5.0 version of fix for:

Bug #23667 "CREATE TABLE LIKE is not isolated from alteration
             by other connections"
 Bug #18950 "CREATE TABLE LIKE does not obtain LOCK_open"
As well as:
 Bug #25578 "CREATE TABLE LIKE does not require any privileges
             on source table".

The first and the second bugs resulted in various errors and wrong
binary log order when one tried to execute concurrently CREATE TABLE LIKE
statement and DDL statements on source table or DML/DDL statements on its
target table.

The problem was caused by incomplete protection/table-locking against
concurrent statements implemented in mysql_create_like_table() routine.
We solve it by simply implementing such protection in proper way (see
comment for sql_table.cc for details).

The third bug allowed user who didn't have any privileges on table create
its copy and therefore circumvent privilege check for SHOW CREATE TABLE.

This patch solves this problem by adding privilege check, which was missing.

Finally it also removes some duplicated code from mysql_create_like_table().

Note that, altough tests covering concurrency-related aspects of CREATE TABLE
LIKE behaviour will only be introduced in 5.1, they were run manually for
this patch as well.


mysql-test/r/grant2.result:
  Added test for bug#25578 "CREATE TABLE LIKE does not require any privileges
  on source table".
mysql-test/t/grant2.test:
  Added test for bug#25578 "CREATE TABLE LIKE does not require any privileges
  on source table".
sql/handler.h:
  Introduced new flag for HA_CREATE_INFO::options in order to be able to
  distinguish CREATE TABLE ... LIKE from other types of CREATE TABLE.
sql/mysql_priv.h:
  mysql_create_like_table() now takes source table name not as a
  Table_ident object but as regular table list element.
sql/sql_parse.cc:
  CREATE TABLE ... LIKE implementation now uses statement's table list
  for storing information about the source table. We also use flag
  in LEX::create_info.options for distinguishing it from other types
  of CREATE TABLE.
  Finally CREATE TABLE ... LIKE now requires the same privileges on
  the source tables as SHOW CREATE TABLE. Moved this privilege check
  to check_show_create_table_access() function.
sql/sql_table.cc:
  mysql_create_like_table():
   - Provided proper protection from concurrent statements.
     This is achieved by keeping name-lock on the source table and holding
     LOCK_open mutex during whole operation. This gives protection against
     concurrent DDL on source table. Also holding this mutex makes copying
     of .frm file, call to ha_create_table() and binlogging atomic against
     concurrent DML and DDL operations on target table.
   - Get rid of duplicated code related to source database/table name
     handling. All these operations are already done in
     st_select_lex::add_table_to_list(), so we achieve the same effect
     by including source table into the statement's table list.
sql/sql_yacc.yy:
  Now we use special flag in LEX::create_info::options for distinguishing
  CREATE TABLE ... LIKE from other types of CREATE TABLE and store name
  of source table as regular element in statement's table list.

mysql-test/r/grant2.result

@@ -380,3 +380,27 @@ drop function f2;
 drop table t2;
 REVOKE ALL PRIVILEGES, GRANT OPTION FROM `a@`@localhost;
 drop user `a@`@localhost;
+drop database if exists mysqltest_1;
+drop database if exists mysqltest_2;
+drop user mysqltest_u1@localhost;
+create database mysqltest_1;
+create database mysqltest_2;
+grant all on mysqltest_1.* to mysqltest_u1@localhost;
+use mysqltest_2;
+create table t1 (i int);
+show create table mysqltest_2.t1;
+ERROR 42000: SELECT command denied to user 'mysqltest_u1'@'localhost' for table 't1'
+create table t1 like mysqltest_2.t1;
+ERROR 42000: SELECT command denied to user 'mysqltest_u1'@'localhost' for table 't1'
+grant select on mysqltest_2.t1 to mysqltest_u1@localhost;
+show create table mysqltest_2.t1;
+Table	Create Table
+t1	CREATE TABLE `t1` (
+  `i` int(11) default NULL
+) ENGINE=MyISAM DEFAULT CHARSET=latin1
+create table t1 like mysqltest_2.t1;
+use test;
+drop database mysqltest_1;
+drop database mysqltest_2;
+drop user mysqltest_u1@localhost;
+End of 5.0 tests

mysql-test/t/grant2.test

@@ -513,3 +513,47 @@ disconnect bug13310;
 connection default;
 REVOKE ALL PRIVILEGES, GRANT OPTION FROM `a@`@localhost;
 drop user `a@`@localhost;
+
+
+#
+# Bug#25578 "CREATE TABLE LIKE does not require any privileges on source table"
+#
+--disable_warnings
+drop database if exists mysqltest_1;
+drop database if exists mysqltest_2;
+--enable_warnings
+--error 0,ER_CANNOT_USER
+drop user mysqltest_u1@localhost;
+
+create database mysqltest_1;
+create database mysqltest_2;
+grant all on mysqltest_1.* to mysqltest_u1@localhost;
+use mysqltest_2;
+create table t1 (i int);
+
+# Connect as user with all rights on mysqltest_1 but with no rights on mysqltest_2.
+connect (user1,localhost,mysqltest_u1,,mysqltest_1);
+connection user1;
+# As expected error is emitted
+--error ER_TABLEACCESS_DENIED_ERROR 
+show create table mysqltest_2.t1;
+# This should emit error as well
+--error ER_TABLEACCESS_DENIED_ERROR
+create table t1 like mysqltest_2.t1;
+
+# Now let us check that SELECT privilege on the source is enough
+connection default;
+grant select on mysqltest_2.t1 to mysqltest_u1@localhost;
+connection user1;
+show create table mysqltest_2.t1;
+create table t1 like mysqltest_2.t1;
+
+# Clean-up
+connection default;
+use test;
+drop database mysqltest_1;
+drop database mysqltest_2;
+drop user mysqltest_u1@localhost;
+
+--echo End of 5.0 tests
+