database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-08-31 22:22:30 +03:00
Code Activity

Re-apply missing changeset, orignally pushed by elliot

Browse Source 
Add define YASSL_PREFIX when compiling yassl

Import patch from yaSSL
- avoid allocating memory for each call to 'EVP_md5' and 
  'EVP_des_ede3_cbc' which were not released until server was stopped
- Those functions are used from the SQL function 'des_encrypt' and
  'des_decrypt'.

Add new define YASSL_PREFIX beforee including ssl.h to activate inclusion of prefix_*.h files

Bug#20022 mysql-test-run can't be run with secure connections turned on for all testcases
- Part 1, fixes rpl- and federated-tests where connection is made to 127.0.0.1

- Include prefix files that renames all public functions in yaSSLs
  OpenSSL API to ya<function_name>. They will otherwise conflict
  with OpenSSL functions if loaded by an application that uses OpenSSL
  as well as libmysqlclient with yaSSL support.

Bug#18235: assertion/crash when windows mysqld is ended with ctrl-c
  
Two threads both try a shutdown sequence which creates a race to the
de-init/free of certain resources.
  
This exists in similar form in the client as 17926: "mysql.exe crashes
when ctrl-c is pressed in windows."

Update after merge to 5.0

BUG#18669: Session COM_STATISTICS breaks mysqladmin status.
Changed COM_STATISTICS to display the global status, instead of thead status, for slow queries and table opens.

- In function 'handle_grant_struct' when searching the memory structures for an 
  entry to modify, convert all entries here host.hostname is NULL to "" and compare that 
  with the host passed in argument "user_from".
- A user created with hostname "" is stored in "mysql.user" table as host="" but when loaded into 
  memory it'll be stored as host.hostname NULL. Specifiying "" as hostname means
  that "any host" can connect. Thus is's correct to turn on allow_all_hosts
  when such a user is found. 
- Review and fix other places where host.hostname may be NULL.

BUG#19394 OPT_INNODB_THREAD_CONCURRENCY duplicated
Removed duplication (not a user-visible change)


client/Makefile.am:
  Remove $yassl_includes
client/mysqltest.c:
  Turn on ssl_verify_server_cert only if host is "localhost"
extra/yassl/include/openssl/crypto.h:
  Add prefix file for ssl.h
extra/yassl/include/openssl/ssl.h:
  Add include file "prefix_crypto.h" to rename SSL_* functions to yaSSL_*
extra/yassl/include/yassl_int.hpp:
  Import patch yassl.diff
extra/yassl/src/Makefile.am:
  Add defined YASSL_PREFIX when building yassl/testsuite
extra/yassl/src/ssl.cpp:
  Import patch yassl.diff
extra/yassl/src/template_instnt.cpp:
  Import patch yassl.diff
extra/yassl/src/yassl_int.cpp:
  Import patch yassl.diff
extra/yassl/testsuite/Makefile.am:
  Add defined YASSL_PREFIX when building yassl/testsuite
extra/yassl/yassl.vcproj:
  Add define YASSL_PREFIX when compiling yassl
include/violite.h:
  Add new define YASSL_PREFIX beforee including ssl.h to activate inclusion of prefix_*.h files
libmysql/Makefile.am:
  Remove yassl_includes
libmysql_r/Makefile.am:
  Remove yassl_includes
libmysqld/Makefile.am:
  Remove yassl_includes
libmysqld/examples/Makefile.am:
  Remove yassl_includes
mysql-test/r/analyze.result:
  Add missing drop table
mysql-test/r/grant.result:
  Reorder test result
  Add test cases for users with hostname ""
mysql-test/r/ps.result:
  Add missing drop table
mysql-test/t/analyze.test:
  Add missing drop table
mysql-test/t/grant.test:
  Add "use test"
  Add test cases for users with hostname ""
  - Test create, grant and drop as well as connecting as the user with hostname "".
mysql-test/t/ps.test:
  Add missing drop table
server-tools/instance-manager/Makefile.am:
  Remove yassl_includes
sql/Makefile.am:
  Remove yassl_includes
sql/mysqld.cc:
  We have three potential ways of hitting the iceberg:
  - unireg_end()   has basic de-init
  - unireg_abort() has extended de-init
  - main() has a de-init sequence similar to unireg_abort()
  
