database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-07-29 05:21:33 +03:00
Code Activity

Merge neptunus.(none):/home/msvensson/mysql/bug16297/my50-bug16297

Browse Source 
into  neptunus.(none):/home/msvensson/mysql/mysql-5.0-maint


mysql-test/t/grant.test:
  Auto merged
sql/sql_acl.cc:
  Auto merged
mysql-test/r/grant.result:
  SCCS merged
This commit is contained in:
unknown
2006-05-29 13:16:17 +02:00
parent b9f47abff0 d899c7ff5e
commit 8d28735d13
3 changed files with 412 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

212
mysql-test/r/grant.result
View File

@ -591,6 +591,7 @@ insert into tables_priv values ('','test_db','mysqltest_1','test_table','test_gr
flush privileges; flush privileges;
delete from tables_priv where host = '' and user = 'mysqltest_1'; delete from tables_priv where host = '' and user = 'mysqltest_1';
flush privileges; flush privileges;
use test;
set @user123="non-existent"; set @user123="non-existent";
select * from mysql.db where user=@user123; select * from mysql.db where user=@user123;
Host Db User Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Grant_priv References_priv Index_priv Alter_priv Create_tmp_table_priv Lock_tables_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Execute_priv Host Db User Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Grant_priv References_priv Index_priv Alter_priv Create_tmp_table_priv Lock_tables_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Execute_priv
@ -621,9 +622,218 @@ show grants for mysqltest_7@;
Grants for mysqltest_7@ Grants for mysqltest_7@
GRANT USAGE ON *.* TO 'mysqltest_7'@'' IDENTIFIED BY PASSWORD '*2FB071A056F9BB745219D9C876814231DAF46517' GRANT USAGE ON *.* TO 'mysqltest_7'@'' IDENTIFIED BY PASSWORD '*2FB071A056F9BB745219D9C876814231DAF46517'
drop user mysqltest_7@; drop user mysqltest_7@;
flush privileges;
show grants for mysqltest_7@; show grants for mysqltest_7@;
ERROR 42000: There is no such grant defined for user 'mysqltest_7' on host '' ERROR 42000: There is no such grant defined for user 'mysqltest_7' on host ''
create table t1 (a int);
create table t2 as select * from mysql.user where user='';
delete from mysql.user where user='';
flush privileges;
create user mysqltest_8@'';
create user mysqltest_8;
create user mysqltest_8@host8;
create user mysqltest_8@'';
ERROR HY000: Operation CREATE USER failed for 'mysqltest_8'@''
create user mysqltest_8;
ERROR HY000: Operation CREATE USER failed for 'mysqltest_8'@'%'
create user mysqltest_8@host8;
ERROR HY000: Operation CREATE USER failed for 'mysqltest_8'@'host8'
select user, QUOTE(host) from mysql.user where user="mysqltest_8";
user QUOTE(host)
mysqltest_8 ''
mysqltest_8 '%'
mysqltest_8 'host8'
Schema privileges
grant select on mysqltest.* to mysqltest_8@'';
show grants for mysqltest_8@'';
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
GRANT SELECT ON `mysqltest`.* TO 'mysqltest_8'@''
grant select on mysqltest.* to mysqltest_8@;
show grants for mysqltest_8@;
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
GRANT SELECT ON `mysqltest`.* TO 'mysqltest_8'@''
grant select on mysqltest.* to mysqltest_8;
show grants for mysqltest_8;
Grants for mysqltest_8@%
GRANT USAGE ON *.* TO 'mysqltest_8'@'%'
GRANT SELECT ON `mysqltest`.* TO 'mysqltest_8'@'%'
select * from information_schema.schema_privileges
where grantee like "'mysqltest_8'%";
GRANTEE TABLE_CATALOG TABLE_SCHEMA PRIVILEGE_TYPE IS_GRANTABLE
'mysqltest_8'@'%' NULL mysqltest SELECT NO
'mysqltest_8'@'' NULL mysqltest SELECT NO
select * from t1;
a
revoke select on mysqltest.* from mysqltest_8@'';
revoke select on mysqltest.* from mysqltest_8;
show grants for mysqltest_8@'';
