mirror of
https://github.com/MariaDB/server.git
synced 2025-07-29 05:21:33 +03:00
WL#7076: Backporting wl6715 to support both formats in 5.5, 5.6, 5.7
Backporting wl6715 to mysql-5.5
This commit is contained in:
@ -1309,8 +1309,8 @@ bool acl_getroot(Security_context *sctx, char *user, char *host,
|
||||
(host ? host : "(NULL)"), (ip ? ip : "(NULL)"),
|
||||
user, (db ? db : "(NULL)")));
|
||||
sctx->user= user;
|
||||
sctx->host= host;
|
||||
sctx->ip= ip;
|
||||
sctx->set_host(host);
|
||||
sctx->set_ip(ip);
|
||||
sctx->host_or_ip= host ? host : (ip ? ip : "");
|
||||
|
||||
if (!initialized)
|
||||
@ -2205,7 +2205,7 @@ static bool test_if_create_new_users(THD *thd)
|
||||
C_STRING_WITH_LEN("user"), "user", TL_WRITE);
|
||||
create_new_users= 1;
|
||||
|
||||
db_access=acl_get(sctx->host, sctx->ip,
|
||||
db_access=acl_get(sctx->get_host()->ptr(), sctx->get_ip()->ptr(),
|
||||
sctx->priv_user, tl.db, 0);
|
||||
if (!(db_access & INSERT_ACL))
|
||||
{
|
||||
@ -4631,7 +4631,8 @@ bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables,
|
||||
}
|
||||
continue;
|
||||
}
|
||||
GRANT_TABLE *grant_table= table_hash_search(sctx->host, sctx->ip,
|
||||
GRANT_TABLE *grant_table= table_hash_search(sctx->get_host()->ptr(),
|
||||
sctx->get_ip()->ptr(),
|
||||
tl->get_db_name(),
|
||||
sctx->priv_user,
|
||||
tl->get_table_name(),
|
||||
@ -4721,10 +4722,10 @@ bool check_grant_column(THD *thd, GRANT_INFO *grant,
|
||||
if (grant->version != grant_version)
|
||||
{
|
||||
grant->grant_table=
|
||||
table_hash_search(sctx->host, sctx->ip, db_name,
|
||||
sctx->priv_user,
|
||||
table_hash_search(sctx->get_host()->ptr(), sctx->get_ip()->ptr(),
|
||||
db_name, sctx->priv_user,
|
||||
table_name, 0); /* purecov: inspected */
|
||||
grant->version= grant_version; /* purecov: inspected */
|
||||
grant->version= grant_version; /* purecov: inspected */
|
||||
}
|
||||
if (!(grant_table= grant->grant_table))
|
||||
goto err; /* purecov: deadcode */
|
||||
@ -4871,8 +4872,8 @@ bool check_grant_all_columns(THD *thd, ulong want_access_arg,
|
||||
if (grant->version != grant_version)
|
||||
{
|
||||
grant->grant_table=
|
||||
table_hash_search(sctx->host, sctx->ip, db_name,
|
||||
sctx->priv_user,
|
||||
table_hash_search(sctx->get_host()->ptr(), sctx->get_ip()->ptr(),
|
||||
db_name, sctx->priv_user,
|
||||
table_name, 0); /* purecov: inspected */
|
||||
grant->version= grant_version; /* purecov: inspected */
|
||||
}
|
||||
@ -4930,7 +4931,8 @@ static bool check_grant_db_routine(THD *thd, const char *db, HASH *hash)
|
||||
|
||||
if (strcmp(item->user, sctx->priv_user) == 0 &&
|
||||
strcmp(item->db, db) == 0 &&
|
||||
compare_hostname(&item->host, sctx->host, sctx->ip))
|
||||
compare_hostname(&item->host, sctx->get_host()->ptr(),
|
||||
sctx->get_ip()->ptr()))
|
||||
{
|
||||
return FALSE;
|
||||
}
|
||||
@ -4974,7 +4976,8 @@ bool check_grant_db(THD *thd,const char *db)
|
||||
idx);
|
||||
if (len < grant_table->key_length &&
|
||||
!memcmp(grant_table->hash_key,helping,len) &&
|
||||
compare_hostname(&grant_table->host, sctx->host, sctx->ip))
|
||||
compare_hostname(&grant_table->host, sctx->get_host()->ptr(),
|
||||
sctx->get_ip()->ptr()))
|
||||
{
|
||||
error= FALSE; /* Found match. */
|
||||
break;
|
||||
@ -5025,8 +5028,8 @@ bool check_grant_routine(THD *thd, ulong want_access,
|
||||
for (table= procs; table; table= table->next_global)
|
||||
{
|
||||
