1
0
mirror of https://github.com/MariaDB/server.git synced 2025-10-25 18:38:00 +03:00
Commit Graph

113 Commits

Author SHA1 Message Date
Kent Boortz
9da00ebec9 Updated/added copyright headers 2011-06-30 17:46:53 +02:00
Kent Boortz
1400d7a2cc Updated/added copyright headers 2011-06-30 17:37:13 +02:00
Georgi Kodinov
881a76699e WL#1054: Pluggable authentication support
Merged the implementation to a new base tree.
2010-08-09 11:32:50 +03:00
Mats Kindahl
0768deeb27 WL#5030: Splitting mysql_priv.h
Adding my_global.h first in all files using
NO_EMBEDDED_ACCESS_CHECKS.

Correcting a merge problem resulting from a changed definition
of check_some_access compared to the original patches.
2010-04-07 13:58:40 +02:00
Mats Kindahl
e409d6f69c WL#5030: Split and remove mysql_priv.h
This patch:

- Moves all definitions from the mysql_priv.h file into
  header files for the component where the variable is
  defined
- Creates header files if the component lacks one
- Eliminates all include directives from mysql_priv.h
- Eliminates all circular include cycles
- Rename time.cc to sql_time.cc
- Rename mysql_priv.h to sql_priv.h
2010-03-31 16:05:33 +02:00
Marc Alff
a4c3bc618b WL#2360 Performance schema
Part IV: sql instrumentation
2010-01-06 22:42:07 -07:00
Sergei Golubchik
ae2768ce9c WL#4738 streamline/simplify @@variable creation process
Bug#16565 mysqld --help --verbose does not order variablesBug#20413 sql_slave_skip_counter is not shown in show variables
Bug#20415 Output of mysqld --help --verbose is incomplete
Bug#25430 variable not found in SELECT @@global.ft_max_word_len;
Bug#32902 plugin variables don't know their names
Bug#34599 MySQLD Option and Variable Reference need to be consistent in formatting!
Bug#34829 No default value for variable and setting default does not raise error
Bug#34834 ? Is accepted as a valid sql mode
Bug#34878 Few variables have default value according to documentation but error occurs  
Bug#34883 ft_boolean_syntax cant be assigned from user variable to global var.
Bug#37187 `INFORMATION_SCHEMA`.`GLOBAL_VARIABLES`: inconsistent status
Bug#40988 log_output_basic.test succeeded though syntactically false.
Bug#41010 enum-style command-line options are not honoured (maria.maria-recover fails)
Bug#42103 Setting key_buffer_size to a negative value may lead to very large allocations 
Bug#44691 Some plugins configured as MYSQL_PLUGIN_MANDATORY in can be disabled
Bug#44797 plugins w/o command-line options have no disabling option in --help
Bug#46314 string system variables don't support expressions
Bug#46470 sys_vars.max_binlog_cache_size_basic_32 is broken
Bug#46586 When using the plugin interface the type "set" for options caused a crash.
Bug#47212 Crash in DBUG_PRINT in mysqltest.cc when trying to print octal number
Bug#48758 mysqltest crashes on sys_vars.collation_server_basic in gcov builds
Bug#49417 some complaints about mysqld --help --verbose output
Bug#49540 DEFAULT value of binlog_format isn't the default value
Bug#49640 ambiguous option '--skip-skip-myisam' (double skip prefix)
Bug#49644 init_connect and \0
Bug#49645 init_slave and multi-byte characters
Bug#49646 mysql --show-warnings crashes when server dies
2009-12-22 10:35:56 +01:00
Alexander Nozdrin
69cfd5c8ec Manual merge from mysql-trunk.
Conflicts:
  - client/mysqltest.cc
  - mysql-test/collections/default.experimental
  - mysql-test/suite/rpl/t/disabled.def
  - sql/mysqld.cc
  - sql/opt_range.cc
  - sql/sp.cc
  - sql/sql_acl.cc
  - sql/sql_partition.cc
  - sql/sql_table.cc
2009-12-11 12:39:38 +03:00
Davi Arnaut
3fe5cd80ae Bug#41726: upgrade from 5.0 to 5.1.30 crashes if you didn't run mysql_upgrade
The problem is that the server could crash when attempting
to access a non-conformant proc system table. One such case
was a crash when invoking stored procedure related statements
on a 5.1 server with a proc system table in the 5.0 format.