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
show grants for mysqltest_8;
Grants for mysqltest_8@%
GRANT USAGE ON *.* TO 'mysqltest_8'@'%'
select * from information_schema.schema_privileges
where grantee like "'mysqltest_8'%";
GRANTEE TABLE_CATALOG TABLE_SCHEMA PRIVILEGE_TYPE IS_GRANTABLE
flush privileges;
show grants for mysqltest_8@'';
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
show grants for mysqltest_8@;
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
grant select on mysqltest.* to mysqltest_8@'';
flush privileges;
show grants for mysqltest_8@;
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
GRANT SELECT ON `mysqltest`.* TO 'mysqltest_8'@''
revoke select on mysqltest.* from mysqltest_8@'';
flush privileges;
Column privileges
grant update (a) on t1 to mysqltest_8@'';
grant update (a) on t1 to mysqltest_8;
show grants for mysqltest_8@'';
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
GRANT UPDATE (a) ON `test`.`t1` TO 'mysqltest_8'@''
show grants for mysqltest_8;
Grants for mysqltest_8@%
GRANT USAGE ON *.* TO 'mysqltest_8'@'%'
GRANT UPDATE (a) ON `test`.`t1` TO 'mysqltest_8'@'%'
flush privileges;
show grants for mysqltest_8@'';
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
GRANT UPDATE (a) ON `test`.`t1` TO 'mysqltest_8'@''
show grants for mysqltest_8;
Grants for mysqltest_8@%
GRANT USAGE ON *.* TO 'mysqltest_8'@'%'
GRANT UPDATE (a) ON `test`.`t1` TO 'mysqltest_8'@'%'
select * from information_schema.column_privileges;
GRANTEE TABLE_CATALOG TABLE_SCHEMA TABLE_NAME COLUMN_NAME PRIVILEGE_TYPE IS_GRANTABLE
'mysqltest_8'@'%' NULL test t1 a UPDATE NO
'mysqltest_8'@'' NULL test t1 a UPDATE NO
select * from t1;
a
revoke update (a) on t1 from mysqltest_8@'';
revoke update (a) on t1 from mysqltest_8;
show grants for mysqltest_8@'';
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
show grants for mysqltest_8;
Grants for mysqltest_8@%
GRANT USAGE ON *.* TO 'mysqltest_8'@'%'
select * from information_schema.column_privileges;
GRANTEE TABLE_CATALOG TABLE_SCHEMA TABLE_NAME COLUMN_NAME PRIVILEGE_TYPE IS_GRANTABLE
flush privileges;
show grants for mysqltest_8@'';
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
show grants for mysqltest_8;
Grants for mysqltest_8@%
GRANT USAGE ON *.* TO 'mysqltest_8'@'%'
Table privileges
grant update on t1 to mysqltest_8@'';
grant update on t1 to mysqltest_8;
show grants for mysqltest_8@'';
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
GRANT UPDATE ON `test`.`t1` TO 'mysqltest_8'@''
show grants for mysqltest_8;
Grants for mysqltest_8@%
GRANT USAGE ON *.* TO 'mysqltest_8'@'%'
GRANT UPDATE ON `test`.`t1` TO 'mysqltest_8'@'%'
flush privileges;
show grants for mysqltest_8@'';
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
GRANT UPDATE ON `test`.`t1` TO 'mysqltest_8'@''
show grants for mysqltest_8;
Grants for mysqltest_8@%
GRANT USAGE ON *.* TO 'mysqltest_8'@'%'
GRANT UPDATE ON `test`.`t1` TO 'mysqltest_8'@'%'
select * from information_schema.table_privileges;
GRANTEE TABLE_CATALOG TABLE_SCHEMA TABLE_NAME PRIVILEGE_TYPE IS_GRANTABLE
'mysqltest_8'@'%' NULL test t1 UPDATE NO
'mysqltest_8'@'' NULL test t1 UPDATE NO
select * from t1;
a
revoke update on t1 from mysqltest_8@'';
revoke update on t1 from mysqltest_8;
show grants for mysqltest_8@'';
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
show grants for mysqltest_8;
Grants for mysqltest_8@%
GRANT USAGE ON *.* TO 'mysqltest_8'@'%'
select * from information_schema.table_privileges;
GRANTEE TABLE_CATALOG TABLE_SCHEMA TABLE_NAME PRIVILEGE_TYPE IS_GRANTABLE
flush privileges;
show grants for mysqltest_8@'';
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