  In the Windows version of the server, Control-C is handled
  in a different thread from the one main() is in.  The main
  loop is told to end, then unireg_abort() is called.  Its
  de-init and that of main() will then race each other for
  mutex- and cond-var-destroys, free(), and finally exit().
  
  This patch introduces a special case for Windows that will eliminate
  the race by ending the signal-handler via unireg_end() instead if
  SIGINT is signalled.  This seems the least intrusive fix that still
  fixes user-visible behaviour.
  
  Two of the startup options for mysqld, innodb_commit_concurrency
  and innodb_thread_concurrency, were using the same enumeration
  value. Changed to give innodb_commit_concurrency it's own value.
sql/sql_acl.cc:
  Add check if host is NULL
  Add check if grant_name->host.hostname is null
  Convert places where host.hostname is NULL to "" before using it.
sql/sql_parse.cc:
  Calculate and display the global statistics.
vio/Makefile.am:
  Remove yassl_includes
extra/yassl/include/openssl/generate_prefix_files.pl:
  New BitKeeper file ``extra/yassl/include/openssl/generate_prefix_files.pl''
extra/yassl/include/openssl/prefix_crypto.h:
  New BitKeeper file ``extra/yassl/include/openssl/prefix_crypto.h''
extra/yassl/include/openssl/prefix_ssl.h:
  New BitKeeper file ``extra/yassl/include/openssl/prefix_ssl.h''
This commit is contained in:
unknown
2006-06-06 14:21:07 +03:00
parent 0b870cc18e
commit a68a9cb693
31 changed files with 680 additions and 145 deletions
Download Patch File Download Diff File Expand all files Collapse all files