GRANT_NAME *grant_proc;
|
||||
if ((grant_proc= routine_hash_search(host, sctx->ip, table->db, user,
|
||||
table->table_name, is_proc, 0)))
|
||||
if ((grant_proc= routine_hash_search(host, sctx->get_ip()->ptr(), table->db,
|
||||
user, table->table_name, is_proc, 0)))
|
||||
table->grant.privilege|= grant_proc->privs;
|
||||
|
||||
if (want_access & ~table->grant.privilege)
|
||||
@ -5081,7 +5084,7 @@ bool check_routine_level_acl(THD *thd, const char *db, const char *name,
|
||||
Security_context *sctx= thd->security_ctx;
|
||||
mysql_rwlock_rdlock(&LOCK_grant);
|
||||
if ((grant_proc= routine_hash_search(sctx->priv_host,
|
||||
sctx->ip, db,
|
||||
sctx->get_ip()->ptr(), db,
|
||||
sctx->priv_user,
|
||||
name, is_proc, 0)))
|
||||
no_routine_acl= !(grant_proc->privs & SHOW_PROC_ACLS);
|
||||
@ -5105,8 +5108,8 @@ ulong get_table_grant(THD *thd, TABLE_LIST *table)
|
||||
#ifdef EMBEDDED_LIBRARY
|
||||
grant_table= NULL;
|
||||
#else
|
||||
grant_table= table_hash_search(sctx->host, sctx->ip, db, sctx->priv_user,
|
||||
table->table_name, 0);
|
||||
grant_table= table_hash_search(sctx->get_host()->ptr(), sctx->get_ip()->ptr(),
|
||||
db, sctx->priv_user, table->table_name, 0);
|
||||
#endif
|
||||
table->grant.grant_table=grant_table; // Remember for column test
|
||||
table->grant.version=grant_version;
|
||||
@ -5150,7 +5153,7 @@ ulong get_column_grant(THD *thd, GRANT_INFO *grant,
|
||||
{
|
||||
Security_context *sctx= thd->security_ctx;
|
||||
grant->grant_table=
|
||||
table_hash_search(sctx->host, sctx->ip,
|
||||
table_hash_search(sctx->get_host()->ptr(), sctx->get_ip()->ptr(),
|
||||
db_name, sctx->priv_user,
|
||||
table_name, 0); /* purecov: inspected */
|
||||
grant->version= grant_version; /* purecov: inspected */
|
||||
@ -7126,9 +7129,11 @@ bool sp_grant_privileges(THD *thd, const char *sp_db, const char *sp_name,
|
||||
|
||||
if ((au= find_acl_user(combo->host.str=(char*)sctx->host_or_ip,combo->user.str,FALSE)))
|
||||
goto found_acl;
|
||||
if ((au= find_acl_user(combo->host.str=(char*)sctx->host, combo->user.str,FALSE)))
|
||||
if ((au= find_acl_user(combo->host.str=(char*)sctx->get_host()->ptr(),
|
||||
combo->user.str,FALSE)))
|
||||
goto found_acl;
|
||||
if ((au= find_acl_user(combo->host.str=(char*)sctx->ip, combo->user.str,FALSE)))
|
||||
if ((au= find_acl_user(combo->host.str=(char*)sctx->get_ip()->ptr(),
|
||||
combo->user.str,FALSE)))
|
||||
goto found_acl;
|
||||
if((au= find_acl_user(combo->host.str=(char*)"%", combo->user.str, FALSE)))
|
||||
goto found_acl;
|
||||
@ -7303,9 +7308,9 @@ acl_check_proxy_grant_access(THD *thd, const char *host, const char *user,
|
||||
{
|
||||
ACL_PROXY_USER *proxy= dynamic_element(&acl_proxy_users, i,
|
||||
ACL_PROXY_USER *);
|
||||
if (proxy->matches(thd->security_ctx->host,
|
||||
if (proxy->matches(thd->security_ctx->get_host()->ptr(),
|
||||
thd->security_ctx->user,
|
||||
thd->security_ctx->ip,
|
||||
thd->security_ctx->get_ip()->ptr(),
|
||||
user) &&
|
||||
proxy->get_with_grant())
|
||||
{
|
||||
@ -7758,7 +7763,8 @@ void fill_effective_table_privileges(THD *thd, GRANT_INFO *grant,
|
||||
Security_context *sctx= thd->security_ctx;
|
||||
DBUG_ENTER("fill_effective_table_privileges");
|
||||
DBUG_PRINT("enter", ("Host: '%s', Ip: '%s', User: '%s', table: `%s`.`%s`",
|
||||
sctx->priv_host, (sctx->ip ? sctx->ip : "(NULL)"),
|
||||
sctx->priv_host, (sctx->get_ip()->length() ?
