Fix security bug. mysqld server without ssl support was completly

ignorant about ssl_type attribute


sql/sql_acl.cc:
  Now acl_getroot() honors ssl_type attribute even if we compile without openssl
BitKeeper/etc/logging_ok:
  Logging to logging@openlogging.org accepted

BitKeeper/etc/logging_ok

@@ -20,6 +20,7 @@ bk@admin.bk
 bk@mysql.r18.ru
 carsten@tsort.bitbybit.dk
 davida@isil.mysql.com
+dlenev@mysql.com
 gluh@gluh.(none)
 gluh@gluh.mysql.r18.ru
 greg@mysql.com

sql/sql_acl.cc

@@ -590,7 +590,6 @@ ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user,
 
   /* OK. User found and password checked continue validation */
 
-#ifdef HAVE_OPENSSL
   {
     Vio *vio=thd->net.vio;
     /*
@@ -604,6 +603,7 @@ ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user,
     case SSL_TYPE_NONE: /* SSL is not required to connect */
       user_access=acl_user->access;
       break;
+#ifdef HAVE_OPENSSL
     case SSL_TYPE_ANY: /* Any kind of SSL is good enough */
       if (vio_type(vio) == VIO_TYPE_SSL)
 	user_access=acl_user->access;
@@ -686,11 +686,17 @@ ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user,
 	free(ptr);
       }
       break;
+#else /* HAVE_OPENSSL */
+    default: 
+      /*
+         If we don't have SSL but SSL is required for this user the 
+         authentication should fail.
+       */
+      break;
+#endif /* HAVE_OPENSSL */
     }
   }
-#else  /* HAVE_OPENSSL */
+
-  user_access=acl_user->access;
-#endif /* HAVE_OPENSSL */
   *mqh=acl_user->user_resource;
   if (!acl_user->user)
     *priv_user=(char*) "";	// Change to anonymous user /* purecov: inspected */