database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-09-02 09:41:40 +03:00
Code Activity
170,853 Commits 3,153 Branches 363 Tags
e11cad9e9dd3ae0be61aec1bb50b0ddc867b10be
Commit Graph

1319 Commits

Author SHA1 Message Date
Vicențiu Ciorbaru
aa4657f872 Added comment to justify error message 2013-10-17 20:49:38 -07:00
Vicențiu Ciorbaru
a5b8939807 Added initial_role_grants variable to ACL_USER 2013-10-17 20:45:49 -07:00
Vicențiu Ciorbaru
45903359bf Fixed USER INVALID error when using anonymous user to login and calling 
SET ROLE NONE;
 2013-10-17 20:45:00 -07:00
Vicențiu Ciorbaru
cf9ebd72c4 Refactored find_mpvio_user. The loop that searches for the user is now a 
separate function.
 2013-10-17 20:44:51 -07:00
Vicențiu Ciorbaru
e8d6425875 Renamed find_acl_user -> find_user_no_anon 2013-10-17 20:39:43 -07:00
Vicențiu Ciorbaru
db25d8f977 Modified set_role_var to implement both a role check in the check() function, 
as well as only set privileges in the update() function.
 2013-10-17 20:39:23 -07:00
Vicențiu Ciorbaru
7d4bfba91a Added error message for invalid role 2013-10-17 15:14:11 -07:00
Vicențiu Ciorbaru
7ec24435b3 Added acl_setrole function. The function enables/disables role privileges to 
the current user via the current security_context
 2013-10-17 15:11:13 -07:00
Vicențiu Ciorbaru
6680bb14a4 Removed no longer used label 2013-10-17 15:11:05 -07:00
Vicențiu Ciorbaru
096e7aa1e0 Fix bug with inserting _pointers_ to ACL_USER in the DYNAMIC_ARRAY of granted 
roles
 2013-10-17 15:10:57 -07:00
Vicențiu Ciorbaru
0d103a6f62 Add a check if user_to is valid to handle_roles_mappings_table 2013-10-17 15:10:49 -07:00
Vicențiu Ciorbaru
fb3e3b9440 Fixed typo 2013-10-17 15:10:40 -07:00
Vicențiu Ciorbaru
565c6c5a1f Cascading updates for roles_mappings are now fully functional. 
Renaming a user via RENAME USER command causes either the user columns
to update, or the role columns.
 2013-10-17 15:10:24 -07:00
Vicențiu Ciorbaru
6bddb93e3c Implemented half of handle_roles_mappings_table. 
The function now handles user updates/deletions correctly.
 2013-10-17 15:10:15 -07:00
Vicențiu Ciorbaru
13a1f6fd72 Changed a call to handle_roles_mappings_table: first parameter is now more readable 2013-10-17 15:10:07 -07:00
Vicențiu Ciorbaru
9506a07159 Added debug info to rebuild_roles_mappings 
Also fixed a bug regarding the HASH iteration. It previously got
the stop condition from a different hashtable and this caused errors
when the hash sizes were different.
 2013-10-17 15:09:58 -07:00
Vicențiu Ciorbaru
0a9428cffc Added debug warning to add_role_user_mapping. 2013-10-17 15:09:50 -07:00
Vicențiu Ciorbaru
df53ed13ac Renamed variables in init_role_grant_pair to make the code more 
consistent.
 2013-10-17 15:09:39 -07:00
Vicențiu Ciorbaru
2f94e542bd Whitespace + comment fix 2013-10-17 15:09:31 -07:00
Vicențiu Ciorbaru
7842ef3052 Added logic to handle the in-memory roles_mappings struct in handle_data_struct. 
The logic is not complete yet.
 2013-10-17 15:09:22 -07:00
Vicențiu Ciorbaru
de472770d3 Removed no longer needed hash_walk_action. The function was used to delete 
no longer valid entries in the roles_mappings HASH. This job will be delegated
to handle_grant_* functions
 2013-10-17 15:09:14 -07:00
Vicențiu Ciorbaru
6988e6c56a The acl_roles_mappings in-memory structure holds the following invariant: 
It will only hold _valid_ entries for as long as it held in memory. Any change
regarding acl_users or acl_roles in memory should update the structure
immediately. This is why the rebuild_roles_mappings no longer removes invalid
entries.

In order to keep things consistent with the existing code, the following jobs
are assigned to each function:

