The following statements support the CURRENT_USER() where a user is needed.

DROP USER 
RENAME USER CURRENT_USER() ...
GRANT ... TO CURRENT_USER()
REVOKE ... FROM CURRENT_USER()
ALTER DEFINER = CURRENT_USER() EVENTbut, When these statements are binlogged, CURRENT_USER() just is binlogged
as 'CURRENT_USER()', it is not expanded to the real user name. When slave 
executes the log event, 'CURRENT_USER()' is expand to the user of slave 
SQL thread, but SQL thread's user name always NULL. This breaks the replication.

After this patch, session's user will be written into query log events 
if these statements call CURREN_USER() or 'ALTER EVENT' does not assign a definer.


mysql-test/include/diff_tables.inc:
  Expend its abilities.
  Now it can diff not only in sessions of 'master' and 'slave', but 
  other sessions as well.
sql/log_event.cc:
  session's user will be written into Query_log_event, if is_current_user_used() is TRUE.
  On slave SQL thread, Only thd->invoker is written into Query_log_event,
  if it exists.
sql/sql_acl.cc:
  On slave SQL thread, grantor should copy from thd->invoker, if it exists
sql/sql_class.h:
  On slave SQL thread, thd->invoker is used to store the applying event's
  invoker.

mysql-test/include/diff_tables.inc

@@ -64,17 +64,13 @@ let $_diff_table=$diff_table_2;
 let $_diff_i=2;
 while ($_diff_i) {
 
-  # Parse out any leading "master:" or "slave:" from the table
-  # specification and connect the appropriate server.
-  let $_diff_conn_master=`SELECT SUBSTR('$_diff_table', 1, 7) = 'master:'`;
-  if ($_diff_conn_master) {
-    let $_diff_table=`SELECT SUBSTR('$_diff_table', 8)`;
-    connection master;
-  }
-  let $_diff_conn_slave=`SELECT SUBSTR('$_diff_table', 1, 6) = 'slave:'`;
-  if ($_diff_conn_slave) {
-    let $_diff_table=`SELECT SUBSTR('$_diff_table', 7)`;
-    connection slave;
+  # Parse out any leading "master:" or "slave:" from the table specification
+# and connect the appropriate server.
+  let $_pos= `SELECT LOCATE(':', '$_diff_table')`;
+  let $_diff_conn=`SELECT SUBSTR('$_diff_table', 1, $_pos-1)`;
+  if (`SELECT "XX$_diff_conn" <> "XX"`) {
+    let $_diff_table=`SELECT SUBSTR('$_diff_table', $_pos+1)`;
+    connection $_diff_conn;
   }
 
   # Sanity-check the input.

mysql-test/include/rpl_diff_tables.inc

+# #############################################################################
+# Check whether the given table is consistent between different master and
+# slaves
+#
+# Usage: 
+# --let $diff_table= test.t1 
+# --let $diff_server_list= master, slave, slave2 
+# --source include/rpl_diff_tables.inc
+# #############################################################################
+
+if (`SELECT "XX$diff_table" = "XX"`)
+{
+  --die diff_table is null.
+}
+
+--let $_servers= master, slave
+if (`SELECT "XX$diff_server_list" <> "XX"`)
+{
+  --let $_servers= $diff_server_list
+}
+
+--let $_master= `SELECT SUBSTRING_INDEX('$_servers', ',', 1)`
+--let $_servers= `SELECT LTRIM(SUBSTRING('$_servers', LENGTH('$_master') + 2))`
+connection $_master;
+while (`SELECT "XX$_servers" <> "XX"`)
+{
+  --let $_slave= `SELECT SUBSTRING_INDEX('$_servers', ',', 1)`
+  --let $_servers= `SELECT LTRIM(SUBSTRING('$_servers', LENGTH('$_slave') + 2))`
+
+  --sync_slave_with_master $_slave
+  --let $diff_table_1= $_master:$diff_table
+  --let $diff_table_2= $_slave:$diff_table
+  --source include/diff_tables.inc
+  connection $_slave;
+}

