priv	Process_priv	File_priv	Grant_priv	References_priv	Index_priv	Alter_priv	Show_db_priv	Super_priv	Create_tmp_table_priv	Lock_tables_priv	Execute_priv	Repl_slave_priv	Repl_client_priv	Create_view_priv	Show_view_priv	Create_routine_priv	Alter_routine_priv	Create_user_priv	Event_priv	Trigger_priv	Create_tablespace_priv	ssl_type	ssl_cipher	x509_issuer	x509_subject	max_questions	max_updates	max_connections	max_user_connections
+Host	localhost
-localhost	mysqltest_1		N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N					10	20	30	0
+User	mysqltest_1
 Password	
 Select_priv	N
 Insert_priv	N
 Update_priv	N
 Delete_priv	N
 Create_priv	N
 Drop_priv	N
 Reload_priv	N
 Shutdown_priv	N
 Process_priv	N
 File_priv	N
 Grant_priv	N
 References_priv	N
 Index_priv	N
 Alter_priv	N
 Show_db_priv	N
 Super_priv	N
 Create_tmp_table_priv	N
 Lock_tables_priv	N
 Execute_priv	N
 Repl_slave_priv	N
 Repl_client_priv	N
 Create_view_priv	N
 Show_view_priv	N
 Create_routine_priv	N
 Alter_routine_priv	N
 Create_user_priv	N
 Event_priv	N
 Trigger_priv	N
 Create_tablespace_priv	N
 ssl_type	
 ssl_cipher	
 x509_issuer	
 x509_subject	
 max_questions	10
 max_updates	20
 max_connections	30
 max_user_connections	0
 plugin	
 authentication_string	
 show grants for mysqltest_1@localhost;
 Grants for mysqltest_1@localhost
 GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' WITH MAX_QUERIES_PER_HOUR 10 MAX_UPDATES_PER_HOUR 20 MAX_CONNECTIONS_PER_HOUR 30
@ -164,6 +284,7 @@ Warnings:
 Warning	1364	Field 'ssl_cipher' doesn't have a default value
 Warning	1364	Field 'x509_issuer' doesn't have a default value
 Warning	1364	Field 'x509_subject' doesn't have a default value
 Warning	1364	Field 'authentication_string' doesn't have a default value
 insert into mysql.db (host, db, user, select_priv) values
 ('localhost', 'a%', 'test11', 'Y'), ('localhost', 'ab%', 'test11', 'Y');
 alter table mysql.db order by db asc;
@ -625,16 +746,19 @@ show grants for root@localhost;
 Grants for root@localhost
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT SELECT ON `ÂÄ`.* TO 'root'@'localhost'
 GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION
 flush privileges;
 show grants for root@localhost;
 Grants for root@localhost
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT SELECT ON `ÂÄ`.* TO 'root'@'localhost'
 GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION
 drop database ÂÄ;
 revoke all privileges on ÂÄ.* from root@localhost;
 show grants for root@localhost;
 Grants for root@localhost
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION
 set names latin1;
 create user mysqltest_7@;
 set password for mysqltest_7@ = password('systpass');
--- a/mysql-test/r/grant2.result
+++ b/mysql-test/r/grant2.result
@ -11,7 +11,7 @@ grant create user on *.* to mysqltest_1@localhost;
 create user mysqltest_2@localhost;
 grant select on `my\_1`.* to mysqltest_2@localhost;
 grant select on `my\_1`.* to mysqltest_2@localhost identified by 'pass';
-ERROR 42000: You must have privileges to update tables in the mysql database to be able to change passwords for others
+ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'mysql'
 grant update on mysql.* to mysqltest_1@localhost;
 grant select on `my\_1`.* to mysqltest_2@localhost identified by 'pass';
 grant select on `my\_1`.* to mysqltest_3@localhost;
@ -287,6 +287,7 @@ Warnings:
 Warning	1364	Field 'ssl_cipher' doesn't have a default value
 Warning	1364	Field 'x509_issuer' doesn't have a default value
 Warning	1364	Field 'x509_subject' doesn't have a default value
 Warning	1364	Field 'authentication_string' doesn't have a default value
 create user mysqltest_A@'%';
 rename user mysqltest_B@'%' to mysqltest_C@'%';
 drop user mysqltest_C@'%';
@ -334,7 +335,7 @@ delete from mysql.user where user like 'mysqltest\_1';
 flush privileges;
 drop database mysqltest_1;
 set password = password("changed");
-ERROR 42000: Access denied for user ''@'localhost' to database 'mysql'
+ERROR 42000: Can't find any matching row in the user table
 lock table mysql.user write;
 flush privileges;
 grant all on *.* to 'mysqltest_1'@'localhost';
@ -354,6 +355,7 @@ Warnings:
 Warning	1364	Field 'ssl_cipher' doesn't have a default value
 Warning	1364	Field 'x509_issuer' doesn't have a default value
 Warning	1364	Field 'x509_subject' doesn't have a default value
 Warning	1364	Field 'authentication_string' doesn't have a default value
 INSERT INTO mysql.db (host, db, user, select_priv) VALUES
 ('%','TESTDB','mysqltest_1','Y');
 FLUSH PRIVILEGES;
--- a/mysql-test/r/grant_cache_no_prot.result
+++ b/mysql-test/r/grant_cache_no_prot.result
@ -7,9 +7,11 @@ flush status;
 show grants for current_user;
 Grants for root@localhost
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION
 show grants;
 Grants for root@localhost
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION
 create database if not exists mysqltest;
 create table mysqltest.t1 (a int,b int,c int);
 create table mysqltest.t2 (a int,b int,c int);
--- a/mysql-test/r/grant_cache_ps_prot.result
+++ b/mysql-test/r/grant_cache_ps_prot.result
@ -7,9 +7,11 @@ flush status;
 show grants for current_user;
 Grants for root@localhost
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION
 show grants;
 Grants for root@localhost
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION
 create database if not exists mysqltest;
 create table mysqltest.t1 (a int,b int,c int);
 create table mysqltest.t2 (a int,b int,c int);
--- a/mysql-test/r/information_schema.result
+++ b/mysql-test/r/information_schema.result
@ -88,6 +88,7 @@ host
 plugin
 proc
 procs_priv
 proxy_priv
 servers
 slow_log
 tables_priv
@ -684,6 +685,7 @@ Alter_routine_priv	select,insert,update,references
 max_questions	select,insert,update,references
 max_connections	select,insert,update,references
 max_user_connections	select,insert,update,references
 authentication_string	select,insert,update,references
 use test;
 create function sub1(i int) returns int
 return i+1;
@ -870,7 +872,7 @@ AND table_name not like 'ndb%' AND table_name not like 'innodb_%'
 GROUP BY TABLE_SCHEMA;
 table_schema	count(*)
 information_schema	30
-mysql	22
+mysql	23
 create table t1 (i int, j int);
 create trigger trg1 before insert on t1 for each row
 begin
--- a/mysql-test/r/log_tables_upgrade.result
+++ b/mysql-test/r/log_tables_upgrade.result
@ -27,6 +27,7 @@ mysql.ndb_binlog_index                             OK
 mysql.plugin                                       OK
 mysql.proc                                         OK
 mysql.procs_priv                                   OK
 mysql.proxy_priv                                   OK
 mysql.renamed_general_log                          OK
 mysql.servers                                      OK
 mysql.slow_log                                     OK
--- a/mysql-test/r/mysql_upgrade.result
+++ b/mysql-test/r/mysql_upgrade.result
@ -15,6 +15,7 @@ mysql.ndb_binlog_index                             OK
 mysql.plugin                                       OK
 mysql.proc                                         OK
 mysql.procs_priv                                   OK
 mysql.proxy_priv                                   OK
 mysql.servers                                      OK
 mysql.slow_log                                     OK
 mysql.tables_priv                                  OK
@ -43,6 +44,7 @@ mysql.ndb_binlog_index                             OK
 mysql.plugin                                       OK
 mysql.proc                                         OK
 mysql.procs_priv                                   OK
 mysql.proxy_priv                                   OK
 mysql.servers                                      OK
 mysql.slow_log                                     OK
 mysql.tables_priv                                  OK
@ -71,6 +73,7 @@ mysql.ndb_binlog_index                             OK
 mysql.plugin                                       OK
 mysql.proc                                         OK
 mysql.procs_priv                                   OK
 mysql.proxy_priv                                   OK
 mysql.servers                                      OK
 mysql.slow_log                                     OK
 mysql.tables_priv                                  OK
@ -101,6 +104,7 @@ mysql.ndb_binlog_index                             OK
 mysql.plugin                                       OK
 mysql.proc                                         OK
 mysql.procs_priv                                   OK
 mysql.proxy_priv                                   OK
 mysql.servers                                      OK
 mysql.slow_log                                     OK
 mysql.tables_priv                                  OK
@ -135,6 +139,7 @@ mysql.ndb_binlog_index                             OK
 mysql.plugin                                       OK
 mysql.proc                                         OK
 mysql.procs_priv                                   OK
 mysql.proxy_priv                                   OK
 mysql.servers                                      OK
 mysql.slow_log                                     OK
 mysql.tables_priv                                  OK
@ -172,6 +177,7 @@ mysql.ndb_binlog_index                             OK
 mysql.plugin                                       OK
 mysql.proc                                         OK
 mysql.procs_priv                                   OK
 mysql.proxy_priv                                   OK
 mysql.servers                                      OK
 mysql.slow_log                                     OK
 mysql.tables_priv                                  OK
--- a/mysql-test/r/mysql_upgrade_ssl.result
+++ b/mysql-test/r/mysql_upgrade_ssl.result
@ -17,6 +17,7 @@ mysql.ndb_binlog_index                             OK
 mysql.plugin                                       OK
 mysql.proc                                         OK
 mysql.procs_priv                                   OK
 mysql.proxy_priv                                   OK
 mysql.servers                                      OK
 mysql.slow_log                                     OK
 mysql.tables_priv                                  OK
--- a/mysql-test/r/mysqlcheck.result
+++ b/mysql-test/r/mysqlcheck.result
@ -18,6 +18,7 @@ mysql.ndb_binlog_index                             OK
 mysql.plugin                                       OK
 mysql.proc                                         OK
 mysql.procs_priv                                   OK
 mysql.proxy_priv                                   OK
 mysql.servers                                      OK
 mysql.slow_log
 note     : The storage engine for the table doesn't support optimize
@ -43,6 +44,7 @@ mysql.ndb_binlog_index                             OK
 mysql.plugin                                       OK
 mysql.proc                                         OK
 mysql.procs_priv                                   OK
 mysql.proxy_priv                                   OK
 mysql.servers                                      OK
 mysql.slow_log
 note     : The storage engine for the table doesn't support optimize
--- a/mysql-test/r/mysqld--help-win.result
+++ b/mysql-test/r/mysqld--help-win.result
@ -919,7 +919,6 @@ slave-transaction-retries 10
 slave-type-conversions 
 slow-launch-time 2
 slow-query-log FALSE
 socket MySQL
 sort-buffer-size 2097152
 sporadic-binlog-dump-fail FALSE
 sql-mode 
--- a/mysql-test/r/plugin_auth.result
+++ b/mysql-test/r/plugin_auth.result
@ -0,0 +1,237 @@
 SELECT PLUGIN_STATUS, PLUGIN_TYPE, PLUGIN_DESCRIPTION
 FROM INFORMATION_SCHEMA.PLUGINS WHERE PLUGIN_NAME='test_plugin_server';
 PLUGIN_STATUS	ACTIVE
 PLUGIN_TYPE	AUTHENTICATION
 PLUGIN_DESCRIPTION	plugin API test plugin
 CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
 CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
 SELECT plugin,authentication_string FROM mysql.user WHERE User='plug';
 plugin	authentication_string
 test_plugin_server	plug_dest
 ## test plugin auth
 ERROR 28000: Access denied for user 'plug'@'localhost' (using password: YES)
 GRANT PROXY ON plug_dest TO plug;
 select USER(),CURRENT_USER();
 USER()	CURRENT_USER()
 plug@localhost	plug_dest@%
 ## test SET PASSWORD
 SET PASSWORD = PASSWORD('plug_dest');
 Warnings:
 Note	1699	SET PASSWORD has no significance for users authenticating via plugins
 ## test bad credentials
 ERROR 28000: Access denied for user 'plug'@'localhost' (using password: YES)
 ## test bad default plugin : should get CR_AUTH_PLUGIN_CANNOT_LOAD
 ## test correct default plugin
 select USER(),CURRENT_USER();
 USER()	CURRENT_USER()
 plug@localhost	plug@%
 ## test no_auto_create_user sql mode with plugin users
 SET @@sql_mode=no_auto_create_user;
 GRANT INSERT ON TEST.* TO grant_user IDENTIFIED WITH 'test_plugin_server';
 SET @@sql_mode=default;
 DROP USER grant_user;
 ## test utf-8 user name
 CREATE USER `Ÿ` IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
 GRANT PROXY ON plug_dest TO `Ÿ`;
 select USER(),CURRENT_USER();
 USER()	CURRENT_USER()
 Ÿ@localhost	plug_dest@%
 DROP USER `Ÿ`;
