1
0
mirror of https://github.com/MariaDB/server.git synced 2025-07-29 05:21:33 +03:00

WL#7076: Backporting wl6715 to support both formats in 5.5, 5.6, 5.7

Backporting wl6715 to mysql-5.5
This commit is contained in:
Ashish Agarwal
2013-07-02 11:58:39 +05:30
parent 8723f47391
commit e879caf845
16 changed files with 288 additions and 118 deletions

View File

@ -1309,8 +1309,8 @@ bool acl_getroot(Security_context *sctx, char *user, char *host,
(host ? host : "(NULL)"), (ip ? ip : "(NULL)"),
user, (db ? db : "(NULL)")));
sctx->user= user;
sctx->host= host;
sctx->ip= ip;
sctx->set_host(host);
sctx->set_ip(ip);
sctx->host_or_ip= host ? host : (ip ? ip : "");
if (!initialized)
@ -2205,7 +2205,7 @@ static bool test_if_create_new_users(THD *thd)
C_STRING_WITH_LEN("user"), "user", TL_WRITE);
create_new_users= 1;
db_access=acl_get(sctx->host, sctx->ip,
db_access=acl_get(sctx->get_host()->ptr(), sctx->get_ip()->ptr(),
sctx->priv_user, tl.db, 0);
if (!(db_access & INSERT_ACL))
{
@ -4631,7 +4631,8 @@ bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables,
}
continue;
}
GRANT_TABLE *grant_table= table_hash_search(sctx->host, sctx->ip,
GRANT_TABLE *grant_table= table_hash_search(sctx->get_host()->ptr(),
sctx->get_ip()->ptr(),
tl->get_db_name(),
sctx->priv_user,
tl->get_table_name(),
@ -4721,10 +4722,10 @@ bool check_grant_column(THD *thd, GRANT_INFO *grant,
if (grant->version != grant_version)
{
grant->grant_table=
table_hash_search(sctx->host, sctx->ip, db_name,
sctx->priv_user,
table_hash_search(sctx->get_host()->ptr(), sctx->get_ip()->ptr(),
db_name, sctx->priv_user,
table_name, 0); /* purecov: inspected */
grant->version= grant_version; /* purecov: inspected */
grant->version= grant_version; /* purecov: inspected */
}
if (!(grant_table= grant->grant_table))
goto err; /* purecov: deadcode */
@ -4871,8 +4872,8 @@ bool check_grant_all_columns(THD *thd, ulong want_access_arg,
if (grant->version != grant_version)
{
grant->grant_table=
table_hash_search(sctx->host, sctx->ip, db_name,
sctx->priv_user,
table_hash_search(sctx->get_host()->ptr(), sctx->get_ip()->ptr(),
db_name, sctx->priv_user,
table_name, 0); /* purecov: inspected */
grant->version= grant_version; /* purecov: inspected */
}
@ -4930,7 +4931,8 @@ static bool check_grant_db_routine(THD *thd, const char *db, HASH *hash)
if (strcmp(item->user, sctx->priv_user) == 0 &&
strcmp(item->db, db) == 0 &&
compare_hostname(&item->host, sctx->host, sctx->ip))
compare_hostname(&item->host, sctx->get_host()->ptr(),
sctx->get_ip()->ptr()))
{
return FALSE;
}
@ -4974,7 +4976,8 @@ bool check_grant_db(THD *thd,const char *db)
idx);
if (len < grant_table->key_length &&
!memcmp(grant_table->hash_key,helping,len) &&
compare_hostname(&grant_table->host, sctx->host, sctx->ip))
compare_hostname(&grant_table->host, sctx->get_host()->ptr(),
sctx->get_ip()->ptr()))
{
error= FALSE; /* Found match. */
break;
@ -5025,8 +5028,8 @@ bool check_grant_routine(THD *thd, ulong want_access,
for (table= procs; table; table= table->next_global)
{
GRANT_NAME *grant_proc;
if ((grant_proc= routine_hash_search(host, sctx->ip, table->db, user,
table->table_name, is_proc, 0)))
if ((grant_proc= routine_hash_search(host, sctx->get_ip()->ptr(), table->db,
user, table->table_name, is_proc, 0)))
table->grant.privilege|= grant_proc->privs;
if (want_access & ~table->grant.privilege)
@ -5081,7 +5084,7 @@ bool check_routine_level_acl(THD *thd, const char *db, const char *name,
Security_context *sctx= thd->security_ctx;
mysql_rwlock_rdlock(&LOCK_grant);
if ((grant_proc= routine_hash_search(sctx->priv_host,
sctx->ip, db,
sctx->get_ip()->ptr(), db,
sctx->priv_user,
name, is_proc, 0)))
no_routine_acl= !(grant_proc->privs & SHOW_PROC_ACLS);
@ -5105,8 +5108,8 @@ ulong get_table_grant(THD *thd, TABLE_LIST *table)
#ifdef EMBEDDED_LIBRARY
grant_table= NULL;
#else
grant_table= table_hash_search(sctx->host, sctx->ip, db, sctx->priv_user,
table->table_name, 0);
grant_table= table_hash_search(sctx->get_host()->ptr(), sctx->get_ip()->ptr(),
