database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-12-24 11:21:21 +03:00
Code Activity

WL#1054: Pluggable authentication support

Browse Source 
Merged the implementation to a new base tree.
This commit is contained in:
Georgi Kodinov
2010-08-09 11:32:50 +03:00
parent 81906cdf38
commit 9705711596
127 changed files with 8248 additions and 1616 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
sql/sql_class.cc
View File

@@ -532,7 +532,8 @@ THD::THD()
catalog= (char*)"std"; // the only catalog we have for now
main_security_ctx.init();
security_ctx= &main_security_ctx;
no_errors=password= 0;
no_errors= 0;
password= 0;
query_start_used= 0;
count_cuted_fields= CHECK_FIELD_IGNORE;
killed= NOT_KILLED;
@@ -1325,6 +1326,20 @@ void THD::cleanup_after_query()
}
LEX_STRING *
make_lex_string_root(MEM_ROOT *mem_root,
LEX_STRING *lex_str, const char* str, uint length,
bool allocate_lex_string)
{
if (allocate_lex_string)
if (!(lex_str= (LEX_STRING *)alloc_root(mem_root, sizeof(LEX_STRING))))
return 0;
if (!(lex_str->str= strmake_root(mem_root, str, length)))
return 0;
lex_str->length= length;
return lex_str;
}
/**
Create a LEX_STRING in this connection.
@@ -1339,13 +1354,8 @@ LEX_STRING *THD::make_lex_string(LEX_STRING *lex_str,
const char* str, uint length,
bool allocate_lex_string)
{
if (allocate_lex_string)
if (!(lex_str= (LEX_STRING *)alloc(sizeof(LEX_STRING))))
return 0;
if (!(lex_str->str= strmake_root(mem_root, str, length)))
return 0;
lex_str->length= length;
return lex_str;
return make_lex_string_root (mem_root, lex_str, str,
length, allocate_lex_string);
}
@@ -2911,9 +2921,9 @@ void THD::set_status_var_init()
void Security_context::init()
{
host= user= priv_user= ip= 0;
host= user= ip= external_user= 0;
host_or_ip= "connecting host";
priv_host[0]= '\0';
priv_user[0]= priv_host[0]= '\0';
master_access= 0;
#ifndef NO_EMBEDDED_ACCESS_CHECKS
db_access= NO_ACCESS;
@@ -2935,6 +2945,12 @@ void Security_context::destroy()
user= NULL;
}
if (external_user)
{
my_free(external_user);
user= NULL;
}
my_free(ip);
ip= NULL;
}
@@ -2945,8 +2961,7 @@ void Security_context::skip_grants()
/* privileges for the user are unknown everything is allowed */
host_or_ip= (char *)"";
master_access= ~NO_ACCESS;
priv_user= (char *)"";
*priv_host= '\0';
*priv_user= *priv_host= '\0';
}
@@ -2988,7 +3003,7 @@ bool Security_context::set_user(char *user_arg)
of a statement under credentials of a different user, e.g.
definer of a procedure, we authenticate this user in a local
instance of Security_context by means of this method (and
ultimately by means of acl_getroot_no_password), and make the
ultimately by means of acl_getroot), and make the
local instance active in the thread by re-setting
thd->security_ctx pointer.
@@ -3022,19 +3037,12 @@ change_security_context(THD *thd,
DBUG_ASSERT(definer_user->str && definer_host->str);
*backup= NULL;
/*
The current security context may have NULL members
if we have just started the thread and not authenticated
any user. This use case is currently in events worker thread.
*/
needs_change= (thd->security_ctx->priv_user == NULL ||
strcmp(definer_user->str, thd->security_ctx->priv_user) ||
thd->security_ctx->priv_host == NULL ||
needs_change= (strcmp(definer_user->str, thd->security_ctx->priv_user) ||
my_strcasecmp(system_charset_info, definer_host->str,
thd->security_ctx->priv_host));
if (needs_change)
{
if (acl_getroot_no_password(this, definer_user->str, definer_host->str,
if (acl_getroot(this, definer_user->str, definer_host->str,
definer_host->str, db->str))
{
my_error(ER_NO_SUCH_USER, MYF(0), definer_user->str,
@@ -3392,6 +3400,10 @@ void THD::get_definer(LEX_USER *definer)
definer->host= invoker_host;
definer->password.str= NULL;
definer->password.length= 0;
definer->plugin.str= (char *) "";
definer->plugin.length= 0;
definer->auth.str= (char *) "";
definer->auth.length= 0;
}
else
#endif