From 88f900461d6e8908e76ca8da72f9a1938aefbcdd Mon Sep 17 00:00:00 2001
From: Matthieu Bourgain <aohzan@gmail.com>
Date: Mon, 22 Apr 2024 18:17:49 +0200
Subject: [PATCH] fix hash

---
 plugins/module_utils/implementations/mysql/hash.py | 3 +--
 plugins/module_utils/user.py                       | 4 ++--
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/plugins/module_utils/implementations/mysql/hash.py b/plugins/module_utils/implementations/mysql/hash.py
index 91da64b..5761559 100644
--- a/plugins/module_utils/implementations/mysql/hash.py
+++ b/plugins/module_utils/implementations/mysql/hash.py
@@ -117,5 +117,4 @@ def mysql_sha256_password_hash_hex(password, salt):
     iteration = 1000 * count
 
     digest = _sha256_digest(password, salt, iteration)
-    generated_hash = "$A${0:>03}{1}{2}".format(count, salt, digest).encode()
-    return "0x{0}".format(generated_hash.hex().upper())
+    return "$A${0:>03}${1}{2}".format(count, salt, digest).encode().hex().upper()
diff --git a/plugins/module_utils/user.py b/plugins/module_utils/user.py
index 89cda33..6d95cf5 100644
--- a/plugins/module_utils/user.py
+++ b/plugins/module_utils/user.py
@@ -191,7 +191,7 @@ def user_add(cursor, user, host, host_all, password, encrypted,
                 generated_hash_string = mysql_sha256_password_hash_hex(password=plugin_auth_string, salt=salt)
             else:
                 module.fail_json(msg="salt not handled for %s authentication plugin" % plugin)
-            query_with_args = "CREATE USER %s@%s IDENTIFIED WITH %s AS %s", (user, host, plugin, generated_hash_string)
+            query_with_args = ("CREATE USER %s@%s IDENTIFIED WITH %s AS 0x" + generated_hash_string), (user, host, plugin)
         else:
             query_with_args = "CREATE USER %s@%s IDENTIFIED WITH %s BY %s", (user, host, plugin, plugin_auth_string)
     elif plugin:
@@ -372,7 +372,7 @@ def user_mod(cursor, user, host, host_all, password, encrypted,
                             generated_hash_string = mysql_sha256_password_hash_hex(password=plugin_auth_string, salt=salt)
                         else:
                             module.fail_json(msg="salt not handled for %s authentication plugin" % plugin)
-                        query_with_args = "ALTER USER %s@%s IDENTIFIED WITH %s AS %s", (user, host, plugin, generated_hash_string)
+                        query_with_args = ("ALTER USER %s@%s IDENTIFIED WITH %s AS 0x" + generated_hash_string), (user, host, plugin)
                     else:
                         query_with_args = "ALTER USER %s@%s IDENTIFIED WITH %s BY %s", (user, host, plugin, plugin_auth_string)
                 else: