diff options
| author | serg@serg.mylan <> | 2005-03-23 09:42:24 +0100 |
|---|---|---|
| committer | serg@serg.mylan <> | 2005-03-23 09:42:24 +0100 |
| commit | d6bedfa8e03cb9e1b86ce84e57cabdc66abfdc76 (patch) | |
| tree | bfec7a86898321f85706b5331aa18fdb1bc68fbb | |
| parent | 8fad60734e9578e789b7f77a13ae839905780dc6 (diff) | |
| parent | 8372ba4c957bc55cbee4367607e29cabf1198aa6 (diff) | |
| download | mariadb-git-d6bedfa8e03cb9e1b86ce84e57cabdc66abfdc76.tar.gz | |
merged
| -rw-r--r-- | BitKeeper/etc/logging_ok | 1 | ||||
| -rw-r--r-- | VC++Files/libmysqld/examples/test_libmysqld.dsp | 6 | ||||
| -rw-r--r-- | VC++Files/mysql.dsw | 18 | ||||
| -rw-r--r-- | VC++Files/mysql_ia64.dsw | 3 | ||||
| -rw-r--r-- | VC++Files/mysqlmanager/MySqlManager_ia64.dsp | 276 | ||||
| -rw-r--r-- | libmysqld/libmysqld.def | 6 | ||||
| -rw-r--r-- | mysql-test/r/grant.result | 13 | ||||
| -rw-r--r-- | mysql-test/r/grant2.result | 23 | ||||
| -rw-r--r-- | mysql-test/r/sp.result | 2 | ||||
| -rw-r--r-- | mysql-test/r/system_mysql_db.result | 1 | ||||
| -rw-r--r-- | mysql-test/r/type_varchar.result | 7 | ||||
| -rw-r--r-- | mysql-test/t/grant2.test | 21 | ||||
| -rw-r--r-- | mysql-test/t/type_varchar.test | 9 | ||||
| -rw-r--r-- | scripts/mysql_create_system_tables.sh | 13 | ||||
| -rw-r--r-- | scripts/mysql_fix_privilege_tables.sql | 12 | ||||
| -rw-r--r-- | sql/field.cc | 6 | ||||
| -rw-r--r-- | sql/handler.cc | 4 | ||||
| -rw-r--r-- | sql/item_func.cc | 1 | ||||
| -rw-r--r-- | sql/item_sum.cc | 6 | ||||
| -rw-r--r-- | sql/item_sum.h | 3 | ||||
| -rw-r--r-- | sql/sql_acl.cc | 36 | ||||
| -rw-r--r-- | sql/sql_acl.h | 39 | ||||
| -rw-r--r-- | sql/sql_parse.cc | 74 | ||||
| -rw-r--r-- | sql/sql_show.cc | 1 | ||||
| -rw-r--r-- | sql/sql_yacc.yy | 1 |
25 files changed, 161 insertions, 421 deletions
diff --git a/BitKeeper/etc/logging_ok b/BitKeeper/etc/logging_ok index 543e9e677a2..96cdd930e83 100644 --- a/BitKeeper/etc/logging_ok +++ b/BitKeeper/etc/logging_ok @@ -227,6 +227,7 @@ salle@vafla.online.bg sasha@mysql.sashanet.com serg@build.mysql.com serg@build.mysql2.com +serg@mysql.com serg@serg.mylan serg@serg.mysql.com serg@sergbook.mylan diff --git a/VC++Files/libmysqld/examples/test_libmysqld.dsp b/VC++Files/libmysqld/examples/test_libmysqld.dsp index 6707b8cd8ee..013bc41409d 100644 --- a/VC++Files/libmysqld/examples/test_libmysqld.dsp +++ b/VC++Files/libmysqld/examples/test_libmysqld.dsp @@ -47,7 +47,7 @@ BSC32=bscmake.exe # ADD BSC32 /nologo
LINK32=xilink6.exe # ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
-# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Wsock32.lib /nologo /subsystem:console /machine:I386 /nodefaultlib:"LIBCMTD" /out:"Release/mysql-server.exe"
+# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Wsock32.lib /nologo /subsystem:console /machine:I386 /nodefaultlib:"LIBCMTD" /out:"..\test_libmysqld.exe" # Begin Target
# Name "test_libmysqld - Win32 Release"
@@ -71,9 +71,5 @@ SOURCE=..\..\client\readline.cpp SOURCE=..\..\client\sql_string.cpp # End Source File
# End Group
-# Begin Source File
-
-SOURCE=..\..\lib_release\libmysqld.lib
-# End Source File
# End Target
# End Project
diff --git a/VC++Files/mysql.dsw b/VC++Files/mysql.dsw index 43cfab4b915..73db9d095cb 100644 --- a/VC++Files/mysql.dsw +++ b/VC++Files/mysql.dsw @@ -3,21 +3,6 @@ Microsoft Developer Studio Workspace File, Format Version 6.00 ############################################################################### -Project: "MySqlManager"=".\mysqlmanager\MySqlManager.dsp" - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ - Begin Project Dependency - Project_Dep_Name mysqlclient - End Project Dependency -}}} - -############################################################################### - Project: "bdb"=".