show grants for mysqltest_8;
Grants for mysqltest_8@%
GRANT USAGE ON *.* TO 'mysqltest_8'@'%'
"DROP USER" should clear privileges
grant all privileges on mysqltest.* to mysqltest_8@'';
grant select on mysqltest.* to mysqltest_8@'';
grant update on t1 to mysqltest_8@'';
grant update (a) on t1 to mysqltest_8@'';
grant all privileges on mysqltest.* to mysqltest_8;
show grants for mysqltest_8@'';
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
GRANT ALL PRIVILEGES ON `mysqltest`.* TO 'mysqltest_8'@''
GRANT UPDATE, UPDATE (a) ON `test`.`t1` TO 'mysqltest_8'@''
show grants for mysqltest_8;
Grants for mysqltest_8@%
GRANT USAGE ON *.* TO 'mysqltest_8'@'%'
GRANT ALL PRIVILEGES ON `mysqltest`.* TO 'mysqltest_8'@'%'
select * from information_schema.user_privileges
where grantee like "'mysqltest_8'%";
GRANTEE TABLE_CATALOG PRIVILEGE_TYPE IS_GRANTABLE
'mysqltest_8'@'host8' NULL USAGE NO
'mysqltest_8'@'%' NULL USAGE NO
'mysqltest_8'@'' NULL USAGE NO
select * from t1;
a
flush privileges;
show grants for mysqltest_8@'';
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
GRANT ALL PRIVILEGES ON `mysqltest`.* TO 'mysqltest_8'@''
GRANT UPDATE, UPDATE (a) ON `test`.`t1` TO 'mysqltest_8'@''
show grants for mysqltest_8;
Grants for mysqltest_8@%
GRANT USAGE ON *.* TO 'mysqltest_8'@'%'
GRANT ALL PRIVILEGES ON `mysqltest`.* TO 'mysqltest_8'@'%'
drop user mysqltest_8@'';
show grants for mysqltest_8@'';
ERROR 42000: There is no such grant defined for user 'mysqltest_8' on host ''
show grants for mysqltest_8;
Grants for mysqltest_8@%
GRANT USAGE ON *.* TO 'mysqltest_8'@'%'
GRANT ALL PRIVILEGES ON `mysqltest`.* TO 'mysqltest_8'@'%'
select * from information_schema.user_privileges
where grantee like "'mysqltest_8'%";
GRANTEE TABLE_CATALOG PRIVILEGE_TYPE IS_GRANTABLE
'mysqltest_8'@'host8' NULL USAGE NO
'mysqltest_8'@'%' NULL USAGE NO
drop user mysqltest_8;
connect(localhost,mysqltest_8,,test,MASTER_PORT,MASTER_SOCKET);
ERROR 28000: Access denied for user 'mysqltest_8'@'localhost' (using password: NO)
show grants for mysqltest_8;
ERROR 42000: There is no such grant defined for user 'mysqltest_8' on host '%'
drop user mysqltest_8@host8;
show grants for mysqltest_8@host8;
ERROR 42000: There is no such grant defined for user 'mysqltest_8' on host 'host8'
insert into mysql.user select * from t2;
flush privileges;
drop table t2;
drop table t1;
create database mysqltest; create database mysqltest;
use mysqltest; use mysqltest;
create table t1(f1 int); create table t1(f1 int);

144
mysql-test/t/grant.test
View File

@ -479,6 +479,7 @@ insert into tables_priv values ('','test_db','mysqltest_1','test_table','test_gr
flush privileges; flush privileges;
delete from tables_priv where host = '' and user = 'mysqltest_1'; delete from tables_priv where host = '' and user = 'mysqltest_1';
flush privileges; flush privileges;
use test;
# #
# Bug #10892 user variables not auto cast for comparisons # Bug #10892 user variables not auto cast for comparisons
@ -507,7 +508,6 @@ create user mysqltest_7@;
set password for mysqltest_7@ = password('systpass'); set password for mysqltest_7@ = password('systpass');
show grants for mysqltest_7@; show grants for mysqltest_7@;
drop user mysqltest_7@; drop user mysqltest_7@;
flush privileges; # BUG#16297(flush should be removed when that bug is fixed)
--error 1141 --error 1141
show grants for mysqltest_7@; show grants for mysqltest_7@;
@ -528,3 +528,145 @@ flush privileges;
drop database mysqltest; drop database mysqltest;
# End of 4.1 tests # End of 4.1 tests
#
# Bug #16297 In memory grant tables not flushed when users's hostname is ""
#
create table t1 (a int);