The solution is to validate the proc system table format
before attempts to access it are made. If the table is not
in the format that the server expects, a message is written
to the error log and the statement that caused the table to
be accessed fails.
2009-11-21 09:18:21 -02:00
Alexander Nozdrin
ac7ba1bcaa Merge from mysql-next-mr. 2009-10-28 10:55:44 +03:00
Alexander Nozdrin
09195da31e Backporting patches for Bug#38347 (ALTER ROUTINE privilege
allows SHOW CREATE TABLE) from 6.0. Original revisions:
------------------------------------------------------------
revno: 2617.31.8
committer: Alexander Nozdrin <alik@sun.com>
branch nick: 6.0-rt-bug38347
timestamp: Thu 2009-03-26 09:08:24 +0300
message:
  Patch for Bug#38347: ALTER ROUTINE privilege allows SHOW CREATE TABLE.
  
  If a user has any of the following privileges for a table (or the database
  if the table), he should be able to issue SHOW CREATE TABLE for the table:
    - CREATE
    - DROP
    - ALTER
    - DELETE
    - INDEX
    - INSERT
    - SELECT
    - UPDATE
    - TRIGGER
    - REFERENCES
    - GRANT OPTION
    - CREATE VIEW
    - SHOW VIEW
  
  Any other privilege (even SUPER) should not allow SHOW CREATE TABLE.
------------------------------------------------------------
revno: 2617.31.11
committer: Alexander Nozdrin <alik@sun.com>
branch nick: 6.0-rt
timestamp: Fri 2009-03-27 21:36:34 +0300
message:
  Additional patch for Bug#38347 (ALTER ROUTINE privilege
  allows SHOW CREATE TABLE).
  
  The problem was that information_schema.test,
  information_schema_parameters.test and information_schema_routines.test
  failed with the first patch. That happened due to limitation in check_access():
  it allows only SELECT_ACL privilege for INFORMATION_SCHEMA tables.
  
  The patch is to request only SELECT_ACL privilege for INFORMATION_SCHEMA tables.
------------------------------------------------------------
2009-10-22 16:51:51 +04:00
Kristofer Pettersson
d18a9e5f54 Bug#27145 EXTRA_ACL troubles
Post merge fix for embedded server.
2009-10-20 15:40:06 +02:00
Kristofer Pettersson
4a494eeb52 Automerge 2009-10-19 15:00:38 +02:00
Kristofer Pettersson
b5559f5305 Bug#27145 EXTRA_ACL troubles
The flag EXTRA_ACL is used in conjugation with our access checks, yet it is
not clear what impact this flag has.
This is a code clean up which replaces use of EXTRA_ACL with an explicit
function parameter.
The patch also fixes privilege checks for:
- SHOW CREATE TABLE: The new privilege requirement is any privilege on
  the table-level.
- CHECKSUM TABLE: Requires SELECT on the table level.
- SHOW CREATE VIEW: Requires SHOW_VIEW and SELECT on the table level
  (just as the manual claims)
- SHOW INDEX: Requires any privilege on any column combination.
2009-10-19 14:58:13 +02:00
Alexander Nozdrin
132ef2e2ef A backporting patch for WL#4300 (Define privileges for tablespaces).
Original revision in 6.0:
------------------------------------------------------------
revno: 2630.13.11
committer: Alexander Nozdrin <alik@mysql.com>
branch nick: 6.0-rt-wl4300
timestamp: Thu 2008-07-24 11:44:21 +0400
message:
  A patch for WL#4300: Define privileges for tablespaces.
------------------------------------------------------------