 ## test GRANT ... IDENTIFIED WITH/BY ...
 CREATE DATABASE test_grant_db;
 # create new user via GRANT WITH
 GRANT ALL PRIVILEGES ON test_grant_db.* TO new_grant_user 
 IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
 GRANT PROXY ON plug_dest TO new_grant_user;
 select USER(),CURRENT_USER();
 USER()	CURRENT_USER()
 new_grant_user@localhost	plug_dest@%
 USE test_grant_db;
 CREATE TABLE t1 (a INT);
 DROP TABLE t1;
 REVOKE ALL PRIVILEGES ON test_grant_db.* FROM new_grant_user;
 # try re-create existing user via GRANT IDENTIFIED BY
 GRANT ALL PRIVILEGES ON test_grant_db.* TO new_grant_user
 IDENTIFIED BY 'unused_password';
 # make sure password doesn't take precendence
 ERROR 28000: Access denied for user 'new_grant_user'@'localhost' (using password: YES)
 #make sure plugin auth still available
 select USER(),CURRENT_USER();
 USER()	CURRENT_USER()
 new_grant_user@localhost	plug_dest@%
 USE test_grant_db;
 CREATE TABLE t1 (a INT);
 DROP TABLE t1;
 DROP USER new_grant_user;
 # try re-create existing user via GRANT IDENTIFIED WITH
 GRANT ALL PRIVILEGES ON test_grant_db.* TO plug
 IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
 ERROR HY000: GRANT with IDENTIFIED WITH is illegal because the user plug already exists
 GRANT ALL PRIVILEGES ON test_grant_db.* TO plug_dest
 IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
 ERROR HY000: GRANT with IDENTIFIED WITH is illegal because the user plug_dest already exists
 REVOKE SELECT on test_grant_db.* FROM joro 
 INDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
 ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'INDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'' at line 2
 REVOKE SELECT on test_grant_db.* FROM joro 
 INDENTIFIED BY 'plug_dest_passwd';
 ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'INDENTIFIED BY 'plug_dest_passwd'' at line 2
 REVOKE SELECT on test_grant_db.* FROM joro 
 INDENTIFIED BY PASSWORD 'plug_dest_passwd';
 ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'INDENTIFIED BY PASSWORD 'plug_dest_passwd'' at line 2
 DROP DATABASE test_grant_db;
 ## GRANT PROXY tests
 CREATE USER grant_plug IDENTIFIED WITH 'test_plugin_server' 
 AS 'grant_plug_dest';
 CREATE USER grant_plug_dest IDENTIFIED BY 'grant_plug_dest_passwd';
 CREATE USER grant_plug_dest2 IDENTIFIED BY 'grant_plug_dest_passwd2';
 # ALL PRIVILEGES doesn't include PROXY
 GRANT ALL PRIVILEGES ON *.* TO grant_plug;
 ERROR 28000: Access denied for user 'grant_plug'@'localhost' (using password: YES)
 GRANT ALL PRIVILEGES,PROXY ON grant_plug_dest TO grant_plug;
 ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'PROXY ON grant_plug_dest TO grant_plug' at line 1
 this should fail : can't combine PROXY
 GRANT ALL SELECT,PROXY ON grant_plug_dest TO grant_plug;
 ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'SELECT,PROXY ON grant_plug_dest TO grant_plug' at line 1
 # this should fail : no such grant
 REVOKE PROXY ON grant_plug_dest FROM grant_plug;
 ERROR 42000: There is no such grant defined for user 'grant_plug' on host '%'
 in grant_plug_dest_con
 ## testing what an ordinary user can grant 
 this should fail : no rights to grant all
 GRANT PROXY ON ''@'' TO grant_plug;
 ERROR 28000: Access denied for user 'grant_plug_dest'@'localhost'
 this should fail : not the same user
 GRANT PROXY ON grant_plug TO grant_plug_dest;
 ERROR 28000: Access denied for user 'grant_plug_dest'@'localhost'
 this should fail : same user, but on a different host
 GRANT PROXY ON grant_plug_dest TO grant_plug;
 ERROR 28000: Access denied for user 'grant_plug_dest'@'localhost'
 this should work : same user
 GRANT PROXY ON grant_plug_dest@localhost TO grant_plug_dest2;
 REVOKE PROXY ON grant_plug_dest@localhost FROM grant_plug_dest2;
 this should work : same user
 GRANT PROXY ON grant_plug_dest@localhost TO grant_plug WITH GRANT OPTION;
 REVOKE PROXY ON grant_plug_dest@localhost FROM grant_plug;
 this should fail : can't create users
 GRANT PROXY ON grant_plug_dest@localhost TO grant_plug@localhost;
 ERROR 42000: You are not allowed to create a user with GRANT
 in default connection
 # test what root can grant
 should work : root has PROXY to all users
 GRANT PROXY ON ''@'' TO grant_plug;
 REVOKE PROXY ON ''@'' FROM grant_plug;
 should work : root has PROXY to all users
 GRANT PROXY ON ''@'' TO proxy_admin IDENTIFIED BY 'test' 
 WITH GRANT OPTION;
 need USAGE : PROXY doesn't contain it.
 GRANT USAGE on *.* TO proxy_admin;
 in proxy_admin_con;
 should work : proxy_admin has proxy to ''@''
 GRANT PROXY ON future_user TO grant_plug;
 in default connection
 SHOW GRANTS FOR grant_plug;
 Grants for grant_plug@%
 GRANT ALL PRIVILEGES ON *.* TO 'grant_plug'@'%' WITH GRANT OPTION
 GRANT PROXY ON 'future_user'@'%' TO 'grant_plug'@'%'
 REVOKE PROXY ON future_user FROM grant_plug;
 SHOW GRANTS FOR grant_plug;
 Grants for grant_plug@%
 GRANT ALL PRIVILEGES ON *.* TO 'grant_plug'@'%' WITH GRANT OPTION
 ## testing drop user
 CREATE USER test_drop@localhost;
 GRANT PROXY ON future_user TO test_drop@localhost;
 SHOW GRANTS FOR test_drop@localhost;
 Grants for test_drop@localhost
 GRANT USAGE ON *.* TO 'test_drop'@'localhost'
 GRANT PROXY ON 'future_user'@'%' TO 'test_drop'@'localhost'
 DROP USER test_drop@localhost;
 SELECT * FROM mysql.proxy_priv WHERE Host = 'test_drop' AND User = 'localhost';
 Host	User	Proxied_Host	Proxied_User	With_Grant
 DROP USER proxy_admin;
 DROP USER grant_plug,grant_plug_dest,grant_plug_dest2;
 ## END GRANT PROXY tests
 ## cleanup
 DROP USER plug;
 DROP USER plug_dest;
 ## @@proxy_user tests
 CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
 CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
 GRANT PROXY ON plug_dest TO plug;
 SELECT USER(),CURRENT_USER(),@@LOCAL.proxy_user;
 USER()	CURRENT_USER()	@@LOCAL.proxy_user
 root@localhost	root@localhost	NULL
 SELECT @@GLOBAL.proxy_user;
 ERROR HY000: Variable 'proxy_user' is a SESSION variable
 SELECT @@LOCAL.proxy_user;
@@LOCAL.proxy_user
 NULL
 SET GLOBAL proxy_user = 'test';
 ERROR HY000: Variable 'proxy_user' is a read only variable
 SET LOCAL proxy_user = 'test';
 ERROR HY000: Variable 'proxy_user' is a read only variable
 SELECT @@LOCAL.proxy_user;
@@LOCAL.proxy_user
 NULL
 # in connection plug_con
 SELECT @@LOCAL.proxy_user;
@@LOCAL.proxy_user
 'plug'@'%'
 # in connection default
 ## cleanup
 DROP USER plug;
 DROP USER plug_dest;
 ## END @@proxy_user tests
 ## @@external_user tests
 CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
 CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
 GRANT PROXY ON plug_dest TO plug;
 SELECT USER(),CURRENT_USER(),@@LOCAL.external_user;
 USER()	CURRENT_USER()	@@LOCAL.external_user
 root@localhost	root@localhost	NULL
 SELECT @@GLOBAL.external_user;
 ERROR HY000: Variable 'external_user' is a SESSION variable
 SELECT @@LOCAL.external_user;
@@LOCAL.external_user
 NULL
 SET GLOBAL external_user = 'test';
 ERROR HY000: Variable 'external_user' is a read only variable
 SET LOCAL external_user = 'test';
 ERROR HY000: Variable 'external_user' is a read only variable
 SELECT @@LOCAL.external_user;
@@LOCAL.external_user
 NULL
 # in connection plug_con
 SELECT @@LOCAL.external_user;
@@LOCAL.external_user
 'plug'@'%'
 # in connection default
 ## cleanup
 DROP USER plug;
 DROP USER plug_dest;
 ## END @@external_user tests
 #
 #  Bug #56798 : Wrong credentials assigned when using a proxy user.
 #
 GRANT ALL PRIVILEGES ON *.* TO power_user;
 GRANT USAGE ON anonymous_db.* TO ''@''
  IDENTIFIED WITH 'test_plugin_server' AS 'power_user';
 GRANT PROXY ON power_user TO ''@'';
 CREATE DATABASE confidential_db;
 SELECT user(),current_user(),@@proxy_user;
 user()	current_user()	@@proxy_user
 test_login_user@localhost	power_user@%	''@''
 DROP USER power_user;
 DROP USER ''@'';
 DROP DATABASE confidential_db;
 # Test case #2 (crash with double grant proxy)
 CREATE USER ''@'' IDENTIFIED WITH 'test_plugin_server' AS 'standard_user';
 CREATE USER standard_user;
 CREATE DATABASE shared;
 GRANT ALL PRIVILEGES ON shared.* TO standard_user;
 GRANT PROXY ON standard_user TO ''@'';
 #should not crash
 GRANT PROXY ON standard_user TO ''@'';
 DROP USER ''@'';
 DROP USER standard_user;
 DROP DATABASE shared;
--- a/mysql-test/r/ps.result
+++ b/mysql-test/r/ps.result
@ -1194,13 +1194,13 @@ SET @aux= "SELECT COUNT(*)
 prepare my_stmt from @aux;
 execute my_stmt;
 COUNT(*)
-40
+42
 execute my_stmt;
 COUNT(*)
-40
+42
 execute my_stmt;
 COUNT(*)
-40
+42
 deallocate prepare my_stmt;
 drop procedure if exists p1|
 drop table if exists t1|
--- a/mysql-test/r/sp_notembedded.result
+++ b/mysql-test/r/sp_notembedded.result
@ -9,9 +9,11 @@ end|
 call bug4902()|
 Grants for root@localhost
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION
 call bug4902()|
 Grants for root@localhost
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION
 drop procedure bug4902|
 drop procedure if exists bug4902_2|
 create procedure bug4902_2()
@ -206,9 +208,11 @@ create procedure 15298_2 () sql security definer show grants;
 call 15298_1();
 Grants for root@localhost
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION
 call 15298_2();
 Grants for root@localhost
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION
 drop user mysqltest_1@localhost;
 drop procedure 15298_1;
 drop procedure 15298_2;
@ -245,6 +249,8 @@ max_updates, max_connections, max_user_connections)
 VALUES('%', 'mysqltest_1', password(''), 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'N', 'N', 'N',
 'N', 'N', 'N', 'Y', 'Y', 'N', 'N', 'Y', 'Y', 'N', 'N', 'N', 'N', 'N', 'Y', 'Y', 'N', '',
 '', '', '', '0', '0', '0', '0');
 Warnings:
 Warning	1364	Field 'authentication_string' doesn't have a default value
 FLUSH PRIVILEGES;
 CREATE PROCEDURE p1(i INT) BEGIN END;
 DROP PROCEDURE p1;
--- a/mysql-test/r/system_mysql_db.result
+++ b/mysql-test/r/system_mysql_db.result
@ -14,6 +14,7 @@ ndb_binlog_index
 plugin
 proc
 procs_priv
 proxy_priv
 servers
 slow_log
 tables_priv
@ -119,6 +120,8 @@ user	CREATE TABLE `user` (
  `max_updates` int(11) unsigned NOT NULL DEFAULT '0',
  `max_connections` int(11) unsigned NOT NULL DEFAULT '0',
