Temporary solution for bug #13969 "Routines which are replicated from master

can't be executed on slave". It will be possible to solve this problem
in more correct way when we will implement WL#2897 "Complete definer support
in the stored routines".


mysql-test/r/rpl_sp.result:
  Added test for bug #13969 "Routines which are replicated from master can't be
  executed on slave".
mysql-test/t/rpl_sp.test:
  Added test for bug #13969 "Routines which are replicated from master can't be
  executed on slave".
sql/sp_head.cc:
  sp_change_security_context():
    Currently the slave replication thread creates all stored routines with
    definer ''@'', ignoring the actual definer. When the slave replication
    thread executes these routines, it ignores the definer, and so the routines
    work. However, in case of a failover, the replica operates in a normal mysqld
    mode and changes security context to the definer when executing a routine.
    A proper fix for this issue is described in WL#2897 "Complete definer support
    in the stored routines". Until this WL is implemented, we need this temporary
    fix, which ignores errors when changing security context.

mysql-test/r/rpl_sp.result

@@ -264,6 +264,14 @@ master-bin.000002	#	Query	1	#	use `mysqltest1`; insert into t1 values (1)
 select * from t1;
 a
 1
+create procedure foo()
+not deterministic
+reads sql data
+select * from t1;
+call foo();
+a
+1
+drop procedure foo;
 drop function fn1;
 drop database mysqltest1;
 drop user "zedjzlcsjhd"@127.0.0.1;

mysql-test/t/rpl_sp.test

@@ -258,6 +258,23 @@ sync_slave_with_master;
 select * from t1;
 
 
+#
+# Test for bug #13969 "Routines which are replicated from master can't be
+# executed on slave".
+# 
+connection master;
+create procedure foo()
+  not deterministic
+  reads sql data
+  select * from t1;
+sync_slave_with_master;
+# This should not fail
+call foo();
+connection master;
+drop procedure foo;
+sync_slave_with_master;
+
+
 # Clean up
 connection master;
 drop function fn1;

sql/sp_head.cc

@@ -2650,9 +2650,24 @@ sp_change_security_context(THD *thd, sp_head *sp, Security_context **backup)
                                 sp->m_definer_host.str,
                                 sp->m_db.str))
     {
+#ifdef NOT_YET_REPLICATION_SAFE
+      /*
+        Until we don't properly replicate information about stored routine
+        definer with stored routine creation statement all stored routines
+        on slave are created under ''@'' definer. Therefore we won't be able
+        to run any routine which was replicated from master on slave server
+        if we emit error here. This will cause big problems for users
+        who use slave for fail-over. So until we fully implement WL#2897
+        "Complete definer support in the stored routines" we run suid
+        stored routines for which we were unable to find definer under
+        invoker security context.
+      */
       my_error(ER_NO_SUCH_USER, MYF(0), sp->m_definer_user.str,
                sp->m_definer_host.str);
       return TRUE;
+#else
+      return FALSE;
+#endif
     }
     *backup= thd->security_ctx;
     thd->security_ctx= &sp->m_security_ctx;