# Backup anonymous users and remove them. (They get in the way of
# the one we test with here otherwise.)
create table t2 as select * from mysql.user where user='';
delete from mysql.user where user='';
flush privileges;
# Create some users with different hostnames
create user mysqltest_8@'';
create user mysqltest_8;
create user mysqltest_8@host8;
# Try to create them again
--error 1396
create user mysqltest_8@'';
--error 1396
create user mysqltest_8;
--error 1396
create user mysqltest_8@host8;
select user, QUOTE(host) from mysql.user where user="mysqltest_8";
--echo Schema privileges
grant select on mysqltest.* to mysqltest_8@'';
show grants for mysqltest_8@'';
grant select on mysqltest.* to mysqltest_8@;
show grants for mysqltest_8@;
grant select on mysqltest.* to mysqltest_8;
show grants for mysqltest_8;
select * from information_schema.schema_privileges
where grantee like "'mysqltest_8'%";
connect (conn3,localhost,mysqltest_8,,);
select * from t1;
disconnect conn3;
connection master;
revoke select on mysqltest.* from mysqltest_8@'';
revoke select on mysqltest.* from mysqltest_8;
show grants for mysqltest_8@'';
show grants for mysqltest_8;
select * from information_schema.schema_privileges
where grantee like "'mysqltest_8'%";
flush privileges;
show grants for mysqltest_8@'';
show grants for mysqltest_8@;
grant select on mysqltest.* to mysqltest_8@'';
flush privileges;
show grants for mysqltest_8@;
revoke select on mysqltest.* from mysqltest_8@'';
flush privileges;
--echo Column privileges
grant update (a) on t1 to mysqltest_8@'';
grant update (a) on t1 to mysqltest_8;
show grants for mysqltest_8@'';
show grants for mysqltest_8;
flush privileges;
show grants for mysqltest_8@'';
show grants for mysqltest_8;
select * from information_schema.column_privileges;
connect (conn4,localhost,mysqltest_8,,);
select * from t1;
disconnect conn4;
connection master;
revoke update (a) on t1 from mysqltest_8@'';
revoke update (a) on t1 from mysqltest_8;
show grants for mysqltest_8@'';
show grants for mysqltest_8;
select * from information_schema.column_privileges;
flush privileges;
show grants for mysqltest_8@'';
show grants for mysqltest_8;
--echo Table privileges
grant update on t1 to mysqltest_8@'';
grant update on t1 to mysqltest_8;
show grants for mysqltest_8@'';
show grants for mysqltest_8;
flush privileges;
show grants for mysqltest_8@'';
show grants for mysqltest_8;
select * from information_schema.table_privileges;
connect (conn5,localhost,mysqltest_8,,);
select * from t1;
disconnect conn5;
connection master;
revoke update on t1 from mysqltest_8@'';
revoke update on t1 from mysqltest_8;
show grants for mysqltest_8@'';
show grants for mysqltest_8;
select * from information_schema.table_privileges;
flush privileges;
show grants for mysqltest_8@'';
show grants for mysqltest_8;
--echo "DROP USER" should clear privileges
grant all privileges on mysqltest.* to mysqltest_8@'';
grant select on mysqltest.* to mysqltest_8@'';
grant update on t1 to mysqltest_8@'';
grant update (a) on t1 to mysqltest_8@'';
grant all privileges on mysqltest.* to mysqltest_8;
show grants for mysqltest_8@'';
show grants for mysqltest_8;
select * from information_schema.user_privileges
where grantee like "'mysqltest_8'%";
connect (conn5,localhost,mysqltest_8,,);
select * from t1;
disconnect conn5;
connection master;
flush privileges;
show grants for mysqltest_8@'';
show grants for mysqltest_8;
drop user mysqltest_8@'';
--error 1141
show grants for mysqltest_8@'';
show grants for mysqltest_8;
select * from information_schema.user_privileges
where grantee like "'mysqltest_8'%";
drop user mysqltest_8;
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
--error 1045
connect (conn6,localhost,mysqltest_8,,);
connection master;
--error 1141
show grants for mysqltest_8;
drop user mysqltest_8@host8;
--error 1141
show grants for mysqltest_8@host8;