  `max_user_connections` int(11) unsigned NOT NULL DEFAULT '0',
  `plugin` char(60) COLLATE utf8_bin NOT NULL DEFAULT '',
  `authentication_string` text COLLATE utf8_bin NOT NULL,
  PRIMARY KEY (`Host`,`User`)
 ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin COMMENT='Users and global privileges'
 show create table func;
--- a/mysql-test/suite/federated/federated.result
+++ b/mysql-test/suite/federated/federated.result
@ -60,7 +60,7 @@ CREATE TABLE federated.t1 (
 ENGINE="FEDERATED" DEFAULT CHARSET=latin1
 CONNECTION='mysql://user:pass@127.0.0.1:SLAVE_PORT/federated/t1';
 SELECT * FROM federated.t1;
-ERROR HY000: Unable to connect to foreign data source: Access denied for user 'user'@'localhost' (using password: YES)
+ERROR HY000: Unable to connect to foreign data source: Access denied for user 'user'@'localhost' (using password: NO)
 DROP TABLE federated.t1;
 CREATE TABLE federated.t1 (
 `id` int(20) NOT NULL,
--- a/mysql-test/suite/funcs_1/r/innodb_trig_03e.result
+++ b/mysql-test/suite/funcs_1/r/innodb_trig_03e.result
@ -573,6 +573,7 @@ root@localhost
 show grants;
 Grants for root@localhost
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION
 drop trigger trg1_1;
 use priv_db;
--- a/mysql-test/suite/funcs_1/r/is_columns_mysql.result
+++ b/mysql-test/suite/funcs_1/r/is_columns_mysql.result
@ -134,6 +134,11 @@ def	mysql	procs_priv	Routine_name	4		NO	char	64	192	NULL	NULL	utf8	utf8_general_
 def	mysql	procs_priv	Routine_type	5	NULL	NO	enum	9	27	NULL	NULL	utf8	utf8_bin	enum('FUNCTION','PROCEDURE')	PRI		select,insert,update,references	
 def	mysql	procs_priv	Timestamp	8	CURRENT_TIMESTAMP	NO	timestamp	NULL	NULL	NULL	NULL	NULL	NULL	timestamp		on update CURRENT_TIMESTAMP	select,insert,update,references	
 def	mysql	procs_priv	User	3		NO	char	16	48	NULL	NULL	utf8	utf8_bin	char(16)	PRI		select,insert,update,references	
 def	mysql	proxy_priv	Host	1		NO	char	60	180	NULL	NULL	utf8	utf8_bin	char(60)	PRI		select,insert,update,references	
 def	mysql	proxy_priv	Proxied_Host	3		NO	char	16	48	NULL	NULL	utf8	utf8_bin	char(16)	PRI		select,insert,update,references	
 def	mysql	proxy_priv	Proxied_User	4		NO	char	60	180	NULL	NULL	utf8	utf8_bin	char(60)	PRI		select,insert,update,references	
 def	mysql	proxy_priv	User	2		NO	char	16	48	NULL	NULL	utf8	utf8_bin	char(16)	PRI		select,insert,update,references	
 def	mysql	proxy_priv	With_Grant	5	0	NO	tinyint	NULL	NULL	3	0	NULL	NULL	tinyint(1)			select,insert,update,references	
 def	mysql	servers	Db	3		NO	char	64	192	NULL	NULL	utf8	utf8_general_ci	char(64)			select,insert,update,references	
 def	mysql	servers	Host	2		NO	char	64	192	NULL	NULL	utf8	utf8_general_ci	char(64)			select,insert,update,references	
 def	mysql	servers	Owner	9		NO	char	64	192	NULL	NULL	utf8	utf8_general_ci	char(64)			select,insert,update,references	
@ -178,6 +183,7 @@ def	mysql	time_zone_transition_type	Time_zone_id	1	NULL	NO	int	NULL	NULL	10	0	NU
 def	mysql	time_zone_transition_type	Transition_type_id	2	NULL	NO	int	NULL	NULL	10	0	NULL	NULL	int(10) unsigned	PRI		select,insert,update,references	
 def	mysql	user	Alter_priv	17	N	NO	enum	1	3	NULL	NULL	utf8	utf8_general_ci	enum('N','Y')			select,insert,update,references	
 def	mysql	user	Alter_routine_priv	28	N	NO	enum	1	3	NULL	NULL	utf8	utf8_general_ci	enum('N','Y')			select,insert,update,references	
 def	mysql	user	authentication_string	42	NULL	NO	text	65535	65535	NULL	NULL	utf8	utf8_bin	text			select,insert,update,references	
 def	mysql	user	Create_priv	8	N	NO	enum	1	3	NULL	NULL	utf8	utf8_general_ci	enum('N','Y')			select,insert,update,references	
 def	mysql	user	Create_routine_priv	27	N	NO	enum	1	3	NULL	NULL	utf8	utf8_general_ci	enum('N','Y')			select,insert,update,references	
 def	mysql	user	Create_tablespace_priv	32	N	NO	enum	1	3	NULL	NULL	utf8	utf8_general_ci	enum('N','Y')			select,insert,update,references	
@ -199,6 +205,7 @@ def	mysql	user	max_questions	37	0	NO	int	NULL	NULL	10	0	NULL	NULL	int(11) unsign
 def	mysql	user	max_updates	38	0	NO	int	NULL	NULL	10	0	NULL	NULL	int(11) unsigned			select,insert,update,references	
 def	mysql	user	max_user_connections	40	0	NO	int	NULL	NULL	10	0	NULL	NULL	int(11) unsigned			select,insert,update,references	
 def	mysql	user	Password	3		NO	char	41	41	NULL	NULL	latin1	latin1_bin	char(41)			select,insert,update,references	
 def	mysql	user	plugin	41		NO	char	60	180	NULL	NULL	utf8	utf8_bin	char(60)			select,insert,update,references	
 def	mysql	user	Process_priv	12	N	NO	enum	1	3	NULL	NULL	utf8	utf8_general_ci	enum('N','Y')			select,insert,update,references	
 def	mysql	user	References_priv	15	N	NO	enum	1	3	NULL	NULL	utf8	utf8_general_ci	enum('N','Y')			select,insert,update,references	
 def	mysql	user	Reload_priv	10	N	NO	enum	1	3	NULL	NULL	utf8	utf8_general_ci	enum('N','Y')			select,insert,update,references	
@ -418,6 +425,11 @@ NULL	mysql	proc	modified	timestamp	NULL	NULL	NULL	NULL	timestamp
 3.0000	mysql	procs_priv	Grantor	char	77	231	utf8	utf8_bin	char(77)
 3.0000	mysql	procs_priv	Proc_priv	set	27	81	utf8	utf8_general_ci	set('Execute','Alter Routine','Grant')
 NULL	mysql	procs_priv	Timestamp	timestamp	NULL	NULL	NULL	NULL	timestamp
 3.0000	mysql	proxy_priv	Host	char	60	180	utf8	utf8_bin	char(60)
 3.0000	mysql	proxy_priv	User	char	16	48	utf8	utf8_bin	char(16)
 3.0000	mysql	proxy_priv	Proxied_Host	char	16	48	utf8	utf8_bin	char(16)
 3.0000	mysql	proxy_priv	Proxied_User	char	60	180	utf8	utf8_bin	char(60)
 NULL	mysql	proxy_priv	With_Grant	tinyint	NULL	NULL	NULL	NULL	tinyint(1)
 3.0000	mysql	servers	Server_name	char	64	192	utf8	utf8_general_ci	char(64)
 3.0000	mysql	servers	Host	char	64	192	utf8	utf8_general_ci	char(64)
 3.0000	mysql	servers	Db	char	64	192	utf8	utf8_general_ci	char(64)
@ -500,3 +512,5 @@ NULL	mysql	user	max_questions	int	NULL	NULL	NULL	NULL	int(11) unsigned
 NULL	mysql	user	max_updates	int	NULL	NULL	NULL	NULL	int(11) unsigned
 NULL	mysql	user	max_connections	int	NULL	NULL	NULL	NULL	int(11) unsigned
 NULL	mysql	user	max_user_connections	int	NULL	NULL	NULL	NULL	int(11) unsigned
 3.0000	mysql	user	plugin	char	60	180	utf8	utf8_bin	char(60)
 1.0000	mysql	user	authentication_string	text	65535	65535	utf8	utf8_bin	text
--- a/mysql-test/suite/funcs_1/r/is_key_column_usage.result
+++ b/mysql-test/suite/funcs_1/r/is_key_column_usage.result
@ -106,6 +106,10 @@ def	mysql	PRIMARY	def	mysql	procs_priv	Db
 def	mysql	PRIMARY	def	mysql	procs_priv	User
 def	mysql	PRIMARY	def	mysql	procs_priv	Routine_name
 def	mysql	PRIMARY	def	mysql	procs_priv	Routine_type
 def	mysql	PRIMARY	def	mysql	proxy_priv	Host
 def	mysql	PRIMARY	def	mysql	proxy_priv	User
 def	mysql	PRIMARY	def	mysql	proxy_priv	Proxied_Host
 def	mysql	PRIMARY	def	mysql	proxy_priv	Proxied_User
 def	mysql	PRIMARY	def	mysql	servers	Server_name
 def	mysql	PRIMARY	def	mysql	tables_priv	Host
 def	mysql	PRIMARY	def	mysql	tables_priv	Db
--- a/mysql-test/suite/funcs_1/r/is_statistics.result
+++ b/mysql-test/suite/funcs_1/r/is_statistics.result
@ -118,6 +118,10 @@ def	mysql	procs_priv	mysql	PRIMARY
 def	mysql	procs_priv	mysql	PRIMARY
 def	mysql	procs_priv	mysql	PRIMARY
 def	mysql	procs_priv	mysql	Grantor
 def	mysql	proxy_priv	mysql	PRIMARY
 def	mysql	proxy_priv	mysql	PRIMARY
 def	mysql	proxy_priv	mysql	PRIMARY
 def	mysql	proxy_priv	mysql	PRIMARY
 def	mysql	servers	mysql	PRIMARY
 def	mysql	tables_priv	mysql	PRIMARY
 def	mysql	tables_priv	mysql	PRIMARY
--- a/mysql-test/suite/funcs_1/r/is_statistics_mysql.result
+++ b/mysql-test/suite/funcs_1/r/is_statistics_mysql.result
@ -40,6 +40,10 @@ def	mysql	procs_priv	0	mysql	PRIMARY	2	Db	A	#CARD#	NULL	NULL		BTREE
 def	mysql	procs_priv	0	mysql	PRIMARY	3	User	A	#CARD#	NULL	NULL		BTREE		
 def	mysql	procs_priv	0	mysql	PRIMARY	4	Routine_name	A	#CARD#	NULL	NULL		BTREE		
 def	mysql	procs_priv	0	mysql	PRIMARY	5	Routine_type	A	#CARD#	NULL	NULL		BTREE		
 def	mysql	proxy_priv	0	mysql	PRIMARY	1	Host	A	#CARD#	NULL	NULL		BTREE		
 def	mysql	proxy_priv	0	mysql	PRIMARY	2	User	A	#CARD#	NULL	NULL		BTREE		
 def	mysql	proxy_priv	0	mysql	PRIMARY	3	Proxied_Host	A	#CARD#	NULL	NULL		BTREE		
 def	mysql	proxy_priv	0	mysql	PRIMARY	4	Proxied_User	A	#CARD#	NULL	NULL		BTREE		
 def	mysql	servers	0	mysql	PRIMARY	1	Server_name	A	#CARD#	NULL	NULL		BTREE		
 def	mysql	tables_priv	1	mysql	Grantor	1	Grantor	A	#CARD#	NULL	NULL		BTREE		
 def	mysql	tables_priv	0	mysql	PRIMARY	1	Host	A	#CARD#	NULL	NULL		BTREE		
--- a/mysql-test/suite/funcs_1/r/is_table_constraints.result
+++ b/mysql-test/suite/funcs_1/r/is_table_constraints.result
@ -73,6 +73,7 @@ def	mysql	PRIMARY	mysql	ndb_binlog_index
 def	mysql	PRIMARY	mysql	plugin
 def	mysql	PRIMARY	mysql	proc
 def	mysql	PRIMARY	mysql	procs_priv
 def	mysql	PRIMARY	mysql	proxy_priv
 def	mysql	PRIMARY	mysql	servers
 def	mysql	PRIMARY	mysql	tables_priv
 def	mysql	PRIMARY	mysql	time_zone
--- a/mysql-test/suite/funcs_1/r/is_table_constraints_mysql.result
+++ b/mysql-test/suite/funcs_1/r/is_table_constraints_mysql.result
@ -23,6 +23,7 @@ def	mysql	PRIMARY	mysql	ndb_binlog_index	PRIMARY KEY
 def	mysql	PRIMARY	mysql	plugin	PRIMARY KEY
 def	mysql	PRIMARY	mysql	proc	PRIMARY KEY
 def	mysql	PRIMARY	mysql	procs_priv	PRIMARY KEY
 def	mysql	PRIMARY	mysql	proxy_priv	PRIMARY KEY
 def	mysql	PRIMARY	mysql	servers	PRIMARY KEY
 def	mysql	PRIMARY	mysql	tables_priv	PRIMARY KEY
 def	mysql	PRIMARY	mysql	time_zone	PRIMARY KEY
--- a/mysql-test/suite/funcs_1/r/is_tables_mysql.result
+++ b/mysql-test/suite/funcs_1/r/is_tables_mysql.result
@ -336,6 +336,29 @@ user_comment	Procedure privileges
 Separator	-----------------------------------------------------
 TABLE_CATALOG	def
 TABLE_SCHEMA	mysql
 TABLE_NAME	proxy_priv
 TABLE_TYPE	BASE TABLE
 ENGINE	MyISAM
 VERSION	10
 ROW_FORMAT	Fixed
 TABLE_ROWS	#TBLR#
 AVG_ROW_LENGTH	#ARL#
 DATA_LENGTH	#DL#
 MAX_DATA_LENGTH	#MDL#
 INDEX_LENGTH	#IL#
 DATA_FREE	#DF#
 AUTO_INCREMENT	NULL
 CREATE_TIME	#CRT#
 UPDATE_TIME	#UT#
 CHECK_TIME	#CT#
 TABLE_COLLATION	utf8_bin
 CHECKSUM	NULL
 CREATE_OPTIONS	#CO#
 TABLE_COMMENT	#TC#
 user_comment	User proxy privileges
 Separator	-----------------------------------------------------
 TABLE_CATALOG	def
 TABLE_SCHEMA	mysql
 TABLE_NAME	servers
 TABLE_TYPE	BASE TABLE
 ENGINE	MyISAM
--- a/mysql-test/suite/funcs_1/r/is_user_privileges.result