\bdb\bdb.dsp" - Package Owner=<4> Package=<5> @@ -420,9 +405,6 @@ Package=<4> Project_Dep_Name mysqlimport End Project Dependency Begin Project Dependency - Project_Dep_Name MySqlManager - End Project Dependency - Begin Project Dependency Project_Dep_Name mysqlshow End Project Dependency Begin Project Dependency diff --git a/VC++Files/mysql_ia64.dsw b/VC++Files/mysql_ia64.dsw index 8af4a7e5c42..dd86d498afe 100644 --- a/VC++Files/mysql_ia64.dsw +++ b/VC++Files/mysql_ia64.dsw @@ -508,9 +508,6 @@ Package=<4> Project_Dep_Name mysqlimport End Project Dependency Begin Project Dependency - Project_Dep_Name MySqlManager - End Project Dependency - Begin Project Dependency Project_Dep_Name mysqlshow End Project Dependency Begin Project Dependency diff --git a/VC++Files/mysqlmanager/MySqlManager_ia64.dsp b/VC++Files/mysqlmanager/MySqlManager_ia64.dsp deleted file mode 100644 index b0ffc9e48c6..00000000000 --- a/VC++Files/mysqlmanager/MySqlManager_ia64.dsp +++ /dev/null @@ -1,276 +0,0 @@ -# Microsoft Developer Studio Project File - Name="MySqlManager" - Package Owner=<4> -# Microsoft Developer Studio Generated Build File, Format Version 6.00 -# ** DO NOT EDIT ** - -# TARGTYPE "Win32 (x86) Application" 0x0101 - -CFG=MYSQLMANAGER - WinIA64 DEBUG -!MESSAGE This is not a valid makefile. To build this project using NMAKE, -!MESSAGE use the Export Makefile command and run -!MESSAGE -!MESSAGE NMAKE /f "MySqlManager.mak". -!MESSAGE -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "MySqlManager.mak" CFG="MYSQLMANAGER - WinIA64 DEBUG" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "MySqlManager - WinIA64 Release" (based on "Win32 (x86) Application") -!MESSAGE "MySqlManager - WinIA64 Debug" (based on "Win32 (x86) Application") -!MESSAGE - -# Begin Project -# PROP AllowPerConfigDependencies 0 -# PROP Scc_ProjName "" -# PROP Scc_LocalPath "" -CPP=cl.exe -MTL=midl.exe -RSC=rc.exe - -!IF "$(CFG)" == "MySqlManager - WinIA64 Release" - -# PROP BASE Use_MFC 6 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir "Release" -# PROP BASE Intermediate_Dir "Release" -# PROP BASE Target_Dir "" -# PROP Use_MFC 6 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir "release" -# PROP Intermediate_Dir "release" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /MD /W3 /GX /O2 /D "WIN64" /D "NDEBUG" /D "_WINDOWS" /D "_AFXDLL" /Yu"stdafx.h" /FD /c -# ADD CPP /nologo /MT /W3 /Zi /O2 /I "../include" /D "NDEBUG" /D "DBUG_OFF" /D "_WINDOWS" /D "_IA64_" /D "WIN64" /D "WIN32" /D "_AFX_NO_DAO_SUPPORT" /FD /G2 /EHsc /Wp64 /Zm600 /c -# SUBTRACT CPP /WX /Fr /YX /Yc /Yu -# ADD BASE MTL /nologo /D "NDEBUG" /mktyplib203 /o "NUL" /win64 -# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /o "NUL" /win64 -# ADD BASE RSC /l 0x409 /d "NDEBUG" /d "_AFXDLL" -# ADD RSC /l 0x409 /d "NDEBUG" /d "_AFXDLL" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 /nologo /subsystem:windows /machine:IA64 -# ADD LINK32 /nologo /subsystem:windows /out:"../client_release/MySqlManager.exe" /machine:IA64 -# SUBTRACT LINK32 /nodefaultlib - -!ELSEIF "$(CFG)" == "MySqlManager - WinIA64 Debug" - -# PROP BASE Use_MFC 6 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir "Debug" -# PROP BASE Intermediate_Dir "Debug" -# PROP BASE Target_Dir "" -# PROP Use_MFC 6 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir "debug" -# PROP Intermediate_Dir "debug" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /MDd /W3 /Gm /GX /Zi /Od /D "WIN64" /D "_DEBUG" /D "_WINDOWS" /D "_AFXDLL" /Yu"stdafx.h" /FD /c -# ADD CPP /nologo /MTd /W3 /GR /Zi /Od /I "../include" /D "_DEBUG" /D "_WINDOWS" /D "_IA64_" /D "WIN64" /D "WIN32" /D "_AFX_NO_DAO_SUPPORT" /FD /G2 /EHsc /Wp64 /Zm600 /c -# SUBTRACT CPP /Fr /YX /Yc /Yu -# ADD BASE MTL /nologo /D "_DEBUG" /mktyplib203 /o "NUL" /win64 -# ADD MTL /nologo /D "_DEBUG" /o "NUL" /win64 -# SUBTRACT MTL /mktyplib203 -# ADD BASE RSC /l 0x409 /d "_DEBUG" /d "_AFXDLL" -# ADD RSC /l 0x409 /d "_DEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 /nologo /subsystem:windows /debug /machine:IA64 -# ADD LINK32 wsock32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib uuid.lib /nologo /subsystem:windows /incremental:no /debug /out:"../client_debug/MySqlManager.exe" /libpath:"..\lib_debug\\" /machine:IA64 - -!ENDIF - -# Begin Target - -# Name "MySqlManager - WinIA64 Release" -# Name "MySqlManager - WinIA64 Debug" -# Begin Group "Source Files" - -# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat" -# Begin Source File - -SOURCE=.\ChildFrm.cpp -# End Source File -# Begin Source File - -SOURCE="..\strings\ctype-extra.c" -# End Source File -# Begin Source File - -SOURCE="..\strings\ctype-latin1.c" -# End Source File -# Begin Source File - -SOURCE="..\strings\ctype-mb.c" -# End Source File -# Begin Source File - -SOURCE=..\strings\is_prefix.c -# End Source File -# Begin Source File - -SOURCE=.\MainFrm.cpp -# End Source File -# Begin Source File - -SOURCE=..\mysys\my_sleep.c -# End Source File -# Begin Source File - -SOURCE=..\strings\my_vsnprintf.c -# End Source File -# Begin Source File - -SOURCE=.\MySqlManager.cpp -# End Source File -# Begin Source File - -SOURCE=.\MySqlManager.rc -# End Source File -# Begin Source File - -SOURCE=.\MySqlManagerDoc.cpp -# End Source File -# Begin Source File - -SOURCE=.\MySqlManagerView.cpp -# End Source File -# Begin Source File - -SOURCE=.\RegisterServer.cpp -# End Source File -# Begin Source File - -SOURCE=.\StdAfx.cpp -# ADD CPP /Yc"stdafx.h" -# End Source File -# Begin Source File - -SOURCE=.\ToolSql.cpp -# End Source File -# Begin Source File - -SOURCE=.\ToolSqlQuery.cpp -# End Source File -# Begin Source File - -SOURCE=.\ToolSqlResults.cpp -# End Source File -# Begin Source File - -SOURCE=.\ToolSqlStatus.cpp -# End Source File -# End Group -# Begin Group "Header Files" - -# PROP Default_Filter "h;hpp;hxx;hm;inl" -# Begin Source File - -SOURCE=.\ChildFrm.h -# End Source File -# Begin Source File - -SOURCE=.\MainFrm.h -# End Source File -# Begin Source File - -SOURCE=.\MySqlManager.h -# End Source File -# Begin Source File - -SOURCE=.\MySqlManagerDoc.h -# End Source File -# Begin Source File - -SOURCE=.\MySqlManagerView.h -# End Source File -# Begin Source File - -SOURCE=.\RegisterServer.h -# End Source File -# Begin Source File - -SOURCE=.\Resource.h -# End Source File -# Begin Source File - -SOURCE=.\StdAfx.h -# End Source File -# Begin Source File - -SOURCE=.\ToolSqlQuery.h -# End Source File -# Begin Source File - -SOURCE=.\ToolSqlResults.h -# End Source File -# Begin Source File - -SOURCE=.\ToolSqlStatus.h -# End Source File -# End Group -# Begin Group "Resource Files" - -# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;cnt;rtf;gif;jpg;jpeg;jpe" -# Begin Source File - -SOURCE=.\res\bitmap1.bmp -# End Source File -# Begin Source File - -SOURCE=.\res\bitmap3.bmp -# End Source File -# Begin Source File - -SOURCE=.\res\bmp00001.bmp -# End Source File -# Begin Source File - -SOURCE=.\res\bmp00002.bmp -# End Source File -# Begin Source File - -SOURCE=.\res\database.bmp -# End Source File -# Begin Source File - -SOURCE=.\res\fontd.bmp -# End Source File -# Begin Source File - -SOURCE=.\res\fontu.bmp -# End Source File -# Begin Source File - -SOURCE=.\res\MySqlManager.ico -# End Source File -# Begin Source File - -SOURCE=.