db, sctx->priv_user, table->table_name, 0);
#endif
table->grant.grant_table=grant_table; // Remember for column test
table->grant.version=grant_version;
@ -5150,7 +5153,7 @@ ulong get_column_grant(THD *thd, GRANT_INFO *grant,
{
Security_context *sctx= thd->security_ctx;
grant->grant_table=
table_hash_search(sctx->host, sctx->ip,
table_hash_search(sctx->get_host()->ptr(), sctx->get_ip()->ptr(),
db_name, sctx->priv_user,
table_name, 0); /* purecov: inspected */
grant->version= grant_version; /* purecov: inspected */
@ -7126,9 +7129,11 @@ bool sp_grant_privileges(THD *thd, const char *sp_db, const char *sp_name,
if ((au= find_acl_user(combo->host.str=(char*)sctx->host_or_ip,combo->user.str,FALSE)))
goto found_acl;
if ((au= find_acl_user(combo->host.str=(char*)sctx->host, combo->user.str,FALSE)))
if ((au= find_acl_user(combo->host.str=(char*)sctx->get_host()->ptr(),
combo->user.str,FALSE)))
goto found_acl;
if ((au= find_acl_user(combo->host.str=(char*)sctx->ip, combo->user.str,FALSE)))
if ((au= find_acl_user(combo->host.str=(char*)sctx->get_ip()->ptr(),
combo->user.str,FALSE)))
goto found_acl;
if((au= find_acl_user(combo->host.str=(char*)"%", combo->user.str, FALSE)))
goto found_acl;
@ -7303,9 +7308,9 @@ acl_check_proxy_grant_access(THD *thd, const char *host, const char *user,
{
ACL_PROXY_USER *proxy= dynamic_element(&acl_proxy_users, i,
ACL_PROXY_USER *);
if (proxy->matches(thd->security_ctx->host,
if (proxy->matches(thd->security_ctx->get_host()->ptr(),
thd->security_ctx->user,
thd->security_ctx->ip,
thd->security_ctx->get_ip()->ptr(),
user) &&
proxy->get_with_grant())
{
@ -7758,7 +7763,8 @@ void fill_effective_table_privileges(THD *thd, GRANT_INFO *grant,
Security_context *sctx= thd->security_ctx;
DBUG_ENTER("fill_effective_table_privileges");
DBUG_PRINT("enter", ("Host: '%s', Ip: '%s', User: '%s', table: `%s`.`%s`",
sctx->priv_host, (sctx->ip ? sctx->ip : "(NULL)"),
sctx->priv_host, (sctx->get_ip()->length() ?
sctx->get_ip()->ptr() : "(NULL)"),
(sctx->priv_user ? sctx->priv_user : "(NULL)"),
db, table));
/* --skip-grants */
@ -7780,14 +7786,15 @@ void fill_effective_table_privileges(THD *thd, GRANT_INFO *grant,
}
/* db privileges */
grant->privilege|= acl_get(sctx->host, sctx->ip, sctx->priv_user, db, 0);
grant->privilege|= acl_get(sctx->get_host()->ptr(), sctx->get_ip()->ptr(),
sctx->priv_user, db, 0);
/* table privileges */
mysql_rwlock_rdlock(&LOCK_grant);
if (grant->version != grant_version)
{
grant->grant_table=
table_hash_search(sctx->host, sctx->ip, db,
table_hash_search(sctx->get_host()->ptr(), sctx->get_ip()->ptr(), db,
sctx->priv_user,
table, 0); /* purecov: inspected */
grant->version= grant_version; /* purecov: inspected */
@ -9374,8 +9381,8 @@ server_mpvio_initialize(THD *thd, MPVIO_EXT *mpvio, uint connect_errors,
mpvio->thread_id= thd->thread_id;
mpvio->server_status= &thd->server_status;
mpvio->net= &thd->net;
mpvio->ip= thd->security_ctx->ip;
mpvio->host= thd->security_ctx->host;
mpvio->ip= (char *) thd->security_ctx->get_ip()->ptr();
mpvio->host= (char *) thd->security_ctx->get_host()->ptr();
mpvio->charset_adapter= charset_adapter;
}
@ -9524,9 +9531,10 @@ acl_authenticate(THD *thd, uint connect_errors, uint com_change_user_pkt_len)
const char *auth_user = acl_user->user ? acl_user->user : "";
ACL_PROXY_USER *proxy_user;
/* check if the user is allowed to proxy as another user */
proxy_user= acl_find_proxy_user(auth_user, sctx->host, sctx->ip,
proxy_user= acl_find_proxy_user(auth_user, sctx->get_host()->ptr(),
sctx->get_ip()->ptr(),
mpvio.auth_info.authenticated_as,
&is_proxy_user);
&is_proxy_user);
if (is_proxy_user)
{
ACL_USER *acl_proxy_user;
@ -9651,7 +9659,7 @@ acl_authenticate(THD *thd, uint connect_errors, uint com_change_user_pkt_len)
}
if (mpvio.auth_info.external_user[0])
sctx->external_user= my_strdup(mpvio.auth_info.external_user, MYF(0));
sctx->set_external_user(my_strdup(mpvio.auth_info.external_user, MYF(0)));
if (res == CR_OK_HANDSHAKE_COMPLETE)
thd->stmt_da->disable_status();