+++ b/mysql-test/suite/funcs_1/r/is_user_privileges.result
--- a/mysql-test/suite/funcs_1/r/memory_trig_03e.result
+++ b/mysql-test/suite/funcs_1/r/memory_trig_03e.result
@ -574,6 +574,7 @@ root@localhost
 show grants;
 Grants for root@localhost
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION
 drop trigger trg1_1;
 use priv_db;
--- a/mysql-test/suite/funcs_1/r/myisam_trig_03e.result
+++ b/mysql-test/suite/funcs_1/r/myisam_trig_03e.result
@ -574,6 +574,7 @@ root@localhost
 show grants;
 Grants for root@localhost
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION
 drop trigger trg1_1;
 use priv_db;
--- a/mysql-test/suite/funcs_1/r/processlist_priv_no_prot.result
+++ b/mysql-test/suite/funcs_1/r/processlist_priv_no_prot.result
@ -65,6 +65,7 @@ ERROR 42000: Access denied for user 'root'@'localhost' to database 'information_
 SHOW GRANTS;
 Grants for root@localhost
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION
 CREATE INDEX i_processlist ON processlist (user);
 ERROR 42000: Access denied for user 'root'@'localhost' to database 'information_schema'
 DROP TABLE processlist;
--- a/mysql-test/suite/funcs_1/r/processlist_priv_ps.result
+++ b/mysql-test/suite/funcs_1/r/processlist_priv_ps.result
@ -65,6 +65,7 @@ ERROR 42000: Access denied for user 'root'@'localhost' to database 'information_
 SHOW GRANTS;
 Grants for root@localhost
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION
 CREATE INDEX i_processlist ON processlist (user);
 ERROR 42000: Access denied for user 'root'@'localhost' to database 'information_schema'
 DROP TABLE processlist;
--- a/mysql-test/suite/funcs_1/t/is_user_privileges.test
+++ b/mysql-test/suite/funcs_1/t/is_user_privileges.test
@ -104,20 +104,26 @@ ORDER BY grantee, table_catalog, privilege_type;
 let $my_select2= SELECT * FROM mysql.user
 WHERE user LIKE 'testuser%' ORDER BY host, user;
 let $my_show= SHOW GRANTS;
 --vertical_results
 eval $my_select1;
 eval $my_select2;
 --horizontal_results
 --echo #
 --echo # Add GRANT OPTION db_datadict.* to testuser1;
 GRANT UPDATE ON db_datadict.* TO 'testuser1'@'localhost' WITH GRANT OPTION;
 --vertical_results
 eval $my_select1;
 eval $my_select2;
 --horizontal_results
 --echo # Establish connection testuser1 (user=testuser1)
 --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK
 connect (testuser1, localhost, testuser1, , db_datadict);
 --vertical_results
 eval $my_select1;
 eval $my_select2;
 --horizontal_results
 eval $my_show;
 --echo
@ -128,36 +134,46 @@ connection default;
 GRANT SELECT ON *.* TO 'testuser1'@'localhost';
 --echo #
 --echo # Here <SELECT NO> is shown correctly for testuser1;
 --vertical_results
 eval $my_select1;
 eval $my_select2;
 --horizontal_results
 GRANT SELECT ON *.* TO 'testuser1'@'localhost' WITH GRANT OPTION;
 --echo #
 --echo # Here <SELECT YES> is shown correctly for testuser1;
 --vertical_results
 eval $my_select1;
 eval $my_select2;
 --horizontal_results
 --echo # Switch to connection testuser1
 # check that this appears
 connection testuser1;
 --vertical_results
 eval $my_select1;
 eval $my_select2;
 --horizontal_results
 eval $my_show;
 --echo # Establish connection testuser2 (user=testuser2)
 --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK
 connect (testuser2, localhost, testuser2, , db_datadict);
 --vertical_results
 eval $my_select1;
 --error ER_TABLEACCESS_DENIED_ERROR
 eval $my_select2;
 --horizontal_results
 eval $my_show;
 --echo # Establish connection testuser3 (user=testuser3)
 --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK
 connect (testuser3, localhost, testuser3, , test);
 --vertical_results
 eval $my_select1;
 --error ER_TABLEACCESS_DENIED_ERROR
 eval $my_select2;
 --horizontal_results
 eval $my_show;
 --echo
@ -165,23 +181,29 @@ eval $my_show;
 --echo # Switch to connection default
 connection default;
 REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'testuser1'@'localhost';
 --vertical_results
 eval $my_select1;
 eval $my_select2;
 --horizontal_results
 --echo # Switch to connection testuser1
 # check for changes
 connection testuser1;
 --vertical_results
 eval $my_select1;
 --error ER_TABLEACCESS_DENIED_ERROR
 eval $my_select2;
 --horizontal_results
 eval $my_show;
 # OK, testuser1 has no privs here
 --error ER_TABLEACCESS_DENIED_ERROR
 CREATE TABLE db_datadict.tb_55 ( c1 TEXT );
 --vertical_results
 eval $my_select1;
 --error ER_TABLEACCESS_DENIED_ERROR
 eval $my_select2;
 --horizontal_results
 eval $my_show;
 # OK, testuser1 has no privs here
 --error ER_TABLEACCESS_DENIED_ERROR
@ -193,13 +215,17 @@ CREATE TABLE db_datadict.tb_66 ( c1 TEXT );
 connection default;
 GRANT ALL ON db_datadict.* TO 'testuser1'@'localhost' WITH GRANT OPTION;
 GRANT SELECT ON mysql.user TO 'testuser1'@'localhost';
 --vertical_results
 eval $my_select1;
 eval $my_select2;
 --horizontal_results
 --echo # Switch to connection testuser1
 connection testuser1;
 --vertical_results
 eval $my_select1;
 eval $my_select2;
 --horizontal_results
 eval $my_show;
 # OK, testuser1 has no privs here
@ -208,8 +234,10 @@ CREATE TABLE db_datadict.tb_56 ( c1 TEXT );
 # using 'USE' lets the server read the privileges new, so now the CREATE works
 USE db_datadict;
 --vertical_results
 eval $my_select1;
 eval $my_select2;
 --horizontal_results
 eval $my_show;
 --replace_result $other_engine_type <other_engine_type>
 eval
@ -221,15 +249,19 @@ ENGINE = $other_engine_type;
 --echo # Switch to connection default
 connection default;
 REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'testuser1'@'localhost';
 --vertical_results
 eval $my_select1;
 eval $my_select2;
 --horizontal_results
 --echo # Switch to connection testuser1
 # check for changes
 connection testuser1;
 --vertical_results
 eval $my_select1;
 --error ER_TABLEACCESS_DENIED_ERROR
 eval $my_select2;
 --horizontal_results
 eval $my_show;
 # WORKS, as the existing old privileges are used!
 --replace_result $other_engine_type <other_engine_type>
@ -273,19 +305,27 @@ DROP DATABASE IF EXISTS db_datadict;
 let $my_select = SELECT * FROM information_schema.user_privileges
 WHERE grantee = '''testuser1''@''localhost''';
 let $my_show = SHOW GRANTS FOR 'testuser1'@'localhost';
 --vertical_results
 eval $my_select;
 --horizontal_results
 --error ER_NONEXISTING_GRANT
 eval $my_show;
 --error 0,ER_CANNOT_USER
 DROP   USER 'testuser1'@'localhost';
 CREATE USER 'testuser1'@'localhost';
 --vertical_results
 eval $my_select;
 --horizontal_results
 eval $my_show;
 GRANT SELECT, FILE ON *.* TO 'testuser1'@'localhost';
 --vertical_results
 eval $my_select;
 --horizontal_results
 eval $my_show;
 DROP USER   'testuser1'@'localhost';
 --vertical_results
 eval $my_select;
 --horizontal_results
 --error ER_NONEXISTING_GRANT
 eval $my_show;
--- a/mysql-test/suite/perfschema/r/column_privilege.result
+++ b/mysql-test/suite/perfschema/r/column_privilege.result
@ -1,6 +1,7 @@
 show grants;
 Grants for root@localhost
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION
 grant usage on *.* to 'pfs_user_5'@localhost with GRANT OPTION;
 grant SELECT(thread_id, event_id) on performance_schema.EVENTS_WAITS_CURRENT
 to 'pfs_user_5'@localhost;
--- a/mysql-test/suite/perfschema/r/pfs_upgrade.result
+++ b/mysql-test/suite/perfschema/r/pfs_upgrade.result
@ -25,7 +25,7 @@ ERROR 1050 (42S01) at line 428: Table 'SETUP_CONSUMERS' already exists
 ERROR 1050 (42S01) at line 445: Table 'SETUP_INSTRUMENTS' already exists
 ERROR 1050 (42S01) at line 461: Table 'SETUP_TIMERS' already exists
 ERROR 1050 (42S01) at line 478: Table 'THREADS' already exists
-ERROR 1644 (HY000) at line 1118: Unexpected content found in the performance_schema database.
+ERROR 1644 (HY000) at line 1122: Unexpected content found in the performance_schema database.
 FATAL ERROR: Upgrade failed
 show tables like "user_table";
 Tables_in_performance_schema (user_table)
@ -55,7 +55,7 @@ ERROR 1050 (42S01) at line 428: Table 'SETUP_CONSUMERS' already exists
 ERROR 1050 (42S01) at line 445: Table 'SETUP_INSTRUMENTS' already exists
 ERROR 1050 (42S01) at line 461: Table 'SETUP_TIMERS' already exists
 ERROR 1050 (42S01) at line 478: Table 'THREADS' already exists
-ERROR 1644 (HY000) at line 1118: Unexpected content found in the performance_schema database.
+ERROR 1644 (HY000) at line 1122: Unexpected content found in the performance_schema database.
 FATAL ERROR: Upgrade failed
 show tables like "user_view";
 Tables_in_performance_schema (user_view)
@ -83,7 +83,7 @@ ERROR 1050 (42S01) at line 428: Table 'SETUP_CONSUMERS' already exists
 ERROR 1050 (42S01) at line 445: Table 'SETUP_INSTRUMENTS' already exists
 ERROR 1050 (42S01) at line 461: Table 'SETUP_TIMERS' already exists
 ERROR 1050 (42S01) at line 478: Table 'THREADS' already exists
-ERROR 1644 (HY000) at line 1118: Unexpected content found in the performance_schema database.
+ERROR 1644 (HY000) at line 1122: Unexpected content found in the performance_schema database.
 FATAL ERROR: Upgrade failed
 select name from mysql.proc where db='performance_schema';
 name
@ -111,7 +111,7 @@ ERROR 1050 (42S01) at line 428: Table 'SETUP_CONSUMERS' already exists
 ERROR 1050 (42S01) at line 445: Table 'SETUP_INSTRUMENTS' already exists
 ERROR 1050 (42S01) at line 461: Table 'SETUP_TIMERS' already exists
 ERROR 1050 (42S01) at line 478: Table 'THREADS' already exists
-ERROR 1644 (HY000) at line 1118: Unexpected content found in the performance_schema database.
+ERROR 1644 (HY000) at line 1122: Unexpected content found in the performance_schema database.
 FATAL ERROR: Upgrade failed
 select name from mysql.proc where db='performance_schema';
 name
@ -139,7 +139,7 @@ ERROR 1050 (42S01) at line 428: Table 'SETUP_CONSUMERS' already exists
 ERROR 1050 (42S01) at line 445: Table 'SETUP_INSTRUMENTS' already exists
 ERROR 1050 (42S01) at line 461: Table 'SETUP_TIMERS' already exists
 ERROR 1050 (42S01) at line 478: Table 'THREADS' already exists
-ERROR 1644 (HY000) at line 1118: Unexpected content found in the performance_schema database.
+ERROR 1644 (HY000) at line 1122: Unexpected content found in the performance_schema database.
