From 85e97e1cc89d2dd6fa64ca41e29ceb39eb86f93f Mon Sep 17 00:00:00 2001
From: Arjen Heidinga <dexter@beetjevreemd.nl>
Date: Fri, 24 Sep 2021 16:30:49 +0200
Subject: [PATCH] add mysql_native_password plugin to authentication_string vs
 password

On a debian-11 server the plugin kept changing the password of a user. Turns out this user is using the plugin 'mysql_native_password', which does not use the PASSWORD field.
---
 lib/puppet/provider/mysql_user/mysql.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/puppet/provider/mysql_user/mysql.rb b/lib/puppet/provider/mysql_user/mysql.rb
index e655789ef..b9c410cf6 100644
--- a/lib/puppet/provider/mysql_user/mysql.rb
+++ b/lib/puppet/provider/mysql_user/mysql.rb
@@ -27,7 +27,7 @@ def self.instances
       @max_updates_per_hour, ssl_type, ssl_cipher, x509_issuer, x509_subject,
       @password, @plugin, @authentication_string = mysql_caller(query, 'regular').chomp.split(%r{\t})
       @tls_options = parse_tls_options(ssl_type, ssl_cipher, x509_issuer, x509_subject)
-      if newer_than('mariadb' => '10.1.21') && @plugin == 'ed25519'
+      if newer_than('mariadb' => '10.1.21') && (@plugin == 'ed25519' || @plugin == 'mysql_native_password')
         # Some auth plugins (e.g. ed25519) use authentication_string
         # to store password hash or auth information
         @password = @authentication_string