# Restore the anonymous users.
insert into mysql.user select * from t2;
flush privileges;
drop table t2;
drop table t1;

112
sql/sql_acl.cc
View File

@ -227,7 +227,8 @@ static my_bool acl_load(THD *thd, TABLE_LIST *tables)
"case that has been forced to lowercase because " "case that has been forced to lowercase because "
"lower_case_table_names is set. It will not be " "lower_case_table_names is set. It will not be "
"possible to remove this privilege using REVOKE.", "possible to remove this privilege using REVOKE.",
host.host.hostname, host.db); host.host.hostname ? host.host.hostname : "",
host.db ? host.db : "");
} }
host.access= get_access(table,2); host.access= get_access(table,2);
host.access= fix_rights_for_db(host.access); host.access= fix_rights_for_db(host.access);
@ -236,7 +237,8 @@ static my_bool acl_load(THD *thd, TABLE_LIST *tables)
{ {
sql_print_warning("'host' entry '%s|%s' " sql_print_warning("'host' entry '%s|%s' "
"ignored in --skip-name-resolve mode.", "ignored in --skip-name-resolve mode.",
host.host.hostname, host.db?host.db:""); host.host.hostname ? host.host.hostname : "",
host.db ? host.db : "");
continue; continue;
} }
#ifndef TO_BE_REMOVED #ifndef TO_BE_REMOVED
@ -306,7 +308,8 @@ static my_bool acl_load(THD *thd, TABLE_LIST *tables)
{ {
sql_print_warning("'user' entry '%s@%s' " sql_print_warning("'user' entry '%s@%s' "
"ignored in --skip-name-resolve mode.", "ignored in --skip-name-resolve mode.",
user.user, user.host.hostname); user.user ? user.user : "",
user.host.hostname ? user.host.hostname : "");
continue; continue;
} }
@ -415,8 +418,8 @@ static my_bool acl_load(THD *thd, TABLE_LIST *tables)
#endif #endif
} }
VOID(push_dynamic(&acl_users,(gptr) &user)); VOID(push_dynamic(&acl_users,(gptr) &user));
if (!user.host.hostname || user.host.hostname[0] == wild_many && if (!user.host.hostname ||
!user.host.hostname[1]) (user.host.hostname[0] == wild_many && !user.host.hostname[1]))
allow_all_hosts=1; // Anyone can connect allow_all_hosts=1; // Anyone can connect
} }
} }
@ -442,7 +445,9 @@ static my_bool acl_load(THD *thd, TABLE_LIST *tables)
{ {
sql_print_warning("'db' entry '%s %s@%s' " sql_print_warning("'db' entry '%s %s@%s' "
"ignored in --skip-name-resolve mode.", "ignored in --skip-name-resolve mode.",
db.db, db.user, db.host.hostname); db.db,
db.user ? db.user : "",
db.host.hostname ? db.host.hostname : "");
continue; continue;
} }
db.access=get_access(table,3); db.access=get_access(table,3);
@ -461,7 +466,9 @@ static my_bool acl_load(THD *thd, TABLE_LIST *tables)
"case that has been forced to lowercase because " "case that has been forced to lowercase because "
"lower_case_table_names is set. It will not be " "lower_case_table_names is set. It will not be "
"possible to remove this privilege using REVOKE.", "possible to remove this privilege using REVOKE.",
db.db, db.user, db.host.hostname, db.host.hostname); db.db,
db.user ? db.user : "",
db.host.hostname ? db.host.hostname : "");
} }
} }
db.sort=get_sort(3,db.host.hostname,db.db,db.user); db.sort=get_sort(3,db.host.hostname,db.db,db.user);
@ -1033,8 +1040,7 @@ static void acl_update_user(const char *user, const char *host,
{ {
ACL_USER *acl_user=dynamic_element(&acl_users,i,ACL_USER*); ACL_USER *acl_user=dynamic_element(&acl_users,i,ACL_USER*);
if (!acl_user->user && !user[0] || if (!acl_user->user && !user[0] ||
acl_user->user && acl_user->user && !strcmp(user,acl_user->user))
!strcmp(user,acl_user->user))
{ {
if (!acl_user->host.hostname && !host[0] || if (!acl_user->host.hostname && !host[0] ||
acl_user->host.hostname && acl_user->host.hostname &&
@ -1097,8 +1103,8 @@ static void acl_insert_user(const char *user, const char *host,
set_user_salt(&acl_user, password, password_len); set_user_salt(&acl_user, password, password_len);
VOID(push_dynamic(&acl_users,(gptr) &acl_user)); VOID(push_dynamic(&acl_users,(gptr) &acl_user));