per-file messages:
  mysql-test/r/grant.result
    Update result file: new columm 'Create_tablespace_priv' has been added to mysql.user.
  mysql-test/r/ps.result
    Update result file: new columm 'Create_tablespace_priv' has been added to mysql.user.
  mysql-test/r/system_mysql_db.result
    Update result file: new columm 'Create_tablespace_priv' has been added to mysql.user.
  mysql-test/suite/falcon/r/falcon_tablespace_priv.result
    Test case for WL#4300.
  mysql-test/suite/falcon/t/falcon_tablespace_priv.test
    Test case for WL#4300.
  mysql-test/suite/ndb/r/ndb_dd_ddl.result
    Test case for WL#4300.
  mysql-test/suite/ndb/t/ndb_dd_ddl.test
    Test case for WL#4300.
  scripts/mysql_system_tables.sql
    New columm 'Create_tablespace_priv' has been added to mysql.user.
  scripts/mysql_system_tables_data.sql
    'CREATE TABLESPACE' is granted by default to the root user.
  scripts/mysql_system_tables_fix.sql
    Grant 'CREATE TABLESPACE' privilege during system table upgrade
    if a user had SUPER privilege.
  sql/sql_acl.cc
    Added CREATE TABLESPACE privilege.
  sql/sql_acl.h
    Added CREATE TABLESPACE privilege.
  sql/sql_parse.cc
    Check global 'CREATE TABLESPACE' privilege for the following SQL statements:
      - CREATE | ALTER | DROP TABLESPACE
      - CREATE | ALTER | DROP LOGFILE GROUP
  sql/sql_show.cc
    Added CREATE TABLESPACE privilege.
  sql/sql_yacc.yy
    Added CREATE TABLESPACE privilege.
2009-10-10 00:01:10 +04:00
Mats Kindahl
4ad8ef0602 WL#5016: Fix header file include guards
Adding header include file guards to files that are missing such.
2009-09-23 23:32:31 +02:00
Kristofer Pettersson
a645555432 Bug#44658 Create procedure makes server crash when user does not have ALL privilege
MySQL crashes if a user without proper privileges attempts to create a procedure.

The crash happens because more than one error state is pushed onto the Diagnostic
area. In this particular case the user is denied to implicitly create a new user
account with the implicitly granted privileges ALTER- and EXECUTE ROUTINE.

The new account is needed if the original user account contained a host mask.
A user account with a host mask is a distinct user account in this context.
An alternative would be to first get the most permissive user account which
include the current user connection and then assign privileges to that
account. This behavior change is considered out of scope for this bug patch.

The implicit assignment of privileges when a user creates a stored routine is a
considered to be a feature for user convenience and as such it is not
a critical operation. Any failure to complete this operation is thus considered
non-fatal (an error becomes a warning).

The patch back ports a stack implementation of the internal error handler interface.
This enables the use of multiple error handlers so that it is possible to intercept
and cancel errors thrown by lower layers. This is needed as a error handler already
is used in the call stack emitting the errors which needs to be converted.
2009-05-29 15:37:54 +02:00
gkodinov/kgeorge@magare.gmz
f6871c0d66 Merge magare.gmz:/home/kgeorge/mysql/autopush/B26461-5.0-opt
into  magare.gmz:/home/kgeorge/mysql/work/B26461-5.1-opt
2008-03-21 17:48:28 +02:00
gkodinov/kgeorge@macbook.gmz
ff0aac178d Bug #26461: Intrinsic data type bool (1 byte) redefined to BOOL (4 bytes)
The bool data type was redefined to BOOL (4 bytes on windows).
Removed the #define and fixed some of the warnings that were uncovered
by this.
Note that the fix also disables 2 warnings :
4800 : 'type' : forcing value to bool 'true' or 'false' (performance warning)
4805: 'operation' : unsafe mix of type 'type' and type 'type' in operation

These warnings will be handled in a separate bug, as they are performance related or bogus.