 FATAL ERROR: Upgrade failed
 select name from mysql.event where db='performance_schema';
 name
--- a/mysql-test/suite/perfschema/r/privilege.result
+++ b/mysql-test/suite/perfschema/r/privilege.result
@ -1,6 +1,7 @@
 show grants;
 Grants for root@localhost
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION
 grant ALL on *.* to 'pfs_user_1'@localhost with GRANT OPTION;
 grant ALL on performance_schema.* to 'pfs_user_2'@localhost
 with GRANT OPTION;
--- a/mysql-test/suite/rpl/r/rpl_do_grant.result
+++ b/mysql-test/suite/rpl/r/rpl_do_grant.result
@ -207,6 +207,7 @@ GRANT EXECUTE ON PROCEDURE `test`.`p1` TO 'user49119'@'localhost'
 SHOW GRANTS FOR CURRENT_USER;
 Grants for root@localhost
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION
 ##############################################################
 ##############################################################
 ### Showing grants for both users: root and user49119 (master)
@ -217,6 +218,7 @@ GRANT EXECUTE ON PROCEDURE `test`.`p1` TO 'user49119'@'localhost'
 SHOW GRANTS FOR CURRENT_USER;
 Grants for root@localhost
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION
 ##############################################################
 ## This statement will make the revoke fail because root has no
 ## execute grant. However, it will still revoke the grant for
@ -232,6 +234,7 @@ GRANT USAGE ON *.* TO 'user49119'@'localhost'
 SHOW GRANTS FOR CURRENT_USER;
 Grants for root@localhost
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION
 ##############################################################
 #############################################################
 ### Showing grants for both users: root and user49119 (slave)
@ -242,6 +245,7 @@ GRANT USAGE ON *.* TO 'user49119'@'localhost'
 SHOW GRANTS FOR CURRENT_USER;
 Grants for root@localhost
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION
 ##############################################################
 DROP TABLE t1;
 DROP PROCEDURE p1;
--- a/mysql-test/suite/rpl/r/rpl_ignore_table.result
+++ b/mysql-test/suite/rpl/r/rpl_ignore_table.result
@ -34,6 +34,7 @@ Warnings:
 Warning	1364	Field 'ssl_cipher' doesn't have a default value
 Warning	1364	Field 'x509_issuer' doesn't have a default value
 Warning	1364	Field 'x509_subject' doesn't have a default value
 Warning	1364	Field 'authentication_string' doesn't have a default value
 GRANT SELECT ON *.* TO mysqltest6@localhost;
 GRANT INSERT ON *.* TO mysqltest6@localhost;
 GRANT INSERT ON test.* TO mysqltest6@localhost;
--- a/mysql-test/suite/rpl/r/rpl_stm_000001.result
+++ b/mysql-test/suite/rpl/r/rpl_stm_000001.result
@ -66,6 +66,7 @@ Warnings:
 Warning	1364	Field 'ssl_cipher' doesn't have a default value
 Warning	1364	Field 'x509_issuer' doesn't have a default value
 Warning	1364	Field 'x509_subject' doesn't have a default value
 Warning	1364	Field 'authentication_string' doesn't have a default value
 select select_priv,user from mysql.user where user = _binary'blafasel2';
 select_priv	user
 N	blafasel2
--- a/mysql-test/suite/sys_vars/r/external_user_basic.result
+++ b/mysql-test/suite/sys_vars/r/external_user_basic.result
@ -0,0 +1,3 @@
 SELECT @@SESSION.EXTERNAL_USER FROM DUAL;
@@SESSION.EXTERNAL_USER
 NULL
--- a/mysql-test/suite/sys_vars/r/proxy_user_basic.result
+++ b/mysql-test/suite/sys_vars/r/proxy_user_basic.result
@ -0,0 +1,3 @@
 SELECT @@SESSION.PROXY_USER FROM DUAL;
@@SESSION.PROXY_USER
 NULL
--- a/mysql-test/suite/sys_vars/t/external_user_basic.test
+++ b/mysql-test/suite/sys_vars/t/external_user_basic.test
@ -0,0 +1 @@
 SELECT @@SESSION.EXTERNAL_USER FROM DUAL;
--- a/mysql-test/suite/sys_vars/t/proxy_user_basic.test
+++ b/mysql-test/suite/sys_vars/t/proxy_user_basic.test
@ -0,0 +1 @@
 SELECT @@SESSION.PROXY_USER FROM DUAL;
--- a/mysql-test/t/change_user.test
+++ b/mysql-test/t/change_user.test
@ -1,3 +1,51 @@
 #
 # functional change user tests
 #
 grant select on test.* to test_nopw;
 grant select on test.* to test_oldpw identified by password "09301740536db389";
 grant select on test.* to test_newpw identified by "newpw";
 select user(), current_user(), database();
 #
 # massaging the data for tests to pass in the embedded server,
 # that has authentication completely disabled.
 #
 --replace_result <@> <test_nopw@%> @> @localhost>
 select concat('<', user(), '>'), concat('<', current_user(), '>'), database();
 change_user test_nopw;
 --replace_result <@> <test_nopw@%> @> @localhost>
 select concat('<', user(), '>'), concat('<', current_user(), '>'), database();
 change_user test_oldpw, oldpw;
 --replace_result <@> <test_oldpw@%> @> @localhost>
 select concat('<', user(), '>'), concat('<', current_user(), '>'), database();
 change_user test_newpw, newpw;
 --replace_result <@> <test_newpw@%> @> @localhost>
 select concat('<', user(), '>'), concat('<', current_user(), '>'), database();
 change_user root;
 --replace_result <@> <root@localhost> @> @localhost>
 select concat('<', user(), '>'), concat('<', current_user(), '>'), database();
 change_user test_nopw,,test;
 --replace_result <@> <test_nopw@%> @> @localhost>
 select concat('<', user(), '>'), concat('<', current_user(), '>'), database();
 change_user test_oldpw,oldpw,test;
 --replace_result <@> <test_oldpw@%> @> @localhost>
 select concat('<', user(), '>'), concat('<', current_user(), '>'), database();
 change_user test_newpw,newpw,test;
 --replace_result <@> <test_newpw@%> @> @localhost>
 select concat('<', user(), '>'), concat('<', current_user(), '>'), database();
 change_user root,,test;
 --replace_result <@> <root@localhost> @> @localhost>
 select concat('<', user(), '>'), concat('<', current_user(), '>'), database();
 drop user test_nopw;
 drop user test_oldpw;
 drop user test_newpw;
 #
 # Bug#20023 mysql_change_user() resets the value of SQL_BIG_SELECTS
 #
--- a/mysql-test/t/grant.test
+++ b/mysql-test/t/grant.test
@ -29,7 +29,7 @@ flush privileges;
 grant select on mysqltest.* to mysqltest_1@localhost require cipher "EDH-RSA-DES-CBC3-SHA";
 show grants for mysqltest_1@localhost;
 grant delete on mysqltest.* to mysqltest_1@localhost;
-select * from mysql.user where user="mysqltest_1";
+query_vertical select * from mysql.user where user="mysqltest_1";
 show grants for mysqltest_1@localhost;
 revoke delete on mysqltest.* from mysqltest_1@localhost;
 show grants for mysqltest_1@localhost;
@ -48,10 +48,10 @@ flush privileges;
 delete from mysql.user where user='mysqltest_1';
 flush privileges;
 grant usage on *.* to mysqltest_1@localhost with max_queries_per_hour 10;
-select * from mysql.user where user="mysqltest_1";
+query_vertical select * from mysql.user where user="mysqltest_1";
 show grants for mysqltest_1@localhost;
 grant usage on *.* to mysqltest_1@localhost with max_updates_per_hour 20 max_connections_per_hour 30;
-select * from mysql.user where user="mysqltest_1";
+query_vertical select * from mysql.user where user="mysqltest_1";
 show grants for mysqltest_1@localhost;
 # This is just to double check that one won't ignore results of selects
 flush privileges;
--- a/mysql-test/t/grant2.test
+++ b/mysql-test/t/grant2.test
@ -31,7 +31,7 @@ create user mysqltest_2@localhost;
 connect (user_a,localhost,mysqltest_1,,);
 connection user_a;
 grant select on `my\_1`.* to mysqltest_2@localhost;
--error ER_PASSWORD_NOT_ALLOWED
+--error ER_DBACCESS_DENIED_ERROR
 grant select on `my\_1`.* to mysqltest_2@localhost identified by 'pass';
 disconnect user_a;
 connection default;
@ -405,7 +405,7 @@ drop database mysqltest_1;
 # But anonymous users can't change their password
 connect (n5,localhost,test,,test,$MASTER_MYPORT,$MASTER_MYSOCK);
 connection n5;
--error ER_DBACCESS_DENIED_ERROR
+--error ER_PASSWORD_NO_MATCH
 set password = password("changed");
 disconnect n5;
 connection default;
--- a/mysql-test/t/plugin_auth-master.opt
+++ b/mysql-test/t/plugin_auth-master.opt
@ -0,0 +1,2 @@
 $PLUGIN_AUTH_OPT
 $PLUGIN_AUTH_LOAD
--- a/mysql-test/t/plugin_auth.test
+++ b/mysql-test/t/plugin_auth.test
@ -0,0 +1,332 @@
 --source include/have_plugin_auth.inc
 --source include/not_embedded.inc
 query_vertical SELECT PLUGIN_STATUS, PLUGIN_TYPE, PLUGIN_DESCRIPTION
  FROM INFORMATION_SCHEMA.PLUGINS WHERE PLUGIN_NAME='test_plugin_server';
 CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
 CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
 SELECT plugin,authentication_string FROM mysql.user WHERE User='plug';
 --echo ## test plugin auth
 --disable_query_log
 --error ER_ACCESS_DENIED_ERROR : this should fail : no grant
 connect(plug_con,localhost,plug,plug_dest);
 --enable_query_log
 GRANT PROXY ON plug_dest TO plug;
 connect(plug_con,localhost,plug,plug_dest);
 connection plug_con;
 select USER(),CURRENT_USER();
 --echo ## test SET PASSWORD
 #--error ER_SET_PASSWORD_AUTH_PLUGIN
 SET PASSWORD = PASSWORD('plug_dest');
 connection default;
 disconnect plug_con;
 --echo ## test bad credentials
 --disable_query_log
 --error ER_ACCESS_DENIED_ERROR
 connect(plug_con,localhost,plug,bad_credentials);
 --enable_query_log
 --echo ## test bad default plugin : should get CR_AUTH_PLUGIN_CANNOT_LOAD
 --disable_result_log
 --disable_query_log
 --error 2059
 connect(plug_con_wrongp,localhost,plug,plug_dest,,,,,wrong_plugin_name);
 --enable_query_log
 --enable_result_log
 --echo ## test correct default plugin
 connect(plug_con_rightp,localhost,plug,plug_dest,,,,,auth_test_plugin);
 connection plug_con_rightp;
 select USER(),CURRENT_USER();
 connection default;
 disconnect plug_con_rightp;
 --echo ## test no_auto_create_user sql mode with plugin users
 SET @@sql_mode=no_auto_create_user;
 GRANT INSERT ON TEST.* TO grant_user IDENTIFIED WITH 'test_plugin_server';
 SET @@sql_mode=default;
 DROP USER grant_user;
 --echo ## test utf-8 user name
 CREATE USER `Ÿ` IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
 GRANT PROXY ON plug_dest TO `Ÿ`;
 connect(non_ascii,localhost,Ÿ,plug_dest);
 connection non_ascii;
 select USER(),CURRENT_USER();
 connection default;
 disconnect non_ascii;
 DROP USER `Ÿ`;
 --echo ## test GRANT ... IDENTIFIED WITH/BY ...
 CREATE DATABASE test_grant_db;
 --echo # create new user via GRANT WITH
 GRANT ALL PRIVILEGES ON test_grant_db.* TO new_grant_user 
  IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
 GRANT PROXY ON plug_dest TO new_grant_user;  
 connect(plug_con_grant,localhost,new_grant_user,plug_dest);
 connection plug_con_grant;
 select USER(),CURRENT_USER();
 USE test_grant_db;
 CREATE TABLE t1 (a INT);
 DROP TABLE t1;
 connection default;
 disconnect plug_con_grant;
 REVOKE ALL PRIVILEGES ON test_grant_db.* FROM new_grant_user;
 --echo # try re-create existing user via GRANT IDENTIFIED BY
 GRANT ALL PRIVILEGES ON test_grant_db.* TO new_grant_user
  IDENTIFIED BY 'unused_password';
 --echo # make sure password doesn't take precendence
 --disable_query_log
 --error ER_ACCESS_DENIED_ERROR
 connect(plug_con_grant_deny,localhost,new_grant_user,unused_password);
 --enable_query_log
 --echo #make sure plugin auth still available
 connect(plug_con_grant,localhost,new_grant_user,plug_dest);
 connection plug_con_grant;
 select USER(),CURRENT_USER();
 USE test_grant_db;
 CREATE TABLE t1 (a INT);
 DROP TABLE t1;
 connection default;
 disconnect plug_con_grant;
 DROP USER new_grant_user;
 --echo # try re-create existing user via GRANT IDENTIFIED WITH
 --error ER_GRANT_PLUGIN_USER_EXISTS
 GRANT ALL PRIVILEGES ON test_grant_db.* TO plug
  IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
 --error ER_GRANT_PLUGIN_USER_EXISTS
 GRANT ALL PRIVILEGES ON test_grant_db.* TO plug_dest
  IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
 --error ER_PARSE_ERROR
 REVOKE SELECT on test_grant_db.* FROM joro 
  INDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
 --error ER_PARSE_ERROR
 REVOKE SELECT on test_grant_db.* FROM joro 
  INDENTIFIED BY 'plug_dest_passwd';
 --error ER_PARSE_ERROR
 REVOKE SELECT on test_grant_db.* FROM joro 
  INDENTIFIED BY PASSWORD 'plug_dest_passwd';
 DROP DATABASE test_grant_db;
 --echo ## GRANT PROXY tests
 CREATE USER grant_plug IDENTIFIED WITH 'test_plugin_server' 
  AS 'grant_plug_dest';
 CREATE USER grant_plug_dest IDENTIFIED BY 'grant_plug_dest_passwd';
 CREATE USER grant_plug_dest2 IDENTIFIED BY 'grant_plug_dest_passwd2';
 --echo # ALL PRIVILEGES doesn't include PROXY
 GRANT ALL PRIVILEGES ON *.* TO grant_plug;
 --disable_query_log
 --error ER_ACCESS_DENIED_ERROR : this should fail : no grant
 connect(grant_plug_con,localhost,grant_plug,grant_plug_dest);
 --enable_query_log
 --error ER_PARSE_ERROR : this should fail : can't combine PROXY
 GRANT ALL PRIVILEGES,PROXY ON grant_plug_dest TO grant_plug;
 --echo this should fail : can't combine PROXY
 --error ER_PARSE_ERROR
 GRANT ALL SELECT,PROXY ON grant_plug_dest TO grant_plug;
 --echo # this should fail : no such grant
 --error ER_NONEXISTING_GRANT
 REVOKE PROXY ON grant_plug_dest FROM grant_plug;
 connect(grant_plug_dest_con,localhost,grant_plug_dest,grant_plug_dest_passwd);
 connection grant_plug_dest_con;
 --echo in grant_plug_dest_con
 --echo ## testing what an ordinary user can grant 
 --echo this should fail : no rights to grant all
 --error ER_ACCESS_DENIED_NO_PASSWORD_ERROR
 GRANT PROXY ON ''@'' TO grant_plug;
 --echo this should fail : not the same user
 --error ER_ACCESS_DENIED_NO_PASSWORD_ERROR
 GRANT PROXY ON grant_plug TO grant_plug_dest;
 --echo this should fail : same user, but on a different host
 --error ER_ACCESS_DENIED_NO_PASSWORD_ERROR
 GRANT PROXY ON grant_plug_dest TO grant_plug;
 --echo this should work : same user
 GRANT PROXY ON grant_plug_dest@localhost TO grant_plug_dest2;
 REVOKE PROXY ON grant_plug_dest@localhost FROM grant_plug_dest2;
 --echo this should work : same user
 GRANT PROXY ON grant_plug_dest@localhost TO grant_plug WITH GRANT OPTION;
 REVOKE PROXY ON grant_plug_dest@localhost FROM grant_plug;
 --echo this should fail : can't create users
 --error ER_CANT_CREATE_USER_WITH_GRANT
 GRANT PROXY ON grant_plug_dest@localhost TO grant_plug@localhost;
 connection default;
 --echo in default connection
 disconnect grant_plug_dest_con;
 --echo # test what root can grant
 --echo should work : root has PROXY to all users
 GRANT PROXY ON ''@'' TO grant_plug;
 REVOKE PROXY ON ''@'' FROM grant_plug;
 --echo should work : root has PROXY to all users
 GRANT PROXY ON ''@'' TO proxy_admin IDENTIFIED BY 'test' 
  WITH GRANT OPTION;
 --echo need USAGE : PROXY doesn't contain it.