118
sql/sql_acl.cc
View File

@@ -343,7 +343,8 @@ static my_bool acl_load(THD *thd, TABLE_LIST *tables)
"case that has been forced to lowercase because "
"lower_case_table_names is set. It will not be "
"possible to remove this privilege using REVOKE.",
host.host.hostname, host.db);
host.host.hostname ? host.host.hostname : "",
host.db ? host.db : "");
}
host.access= get_access(table,2);
host.access= fix_rights_for_db(host.access);
@@ -352,7 +353,8 @@ static my_bool acl_load(THD *thd, TABLE_LIST *tables)
{
sql_print_warning("'host' entry '%s|%s' "
"ignored in --skip-name-resolve mode.",
host.host.hostname, host.db?host.db:"");
host.host.hostname ? host.host.hostname : "",
host.db ? host.db : "");
continue;
}
#ifndef TO_BE_REMOVED
@@ -423,7 +425,8 @@ static my_bool acl_load(THD *thd, TABLE_LIST *tables)
{
sql_print_warning("'user' entry '%s@%s' "
"ignored in --skip-name-resolve mode.",
user.user, user.host.hostname);
user.user ? user.user : "",
user.host.hostname ? user.host.hostname : "");
continue;
}
@@ -546,8 +549,8 @@ static my_bool acl_load(THD *thd, TABLE_LIST *tables)
#endif
}
VOID(push_dynamic(&acl_users,(gptr) &user));
if (!user.host.hostname || user.host.hostname[0] == wild_many &&
!user.host.hostname[1])
if (!user.host.hostname ||
(user.host.hostname[0] == wild_many && !user.host.hostname[1]))
allow_all_hosts=1; // Anyone can connect
}
}
@@ -574,7 +577,9 @@ static my_bool acl_load(THD *thd, TABLE_LIST *tables)
{
sql_print_warning("'db' entry '%s %s@%s' "
"ignored in --skip-name-resolve mode.",
db.db, db.user, db.host.hostname);
db.db,
db.user ? db.user : "",
db.host.hostname ? db.host.hostname : "");
continue;
}
db.access=get_access(table,3);
@@ -593,7 +598,9 @@ static my_bool acl_load(THD *thd, TABLE_LIST *tables)
"case that has been forced to lowercase because "
"lower_case_table_names is set. It will not be "
"possible to remove this privilege using REVOKE.",
db.db, db.user, db.host.hostname, db.host.hostname);
db.db,
db.user ? db.user : "",
db.host.hostname ? db.host.hostname : "");
}
}
db.sort=get_sort(3,db.host.hostname,db.db,db.user);
@@ -1167,8 +1174,7 @@ static void acl_update_user(const char *user, const char *host,
{
ACL_USER *acl_user=dynamic_element(&acl_users,i,ACL_USER*);
if (!acl_user->user && !user[0] ||
acl_user->user &&
!strcmp(user,acl_user->user))
acl_user->user && !strcmp(user,acl_user->user))
{
if (!acl_user->host.hostname && !host[0] ||
acl_user->host.hostname &&
@@ -1231,8 +1237,8 @@ static void acl_insert_user(const char *user, const char *host,
set_user_salt(&acl_user, password, password_len);
VOID(push_dynamic(&acl_users,(gptr) &acl_user));
if (!acl_user.host.hostname || acl_user.host.hostname[0] == wild_many
&& !acl_user.host.hostname[1])
if (!acl_user.host.hostname ||
(acl_user.host.hostname[0] == wild_many && !acl_user.host.hostname[1]))
allow_all_hosts=1; // Anyone can connect /* purecov: tested */
qsort((gptr) dynamic_element(&acl_users,0,ACL_USER*),acl_users.elements,
sizeof(ACL_USER),(qsort_cmp) acl_compare);
@@ -1292,7 +1298,7 @@ static void acl_insert_db(const char *user, const char *host, const char *db,
ACL_DB acl_db;
safe_mutex_assert_owner(&acl_cache->lock);
acl_db.user=strdup_root(&mem,user);
update_hostname(&acl_db.host,strdup_root(&mem,host));
update_hostname(&acl_db.host, *host ? strdup_root(&mem,host) : 0);
acl_db.db=strdup_root(&mem,db);
acl_db.access=privileges;
acl_db.sort=get_sort(3,acl_db.host.hostname,acl_db.db,acl_db.user);
@@ -1679,11 +1685,10 @@ find_acl_user(const char *host, const char *user, my_bool exact)
{
ACL_USER *acl_user=dynamic_element(&acl_users,i,ACL_USER*);
DBUG_PRINT("info",("strcmp('%s','%s'), compare_hostname('%s','%s'),",