Fixed to int the return type of functions that return more than 
2 distinct values.
2008-03-21 17:23:17 +02:00
gkodinov/kgeorge@magare.gmz
f42a392b2a merged the fix for bug 30468 to 5.1-opt 2007-09-27 12:32:59 +03:00
gkodinov/kgeorge@magare.gmz
fb3b12176d Bug #30468: column level privileges not respected when joining tables
When expanding a * in a USING/NATURAL join the check for table access
for both tables in the join was done using the grant information of the
first one.
Fixed by getting the grant information for the current table while 
iterating through the columns of the join.
2007-09-27 12:15:19 +03:00
msvensson@pilot.blaudden
709f066948 Merge pilot.blaudden:/home/msvensson/mysql/mysql-5.0-maint
into  pilot.blaudden:/home/msvensson/mysql/mysql-5.1-maint
2007-03-19 11:15:59 +01:00
msvensson@pilot.blaudden
88b4c86e09 Bug#20166 mysql-test-run.pl does not test system privilege tables creation
- Build sql files for netware from the mysql_system_tables*.sq files
 - Fix comments about mysql_create_system_tables.sh
 - Use mysql_install_db.sh to create system tables for mysql_test-run-shell
 - Fix mysql-test-run.pl to also look in share/mysql for the msyql_system*.sql files
2007-03-16 17:28:32 +01:00
kent@kent-amd64.(none)
58763e383e Merge mysql.com:/home/kent/bk/main/mysql-5.0
into  mysql.com:/home/kent/bk/main/mysql-5.1
2006-12-31 01:32:21 +01:00
kent@mysql.com/kent-amd64.(none)
6523aca729 my_strtoll10-x86.s:
Corrected spelling in copyright text
Makefile.am:
  Don't update the files from BitKeeper
Many files:
  Removed "MySQL Finland AB & TCX DataKonsult AB" from copyright header
  Adjusted year(s) in copyright header 
Many files:
  Added GPL copyright text
Removed files:
  Docs/Support/colspec-fix.pl
  Docs/Support/docbook-fixup.pl
  Docs/Support/docbook-prefix.pl
  Docs/Support/docbook-split
  Docs/Support/make-docbook
  Docs/Support/make-makefile
  Docs/Support/test-make-manual
  Docs/Support/test-make-manual-de
  Docs/Support/xwf
2006-12-31 01:02:27 +01:00
kent@kent-amd64.(none)
be15e3bc15 Merge mysql.com:/home/kent/bk/main/mysql-5.0
into  mysql.com:/home/kent/bk/main/mysql-5.1
2006-12-23 20:20:40 +01:00
kent@mysql.com/kent-amd64.(none)
226a5c833f Many files:
Changed header to GPL version 2 only
2006-12-23 20:17:15 +01:00
jani@ua141d10.elisa.omakaista.fi
083f8455c7 Merge ua141d10.elisa.omakaista.fi:/home/my/bk/mysql-5.0
into  ua141d10.elisa.omakaista.fi:/home/my/bk/mysql-5.1-new
2006-05-09 20:50:29 +03:00
kroki@mysql.com
3ad0cac41b Reapply fix for bug#16372 (Server crashes when test 'conc_sys' is running)
after merge.

Concurrent read and update of privilege structures (like simultaneous
run of SHOW GRANTS and ADD USER) could result in server crash.

Ensure that proper locking of ACL structures is done.

No test case is provided because this bug can't be reproduced
deterministically.
2006-05-06 11:25:59 +04:00
andrey@lmy004.
d5d11a9c23 manual merge 2006-02-14 17:05:36 +01:00
andrey@lmy004.
815927e590 - final fixes for bug#16431 (Events: An event which alters itself disappears)
- fix for bug#16423 (Events: SHOW CREATE EVENT doesn't work)
- this Changeset commits makes CREATE/UPDATE/DELETE EVENT real DDL statements
  by committing the currently open transaction before they are executed.
- this Changeset also fixes a trailing space problem since the very early days
  of the internal cron
- adds sophisticated checking of whether mysql.event was tampered accidentally
  or with purpose by an user.
- adds a lot of inline function documentation - documents everything left
  uncodumented
- INTERVAL_XXXX to XXX in I_S.EVENTS.INTERVAL_FIELD

WL#1034 (Internal CRON)
2006-02-14 16:20:48 +01:00
dlenev@mysql.com
730a711f93 Addition to the fix for BUG#9412 "Triggers: should have trigger privilege".
When we add new privilege we should update mysql-test/lib/init_db.sql
accordingly.
2006-02-01 21:27:12 +03:00
anozdrin@mysql.com
0a1f7e921b Fix for BUG#9412: Triggers: should have trigger privilege.
Implement table-level TRIGGER privilege to control access to triggers.
Before this path global SUPER privilege was used for this purpose, that
was the big security problem.

In details, before this patch SUPER privilege was required:
  - for the user at CREATE TRIGGER time to create a new trigger;
  - for the user at DROP TRIGGER time to drop the existing trigger;
  - for the definer at trigger activation time to execute the trigger (if the
    definer loses SUPER privilege, all its triggers become unavailable);

This patch changes the behaviour in the following way:
  - TRIGGER privilege on the subject table for trigger is required:
    - for the user at CREATE TRIGGER time to create a new trigger;
    - for the user at DROP TRIGGER time to drop the existing trigger;
    - for the definer at trigger activation time to execute the trigger
      (if the definer loses TRIGGER privilege on the subject table, all its
      triggers on this table become unavailable).
  - SUPER privilege is still required:
    - for the user at CREATE TRIGGER time to explicitly set the trigger
      definer to the user other than CURRENT_USER().