The role of rebuild_roles_mappings is to recreate the links between users and
roles. Any other updates are to be done in the functions:

handle_grant_*

This change prepares the code for the next step, which is cascading updates.
 2013-10-17 15:09:06 -07:00
Vicențiu Ciorbaru
ba43f3551b Refactored some code in acl_load to make use of the new init_role_grant_pair 
function
 2013-10-17 15:06:39 -07:00
Vicențiu Ciorbaru
f8d944a6a0 Added a init_role_mapping function to be used for later 2013-10-17 15:06:29 -07:00
Vicențiu Ciorbaru
573c73225e open_grant_tables now also opens roles_mapping table 2013-10-17 15:06:20 -07:00
Vicențiu Ciorbaru
071c4ce88b Removed no longer needed RoleHostFK as it is not used to link to a Role. 
Also removed code that loads that column into memory.
 2013-10-17 15:06:09 -07:00
Vicențiu Ciorbaru
ee1e66468f Removed no longer required TODO 2013-10-17 15:05:06 -07:00
Vicențiu Ciorbaru
5acc057879 Roles mappings are now being kept consistent when acl_users gets modified. 
No cascading changes take place during a user rename. This needs to be
addressed.
 2013-10-17 15:03:58 -07:00
Vicențiu Ciorbaru
e876aa2b3b Fixed memory leak caused by user deletion, aswell as invalid free caused by 
user creation.
 2013-10-17 15:03:49 -07:00
Vicențiu Ciorbaru
7e18b8f1d6 Moved comment in code to correct place for rebuild_role_grants 2013-10-17 15:03:40 -07:00
Vicențiu Ciorbaru
de523f7fad Refactored function to allow for better code clarity. 2013-10-17 15:03:30 -07:00
Vicențiu Ciorbaru
887a1ac862 Implemented Roles Mappings association between users and roles. 
No more memory leaks in the code.
 2013-10-17 15:03:21 -07:00
Vicențiu Ciorbaru
deffce1ace Free some memory leaks 
Still problems with hashtable acl_roles
Need to create a copy of grant_roles, currently it uses the same buffer
 2013-10-17 15:03:12 -07:00
Vicențiu Ciorbaru
9e7228dc4a Added implementation for DYNAMIC_ARRAY in ACL_USER 
TODO:
Memory allocated for the array is never freed
 2013-10-17 15:02:55 -07:00
Vicențiu Ciorbaru
ba42300be0 Stripped whitespaces on all lines from sql/sql_acl.cc 2013-10-17 15:02:38 -07:00
Vicențiu Ciorbaru
71a504ca16 Whitespace fixes 2013-10-17 15:02:29 -07:00
Vicențiu Ciorbaru
dc4126657f Refactored ACL_USER: 
Changed ACL_USER.user from char * to LEX_STRING.
Refactored every section that made use of ACL_USER.user as a char*.

This was done so as to be able to quickly check the hash_key of the acl_user.
 2013-10-17 15:02:18 -07:00
Vicențiu Ciorbaru
fdc1669793 Fixed memory leaks. 
role_grants is no longer used as it will be added to the ACL_USER class
 2013-10-17 15:00:30 -07:00
Vicențiu Ciorbaru
aa465ac3ba Removed redundant #include "sql_hset.h" 
It was a leftover from attempting to use Hash_set
 2013-10-17 14:58:37 -07:00
Vicențiu Ciorbaru
dd5a98da35 Fixed key search in HASH table 2013-10-17 14:58:07 -07:00
Vicențiu Ciorbaru
e0c908ebe7 Changed acl_roles to be stored into a HASH. 
There is an issue with correct searching of keys in the HASH.
 2013-10-17 14:57:58 -07:00
Vicențiu Ciorbaru
334860cccf Added roles mapping internal structure creation 
TODO: Free structures on flush
 2013-10-17 14:57:49 -07:00
Vicențiu Ciorbaru
875617c089 Added separation between roles and users in the mysql.user table 2013-10-17 14:57:39 -07:00
Vicențiu Ciorbaru
9f512dca3c Initialized roles_mapping table. Performed a check to see if a mapping exists. 2013-10-17 14:57:22 -07:00
Venkata Sidagam
e84d48742e Bug#16900358 FIX FOR CVE-2012-5611 IS INCOMPLETE 
Merging from mysql-5.1 to mysql-5.5
 2013-10-16 14:16:32 +05:30
Venkata Sidagam
de0e8a02d1 Bug#16900358 FIX FOR CVE-2012-5611 IS INCOMPLETE 
Description: Fix for bug CVE-2012-5611 (bug 67685) is 
incomplete. The ACL_KEY_LENGTH-sized buffers in acl_get() and 
check_grant_db() can be overflown by up to two bytes. That's 
probably not enough to do anything more serious than crashing 
mysqld.
Analysis: In acl_get() when "copy_length" is calculated it 
just adding the variable lengths. But when we are using them 
with strmov() we are adding +1 to each. This will lead to a 
three byte buffer overflow (i.e two +1's at strmov() and one 
byte for the null added by strmov() function). Similarly it 
happens for check_grant_db() function as well.
Fix: We need to add "+2" to "copy_length" in acl_get() 
and "+1" to "copy_length" in check_grant_db().
 2013-10-16 14:14:44 +05:30
unknown
81957483d3 Embedded server with authenticaction fixed after connection attributes port. 2013-10-08 12:25:14 +03:00
unknown
c776f5ac26 Client attributes 2013-10-03 18:00:44 +03:00
Jan Lindström
745239fd29 After merge fixes 2013-09-25 10:42:05 +03:00
Sergei Golubchik
9af177042e 10.0-base merge. 
Partitioning/InnoDB changes are *not* merged (they'll come from 5.6)
TokuDB does not compile (not updated to 10.0 SE API)
 2013-09-21 10:14:42 +02:00