 GRANT USAGE on *.* TO proxy_admin;
 connect (proxy_admin_con,localhost,proxy_admin,test);
 connection proxy_admin_con;
 --echo in proxy_admin_con;
 --echo should work : proxy_admin has proxy to ''@''
 GRANT PROXY ON future_user TO grant_plug;
 connection default;
 --echo in default connection
 disconnect proxy_admin_con;
 SHOW GRANTS FOR grant_plug;
 REVOKE PROXY ON future_user FROM grant_plug;
 SHOW GRANTS FOR grant_plug;
 --echo ## testing drop user
 CREATE USER test_drop@localhost;
 GRANT PROXY ON future_user TO test_drop@localhost;
 SHOW GRANTS FOR test_drop@localhost;
 DROP USER test_drop@localhost;
 SELECT * FROM mysql.proxy_priv WHERE Host = 'test_drop' AND User = 'localhost';
 DROP USER proxy_admin;
 DROP USER grant_plug,grant_plug_dest,grant_plug_dest2;
 --echo ## END GRANT PROXY tests
 --echo ## cleanup
 DROP USER plug;
 DROP USER plug_dest;
 --echo ## @@proxy_user tests
 CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
 CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
 GRANT PROXY ON plug_dest TO plug;
 SELECT USER(),CURRENT_USER(),@@LOCAL.proxy_user;
 --error ER_INCORRECT_GLOBAL_LOCAL_VAR
 SELECT @@GLOBAL.proxy_user;
 SELECT @@LOCAL.proxy_user;
 --error ER_INCORRECT_GLOBAL_LOCAL_VAR
 SET GLOBAL proxy_user = 'test';
 --error ER_INCORRECT_GLOBAL_LOCAL_VAR
 SET LOCAL proxy_user = 'test';
 SELECT @@LOCAL.proxy_user;
 connect(plug_con,localhost,plug,plug_dest);
 connection plug_con;
 --echo # in connection plug_con
 SELECT @@LOCAL.proxy_user;
 connection default;
 --echo # in connection default
 disconnect plug_con;
 --echo ## cleanup
 DROP USER plug;
 DROP USER plug_dest;
 --echo ## END @@proxy_user tests
 --echo ## @@external_user tests
 CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
 CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
 GRANT PROXY ON plug_dest TO plug;
 SELECT USER(),CURRENT_USER(),@@LOCAL.external_user;
 --error ER_INCORRECT_GLOBAL_LOCAL_VAR
 SELECT @@GLOBAL.external_user;
 SELECT @@LOCAL.external_user;
 --error ER_INCORRECT_GLOBAL_LOCAL_VAR
 SET GLOBAL external_user = 'test';
 --error ER_INCORRECT_GLOBAL_LOCAL_VAR
 SET LOCAL external_user = 'test';
 SELECT @@LOCAL.external_user;
 connect(plug_con,localhost,plug,plug_dest);
 connection plug_con;
 --echo # in connection plug_con
 SELECT @@LOCAL.external_user;
 connection default;
 --echo # in connection default
 disconnect plug_con;
 --echo ## cleanup
 DROP USER plug;
 DROP USER plug_dest;
 --echo ## END @@external_user tests
 --echo #
 --echo #  Bug #56798 : Wrong credentials assigned when using a proxy user.
 --echo #
 GRANT ALL PRIVILEGES ON *.* TO power_user;
 GRANT USAGE ON anonymous_db.* TO ''@''
  IDENTIFIED WITH 'test_plugin_server' AS 'power_user';
 GRANT PROXY ON power_user TO ''@'';
 CREATE DATABASE confidential_db;
 connect(plug_con,localhost, test_login_user, power_user, confidential_db);
 SELECT user(),current_user(),@@proxy_user;
 connection default;
 disconnect plug_con;
 DROP USER power_user;
 DROP USER ''@'';
 DROP DATABASE confidential_db;
 --echo # Test case #2 (crash with double grant proxy)
 CREATE USER ''@'' IDENTIFIED WITH 'test_plugin_server' AS 'standard_user';
 CREATE USER standard_user;
 CREATE DATABASE shared;
 GRANT ALL PRIVILEGES ON shared.* TO standard_user;
 GRANT PROXY ON standard_user TO ''@'';
 --echo #should not crash
 GRANT PROXY ON standard_user TO ''@'';
 DROP USER ''@'';
 DROP USER standard_user;
 DROP DATABASE shared;
--- a/mysql-test/t/system_mysql_db_fix40123.test
+++ b/mysql-test/t/system_mysql_db_fix40123.test
@ -72,7 +72,7 @@ CREATE TABLE time_zone_leap_second (   Transition_time bigint signed NOT NULL,
 -- disable_query_log
 # Drop all tables created by this test
-DROP TABLE db, host, user, func, plugin, tables_priv, columns_priv, procs_priv, servers, help_category, help_keyword, help_relation, help_topic, proc, time_zone, time_zone_leap_second, time_zone_name, time_zone_transition, time_zone_transition_type, general_log, slow_log, event, ndb_binlog_index;
+DROP TABLE db, host, user, func, plugin, tables_priv, columns_priv, procs_priv, servers, help_category, help_keyword, help_relation, help_topic, proc, time_zone, time_zone_leap_second, time_zone_name, time_zone_transition, time_zone_transition_type, general_log, slow_log, event, ndb_binlog_index, proxy_priv;
 -- enable_query_log
--- a/mysql-test/t/system_mysql_db_fix50030.test
+++ b/mysql-test/t/system_mysql_db_fix50030.test
@ -78,7 +78,7 @@ INSERT INTO servers VALUES ('test','localhost','test','root','', 0,'','mysql','r
 -- disable_query_log
 # Drop all tables created by this test
-DROP TABLE db, host, user, func, plugin, tables_priv, columns_priv, procs_priv, servers, help_category, help_keyword, help_relation, help_topic, proc, time_zone, time_zone_leap_second, time_zone_name, time_zone_transition, time_zone_transition_type, general_log, slow_log, event, ndb_binlog_index;
+DROP TABLE db, host, user, func, plugin, tables_priv, columns_priv, procs_priv, servers, help_category, help_keyword, help_relation, help_topic, proc, time_zone, time_zone_leap_second, time_zone_name, time_zone_transition, time_zone_transition_type, general_log, slow_log, event, ndb_binlog_index, proxy_priv;
 -- enable_query_log
--- a/mysql-test/t/system_mysql_db_fix50117.test
+++ b/mysql-test/t/system_mysql_db_fix50117.test
@ -97,7 +97,7 @@ CREATE TABLE IF NOT EXISTS ndb_binlog_index (Position BIGINT UNSIGNED NOT NULL,
 -- disable_query_log
 # Drop all tables created by this test
-DROP TABLE db, host, user, func, plugin, tables_priv, columns_priv, procs_priv, servers, help_category, help_keyword, help_relation, help_topic, proc, time_zone, time_zone_leap_second, time_zone_name, time_zone_transition, time_zone_transition_type, general_log, slow_log, event, ndb_binlog_index;
+DROP TABLE db, host, user, func, plugin, tables_priv, columns_priv, procs_priv, servers, help_category, help_keyword, help_relation, help_topic, proc, time_zone, time_zone_leap_second, time_zone_name, time_zone_transition, time_zone_transition_type, general_log, slow_log, event, ndb_binlog_index, proxy_priv;
 -- enable_query_log
--- a/mysys/sha1.c
+++ b/mysys/sha1.c
@ -1,4 +1,4 @@
-/* Copyright (C) 2002, 2004, 2006 MySQL AB
+/* Copyright (c) 2002, 2004, 2006 MySQL AB
 This program is free software; you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@ -6,26 +6,57 @@
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 GNU General Public License for more details.
 You should have received a copy of the GNU General Public License
 along with this program; if not, write to the Free Software
- Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA */
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
 */
 /*
  Original Source from: http://www.faqs.org/rfcs/rfc3174.html
- DESCRIPTION
+  Copyright (C) The Internet Society (2001).  All Rights Reserved.
   This file implements the Secure Hashing Algorithm 1 as
   defined in FIPS PUB 180-1 published April 17, 1995.
-   The SHA-1, produces a 160-bit message digest for a given data
+  This document and translations of it may be copied and furnished to
-   stream.  It should take about 2**n steps to find a message with the
+  others, and derivative works that comment on or otherwise explain it
-   same digest as a given message and 2**(n/2) to find any two
+  or assist in its implementation may be prepared, copied, published
-   messages with the same digest, when n is the digest size in bits.
+  and distributed, in whole or in part, without restriction of any
-   Therefore, this algorithm can serve as a means of providing a
+  kind, provided that the above copyright notice and this paragraph are
-   "fingerprint" for a message.
+  included on all such copies and derivative works.  However, this
  document itself may not be modified in any way, such as by removing
  the copyright notice or references to the Internet Society or other
  Internet organizations, except as needed for the purpose of
  developing Internet standards in which case the procedures for
  copyrights defined in the Internet Standards process must be
  followed, or as required to translate it into languages other than
  English.
  The limited permissions granted above are perpetual and will not be
  revoked by the Internet Society or its successors or assigns.
  This document and the information contained herein is provided on an
  "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
  TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
  BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
  HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
  MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
  Acknowledgement 
  Funding for the RFC Editor function is currently provided by the 
  Internet Society. 
 DESCRIPTION
  This file implements the Secure Hashing Algorithm 1 as
  defined in FIPS PUB 180-1 published April 17, 1995.
  The SHA-1, produces a 160-bit message digest for a given data
  stream.  It should take about 2**n steps to find a message with the
  same digest as a given message and 2**(n/2) to find any two
  messages with the same digest, when n is the digest size in bits.
  Therefore, this algorithm can serve as a means of providing a
  "fingerprint" for a message.
 PORTABILITY ISSUES
   SHA-1 is defined in terms of 32-bit "words".  This code uses
--- a/plugin/auth/CMakeLists.txt
+++ b/plugin/auth/CMakeLists.txt
@ -0,0 +1,33 @@
 # Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
 # 
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License as
 # published by the Free Software Foundation; version 2 of the
 # License.
 # 
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 # GNU General Public License for more details.
 # 
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA
 MYSQL_ADD_PLUGIN(auth dialog.c 
  MODULE_ONLY)
 MYSQL_ADD_PLUGIN(auth_test_plugin test_plugin.c 
  MODULE_ONLY)
 CHECK_CXX_SOURCE_COMPILES(
 "#define _GNU_SOURCE
 #include <sys/socket.h>
 int main() {
  struct ucred cred;
  getsockopt(0, SOL_SOCKET, SO_PEERCRED, &cred, 0);
 }" HAVE_PEERCRED)
 IF(HAVE_PEERCRED)
  MYSQL_ADD_PLUGIN(auth_socket auth_socket.c
    MODULE_ONLY)
 ENDIF()
--- a/plugin/auth/Makefile.am
+++ b/plugin/auth/Makefile.am
@ -0,0 +1,16 @@
 pkgplugindir=$(pkglibdir)/plugin
 AM_LDFLAGS=-module -rpath $(pkgplugindir)
 AM_CPPFLAGS=-DMYSQL_DYNAMIC_PLUGIN -Wno-pointer-sign -I$(top_srcdir)/include
 pkgplugin_LTLIBRARIES=  auth.la auth_test_plugin.la
 auth_la_SOURCES= dialog.c
 auth_test_plugin_la_SOURCES= test_plugin.c
 if HAVE_PEERCRED
 pkgplugin_LTLIBRARIES+= auth_socket.la
 auth_socket_la_SOURCES= auth_socket.c
 endif
 EXTRA_DIST= plug.in
--- a/plugin/auth/auth_socket.c
+++ b/plugin/auth/auth_socket.c
@ -0,0 +1,94 @@
 /*  Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
    This program is free software; you can redistribute it and/or
    modify it under the terms of the GNU General Public License as
    published by the Free Software Foundation; version 2 of the
    License.
