From 413087ae84d22bc7f05b7dc37bd882e1ac8a2ac4 Mon Sep 17 00:00:00 2001
From: Ilia Ross <ilia@ross.gdn>
Date: Wed, 13 May 2026 02:20:42 +0200
Subject: [PATCH] Fix MariaDB create user auth plugin syntax

* Note: Use MariaDB-compatible IDENTIFIED VIA ... USING PASSWORD(...) syntax when creating users with an explicit authentication plugin, while preserving default password creation and MySQL behavior.

https://forum.virtualmin.com/t/mariadb-syntax-change-on-rocky-10/137187
---
 mysql/mysql-lib.pl | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/mysql/mysql-lib.pl b/mysql/mysql-lib.pl
index 94034d946..a961ae4aa 100755
--- a/mysql/mysql-lib.pl
+++ b/mysql/mysql-lib.pl
@@ -2006,11 +2006,12 @@ my $other_field_values = $sc->{'other_field_values'};
 
 my ($ver, $variant) = &get_remote_mysql_variant();
 my $plugin = $sc->{'plugin'} || &get_mysql_plugin();
-$plugin = $plugin ? "with $plugin" : "";
 
 if ($variant eq "mariadb" && &compare_version_numbers($ver, "10.4") >= 0) {
-	my $sql = "create user '$user'\@'$host' identified $plugin by ".
-		"'".&escapestr($pass)."'";
+	my $auth = $plugin ?
+		&get_plugin_sql($ver, $variant, $pass, $plugin) :
+		"identified by '".&escapestr($pass)."'";
+	my $sql = "create user '$user'\@'$host' $auth";
 	&execute_sql_logged($master_db, $sql);
 	&execute_sql_logged($master_db, 'flush privileges');
 
@@ -2036,6 +2037,7 @@ else {
 	&execute_sql_logged($master_db, 'flush privileges');
 
 	if ($variant eq "mysql" && &compare_version_numbers($ver, "5.7.6") >= 0) {
+		$plugin = $plugin ? "with $plugin" : "";
 		&execute_sql_logged($master_db,
 		    "alter user '$user'\@'$host' identified $plugin by ".
 		        "'".&escapestr($pass)."'");