if (!acl_user.host.hostname || acl_user.host.hostname[0] == wild_many if (!acl_user.host.hostname ||
&& !acl_user.host.hostname[1]) (acl_user.host.hostname[0] == wild_many && !acl_user.host.hostname[1]))
allow_all_hosts=1; // Anyone can connect /* purecov: tested */ allow_all_hosts=1; // Anyone can connect /* purecov: tested */
qsort((gptr) dynamic_element(&acl_users,0,ACL_USER*),acl_users.elements, qsort((gptr) dynamic_element(&acl_users,0,ACL_USER*),acl_users.elements,
sizeof(ACL_USER),(qsort_cmp) acl_compare); sizeof(ACL_USER),(qsort_cmp) acl_compare);
@ -1158,7 +1164,7 @@ static void acl_insert_db(const char *user, const char *host, const char *db,
ACL_DB acl_db; ACL_DB acl_db;
safe_mutex_assert_owner(&acl_cache->lock); safe_mutex_assert_owner(&acl_cache->lock);
acl_db.user=strdup_root(&mem,user); acl_db.user=strdup_root(&mem,user);
update_hostname(&acl_db.host,strdup_root(&mem,host)); update_hostname(&acl_db.host, *host ? strdup_root(&mem,host) : 0);
acl_db.db=strdup_root(&mem,db); acl_db.db=strdup_root(&mem,db);
acl_db.access=privileges; acl_db.access=privileges;
acl_db.sort=get_sort(3,acl_db.host.hostname,acl_db.db,acl_db.user); acl_db.sort=get_sort(3,acl_db.host.hostname,acl_db.db,acl_db.user);
@ -1546,11 +1552,10 @@ find_acl_user(const char *host, const char *user, my_bool exact)
{ {
ACL_USER *acl_user=dynamic_element(&acl_users,i,ACL_USER*); ACL_USER *acl_user=dynamic_element(&acl_users,i,ACL_USER*);
DBUG_PRINT("info",("strcmp('%s','%s'), compare_hostname('%s','%s'),", DBUG_PRINT("info",("strcmp('%s','%s'), compare_hostname('%s','%s'),",
user, user, acl_user->user ? acl_user->user : "",
acl_user->user ? acl_user->user : "", host,
host, acl_user->host.hostname ? acl_user->host.hostname :
acl_user->host.hostname ? acl_user->host.hostname : ""));
""));
if (!acl_user->user && !user[0] || if (!acl_user->user && !user[0] ||
acl_user->user && !strcmp(user,acl_user->user)) acl_user->user && !strcmp(user,acl_user->user))
{ {
@ -1600,7 +1605,7 @@ static const char *calc_ip(const char *ip, long *val, char end)
static void update_hostname(acl_host_and_ip *host, const char *hostname) static void update_hostname(acl_host_and_ip *host, const char *hostname)
{ {
host->hostname=(char*) hostname; // This will not be modified! host->hostname=(char*) hostname; // This will not be modified!
if (!hostname || if (!hostname ||
(!(hostname=calc_ip(hostname,&host->ip,'/')) || (!(hostname=calc_ip(hostname,&host->ip,'/')) ||
!(hostname=calc_ip(hostname+1,&host->ip_mask,'\0')))) !(hostname=calc_ip(hostname+1,&host->ip_mask,'\0'))))
@ -1620,8 +1625,8 @@ static bool compare_hostname(const acl_host_and_ip *host, const char *hostname,
} }
return (!host->hostname || return (!host->hostname ||
(hostname && !wild_case_compare(system_charset_info, (hostname && !wild_case_compare(system_charset_info,
hostname,host->hostname)) || hostname, host->hostname)) ||
(ip && !wild_compare(ip,host->hostname,0))); (ip && !wild_compare(ip, host->hostname, 0)));
} }
bool hostname_requires_resolving(const char *hostname) bool hostname_requires_resolving(const char *hostname)
@ -3367,8 +3372,10 @@ static my_bool grant_load(TABLE_LIST *tables)
{ {
sql_print_warning("'tables_priv' entry '%s %s@%s' " sql_print_warning("'tables_priv' entry '%s %s@%s' "
"ignored in --skip-name-resolve mode.", "ignored in --skip-name-resolve mode.",
mem_check->tname, mem_check->user, mem_check->tname,
mem_check->host, mem_check->host); mem_check->user ? mem_check->user : "",
mem_check->host.hostname ?
mem_check->host.hostname : "");
continue; continue;
} }
} }
@ -3406,7 +3413,8 @@ static my_bool grant_load(TABLE_LIST *tables)
sql_print_warning("'procs_priv' entry '%s %s@%s' " sql_print_warning("'procs_priv' entry '%s %s@%s' "
"ignored in --skip-name-resolve mode.", "ignored in --skip-name-resolve mode.",
mem_check->tname, mem_check->user, mem_check->tname, mem_check->user,
mem_check->host); mem_check->host.hostname ?