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
    GNU General Public License for more details.
    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
 /**
  @file
  socket_peercred authentication plugin.
  Authentication is successful if the connection is done via a unix socket and
  the owner of the client process matches the user name that was used when
  connecting to mysqld.
 */
 #define _GNU_SOURCE /* for struct ucred */
 #include <mysql/plugin_auth.h>
 #include <sys/socket.h>
 #include <pwd.h>
 #include <string.h>
 static int socket_auth(MYSQL_PLUGIN_VIO *vio, MYSQL_SERVER_AUTH_INFO *info)
 {
  unsigned char *pkt;
  MYSQL_PLUGIN_VIO_INFO vio_info;
  struct ucred cred;
  socklen_t cred_len= sizeof(cred);
  struct passwd pwd_buf, *pwd;
  char buf[1024];
  /* no user name yet ? read the client handshake packet with the user name */
  if (info->user_name == 0)
  {
    if (vio->read_packet(vio, &pkt) < 0)
      return CR_ERROR;
  }
  info->password_used= PASSWORD_USED_NO_MENTION;
  vio->info(vio, &vio_info);
  if (vio_info.protocol != MYSQL_VIO_SOCKET)
    return CR_ERROR;
  /* get the UID of the client process */
  if (getsockopt(vio_info.socket, SOL_SOCKET, SO_PEERCRED, &cred, &cred_len))
    return CR_ERROR;
  if (cred_len != sizeof(cred))
    return CR_ERROR;
  /* and find the username for this uid */
  getpwuid_r(cred.uid, &pwd_buf, buf, sizeof(buf), &pwd);
  if (pwd == NULL)
    return CR_ERROR;
  /* now it's simple as that */
  return strcmp(pwd->pw_name, info->user_name) ? CR_ERROR : CR_OK;
 }
 static struct st_mysql_auth socket_auth_handler=
 {
  MYSQL_AUTHENTICATION_INTERFACE_VERSION,
  0,
  socket_auth
 };
 mysql_declare_plugin(socket_auth)
 {
  MYSQL_AUTHENTICATION_PLUGIN,
  &socket_auth_handler,
  "socket_peercred",
  "Sergei Golubchik",
  "Unix Socket based authentication",
  PLUGIN_LICENSE_GPL,
  NULL,
  NULL,
  0x0100,
  NULL,
  NULL,
  NULL
 }
 mysql_declare_plugin_end;
--- a/plugin/auth/dialog.c
+++ b/plugin/auth/dialog.c
@ -0,0 +1,329 @@
 /*  Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
    This program is free software; you can redistribute it and/or
    modify it under the terms of the GNU General Public License as
    published by the Free Software Foundation; version 2 of the
    License.
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
    GNU General Public License for more details.
    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
 /**
  @file
  dialog client authentication plugin with examples
  dialog is a general purpose client authentication plugin, it simply
  asks the user the question, as provided by the server and reports
  the answer back to the server. No encryption is involved,
  the answers are sent in clear text.
  Two examples are provided: two_questions server plugin, that asks
  the password and an "Are you sure?" question with a reply "yes, of course".
  It demonstrates the usage of "password" (input is hidden) and "ordinary"
  (input can be echoed) questions, and how to mark the last question,
  to avoid an extra roundtrip.
  And three_attempts plugin that gives the user three attempts to enter
  a correct password. It shows the situation when a number of questions
  is not known in advance.
 */
 #if defined (WIN32) && !defined (RTLD_DEFAULT)
 # define RTLD_DEFAULT GetModuleHandle(NULL)
 #endif
 #include <my_global.h>
 #include <mysql.h>
 #include <mysql/plugin_auth.h>
 #include <mysql/client_plugin.h>
 #include <string.h>
 #include <stdio.h>
 #include <stdlib.h>
 #if !defined (_GNU_SOURCE)
 # define _GNU_SOURCE /* for RTLD_DEFAULT */
 #endif
 /**
  first byte of the question string is the question "type".
  It can be a "ordinary" or a "password" question.
  The last bit set marks a last question in the authentication exchange.
 */
 #define ORDINARY_QUESTION       "\2"
 #define LAST_QUESTION           "\3"
 #define PASSWORD_QUESTION       "\4"
 #define LAST_PASSWORD           "\5"
 /********************* SERVER SIDE ****************************************/
 /**
  dialog demo with two questions, one password and one, the last, ordinary.
 */
 static int two_questions(MYSQL_PLUGIN_VIO *vio, MYSQL_SERVER_AUTH_INFO *info)
 {
  unsigned char *pkt;
  int pkt_len;
  /* send a password question */
  if (vio->write_packet(vio, (const unsigned char *) PASSWORD_QUESTION "Password, please:", 18))
    return CR_ERROR;
  /* read the answer */
  if ((pkt_len= vio->read_packet(vio, &pkt)) < 0)
    return CR_ERROR;
  info->password_used= PASSWORD_USED_YES;
  /* fail if the password is wrong */
  if (strcmp((const char *) pkt, info->auth_string))
    return CR_ERROR;
  /* send the last, ordinary, question */
  if (vio->write_packet(vio, (const unsigned char *) LAST_QUESTION "Are you sure ?", 15))
    return CR_ERROR;
  /* read the answer */
  if ((pkt_len= vio->read_packet(vio, &pkt)) < 0)
    return CR_ERROR;
  /* check the reply */
  return strcmp((const char *) pkt, "yes, of course") ? CR_ERROR : CR_OK;
 }
 static struct st_mysql_auth two_handler=
 {
  MYSQL_AUTHENTICATION_INTERFACE_VERSION,
  "dialog", /* requires dialog client plugin */
  two_questions
 };
 /* dialog demo where the number of questions is not known in advance */
 static int three_attempts(MYSQL_PLUGIN_VIO *vio, MYSQL_SERVER_AUTH_INFO *info)
 {
  unsigned char *pkt;
  int pkt_len, i;
  for (i= 0; i < 3; i++)
  {
    /* send the prompt */
    if (vio->write_packet(vio, 
 		(const unsigned char *) PASSWORD_QUESTION "Password, please:", 18))
      return CR_ERROR;
    /* read the password */
    if ((pkt_len= vio->read_packet(vio, &pkt)) < 0)
      return CR_ERROR;
    info->password_used= PASSWORD_USED_YES;
    /*
      finish, if the password is correct.
      note, that we did not mark the prompt packet as "last"
    */
    if (strcmp((const char *) pkt, info->auth_string) == 0)
      return CR_OK;
  }
  return CR_ERROR;
 }
 static struct st_mysql_auth three_handler=
 {
  MYSQL_AUTHENTICATION_INTERFACE_VERSION,
  "dialog", /* requires dialog client plugin */
  three_attempts 
 };
 mysql_declare_plugin(dialog)
 {
  MYSQL_AUTHENTICATION_PLUGIN,
  &two_handler,
  "two_questions",
  "Sergei Golubchik",
  "Dialog plugin demo 1",
  PLUGIN_LICENSE_GPL,
  NULL,
  NULL,
  0x0100,
  NULL,
  NULL,
  NULL
 },
 {
  MYSQL_AUTHENTICATION_PLUGIN,
  &three_handler,
  "three_attempts",
  "Sergei Golubchik",
  "Dialog plugin demo 2",
  PLUGIN_LICENSE_GPL,
  NULL,
  NULL,
  0x0100,
  NULL,
  NULL,
  NULL
 }
 mysql_declare_plugin_end;
 /********************* CLIENT SIDE ***************************************/
 /*
  This plugin performs a dialog with the user, asking questions and
  reading answers. Depending on the client it may be desirable to do it
  using GUI, or console, with or without curses, or read answers
  from a smardcard, for example.
  To support all this variety, the dialog plugin has a callback function
  "authentication_dialog_ask". If the client has a function of this name
  dialog plugin will use it for communication with the user. Otherwise
  a default gets() based implementation will be used.
 */
 /**
  type of the mysql_authentication_dialog_ask function
  @param mysql          mysql
  @param type           type of the input
                        1 - ordinary string input
                        2 - password string
  @param prompt         prompt
  @param buf            a buffer to store the use input
  @param buf_len        the length of the buffer
  @retval               a pointer to the user input string.
                        It may be equal to 'buf' or to 'mysql->password'.
                        In all other cases it is assumed to be an allocated
                        string, and the "dialog" plugin will free() it.
 */
 typedef char *(*mysql_authentication_dialog_ask_t)(struct st_mysql *mysql,
                      int type, const char *prompt, char *buf, int buf_len);
 static mysql_authentication_dialog_ask_t ask;
 static char *builtin_ask(MYSQL *mysql __attribute__((unused)),
                         int type __attribute__((unused)),
                         const char *prompt,
                         char *buf, int buf_len __attribute__((unused)))
 {
  fputs(prompt, stdout);
  fputc(' ', stdout);
  if (gets(buf) == 0)
    return 0;
  return buf;
 }
 /**
  The main function of the dialog plugin.
  Read the prompt, ask the question, send the reply, repeat until
  the server is satisfied.
  @note
   1. this plugin shows how a client authentication plugin
      may read a MySQL protocol OK packet internally - which is important
      where a number of packets is not known in advance.
   2. the first byte of the prompt is special. it is not
      shown to the user, but signals whether it is the last question
      (prompt[0] & 1 == 1) or not last (prompt[0] & 1 == 0),
      and whether the input is a password (not echoed).
   3. the prompt is expected to be sent zero-terminated
 */
 static int perform_dialog(MYSQL_PLUGIN_VIO *vio, MYSQL *mysql)
 {
  unsigned char *pkt, cmd= 0;
  int pkt_len, res;
  char reply_buf[1024], *reply;
  do
  {
    /* read the prompt */
    pkt_len= vio->read_packet(vio, &pkt);
    if (pkt_len < 0)
      return CR_ERROR;
    if (pkt == 0)
    {
      /*
        in mysql_change_user() the client sends the first packet, so
        the first vio->read_packet() does nothing (pkt == 0).
        We send the "password", assuming the client knows what its doing.
        (in other words, the dialog plugin should be only set as a default
        authentication plugin on the client if the first question
        asks for a password - which will be sent in clear text, by the way)
      */
      reply= mysql->passwd;
    }
    else
    {
      cmd= *pkt++;
      /* is it MySQL protocol packet ? */
      if (cmd == 0 || cmd == 254)
        return CR_OK_HANDSHAKE_COMPLETE; /* yes. we're done */
      /*
        asking for a password with an empty prompt means mysql->password
        otherwise we ask the user and read the reply
      */
      if ((cmd >> 1) == 2 && *pkt == 0)
        reply= mysql->passwd;
      else
        reply= ask(mysql, cmd >> 1, (const char *) pkt, 
 				   reply_buf, sizeof(reply_buf));
      if (!reply)
        return CR_ERROR;
    }
    /* send the reply to the server */
    res= vio->write_packet(vio, (const unsigned char *) reply, 
 						   strlen(reply)+1);
    if (reply != mysql->passwd && reply != reply_buf)
      free(reply);
    if (res)
      return CR_ERROR;
    /* repeat unless it was the last question */
  } while ((cmd & 1) != 1);
  /* the job of reading the ok/error packet is left to the server */
  return CR_OK;
 }
 /**
  initialization function of the dialog plugin
  Pick up the client's authentication_dialog_ask() function, if exists,
  or fall back to the default implementation.
 */
 static int init_dialog(char *unused1   __attribute__((unused)), 
                       size_t unused2  __attribute__((unused)), 
                       int unused3     __attribute__((unused)), 
                       va_list unused4 __attribute__((unused)))
 {
  void *sym= dlsym(RTLD_DEFAULT, "mysql_authentication_dialog_ask");
  ask= sym ? (mysql_authentication_dialog_ask_t) sym : builtin_ask;
  return 0;
 }
 mysql_declare_client_plugin(AUTHENTICATION)
  "dialog",
  "Sergei Golubchik",
  "Dialog Client Authentication Plugin",
  {0,1,0},
  "GPL",
  NULL,
  init_dialog,
  NULL,
  NULL,
  perform_dialog
 mysql_end_client_plugin;
--- a/plugin/auth/plug.in
+++ b/plugin/auth/plug.in
@ -0,0 +1,12 @@
 MYSQL_PLUGIN(auth, [Collection of Authentication Plugins],
                   [Collection of Authentication Plugins])
 MYSQL_PLUGIN_DYNAMIC(auth, [dialog.la auth_test_plugin.la])
 AC_COMPILE_IFELSE([
  AC_LANG_PROGRAM([[
 #define _GNU_SOURCE
 #include <sys/socket.h>
 ]],[
  struct ucred cred;
  getsockopt(0, SOL_SOCKET, SO_PEERCRED, &cred, 0);
 ])],have_peercred=yes)
 AM_CONDITIONAL(HAVE_PEERCRED, test x$have_peercred = xyes)
--- a/plugin/auth/test_plugin.c
+++ b/plugin/auth/test_plugin.c
@ -0,0 +1,205 @@
 /*  Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
    This program is free software; you can redistribute it and/or
    modify it under the terms of the GNU General Public License as
    published by the Free Software Foundation; version 2 of the
    License.