mysql-test/suite/rpl/r/rpl_current_user.result

+stop slave;
+drop table if exists t1,t2,t3,t4,t5,t6,t7,t8,t9;
+reset master;
+reset slave;
+drop table if exists t1,t2,t3,t4,t5,t6,t7,t8,t9;
+start slave;
+
+# On slave2
+# Connect slave2 to slave
+CHANGE MASTER TO MASTER_HOST='127.0.0.1', MASTER_PORT=SLAVE_MYPORT;,
+MASTER_LOG_FILE='slave-bin.000001', MASTER_USER='root';
+START SLAVE;
+
+# [On master]
+DROP VIEW IF EXISTS v_user;
+DROP VIEW IF EXISTS v_tables_priv;
+DROP VIEW IF EXISTS v_procs_priv;
+DROP PROCEDURE IF EXISTS p1;
+DROP PROCEDURE IF EXISTS my_grant;
+DROP PROCEDURE IF EXISTS my_revoke;
+DROP FUNCTION IF EXISTS my_user;
+DROP EVENT IF EXISTS e1;
+CREATE TABLE t1(c1 char(100));
+CREATE VIEW test.v_user AS SELECT * FROM mysql.user WHERE User LIKE 'bug48321%';
+CREATE VIEW test.v_tables_priv AS SELECT * FROM mysql.tables_priv WHERE User LIKE 'bug48321%';
+CREATE VIEW test.v_procs_priv AS SELECT * FROM mysql.procs_priv WHERE User LIKE 'bug48321%';
+CREATE VIEW test.v_event AS SELECT definer FROM mysql.event WHERE name = 'e1';
+CREATE PROCEDURE p1() SELECT 1;
+# bug48321_1-01234 has the max length(16) of user.
+GRANT ALL PRIVILEGES ON *.* TO 'bug48321_1-01234'@'localhost' WITH GRANT OPTION;
+
+# Make sure the max lengths of user and host
+# the user name is too lengh
+GRANT CREATE USER ON *.* TO '01234567890123456'@'fakehost';
+ERROR HY000: String '01234567890123456' is too long for user name (should be no longer than 16)
+# the host name is too lengh
+GRANT CREATE USER ON *.* TO 'fakename'@'0123456789012345678901234567890123456789012345678901234567890';
+ERROR HY000: String '0123456789012345678901234567890123456789012345678901234567890' is too long for host name (should be no longer than 60)
+
+# User 'bug48321_1-01234' connects to master by conn1
+# [On conn1]
+# Verify 'REVOKE ALL' statement
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM CURRENT_USER();
+Comparing tables master:test.v_user and slave:test.v_user
+Comparing tables master:test.v_user and slave2:test.v_user
+
+# Verify 'GRANT ... ON TABLE ...' statement
+GRANT CREATE, INSERT, SELECT ON TABLE test.t1 TO CURRENT_USER();
+Comparing tables master:test.v_tables_priv and slave:test.v_tables_priv
+Comparing tables master:test.v_tables_priv and slave2:test.v_tables_priv
+
+# Verify 'GRANT ... ON PROCEDURE...' statement
+GRANT ALTER ROUTINE, EXECUTE ON PROCEDURE p1 TO CURRENT_USER();
+Comparing tables master:test.v_procs_priv and slave:test.v_procs_priv
+Comparing tables master:test.v_procs_priv and slave2:test.v_procs_priv
+
+# Verify 'GRANT ... ON *.* ...' statement
+GRANT ALL PRIVILEGES ON *.* TO CURRENT_USER() WITH GRANT OPTION;
+Comparing tables master:test.v_procs_priv and slave:test.v_procs_priv
+Comparing tables master:test.v_procs_priv and slave2:test.v_procs_priv
+
+# Verify 'REVOKE ... ON TABLE ...' statement
+REVOKE CREATE, INSERT, SELECT ON TABLE t1 FROM CURRENT_USER();
+Comparing tables master:test.v_tables_priv and slave:test.v_tables_priv
+Comparing tables master:test.v_tables_priv and slave2:test.v_tables_priv
+
+# Verify 'REVOKE ... ON PROCEDURE...' statement
+REVOKE ALTER ROUTINE, EXECUTE ON PROCEDURE p1 FROM CURRENT_USER();
+Comparing tables master:test.v_procs_priv and slave:test.v_procs_priv
+Comparing tables master:test.v_procs_priv and slave2:test.v_procs_priv
+
+# Verify 'REVOKE ... ON *.* ...' statement
+REVOKE ALL PRIVILEGES ON *.* FROM CURRENT_USER();
+Comparing tables master:test.v_user and slave:test.v_user
+Comparing tables master:test.v_user and slave2:test.v_user
+
+# Verify 'GRANT ...' statement in the procedure
+CREATE PROCEDURE my_grant()
+GRANT CREATE, INSERT, SELECT ON TABLE test.t1 TO CURRENT_USER();
+call my_grant;
+Comparing tables master:test.v_tables_priv and slave:test.v_tables_priv
+Comparing tables master:test.v_tables_priv and slave2:test.v_tables_priv
+
+# Verify 'REVOKE ... ON TABLE ...' statement in the procedure
+CREATE PROCEDURE my_revoke()
+REVOKE CREATE, INSERT, SELECT ON TABLE t1 FROM CURRENT_USER();
+call my_revoke;
+Comparing tables master:test.v_tables_priv and slave:test.v_tables_priv
+Comparing tables master:test.v_tables_priv and slave2:test.v_tables_priv
+
+# Verify 'RENAME USER ...' statement
+RENAME USER CURRENT_USER TO 'bug48321_2'@'localhost';
+Comparing tables master:test.v_user and slave:test.v_user
+Comparing tables master:test.v_user and slave2:test.v_user
+
+# Verify 'DROP USER ...' statement
+GRANT CREATE USER ON *.* TO 'bug48321_2'@'localhost';
+DROP USER CURRENT_USER();
+Comparing tables master:test.v_user and slave:test.v_user
+Comparing tables master:test.v_user and slave2:test.v_user
+
+# Verify 'ALTER EVENT...' statement
+CREATE EVENT e1 ON SCHEDULE EVERY 1 DAY DO SELECT * FROM t1;
+# Explicitly assign CURRENT_USER() to definer
+ALTER DEFINER=CURRENT_USER() EVENT e1 ENABLE;
+Comparing tables master:test.v_event and slave:test.v_event
+Comparing tables master:test.v_event and slave2:test.v_event
+
+# Session user will be set as definer, if the statement does not assign
+# a definer
+ALTER EVENT e1 ENABLE;
+Comparing tables master:test.v_event and slave:test.v_event
+Comparing tables master:test.v_event and slave2:test.v_event
+
+# Verify that this patch does not affect the calling of CURRENT_USER() 
+# in the other statements
+# [On master]
+INSERT INTO t1 VALUES(CURRENT_USER()), ('1234');
+Warnings:
+Note	1592	Statement may not be safe to log in statement format.
+SELECT * FROM t1;
+c1
+root@localhost
+1234
+# [On slave]
+SELECT * FROM t1;
+c1
+@
+1234
+# [On slave2]
+SELECT * FROM t1;
+c1
+@
+1234
+# [On master]
+UPDATE t1 SET c1=CURRENT_USER() WHERE c1='1234';
+Warnings:
+Note	1592	Statement may not be safe to log in statement format.
+SELECT * FROM t1;
+c1
+root@localhost
+root@localhost
+# [On slave]
+SELECT * FROM t1;
+c1
+@
+@
+# [On slave2]
+SELECT * FROM t1;
+c1
+@
+@
+# [On master]
+DELETE FROM t1 WHERE c1=CURRENT_USER();
+Warnings:
+Note	1592	Statement may not be safe to log in statement format.
+SELECT * FROM t1;
+c1
+# [On slave]
+SELECT * FROM t1;
+c1
+# [On slave2]
+SELECT * FROM t1;
+c1
+# [On master]
+CREATE TABLE t2(c1 char(100));
+CREATE FUNCTION my_user() RETURNS VARCHAR(64) 
+SQL SECURITY INVOKER 
+BEGIN
+INSERT INTO t2 VALUES(CURRENT_USER());
+RETURN CURRENT_USER();
+END |
+INSERT INTO t1 VALUES(my_user());
+Warnings:
+Note	1592	Statement may not be safe to log in statement format.
+Note	1592	Statement may not be safe to log in statement format.
+SELECT * FROM t1;
+c1
+root@localhost
+SELECT * FROM t2;
+c1
+root@localhost
+# [On slave]
+SELECT * FROM t1;
+c1
+@
+SELECT * FROM t2;
+c1
+@
+# [On slave2]
+SELECT * FROM t1;
+c1
+@
+SELECT * FROM t2;
+c1
+@
+
+# END
+DROP TABLE t1, t2;
+DROP VIEW v_user, v_tables_priv, v_procs_priv, v_event;
+DROP PROCEDURE p1;
+DROP PROCEDURE my_grant;
+DROP PROCEDURE my_revoke;
+DROP FUNCTION my_user;
+DROP EVENT e1;