mem_check->host.hostname : "");
continue; continue;
} }
} }
@ -4113,11 +4121,6 @@ bool mysql_show_grants(THD *thd,LEX_USER *lex_user)
DBUG_RETURN(TRUE); DBUG_RETURN(TRUE);
} }
if (!lex_user->host.str)
{
lex_user->host.str= (char*) "%";
lex_user->host.length=1;
}
if (lex_user->host.length > HOSTNAME_LENGTH || if (lex_user->host.length > HOSTNAME_LENGTH ||
lex_user->user.length > USERNAME_LENGTH) lex_user->user.length > USERNAME_LENGTH)
{ {
@ -4327,16 +4330,17 @@ bool mysql_show_grants(THD *thd,LEX_USER *lex_user)
/* Add table & column access */ /* Add table & column access */
for (index=0 ; index < column_priv_hash.records ; index++) for (index=0 ; index < column_priv_hash.records ; index++)
{ {
const char *user; const char *user, *host;
GRANT_TABLE *grant_table= (GRANT_TABLE*) hash_element(&column_priv_hash, GRANT_TABLE *grant_table= (GRANT_TABLE*) hash_element(&column_priv_hash,
index); index);
if (!(user=grant_table->user)) if (!(user=grant_table->user))
user= ""; user= "";
if (!(host= grant_table->host.hostname))
host= "";
if (!strcmp(lex_user->user.str,user) && if (!strcmp(lex_user->user.str,user) &&
!my_strcasecmp(system_charset_info, lex_user->host.str, !my_strcasecmp(system_charset_info, lex_user->host.str, host))
grant_table->host.hostname))
{ {
ulong table_access= grant_table->privs; ulong table_access= grant_table->privs;
if ((table_access | grant_table->cols) != 0) if ((table_access | grant_table->cols) != 0)
@ -4463,15 +4467,16 @@ static int show_routine_grants(THD* thd, LEX_USER *lex_user, HASH *hash,
/* Add routine access */ /* Add routine access */
for (index=0 ; index < hash->records ; index++) for (index=0 ; index < hash->records ; index++)
{ {
const char *user; const char *user, *host;
GRANT_NAME *grant_proc= (GRANT_NAME*) hash_element(hash, index); GRANT_NAME *grant_proc= (GRANT_NAME*) hash_element(hash, index);
if (!(user=grant_proc->user)) if (!(user=grant_proc->user))
user= ""; user= "";
if (!(host= grant_proc->host.hostname))
host= "";
if (!strcmp(lex_user->user.str,user) && if (!strcmp(lex_user->user.str,user) &&
!my_strcasecmp(system_charset_info, lex_user->host.str, !my_strcasecmp(system_charset_info, lex_user->host.str, host))
grant_proc->host.hostname))
{ {
ulong proc_access= grant_proc->privs; ulong proc_access= grant_proc->privs;
if (proc_access != 0) if (proc_access != 0)
@ -4923,35 +4928,30 @@ static int handle_grant_struct(uint struct_no, bool drop,
{ {
/* /*
Get a pointer to the element. Get a pointer to the element.
Unfortunaltely, the host default differs for the structures.
*/ */
switch (struct_no) { switch (struct_no) {
case 0: case 0:
acl_user= dynamic_element(&acl_users, idx, ACL_USER*); acl_user= dynamic_element(&acl_users, idx, ACL_USER*);
user= acl_user->user; user= acl_user->user;
if (!(host= acl_user->host.hostname)) host= acl_user->host.hostname;
host= "%"; break;
break;
case 1: case 1:
acl_db= dynamic_element(&acl_dbs, idx, ACL_DB*); acl_db= dynamic_element(&acl_dbs, idx, ACL_DB*);
user= acl_db->user; user= acl_db->user;
if (!(host= acl_db->host.hostname)) host= acl_db->host.hostname;
host= "%";
break; break;
case 2: case 2:
grant_name= (GRANT_NAME*) hash_element(&column_priv_hash, idx); grant_name= (GRANT_NAME*) hash_element(&column_priv_hash, idx);
user= grant_name->user; user= grant_name->user;
if (!(host= grant_name->host.hostname)) host= grant_name->host.hostname;
host= "%";
break; break;
case 3: case 3:
grant_name= (GRANT_NAME*) hash_element(&proc_priv_hash, idx); grant_name= (GRANT_NAME*) hash_element(&proc_priv_hash, idx);
user= grant_name->user; user= grant_name->user;
if (!(host= grant_name->host.hostname)) host= grant_name->host.hostname;
host= "%";
break; break;
} }
if (! user) if (! user)
@ -5540,8 +5540,10 @@ bool sp_revoke_privileges(THD *thd, const char *sp_db, const char *sp_name,
LEX_USER lex_user; LEX_USER lex_user;
lex_user.user.str= grant_proc->user; lex_user.user.str= grant_proc->user;
lex_user.user.length= strlen(grant_proc->user); lex_user.user.length= strlen(grant_proc->user);
lex_user.host.str= grant_proc->host.hostname; lex_user.host.str= grant_proc->host.hostname ?
