database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-07-30 16:24:05 +03:00
Code Activity

Bug#20411: "GRANT ... REQUIRE ISSUER nnn AND SUBJECT mmm" fails to require both

Browse Source 
when X.509 subject was required for a connect, we tested whether it was the right
one, but did not refuse the connexion if not. fixed.

(corrected CS now --replace_results socket-path)
This commit is contained in:
tnurnberg@salvation.intern.azundris.com
2006-08-22 14:29:48 +02:00
parent dee4105ce0
commit 002adef0e1
3 changed files with 19 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
sql/sql_acl.cc
View File

@ -874,6 +874,7 @@ int acl_getroot(THD *thd, USER_RESOURCES *mqh,
sql_print_information("X509 issuer mismatch: should be '%s' "
"but is '%s'", acl_user->x509_issuer, ptr);
free(ptr);
user_access=NO_ACCESS;
break;
}
user_access= acl_user->access;
@ -889,11 +890,13 @@ int acl_getroot(THD *thd, USER_RESOURCES *mqh,
if (strcmp(acl_user->x509_subject,ptr))
{
if (global_system_variables.log_warnings)
sql_print_information("X509 subject mismatch: '%s' vs '%s'",
sql_print_information("X509 subject mismatch: should be '%s' but is '%s'",
acl_user->x509_subject, ptr);
free(ptr);
user_access=NO_ACCESS;
break;
}
else
user_access= acl_user->access;
user_access= acl_user->access;
free(ptr);
}
break;