mysql-test/suite/rpl/r/rpl_innodb_mixed_dml.result

@@ -750,7 +750,7 @@ test_rpl	e2	root@localhost	SYSTEM	RECURRING	NULL	1	#	#	NULL	ENABLED	1	latin1	lat
 USE test_rpl;
 SHOW EVENTS;
 Db	Name	Definer	Time zone	Type	Execute at	Interval value	Interval field	Starts	Ends	Status	Originator	character_set_client	collation_connection	Database Collation
-test_rpl	e2	@	SYSTEM	RECURRING	NULL	1	#	#	NULL	SLAVESIDE_DISABLED	1	latin1	latin1_swedish_ci	latin1_swedish_ci
+test_rpl	e2	root@localhost	SYSTEM	RECURRING	NULL	1	#	#	NULL	SLAVESIDE_DISABLED	1	latin1	latin1_swedish_ci	latin1_swedish_ci
 ==========MASTER==========
 SELECT COUNT(*) FROM t1;
 COUNT(*)

mysql-test/suite/rpl/t/rpl_current_user.cnf

+!include ../my.cnf
+
+[mysqld.3]
+server-id=3
+log-bin=slave-bin
+
+[ENV]
+SLAVE_MYPORT1=		@mysqld.3.port
+SLAVE_MYSOCK1=		@mysqld.3.socket