\res\MySqlManager.rc2 -# End Source File -# Begin Source File - -SOURCE=.\res\MySqlManagerDoc.ico -# End Source File -# Begin Source File - -SOURCE=.\res\query_ex.bmp -# End Source File -# Begin Source File - -SOURCE=.\res\Toolbar.bmp -# End Source File -# End Group -# Begin Source File - -SOURCE=.\ReadMe.txt -# End Source File -# End Target -# End Project diff --git a/libmysqld/libmysqld.def b/libmysqld/libmysqld.def index ea3133594f5..0612141a60d 100644 --- a/libmysqld/libmysqld.def +++ b/libmysqld/libmysqld.def @@ -1,6 +1,6 @@ LIBRARY LIBMYSQLD -DESCRIPTION 'MySQL 4.1 Embedded Server Library' -VERSION 4.1 +DESCRIPTION 'MySQL 5.0 Embedded Server Library' +VERSION 5.0 EXPORTS _dig_vec_upper _dig_vec_lower @@ -158,3 +158,5 @@ EXPORTS mysql_stmt_attr_set mysql_stmt_field_count get_defaults_files + my_charset_bin + my_charset_same diff --git a/mysql-test/r/grant.result b/mysql-test/r/grant.result index e5f7f535ae2..ecd2758fd1c 100644 --- a/mysql-test/r/grant.result +++ b/mysql-test/r/grant.result @@ -10,8 +10,8 @@ GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' REQUIRE CIPHER 'EDH-RSA-DES-CBC3 GRANT SELECT ON `mysqltest`.* TO 'mysqltest_1'@'localhost' grant delete on mysqltest.* to mysqltest_1@localhost; select * from mysql.user where user="mysqltest_1"; -Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections -localhost mysqltest_1 N N N N N N N N N N N N N N N N N N N N N N N N N SPECIFIED EDH-RSA-DES-CBC3-SHA 0 0 0 0 +Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections +localhost mysqltest_1 N N N N N N N N N N N N N N N N N N N N N N N N N N SPECIFIED EDH-RSA-DES-CBC3-SHA 0 0 0 0 show grants for mysqltest_1@localhost; Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' REQUIRE CIPHER 'EDH-RSA-DES-CBC3-SHA' @@ -41,15 +41,15 @@ delete from mysql.user where user='mysqltest_1'; flush privileges; grant usage on *.* to mysqltest_1@localhost with max_queries_per_hour 10; select * from mysql.user where user="mysqltest_1"; -Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections -localhost mysqltest_1 N N N N N N N N N N N N N N N N N N N N N N N N N 10 0 0 0 +Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections +localhost mysqltest_1 N N N N N N N N N N N N N N N N N N N N N N N N N N 10 0 0 0 show grants for mysqltest_1@localhost; Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' WITH MAX_QUERIES_PER_HOUR 10 grant usage on *.* to mysqltest_1@localhost with max_updates_per_hour 20 max_connections_per_hour 30; select * from mysql.user where user="mysqltest_1"; -Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections -localhost mysqltest_1 N N N N N N N N N N N N N N N N N N N N N N N N N 10 20 30 0 +Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections +localhost mysqltest_1 N N N N N N N N N N N N N N N N N N N N N N N N N N 10 20 30 0 show grants for mysqltest_1@localhost; Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' WITH MAX_QUERIES_PER_HOUR 10 MAX_UPDATES_PER_HOUR 20 MAX_CONNECTIONS_PER_HOUR 30 @@ -440,6 +440,7 @@ Create Databases,Tables,Indexes To create new databases and tables Create routine Functions,Procedures To use CREATE FUNCTION/PROCEDURE Create temporary tables Databases To use CREATE TEMPORARY TABLE Create view Tables To create new views +Create user Server Admin To create new users Delete Tables To delete existing rows Drop Databases,Tables To drop databases, tables, and views Execute Functions,Procedures To execute stored routines diff --git a/mysql-test/r/grant2.result b/mysql-test/r/grant2.result index ecd43cc2860..9f9dc7adcfa 100644 --- a/mysql-test/r/grant2.result +++ b/mysql-test/r/grant2.result @@ -6,6 +6,7 @@ delete from mysql.tables_priv where user like 'mysqltest\_%'; delete from mysql.columns_priv where user like 'mysqltest\_%'; flush privileges; grant all privileges on `my\_1`.