From e3d7877f4b522c8f735d8fdf8ba626d722b0506c Mon Sep 17 00:00:00 2001 From: unknown Date: Wed, 28 Sep 2005 18:43:46 +0400 Subject: [PATCH] Fix for bug #13546 "Build errors with --with-embedded-server --with-embedded-privilege-control options". One more (hopefully last) build failure which was introduced during work on WL#2787 "Add view definer/owner to the view definition..." libmysqld/lib_sql.cc: create_embedded_thd()/check_embedded_connection(): Several security related THD members (user, host, ip, priv_user, ...) have moved to the Security_context class. New THD::security_ctx member points to active security context. sql/sql_acl.cc: acl_getroot(): Updated function description to refelect the fact that THD::user/host/ip/... members were moved to separate Security_context class. sql/sql_parse.cc: check_user(): Updated function description to refelect the fact that THD::user/host/ip/... members were moved to separate Security_context class. --- libmysqld/lib_sql.cc | 17 +++++++++-------- sql/sql_acl.cc | 4 ++-- sql/sql_parse.cc | 6 +++--- 3 files changed, 14 insertions(+), 13 deletions(-) diff --git a/libmysqld/lib_sql.cc b/libmysqld/lib_sql.cc index 5e621bf4419..8552b1c2b8a 100644 --- a/libmysqld/lib_sql.cc +++ b/libmysqld/lib_sql.cc @@ -514,8 +514,8 @@ void *create_embedded_thd(int client_flag, char *db) thd->db= db; thd->db_length= db ? strip_sp(db) : 0; #ifndef NO_EMBEDDED_ACCESS_CHECKS - thd->db_access= DB_ACLS; - thd->master_access= ~NO_ACCESS; + thd->security_ctx->db_access= DB_ACLS; + thd->security_ctx->master_access= ~NO_ACCESS; #endif thd->net.query_cache_query= 0; @@ -542,26 +542,27 @@ int check_embedded_connection(MYSQL *mysql) int check_embedded_connection(MYSQL *mysql) { THD *thd= (THD*)mysql->thd; + Security_context *sctx= thd->security_ctx; int result; char scramble_buff[SCRAMBLE_LENGTH]; int passwd_len; if (mysql->options.client_ip) { - thd->host= my_strdup(mysql->options.client_ip, MYF(0)); - thd->ip= my_strdup(thd->host, MYF(0)); + sctx->host= my_strdup(mysql->options.client_ip, MYF(0)); + sctx->ip= my_strdup(sctx->host, MYF(0)); } else - thd->host= (char*)my_localhost; - thd->host_or_ip= thd->host; + sctx->host= (char*)my_localhost; + sctx->host_or_ip= sctx->host; - if (acl_check_host(thd->host,thd->ip)) + if (acl_check_host(sctx->host, sctx->ip)) { result= ER_HOST_NOT_PRIVILEGED; goto err; } - thd->user= my_strdup(mysql->user, MYF(0)); + sctx->user= my_strdup(mysql->user, MYF(0)); if (mysql->passwd && mysql->passwd[0]) { memset(thd->scramble, 55, SCRAMBLE_LENGTH); // dummy scramble diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index bb182232e0d..771cb93ed9c 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -693,8 +693,8 @@ static int acl_compare(ACL_ACCESS *a,ACL_ACCESS *b) SYNOPSIS acl_getroot() thd thread handle. If all checks are OK, - thd->priv_user, thd->master_access are updated. - thd->host, thd->ip, thd->user are used for checks. + thd->security_ctx->priv_user/master_access are updated. + thd->security_ctx->host/ip/user are used for checks. mqh user resources; on success mqh is reset, else unchanged passwd scrambled & crypted password, received from client diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc index a5faff5cf61..46740460526 100644 --- a/sql/sql_parse.cc +++ b/sql/sql_parse.cc @@ -246,7 +246,7 @@ end: SYNOPSIS check_user() - thd thread handle, thd->{host,user,ip} are used + thd thread handle, thd->security_ctx->{host,user,ip} are used command originator of the check: now check_user is called during connect and change user procedures; used for logging. @@ -261,8 +261,8 @@ end: are 'IN'. RETURN VALUE - 0 OK; thd->user, thd->master_access, thd->priv_user, thd->db and - thd->db_access are updated; OK is sent to client; + 0 OK; thd->security_ctx->user/master_access/priv_user/db_access and + thd->db are updated; OK is sent to client; -1 access denied or handshake error; error is sent to client; >0 error, not sent to client */