mysql-test/suite/rpl/t/rpl_current_user.test

+##############################################################################
+# BUG#48321 CURRENT_USER() incorrectly replicated for DROP/RENAME USER,
+# REVOKE, GRANT, ALTER EVENT
+#
+# Calling CURRENT_USER() results into inconsistency between slave and master,
+# as the slave SQL thread has different user with common users.
+#
+# After the patch for bug#48321, session's user will be written into query log
+# event if CURRENT_USER() is called in 'DROP/RENAME USER', 'REVOKE', 'GRANT',
+# 'ALTER EVENT'.
+#
+##############################################################################
+source include/master-slave.inc;
+source include/have_binlog_format_statement.inc;
+
+--echo
+--echo # On slave2
+connect (slave2,127.0.0.1,root,,test,$SLAVE_MYPORT1,);
+connection slave2;
+
+--echo # Connect slave2 to slave
+--replace_result $SLAVE_MYPORT SLAVE_MYPORT;
+eval CHANGE MASTER TO MASTER_HOST='127.0.0.1', MASTER_PORT=$SLAVE_MYPORT,
+     MASTER_LOG_FILE='slave-bin.000001', MASTER_USER='root';
+START SLAVE;
+source include/wait_for_slave_to_start.inc;
+
+--echo
+--echo # [On master]
+connection master;
+--disable_warnings
+DROP VIEW IF EXISTS v_user;
+DROP VIEW IF EXISTS v_tables_priv;
+DROP VIEW IF EXISTS v_procs_priv;
+DROP PROCEDURE IF EXISTS p1;
+DROP PROCEDURE IF EXISTS my_grant;
+DROP PROCEDURE IF EXISTS my_revoke;
+DROP FUNCTION IF EXISTS my_user;
+DROP EVENT IF EXISTS e1;
+--enable_warnings
+CREATE TABLE t1(c1 char(100));
+CREATE VIEW test.v_user AS SELECT * FROM mysql.user WHERE User LIKE 'bug48321%';
+CREATE VIEW test.v_tables_priv AS SELECT * FROM mysql.tables_priv WHERE User LIKE 'bug48321%';
+CREATE VIEW test.v_procs_priv AS SELECT * FROM mysql.procs_priv WHERE User LIKE 'bug48321%';
+CREATE VIEW test.v_event AS SELECT definer FROM mysql.event WHERE name = 'e1';
+CREATE PROCEDURE p1() SELECT 1;
+--echo # bug48321_1-01234 has the max length(16) of user.
+GRANT ALL PRIVILEGES ON *.* TO 'bug48321_1-01234'@'localhost' WITH GRANT OPTION; 
+
+--echo
+--echo # Make sure the max lengths of user and host
+--echo # the user name is too lengh
+--error 1470
+GRANT CREATE USER ON *.* TO '01234567890123456'@'fakehost';
+--echo # the host name is too lengh
+--error 1470
+GRANT CREATE USER ON *.* TO 'fakename'@'0123456789012345678901234567890123456789012345678901234567890';
+
+--echo
+--echo # User 'bug48321_1-01234' connects to master by conn1
+connect (conn1, 127.0.0.1, 'bug48321_1-01234'@'localhost',,);
+connection conn1;
+--echo # [On conn1]
+--echo # Verify 'REVOKE ALL' statement
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM CURRENT_USER();
+let $diff_table= test.v_user;
+let $diff_server_list= master, slave, slave2;
+source include/rpl_diff_tables.inc;
+
+--echo 
+--echo # Verify 'GRANT ... ON TABLE ...' statement
+connection conn1;
+GRANT CREATE, INSERT, SELECT ON TABLE test.t1 TO CURRENT_USER();
+let $diff_table= test.v_tables_priv;
+source include/rpl_diff_tables.inc;
+
+--echo 
+--echo # Verify 'GRANT ... ON PROCEDURE...' statement
+connection conn1;
+GRANT ALTER ROUTINE, EXECUTE ON PROCEDURE p1 TO CURRENT_USER();
+let $diff_table= test.v_procs_priv;
+source include/rpl_diff_tables.inc;
+
+--echo 
+--echo # Verify 'GRANT ... ON *.* ...' statement
+connection conn1;
+GRANT ALL PRIVILEGES ON *.* TO CURRENT_USER() WITH GRANT OPTION;
+source include/rpl_diff_tables.inc;
+
+--echo 
+--echo # Verify 'REVOKE ... ON TABLE ...' statement
+connection conn1;
+REVOKE CREATE, INSERT, SELECT ON TABLE t1 FROM CURRENT_USER();
+let $diff_table= test.v_tables_priv;
+source include/rpl_diff_tables.inc;
+
+--echo 
+--echo # Verify 'REVOKE ... ON PROCEDURE...' statement