user,
acl_user->user ? acl_user->user : "",
host,
acl_user->host.hostname ? acl_user->host.hostname :
""));
user, acl_user->user ? acl_user->user : "",
host,
acl_user->host.hostname ? acl_user->host.hostname :
""));
if (!acl_user->user && !user[0] ||
acl_user->user && !strcmp(user,acl_user->user))
{
@@ -1733,7 +1738,7 @@ static const char *calc_ip(const char *ip, long *val, char end)
static void update_hostname(acl_host_and_ip *host, const char *hostname)
{
host->hostname=(char*) hostname; // This will not be modified!
host->hostname=(char*) hostname; // This will not be modified!
if (!hostname ||
(!(hostname=calc_ip(hostname,&host->ip,'/')) ||
!(hostname=calc_ip(hostname+1,&host->ip_mask,'\0'))))
@@ -1753,8 +1758,8 @@ static bool compare_hostname(const acl_host_and_ip *host, const char *hostname,
}
return (!host->hostname ||
(hostname && !wild_case_compare(system_charset_info,
hostname,host->hostname)) ||
(ip && !wild_compare(ip,host->hostname,0)));
hostname, host->hostname)) ||
(ip && !wild_compare(ip, host->hostname, 0)));
}
bool hostname_requires_resolving(const char *hostname)
@@ -2408,7 +2413,8 @@ static GRANT_NAME *name_hash_search(HASH *name_hash,
{
if (exact)
{
if ((host &&
if (!grant_name->host.hostname ||
(host &&
!my_strcasecmp(system_charset_info, host,
grant_name->host.hostname)) ||
(ip && !strcmp(ip, grant_name->host.hostname)))
@@ -3515,8 +3521,10 @@ static my_bool grant_load(TABLE_LIST *tables)
{
sql_print_warning("'tables_priv' entry '%s %s@%s' "
"ignored in --skip-name-resolve mode.",
mem_check->tname, mem_check->user,
mem_check->host, mem_check->host);
mem_check->tname,
mem_check->user ? mem_check->user : "",
mem_check->host.hostname ?
mem_check->host.hostname : "");
continue;
}
}
@@ -3554,7 +3562,8 @@ static my_bool grant_load(TABLE_LIST *tables)
sql_print_warning("'procs_priv' entry '%s %s@%s' "
"ignored in --skip-name-resolve mode.",
mem_check->tname, mem_check->user,
mem_check->host);
mem_check->host.hostname ?
mem_check->host.hostname : "");
continue;
}
}
@@ -4266,11 +4275,6 @@ bool mysql_show_grants(THD *thd,LEX_USER *lex_user)
DBUG_RETURN(TRUE);
}
if (!lex_user->host.str)
{
lex_user->host.str= (char*) "%";
lex_user->host.length=1;
}
if (lex_user->host.length > HOSTNAME_LENGTH ||
lex_user->user.length > USERNAME_LENGTH)
{
@@ -4480,16 +4484,17 @@ bool mysql_show_grants(THD *thd,LEX_USER *lex_user)
/* Add table & column access */
for (index=0 ; index < column_priv_hash.records ; index++)
{
const char *user;
const char *user, *host;
GRANT_TABLE *grant_table= (GRANT_TABLE*) hash_element(&column_priv_hash,
index);
if (!(user=grant_table->user))
user= "";
if (!(host= grant_table->host.hostname))
host= "";
if (!strcmp(lex_user->user.str,user) &&
!my_strcasecmp(system_charset_info, lex_user->host.str,
grant_table->host.hostname))
!my_strcasecmp(system_charset_info, lex_user->host.str, host))
{
ulong table_access= grant_table->privs;
if ((table_access | grant_table->cols) != 0)
@@ -4616,15 +4621,16 @@ static int show_routine_grants(THD* thd, LEX_USER *lex_user, HASH *hash,
/* Add routine access */
for (index=0 ; index < hash->records ; index++)
{
const char *user;
const char *user, *host;
GRANT_NAME *grant_proc= (GRANT_NAME*) hash_element(hash, index);
if (!(user=grant_proc->user))
user= "";
if (!(host= grant_proc->host.hostname))
host= "";
if (!strcmp(lex_user->user.str,user) &&
!my_strcasecmp(system_charset_info, lex_user->host.str,
grant_proc->host.hostname))
!my_strcasecmp(system_charset_info, lex_user->host.str, host))
{
ulong proc_access= grant_proc->privs;
if (proc_access != 0)
@@ -5079,39 +5085,37 @@ static int handle_grant_struct(uint struct_no, bool drop,
{
/*
