Addendum patch which fix two issues with the previous patch.
Allowing SET-statements caused SET PASSWORD FOR <user>
to succeed for any user. This patch corrects the issue
by allowing user specifications which exactly match the
authorized user. The connect.test was updated to match
the new specification.
The second issue was that a test of password expiration
gave a different result if the statement was prepared.
This is as expected; preparing a statement is allowed but
during preparation other errors besides the expected
password expiration can happen. The issue is corrected by
a slight modification of the test.