+connection conn1;
+REVOKE ALTER ROUTINE, EXECUTE ON PROCEDURE p1 FROM CURRENT_USER();
+let $diff_table= test.v_procs_priv;
+source include/rpl_diff_tables.inc;
+
+--echo 
+--echo # Verify 'REVOKE ... ON *.* ...' statement
+connection conn1;
+REVOKE ALL PRIVILEGES ON *.* FROM CURRENT_USER();
+let $diff_table= test.v_user;
+source include/rpl_diff_tables.inc;
+
+--echo 
+--echo # Verify 'GRANT ...' statement in the procedure
+connection conn1;
+CREATE PROCEDURE my_grant()
+  GRANT CREATE, INSERT, SELECT ON TABLE test.t1 TO CURRENT_USER();
+call my_grant;
+let $diff_table= test.v_tables_priv;
+source include/rpl_diff_tables.inc;
+
+--echo 
+--echo # Verify 'REVOKE ... ON TABLE ...' statement in the procedure
+connection conn1;
+CREATE PROCEDURE my_revoke()
+  REVOKE CREATE, INSERT, SELECT ON TABLE t1 FROM CURRENT_USER();
+call my_revoke;
+let $diff_table= test.v_tables_priv;
+source include/rpl_diff_tables.inc;
+
+--echo 
+--echo # Verify 'RENAME USER ...' statement
+connection conn1;
+RENAME USER CURRENT_USER TO 'bug48321_2'@'localhost';
+let $diff_table= test.v_user;
+source include/rpl_diff_tables.inc;
+
+disconnect conn1;
+
+--echo 
+--echo # Verify 'DROP USER ...' statement
+connection master;
+GRANT CREATE USER ON *.* TO 'bug48321_2'@'localhost';
+connect (conn1, 127.0.0.1, 'bug48321_2'@'localhost',,);
+connection conn1;
+DROP USER CURRENT_USER();
+source include/rpl_diff_tables.inc;
+
+--echo 
+--echo # Verify 'ALTER EVENT...' statement
+connection master;
+CREATE EVENT e1 ON SCHEDULE EVERY 1 DAY DO SELECT * FROM t1;
+
+--echo # Explicitly assign CURRENT_USER() to definer
+ALTER DEFINER=CURRENT_USER() EVENT e1 ENABLE;
+let $diff_table= test.v_event;
+source include/rpl_diff_tables.inc;
+
+connection master;
+--echo
+--echo # Session user will be set as definer, if the statement does not assign
+--echo # a definer
+ALTER EVENT e1 ENABLE;
+sync_slave_with_master;
+source include/rpl_diff_tables.inc;
+
+--echo
+--echo # Verify that this patch does not affect the calling of CURRENT_USER() 
+--echo # in the other statements
+connection master;
+--echo # [On master]
+INSERT INTO t1 VALUES(CURRENT_USER()), ('1234');
+SELECT * FROM t1;
+sync_slave_with_master;
+--echo # [On slave]
+SELECT * FROM t1;
+--echo # [On slave2]
+sync_slave_with_master slave2;
+SELECT * FROM t1;
+
+connection master;
+--echo # [On master]
+UPDATE t1 SET c1=CURRENT_USER() WHERE c1='1234';
+SELECT * FROM t1;
+sync_slave_with_master;
+--echo # [On slave]
+SELECT * FROM t1;
+sync_slave_with_master slave2;
+--echo # [On slave2]
+SELECT * FROM t1;
+
+connection master;
+--echo # [On master]
+DELETE FROM t1 WHERE c1=CURRENT_USER();
+SELECT * FROM t1;
+sync_slave_with_master;
+--echo # [On slave]
+SELECT * FROM t1;
+sync_slave_with_master slave2;
+--echo # [On slave2]
+SELECT * FROM t1;
+
+connection master;
+--echo # [On master]
+CREATE TABLE t2(c1 char(100));
+
+DELIMITER |;
+CREATE FUNCTION my_user() RETURNS VARCHAR(64) 
+  SQL SECURITY INVOKER 
+BEGIN
+  INSERT INTO t2 VALUES(CURRENT_USER());
+  RETURN CURRENT_USER();
+END |
+DELIMITER ;|
+
+INSERT INTO t1 VALUES(my_user());
+SELECT * FROM t1;
+SELECT * FROM t2;
+sync_slave_with_master;
+--echo # [On slave]
+SELECT * FROM t1;
+SELECT * FROM t2;
+sync_slave_with_master slave2;
+--echo # [On slave2]
+SELECT * FROM t1;
+SELECT * FROM t2;
+
+--echo
+--echo # END
+connection master;
+DROP TABLE t1, t2;
+DROP VIEW v_user, v_tables_priv, v_procs_priv, v_event; 
+DROP PROCEDURE p1;
+DROP PROCEDURE my_grant;
+DROP PROCEDURE my_revoke;
+DROP FUNCTION my_user;
+DROP EVENT e1;
+sync_slave_with_master;
+sync_slave_with_master slave2;
+source include/master-slave-end.inc;

sql/log_event.cc

@@ -2307,6 +2307,53 @@ bool Query_log_event::write(IO_CACHE* file)
     start+= 4;
   }
 
+  if (thd && thd->is_current_user_used())
+  {
+    LEX_STRING user;
+    LEX_STRING host;
+    memset(&user, 0, sizeof(user));
+    memset(&host, 0, sizeof(host));
+
+    if (thd->slave_thread && thd->has_invoker())
+    {
+      /* user will be null, if master is older than this patch */
+      user= thd->get_invoker_user();
+      host= thd->get_invoker_host();
+    }
+    else if (thd->security_ctx->priv_user)
+    {
+      Security_context *ctx= thd->security_ctx;
+
+      user.length= strlen(ctx->priv_user);
+      user.str= ctx->priv_user;
+      if (ctx->priv_host[0] != '\0')
+      {
+        host.str= ctx->priv_host;
+        host.length= strlen(ctx->priv_host);
+      }
+    }
+
+    if (user.length > 0)
+    {
+      *start++= Q_INVOKER;
+
+      /*
+        Store user length and user. The max length of use is 16, so 1 byte is
+        enough to store the user's length.
+       */
+      *start++= (uchar)user.length;
+      memcpy(start, user.str, user.length);
+      start+= user.length;
+
+      /*
+        Store host length and host. The max length of host is 60, so 1 byte is
+        enough to store the host's length.
+       */
+      *start++= (uchar)host.length;
+      memcpy(start, host.str, host.length);
+      start+= host.length;
+    }
+  }
   /*
     NOTE: When adding new status vars, please don't forget to update
     the MAX_SIZE_LOG_EVENT_STATUS in log_event.h and update the function
@@ -2575,6 +2622,8 @@ Query_log_event::Query_log_event(const char* buf, uint event_len,
   bool catalog_nz= 1;
   DBUG_ENTER("Query_log_event::Query_log_event(char*,...)");
 