Get a pointer to the element.
Unfortunaltely, the host default differs for the structures.
*/
switch (struct_no) {
case 0:
acl_user= dynamic_element(&acl_users, idx, ACL_USER*);
user= acl_user->user;
if (!(host= acl_user->host.hostname))
host= "%";
break;
host= acl_user->host.hostname;
break;
case 1:
acl_db= dynamic_element(&acl_dbs, idx, ACL_DB*);
user= acl_db->user;
if (!(host= acl_db->host.hostname))
host= "%";
host= acl_db->host.hostname;
break;
case 2:
grant_name= (GRANT_NAME*) hash_element(&column_priv_hash, idx);
user= grant_name->user;
if (!(host= grant_name->host.hostname))
host= "%";
host= grant_name->host.hostname;
break;
case 3:
grant_name= (GRANT_NAME*) hash_element(&proc_priv_hash, idx);
user= grant_name->user;
if (!(host= grant_name->host.hostname))
host= "%";
host= grant_name->host.hostname;
break;
}
if (! user)
user= "";
if (! host)
host= "";
#ifdef EXTRA_DEBUG
DBUG_PRINT("loop",("scan struct: %u index: %u user: '%s' host: '%s'",
struct_no, idx, user, host));
@@ -5696,8 +5700,10 @@ bool sp_revoke_privileges(THD *thd, const char *sp_db, const char *sp_name,
LEX_USER lex_user;
lex_user.user.str= grant_proc->user;
lex_user.user.length= strlen(grant_proc->user);
lex_user.host.str= grant_proc->host.hostname;
lex_user.host.length= strlen(grant_proc->host.hostname);
lex_user.host.str= grant_proc->host.hostname ?
grant_proc->host.hostname : (char*)"";
lex_user.host.length= grant_proc->host.hostname ?
strlen(grant_proc->host.hostname) : 0;
if (!replace_routine_table(thd,grant_proc,tables[4].table,lex_user,
grant_proc->db, grant_proc->tname,
is_proc, ~(ulong)0, 1))
@@ -6004,16 +6010,17 @@ int fill_schema_table_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
for (index=0 ; index < column_priv_hash.records ; index++)
{
const char *user, *is_grantable= "YES";
const char *user, *host, *is_grantable= "YES";
GRANT_TABLE *grant_table= (GRANT_TABLE*) hash_element(&column_priv_hash,
index);
if (!(user=grant_table->user))
user= "";
if (!(host= grant_table->host.hostname))
host= "";
if (no_global_access &&
(strcmp(thd->security_ctx->priv_user, user) ||
my_strcasecmp(system_charset_info, curr_host,
grant_table->host.hostname)))
my_strcasecmp(system_charset_info, curr_host, host)))
continue;
ulong table_access= grant_table->privs;
@@ -6029,7 +6036,7 @@ int fill_schema_table_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
if (!(table_access & GRANT_ACL))
is_grantable= "NO";
strxmov(buff,"'",user,"'@'",grant_table->host.hostname,"'",NullS);
strxmov(buff, "'", user, "'@'", host, "'", NullS);
if (!test_access)
update_schema_privilege(table, buff, grant_table->db, grant_table->tname,
0, 0, STRING_WITH_LEN("USAGE"), is_grantable);
@@ -6071,16 +6078,17 @@ int fill_schema_column_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
for (index=0 ; index < column_priv_hash.records ; index++)
{
const char *user, *is_grantable= "YES";
const char *user, *host, *is_grantable= "YES";
GRANT_TABLE *grant_table= (GRANT_TABLE*) hash_element(&column_priv_hash,
index);
if (!(user=grant_table->user))
user= "";
if (!(host= grant_table->host.hostname))
host= "";
if (no_global_access &&
(strcmp(thd->security_ctx->priv_user, user) ||
my_strcasecmp(system_charset_info, curr_host,
grant_table->host.hostname)))
my_strcasecmp(system_charset_info, curr_host, host)))
continue;
ulong table_access= grant_table->cols;
@@ -6090,7 +6098,7 @@ int fill_schema_column_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
is_grantable= "NO";
ulong test_access= table_access & ~GRANT_ACL;
strxmov(buff,"'",user,"'@'",grant_table->host.hostname,"'",NullS);
strxmov(buff, "'", user, "'@'", host, "'", NullS);
if (!test_access)
continue;
else