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
    GNU General Public License for more details.
    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
 /**
  @file
  dialog client authentication plugin with examples
  dialog is a general purpose client authentication plugin, it simply
  asks the user the question, as provided by the server and reports
  the answer back to the server. No encryption is involved,
  the answers are sent in clear text.
  Two examples are provided: two_questions server plugin, that asks
  the password and an "Are you sure?" question with a reply "yes, of course".
  It demonstrates the usage of "password" (input is hidden) and "ordinary"
  (input can be echoed) questions, and how to mark the last question,
  to avoid an extra roundtrip.
  And three_attempts plugin that gives the user three attempts to enter
  a correct password. It shows the situation when a number of questions
  is not known in advance.
 */
 #include <my_global.h>
 #include <mysql/plugin_auth.h>
 #include <mysql/client_plugin.h>
 #include <string.h>
 #include <stdio.h>
 #include <stdlib.h>
 /**
  first byte of the question string is the question "type".
  It can be a "ordinary" or a "password" question.
  The last bit set marks a last question in the authentication exchange.
 */
 #define ORDINARY_QUESTION       "\2"
 #define LAST_QUESTION           "\3"
 #define LAST_PASSWORD           "\4"
 #define PASSWORD_QUESTION       "\5"
 /********************* SERVER SIDE ****************************************/
 /**
  dialog test plugin mimicing the ordinary auth mechanism. Used to test the auth plugin API
 */
 static int auth_test_plugin(MYSQL_PLUGIN_VIO *vio, MYSQL_SERVER_AUTH_INFO *info)
 {
  unsigned char *pkt;
  int pkt_len;
  /* send a password question */
  if (vio->write_packet(vio, (const unsigned char *) PASSWORD_QUESTION, 1))
    return CR_ERROR;
  /* read the answer */
  if ((pkt_len= vio->read_packet(vio, &pkt)) < 0)
    return CR_ERROR;
  info->password_used= PASSWORD_USED_YES;
  /* fail if the password is wrong */
  if (strcmp((const char *) pkt, info->auth_string))
    return CR_ERROR;
  /* copy auth string as a destination name to check it */
  strcpy (info->authenticated_as, info->auth_string);
  /* copy something into the external user name */
  strcpy (info->external_user, info->auth_string);
  return CR_OK;
 }
 static struct st_mysql_auth auth_test_handler=
 {
  MYSQL_AUTHENTICATION_INTERFACE_VERSION,
  "auth_test_plugin", /* requires test_plugin client's plugin */
  auth_test_plugin
 };
 mysql_declare_plugin(test_plugin)
 {
  MYSQL_AUTHENTICATION_PLUGIN,
  &auth_test_handler,
  "test_plugin_server",
  "Georgi Kodinov",
  "plugin API test plugin",
  PLUGIN_LICENSE_GPL,
  NULL,
  NULL,
  0x0100,
  NULL,
  NULL,
  NULL
 }
 mysql_declare_plugin_end;
 /********************* CLIENT SIDE ***************************************/
 /*
  client plugin used for testing the plugin API
 */
 #include <mysql.h>
 /**
  The main function of the test plugin.
  Reads the prompt, check if the handshake is done and if the prompt is a
  password request and returns the password. Otherwise return error.
  @note
   1. this plugin shows how a client authentication plugin
      may read a MySQL protocol OK packet internally - which is important
      where a number of packets is not known in advance.
   2. the first byte of the prompt is special. it is not
      shown to the user, but signals whether it is the last question
      (prompt[0] & 1 == 1) or not last (prompt[0] & 1 == 0),
      and whether the input is a password (not echoed).
   3. the prompt is expected to be sent zero-terminated
 */
 static int test_plugin_client(MYSQL_PLUGIN_VIO *vio, MYSQL *mysql)
 {
  unsigned char *pkt, cmd= 0;
  int pkt_len, res;
  char *reply;
  do
  {
    /* read the prompt */
    pkt_len= vio->read_packet(vio, &pkt);
    if (pkt_len < 0)
      return CR_ERROR;
    if (pkt == 0)
    {
      /*
        in mysql_change_user() the client sends the first packet, so
        the first vio->read_packet() does nothing (pkt == 0).
        We send the "password", assuming the client knows what its doing.
        (in other words, the dialog plugin should be only set as a default
        authentication plugin on the client if the first question
        asks for a password - which will be sent in cleat text, by the way)
      */
      reply= mysql->passwd;
    }
    else
    {
      cmd= *pkt++;
      /* is it MySQL protocol (0=OK or 254=need old password) packet ? */
      if (cmd == 0 || cmd == 254)
        return CR_OK_HANDSHAKE_COMPLETE; /* yes. we're done */
      /*
        asking for a password with an empty prompt means mysql->password
        otherwise return an error
      */
      if ((cmd == LAST_PASSWORD[0] || cmd == PASSWORD_QUESTION[0]) && *pkt == 0)
        reply= mysql->passwd;
      else
        return CR_ERROR;
    }
    if (!reply)
      return CR_ERROR;
    /* send the reply to the server */
    res= vio->write_packet(vio, (const unsigned char *) reply, 
                           strlen(reply) + 1);
    if (res)
      return CR_ERROR;
    /* repeat unless it was the last question */
  } while (cmd != LAST_QUESTION[0] && cmd != PASSWORD_QUESTION[0]);
  /* the job of reading the ok/error packet is left to the server */
  return CR_OK;
 }
 mysql_declare_client_plugin(AUTHENTICATION)
  "auth_test_plugin",
  "Georgi Kodinov",
  "Dialog Client Authentication Plugin",
  {0,1,0},
  "GPL",
  NULL,
  NULL,
  NULL,
  NULL,
  test_plugin_client
 mysql_end_client_plugin;
--- a/scripts/CMakeLists.txt
+++ b/scripts/CMakeLists.txt
@ -81,12 +81,9 @@ INSTALL(FILES
 )
 # TCMalloc hacks
 IF($ENV{MALLOC_LIB})
  SET(MALLOC_LIB $ENV{MALLOC_LIB} CACHE STRING "malloc library")
 ENDIF()
 IF(MALLOC_LIB)
-  INSTALL(FILES ${MALLOC_LIB} DESTINATION lib OPTIONAL)
+  MESSAGE("Using tcmalloc '${MALLOC_LIB}'")
  INSTALL(FILES ${MALLOC_LIB} DESTINATION ${INSTALL_LIBDIR} OPTIONAL)
 ENDIF()
 IF(CMAKE_GENERATOR MATCHES "Makefiles")
--- a/scripts/mysql_system_tables.sql
+++ b/scripts/mysql_system_tables.sql
@ -28,7 +28,7 @@ set @had_db_table= @@warning_count != 0;
 CREATE TABLE IF NOT EXISTS host (  Host char(60) binary DEFAULT '' NOT NULL, Db char(64) binary DEFAULT '' NOT NULL, Select_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Insert_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Update_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Delete_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Drop_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Grant_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, References_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Index_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Alter_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_tmp_table_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Lock_tables_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_view_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Show_view_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_routine_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Alter_routine_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Execute_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Trigger_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, PRIMARY KEY Host (Host,Db) ) engine=MyISAM CHARACTER SET utf8 COLLATE utf8_bin comment='Host privileges;  Merged with database privileges';
-CREATE TABLE IF NOT EXISTS user (   Host char(60) binary DEFAULT '' NOT NULL, User char(16) binary DEFAULT '' NOT NULL, Password char(41) character set latin1 collate latin1_bin DEFAULT '' NOT NULL, Select_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Insert_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Update_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Delete_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Drop_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Reload_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Shutdown_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Process_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, File_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Grant_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, References_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Index_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Alter_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Show_db_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Super_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_tmp_table_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Lock_tables_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Execute_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Repl_slave_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Repl_client_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_view_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Show_view_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_routine_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Alter_routine_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_user_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Event_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Trigger_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_tablespace_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, ssl_type enum('','ANY','X509', 'SPECIFIED') COLLATE utf8_general_ci DEFAULT '' NOT NULL, ssl_cipher BLOB NOT NULL, x509_issuer BLOB NOT NULL, x509_subject BLOB NOT NULL, max_questions int(11) unsigned DEFAULT 0  NOT NULL, max_updates int(11) unsigned DEFAULT 0  NOT NULL, max_connections int(11) unsigned DEFAULT 0  NOT NULL, max_user_connections int(11) unsigned DEFAULT 0  NOT NULL, PRIMARY KEY Host (Host,User) ) engine=MyISAM CHARACTER SET utf8 COLLATE utf8_bin comment='Users and global privileges';
+CREATE TABLE IF NOT EXISTS user (   Host char(60) binary DEFAULT '' NOT NULL, User char(16) binary DEFAULT '' NOT NULL, Password char(41) character set latin1 collate latin1_bin DEFAULT '' NOT NULL, Select_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Insert_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Update_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Delete_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Drop_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Reload_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Shutdown_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Process_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, File_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Grant_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, References_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Index_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Alter_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Show_db_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Super_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_tmp_table_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Lock_tables_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Execute_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Repl_slave_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Repl_client_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_view_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Show_view_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_routine_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Alter_routine_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_user_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Event_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Trigger_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_tablespace_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, ssl_type enum('','ANY','X509', 'SPECIFIED') COLLATE utf8_general_ci DEFAULT '' NOT NULL, ssl_cipher BLOB NOT NULL, x509_issuer BLOB NOT NULL, x509_subject BLOB NOT NULL, max_questions int(11) unsigned DEFAULT 0  NOT NULL, max_updates int(11) unsigned DEFAULT 0  NOT NULL, max_connections int(11) unsigned DEFAULT 0  NOT NULL, max_user_connections int(11) unsigned DEFAULT 0  NOT NULL, plugin char(60) DEFAULT '' NOT NULL, authentication_string TEXT NOT NULL, PRIMARY KEY Host (Host,User) ) engine=MyISAM CHARACTER SET utf8 COLLATE utf8_bin comment='Users and global privileges';
 -- Remember for later if user table already existed
 set @had_user_table= @@warning_count != 0;
@ -478,3 +478,7 @@ PREPARE stmt FROM @str;
 EXECUTE stmt;
 DROP PREPARE stmt;
 CREATE TABLE IF NOT EXISTS proxy_priv (Host char(60) binary DEFAULT '' NOT NULL, User char(16) binary DEFAULT '' NOT NULL, Proxied_Host char(16) binary DEFAULT '' NOT NULL, Proxied_User char(60) binary DEFAULT '' NOT NULL, With_Grant BOOL DEFAULT 0 NOT NULL, PRIMARY KEY Host (Host,User,Proxied_Host,Proxied_User) ) engine=MyISAM CHARACTER SET utf8 COLLATE utf8_bin comment='User proxy privileges';
 -- Remember for later if proxy_priv table already existed
 set @had_proxy_priv_table= @@warning_count != 0;
--- a/scripts/mysql_system_tables_data.sql
+++ b/scripts/mysql_system_tables_data.sql
@ -21,11 +21,17 @@ DROP TABLE tmp_db;
 -- from local machine if "users" table didn't exist before
 CREATE TEMPORARY TABLE tmp_user LIKE user;
 set @current_hostname= @@hostname;
-INSERT INTO tmp_user VALUES ('localhost','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0);
+INSERT INTO tmp_user VALUES ('localhost','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0,'','');
-REPLACE INTO tmp_user SELECT @current_hostname,'root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0 FROM dual WHERE LOWER( @current_hostname) != 'localhost';
+REPLACE INTO tmp_user SELECT @current_hostname,'root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0,'','' FROM dual WHERE LOWER( @current_hostname) != 'localhost';
-REPLACE INTO tmp_user VALUES ('127.0.0.1','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0);
+REPLACE INTO tmp_user VALUES ('127.0.0.1','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0,'','');
-REPLACE INTO tmp_user VALUES ('::1','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0);
+REPLACE INTO tmp_user VALUES ('::1','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0,'','');
 INSERT INTO tmp_user (host,user) VALUES ('localhost','');
 INSERT INTO tmp_user (host,user) SELECT @current_hostname,'' FROM dual WHERE LOWER(@current_hostname ) != 'localhost';
 INSERT INTO user SELECT * FROM tmp_user WHERE @had_user_table=0;
 DROP TABLE tmp_user;
 CREATE TEMPORARY TABLE tmp_proxy_priv LIKE proxy_priv;
 INSERT INTO tmp_proxy_priv VALUES ('localhost', 'root', '', '', TRUE);
 REPLACE INTO tmp_proxy_priv SELECT @current_hostname, 'root', '', '', TRUE FROM DUAL WHERE LOWER (@current_hostname) != 'localhost';
 INSERT INTO  proxy_priv SELECT * FROM tmp_proxy_priv WHERE @had_proxy_priv_table=0;
 DROP TABLE tmp_proxy_priv;
--- a/Show more
+++ b/Show more