+  memset(&user, 0, sizeof(user));
+  memset(&host, 0, sizeof(host));
   common_header_len= description_event->common_header_len;
   post_header_len= description_event->post_header_len[event_type-1];
   DBUG_PRINT("info",("event_len: %u  common_header_len: %d  post_header_len: %d",
@@ -2729,6 +2778,20 @@ Query_log_event::Query_log_event(const char* buf, uint event_len,
       data_written= master_data_written= uint4korr(pos);
       pos+= 4;
       break;
+    case Q_INVOKER:
+    {
+      CHECK_SPACE(pos, end, 1);
+      user.length= *pos++;
+      CHECK_SPACE(pos, end, user.length);
+      user.str= my_strndup((const char *)pos, user.length, MYF(0));
+      pos+= user.length;
+
+      CHECK_SPACE(pos, end, 1);
+      host.length= *pos++;
+      CHECK_SPACE(pos, end, host.length);
+      host.str= my_strndup((const char *)pos, host.length, MYF(0));
+      pos+= host.length;
+    }
     default:
       /* That's why you must write status vars in growing order of code */
       DBUG_PRINT("info",("Query_log_event has unknown status vars (first has\
@@ -3178,7 +3241,7 @@ int Query_log_event::do_apply_event(Relay_log_info const *rli,
         thd->variables.collation_database= thd->db_charset;
       
       thd->table_map_for_update= (table_map)table_map_for_update;
-      
+      thd->set_invoker(&user, &host);
       /* Execute the query (note that we bypass dispatch_command()) */
       const char* found_semicolon= NULL;
       mysql_parse(thd, thd->query(), thd->query_length(), &found_semicolon);

sql/log_event.h

@@ -264,7 +264,8 @@ struct sql_ex_info
                                    1 + 2          /* type, lc_time_names_number */ + \
                                    1 + 2          /* type, charset_database_number */ + \
                                    1 + 8          /* type, table_map_for_update */ + \
-                                   1 + 4          /* type, master_data_written */)
+                                   1 + 4          /* type, master_data_written */ + \
+                                   1 + 16 + 1 + 60/* type, user_len, user, host_len, host */)
 #define MAX_LOG_EVENT_HEADER   ( /* in order of Query_log_event::write */ \
   LOG_EVENT_HEADER_LEN + /* write_header */ \
   QUERY_HEADER_LEN     + /* write_data */   \
@@ -333,6 +334,8 @@ struct sql_ex_info
 
 #define Q_MASTER_DATA_WRITTEN_CODE 10
 
+#define Q_INVOKER 11
+
 /* Intvar event post-header */
 
 /* Intvar event data */
@@ -1546,6 +1549,8 @@ protected:
 */
 class Query_log_event: public Log_event
 {
+  LEX_STRING user;
+  LEX_STRING host;
 protected:
   Log_event::Byte* data_buf;
 public:

sql/sql_acl.cc

@@ -194,6 +194,7 @@ static bool compare_hostname(const acl_host_and_ip *host,const char *hostname,
 			     const char *ip);
 static my_bool acl_load(THD *thd, TABLE_LIST *tables);
 static my_bool grant_load(THD *thd, TABLE_LIST *tables);
+static inline void get_grantor(THD *thd, char* grantor);
 
 /*
   Convert scrambled password to binary form, according to scramble type, 
@@ -2704,6 +2705,20 @@ end:
   DBUG_RETURN(result);
 }
 
+static inline void get_grantor(THD *thd, char *grantor)
+{
+  const char *user= thd->security_ctx->user;
+  const char *host= thd->security_ctx->host_or_ip;
+
+#if defined(HAVE_REPLICATION)
+  if (thd->slave_thread && thd->has_invoker())
+  {
+    user= thd->get_invoker_user().str;
+    host= thd->get_invoker_host().str;
+  }
+#endif
+  strxmov(grantor, user, "@", host, NullS);
+}
 
 static int replace_table_table(THD *thd, GRANT_TABLE *grant_table,
 			       TABLE *table, const LEX_USER &combo,
@@ -2718,9 +2733,7 @@ static int replace_table_table(THD *thd, GRANT_TABLE *grant_table,
   uchar user_key[MAX_KEY_LENGTH];
   DBUG_ENTER("replace_table_table");
 