lex_user.host.length= strlen(grant_proc->host.hostname); grant_proc->host.hostname : (char*)"";
lex_user.host.length= grant_proc->host.hostname ?
strlen(grant_proc->host.hostname) : 0;
if (!replace_routine_table(thd,grant_proc,tables[4].table,lex_user, if (!replace_routine_table(thd,grant_proc,tables[4].table,lex_user,
grant_proc->db, grant_proc->tname, grant_proc->db, grant_proc->tname,
is_proc, ~(ulong)0, 1)) is_proc, ~(ulong)0, 1))
@ -5848,16 +5850,17 @@ int fill_schema_table_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
for (index=0 ; index < column_priv_hash.records ; index++) for (index=0 ; index < column_priv_hash.records ; index++)
{ {
const char *user, *is_grantable= "YES"; const char *user, *host, *is_grantable= "YES";
GRANT_TABLE *grant_table= (GRANT_TABLE*) hash_element(&column_priv_hash, GRANT_TABLE *grant_table= (GRANT_TABLE*) hash_element(&column_priv_hash,
index); index);
if (!(user=grant_table->user)) if (!(user=grant_table->user))
user= ""; user= "";
if (!(host= grant_table->host.hostname))
host= "";
if (no_global_access && if (no_global_access &&
(strcmp(thd->security_ctx->priv_user, user) || (strcmp(thd->security_ctx->priv_user, user) ||
my_strcasecmp(system_charset_info, curr_host, my_strcasecmp(system_charset_info, curr_host, host)))
grant_table->host.hostname)))
continue; continue;
ulong table_access= grant_table->privs; ulong table_access= grant_table->privs;
@ -5873,7 +5876,7 @@ int fill_schema_table_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
if (!(table_access & GRANT_ACL)) if (!(table_access & GRANT_ACL))
is_grantable= "NO"; is_grantable= "NO";
strxmov(buff,"'",user,"'@'",grant_table->host.hostname,"'",NullS); strxmov(buff, "'", user, "'@'", host, "'", NullS);
if (!test_access) if (!test_access)
update_schema_privilege(table, buff, grant_table->db, grant_table->tname, update_schema_privilege(table, buff, grant_table->db, grant_table->tname,
0, 0, STRING_WITH_LEN("USAGE"), is_grantable); 0, 0, STRING_WITH_LEN("USAGE"), is_grantable);
@ -5915,16 +5918,17 @@ int fill_schema_column_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
for (index=0 ; index < column_priv_hash.records ; index++) for (index=0 ; index < column_priv_hash.records ; index++)
{ {
const char *user, *is_grantable= "YES"; const char *user, *host, *is_grantable= "YES";
GRANT_TABLE *grant_table= (GRANT_TABLE*) hash_element(&column_priv_hash, GRANT_TABLE *grant_table= (GRANT_TABLE*) hash_element(&column_priv_hash,
index); index);
if (!(user=grant_table->user)) if (!(user=grant_table->user))
user= ""; user= "";
if (!(host= grant_table->host.hostname))
host= "";
if (no_global_access && if (no_global_access &&
(strcmp(thd->security_ctx->priv_user, user) || (strcmp(thd->security_ctx->priv_user, user) ||
my_strcasecmp(system_charset_info, curr_host, my_strcasecmp(system_charset_info, curr_host, host)))
grant_table->host.hostname)))
continue; continue;
ulong table_access= grant_table->cols; ulong table_access= grant_table->cols;
@ -5934,7 +5938,7 @@ int fill_schema_column_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
is_grantable= "NO"; is_grantable= "NO";
ulong test_access= table_access & ~GRANT_ACL; ulong test_access= table_access & ~GRANT_ACL;
strxmov(buff,"'",user,"'@'",grant_table->host.hostname,"'",NullS); strxmov(buff, "'", user, "'@'", host, "'", NullS);
if (!test_access) if (!test_access)
continue; continue;
else else