When the server works with database of the previous version (w/o TRIGGER
privilege), or if the database is being upgraded from the previous versions,
TRIGGER privilege is granted to whose users, who have CREATE privilege.
2006-02-01 13:28:45 +03:00
andrey@lmy004.
7c049782fa WL #1034 (Internal CRON)
merge before push
2006-01-10 21:02:19 +01:00
andrey@lmy004.
533180d76c WL#1034 update
- fix EVENT_ACL problem that GRANT ALL on some_db.* to someone@somewhere did not get to mysql.db
- fix crash when the following is executed :
  CREATE EVENT P() CREATE EVENT E ON SCHEDULER 1 SECOND DO ROLLBACK;
  (creation works as well as calling P() which creates the event).
2005-12-15 14:12:28 +01:00
timour@mysql.com
3d01a3affc Merge mysql.com:/home/timka/mysql/src/5.0-2486
into  mysql.com:/home/timka/mysql/src/5.1-dbg
2005-12-07 10:47:43 +02:00
andrey@lmy004.
7120d43c36 WL#1034 updated
- split into several files
- forbid parallel execution (before analyse is done how to make it possible)
  because the same sp_head instance cannot be executed in parallel
- added GPL headers
- changed EVENT_ACL to be per DB variable
- fixed minor problems
2005-12-05 11:45:04 +01:00
andrey@lmy004.
a370c2d907 WL1034 update for latest 5.1 sources 2005-12-02 13:07:02 +01:00
timour@mysql.com
687b66b8da WL#2486 - natural/using joins according to SQL:2003
Post-review fixes that simplify the way access rights
are checked during name resolution and factor out all
entry points to check access rights into one single
function.
2005-11-30 21:27:11 +02:00
tomas@poseidon.ndb.mysql.com
620b7bafb0 Merge 2005-10-06 10:54:07 +02:00
bell@sanja.is.com.ua
c1b185f5ff WL#2787 (Add view definer/owner to the view definition (.frm) to check privileges on used tables and stored routines when using a VIEW.)
Part 2 postreview fixes.
2005-09-20 21:20:38 +03:00
bell@sanja.is.com.ua
aec371f910 WL#2787 (part 2, ver 3 (merged)) changed securety context switching 2005-09-15 22:29:07 +03:00
tulin@dl145c.mysql.com
ea4161baed merge 2005-09-14 17:58:20 +02:00
bell@sanja.is.com.ua
71ffbbf81b part 1 (ver 2, postreview fix) of WL#2787
view definer information syntax/storage/replication
fixed SOURCE field of .frm
2005-09-14 10:53:09 +03:00
msvensson@neptunus.(none)
345dfef41f Merge neptunus.(none):/home/msvensson/mysql/mysql-5.0
into  neptunus.(none):/home/msvensson/mysql/mysql-5.1
2005-09-02 08:59:59 +02:00
dlenev@mysql.com
d23732962f Merge mysql.com:/home/dlenev/src/mysql-4.1-bg12423
into  mysql.com:/home/dlenev/src/mysql-5.0-merges
2005-09-01 23:25:29 +04:00
dlenev@mysql.com
da2af0bb6d Fix for bug #12423 "Deadlock when doing FLUSH PRIVILEGES and GRANT in
multi-threaded environment".

To avoid deadlocks between several simultaneously run account management 
commands (particularly between FLUSH PRIVILEGES/SET PASSWORD and GRANT
commands) we should always take table and internal locks during their
execution in the same order. In other words we should first open and lock
privilege tables and only then obtain acl_cache::lock/LOCK_grant locks.
2005-09-01 16:52:59 +04:00
tomas@poseidon.ndb.mysql.com
674b6bb151 Merge 2005-07-12 20:01:22 +02:00
bell@sanja.is.com.ua
bfbd0e241b added processing of view grants to table grants (BUG#9795) 2005-07-05 13:36:36 +03:00
tulin@dl145c.mysql.com
4a1d6f6a18 Merge tulin@bk-internal.mysql.com:/home/bk/mysql-5.0
into dl145c.mysql.com:/home/ndbdev/tomas/mysql-5.1
2005-05-17 23:25:13 +02:00