|
||||
sctx->get_ip()->ptr() : "(NULL)"),
|
||||
(sctx->priv_user ? sctx->priv_user : "(NULL)"),
|
||||
db, table));
|
||||
/* --skip-grants */
|
||||
@ -7780,14 +7786,15 @@ void fill_effective_table_privileges(THD *thd, GRANT_INFO *grant,
|
||||
}
|
||||
|
||||
/* db privileges */
|
||||
grant->privilege|= acl_get(sctx->host, sctx->ip, sctx->priv_user, db, 0);
|
||||
grant->privilege|= acl_get(sctx->get_host()->ptr(), sctx->get_ip()->ptr(),
|
||||
sctx->priv_user, db, 0);
|
||||
|
||||
/* table privileges */
|
||||
mysql_rwlock_rdlock(&LOCK_grant);
|
||||
if (grant->version != grant_version)
|
||||
{
|
||||
grant->grant_table=
|
||||
table_hash_search(sctx->host, sctx->ip, db,
|
||||
table_hash_search(sctx->get_host()->ptr(), sctx->get_ip()->ptr(), db,
|
||||
sctx->priv_user,
|
||||
table, 0); /* purecov: inspected */
|
||||
grant->version= grant_version; /* purecov: inspected */
|
||||
@ -9374,8 +9381,8 @@ server_mpvio_initialize(THD *thd, MPVIO_EXT *mpvio, uint connect_errors,
|
||||
mpvio->thread_id= thd->thread_id;
|
||||
mpvio->server_status= &thd->server_status;
|
||||
mpvio->net= &thd->net;
|
||||
mpvio->ip= thd->security_ctx->ip;
|
||||
mpvio->host= thd->security_ctx->host;
|
||||
mpvio->ip= (char *) thd->security_ctx->get_ip()->ptr();
|
||||
mpvio->host= (char *) thd->security_ctx->get_host()->ptr();
|
||||
mpvio->charset_adapter= charset_adapter;
|
||||
}
|
||||
|
||||
@ -9524,9 +9531,10 @@ acl_authenticate(THD *thd, uint connect_errors, uint com_change_user_pkt_len)
|
||||
const char *auth_user = acl_user->user ? acl_user->user : "";
|
||||
ACL_PROXY_USER *proxy_user;
|
||||
/* check if the user is allowed to proxy as another user */
|
||||
proxy_user= acl_find_proxy_user(auth_user, sctx->host, sctx->ip,
|
||||
proxy_user= acl_find_proxy_user(auth_user, sctx->get_host()->ptr(),
|
||||
sctx->get_ip()->ptr(),
|
||||
mpvio.auth_info.authenticated_as,
|
||||
&is_proxy_user);
|
||||
&is_proxy_user);
|
||||
if (is_proxy_user)
|
||||
{
|
||||
ACL_USER *acl_proxy_user;
|
||||
@ -9651,7 +9659,7 @@ acl_authenticate(THD *thd, uint connect_errors, uint com_change_user_pkt_len)
|
||||
}
|
||||
|
||||
if (mpvio.auth_info.external_user[0])
|
||||
sctx->external_user= my_strdup(mpvio.auth_info.external_user, MYF(0));
|
||||
sctx->set_external_user(my_strdup(mpvio.auth_info.external_user, MYF(0)));
|
||||
|
||||
if (res == CR_OK_HANDSHAKE_COMPLETE)
|
||||
thd->stmt_da->disable_status();
|
||||
|
Reference in New Issue
Block a user