Bug fixes for authentication

OLD_PASSWORD made a keyword to allow set password=old_password('abc') constructions. BitKeeper/etc/ignore: Added BitKeeper/post-commit BitKeeper/post-commit-manual build_tags.sh tests/connect_test BUILD/compile-pentium-maintainer to the ignore list include/mysql_com.h: scramble return type changed to void as now it's not used libmysql/libmysql.c: fixed bug with with failed authentification when scramble contained zero byte sql-common/client.c: applied patch from Lycos team fixed bug with scramble containing zero byte sql/item_create.cc: removed create_func_old_password, create_func_password as they are not used any more sql/item_create.h: removed create_func_old_password, create_func_password as they are not used any more sql/item_strfunc.cc: Added alloc() function to Item_func_password, Item_func_old_password, which is used in sql_yacc.yy sql/item_strfunc.h: Added alloc() function to Item_func_password, Item_func_old_password, which is used in sql_yacc.yy sql/lex.h: OLD_PASSWORD now is keyword, to allow statements like set password=old_password('abc') sql/password.c: fixed scramble return value trailing zero now is not written sql/sql_acl.cc: incorporated patch from Lycos team 41 replaced with constant acl_getroot rewritten to support ER_AUTH_... error sql/sql_parse.cc: authenticate merged with check_user check_user return values reversed, support for ER_AUTH in check_user.added sql/sql_yacc.yy: OLD_PASSWORD now is keyword, to allow statements like set password=old_password('abc')
2025-07-30 16:24:05 +03:00 · 2003-07-04 20:52:04 +04:00
parent dbb088b034
commit ccbcf1c9da
13 changed files with 204 additions and 194 deletions
--- a/libmysql/libmysql.c
+++ b/libmysql/libmysql.c
@ -619,16 +619,20 @@ my_bool	STDCALL mysql_change_user(MYSQL *mysql, const char *user,
  /* write scrambled password according to server capabilities */
  if (passwd[0])
  {
-    /* Write NULL-terminated scrambled password: */
-    end= mysql->server_capabilities & CLIENT_SECURE_CONNECTION ?
-      scramble(end, mysql->scramble, passwd) :
-      scramble_323(end, mysql->scramble_323, passwd,
-                   (my_bool) (mysql->protocol_version == 9));
+    if (mysql->server_capabilities & CLIENT_SECURE_CONNECTION)
+    {
+      *end++= SCRAMBLE_LENGTH;
+      scramble(end, mysql->scramble, passwd);
+      end+= SCRAMBLE_LENGTH;
+    }
+    else
+      end= scramble_323(end, mysql->scramble_323, passwd,
+                   (my_bool) (mysql->protocol_version == 9)) + 1;
  }
  else
-    *end= '\0';                                 // empty password
+    *end++= '\0';                               // empty password
  /* Add database if needed */
-  end=strmov(end+1,db ? db : "");
+  end= strmov(end, db ? db : "") + 1;

  /* Write authentication package */
  simple_command(mysql,COM_CHANGE_USER, buff,(ulong) (end-buff),1);