-  strxmov(grantor, thd->security_ctx->user, "@",
-          thd->security_ctx->host_or_ip, NullS);
-
+  get_grantor(thd, grantor);
   /*
     The following should always succeed as new users are created before
     this function is called!
@@ -2850,9 +2863,7 @@ static int replace_routine_table(THD *thd, GRANT_NAME *grant_name,
     DBUG_RETURN(-1);
   }
 
-  strxmov(grantor, thd->security_ctx->user, "@",
-          thd->security_ctx->host_or_ip, NullS);
-
+  get_grantor(thd, grantor);
   /*
     New users are created before this function is called.
 

sql/sql_class.cc

@@ -736,6 +736,9 @@ THD::THD()
   thr_lock_owner_init(&main_lock_id, &lock_info);
 
   m_internal_handler= NULL;
+  current_user_used= FALSE;
+  memset(&invoker_user, 0, sizeof(invoker_user));
+  memset(&invoker_host, 0, sizeof(invoker_host));
 }
 
 
@@ -1236,6 +1239,7 @@ void THD::cleanup_after_query()
   where= THD::DEFAULT_WHERE;
   /* reset table map for multi-table update */
   table_map_for_update= 0;
+  clean_current_user_used();
 }
 
 
@@ -3267,6 +3271,22 @@ void THD::set_query(char *query_arg, uint32 query_length_arg)
   pthread_mutex_unlock(&LOCK_thd_data);
 }
 
+void THD::get_definer(LEX_USER *definer)
+{
+  set_current_user_used();
+#if !defined(MYSQL_CLIENT) && defined(HAVE_REPLICATION)
+  if (slave_thread && has_invoker())
+  {
+    definer->user = invoker_user;
+    definer->host= invoker_host;
+    definer->password.str= NULL;
+    definer->password.length= 0;
+  }
+  else
+#endif
+    get_default_definer(this, definer);
+}
+
 
 /**
   Mark transaction to rollback and mark error as fatal to a sub-statement.

sql/sql_class.h

@@ -2341,6 +2341,18 @@ public:
     Protected with LOCK_thd_data mutex.
   */
   void set_query(char *query_arg, uint32 query_length_arg);
+  void set_current_user_used() { current_user_used= TRUE; }
+  bool is_current_user_used() { return current_user_used; }
+  void clean_current_user_used() { current_user_used= FALSE; }
+  void get_definer(LEX_USER *definer);
+  void set_invoker(const LEX_STRING *user, const LEX_STRING *host)
+  {
+    invoker_user= *user;
+    invoker_host= *host;
+  }
+  LEX_STRING get_invoker_user() { return invoker_user; }
+  LEX_STRING get_invoker_host() { return invoker_host; }
+  bool has_invoker() { return invoker_user.length > 0; }
 private:
   /** The current internal error handler for this thread, or NULL. */
   Internal_error_handler *m_internal_handler;
@@ -2360,6 +2372,25 @@ private:
     tree itself is reused between executions and thus is stored elsewhere.
   */
   MEM_ROOT main_mem_root;
+
+  /**
+    It will be set TURE if CURRENT_USER() is called in account management
+    statements or default definer is set in CREATE/ALTER SP, SF, Event,
+    TRIGGER or VIEW statements.
+
+    Current user will be binlogged into Query_log_event if current_user_used
+    is TRUE; It will be stored into invoker_host and invoker_user by SQL thread.
+   */
+  bool current_user_used;
+
+  /**
+    It points to the invoker in the Query_log_event.
+    SQL thread use it as the default definer in CREATE/ALTER SP, SF, Event,
+    TRIGGER or VIEW statements or current user in account management
+    statements if it is not NULL.
+   */
+  LEX_STRING invoker_user;
+  LEX_STRING invoker_host;
 };
 
 

sql/sql_parse.cc

@@ -7654,7 +7654,7 @@ LEX_USER *create_default_definer(THD *thd)
   if (! (definer= (LEX_USER*) thd->alloc(sizeof(LEX_USER))))
     return 0;
 
-  get_default_definer(thd, definer);
+  thd->get_definer(definer);
 
   return definer;
 }