* to mysqltest_1@localhost with grant option; +grant create user on *.* to mysqltest_1@localhost; create user mysqltest_2@localhost; grant select on `my\_1`.* to mysqltest_2@localhost; grant select on `my\_1`.* to mysqltest_2@localhost identified by 'pass'; @@ -13,7 +14,6 @@ ERROR 42000: You must have privileges to update tables in the mysql database to grant update on mysql.* to mysqltest_1@localhost; grant select on `my\_1`.* to mysqltest_2@localhost identified by 'pass'; grant select on `my\_1`.* to mysqltest_3@localhost; -ERROR 42000: 'mysqltest_1'@'localhost' is not allowed to create new users grant insert on mysql.* to mysqltest_1@localhost; grant select on `my\_1`.* to mysqltest_3@localhost; grant select on `my\_1`.* to mysqltest_4@localhost identified by 'pass'; @@ -23,6 +23,7 @@ delete from mysql.tables_priv where user like 'mysqltest\_%'; delete from mysql.columns_priv where user like 'mysqltest\_%'; flush privileges; grant all privileges on `my\_%`.* to mysqltest_1@localhost with grant option; +grant create user on *.* to mysqltest_1@localhost; select current_user(); current_user() mysqltest_1@localhost @@ -44,7 +45,7 @@ with grant option; ERROR 42000: 'mysqltest_1'@'localhost' is not allowed to create new users show grants for mysqltest_1@localhost; Grants for mysqltest_1@localhost -GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' +GRANT CREATE USER ON *.* TO 'mysqltest_1'@'localhost' GRANT ALL PRIVILEGES ON `my\_%`.* TO 'mysqltest_1'@'localhost' WITH GRANT OPTION show grants for mysqltest_2@localhost; ERROR 42000: There is no such grant defined for user 'mysqltest_2' on host 'localhost' @@ -228,7 +229,7 @@ GRANT USAGE ON *.* TO '%@a'@'a' GRANT SELECT ON "mysql".* TO '%@a'@'a' drop user '%@a'@'a'; create user mysqltest_2@localhost; -grant usage on *.* to mysqltest_2@localhost with grant option; +grant create user on *.* to mysqltest_2@localhost; select host,user,password from mysql.user where user like 'mysqltest_%' order by host,user,password; ERROR 42000: SELECT command denied to user 'mysqltest_2'@'localhost' for table 'user' create user mysqltest_A@'%'; @@ -236,19 +237,17 @@ rename user mysqltest_A@'%' to mysqltest_B@'%'; drop user mysqltest_B@'%'; drop user mysqltest_2@localhost; create user mysqltest_3@localhost; -grant all privileges on mysql.* to mysqltest_3@localhost; +grant INSERT,DELETE,UPDATE on mysql.* to mysqltest_3@localhost; +show grants; +Grants for mysqltest_3@localhost +GRANT USAGE ON *.* TO 'mysqltest_3'@'localhost' +GRANT INSERT, UPDATE, DELETE ON `mysql`.* TO 'mysqltest_3'@'localhost' select host,user,password from mysql.user where user like 'mysqltest_%' order by host,user,password; -host user password -% mysqltest_2 *BD447CBA355AF58578D3AE33BA2E2CD388BA08D1 -localhost mysqltest_3 +ERROR 42000: SELECT command denied to user 'mysqltest_3'@'localhost' for table 'user' insert into mysql.user set host='%', user='mysqltest_B'; create user mysqltest_A@'%'; -ERROR 42000: Access denied for user 'mysqltest_3'@'localhost' to database 'mysql' rename user mysqltest_B@'%' to mysqltest_C@'%'; -ERROR 42000: Access denied for user 'mysqltest_3'@'localhost' to database 'mysql' -drop user mysqltest_B@'%'; -ERROR 42000: Access denied for user 'mysqltest_3'@'localhost' to database 'mysql' -drop user mysqltest_B@'%'; +drop user mysqltest_C@'%'; drop user mysqltest_3@localhost; set @@sql_mode=''; create database mysqltest_1; diff --git a/mysql-test/r/sp.result b/mysql-test/r/sp.result index b2a1af03c9f..b02714bc1af 100644 --- a/mysql-test/r/sp.result +++ b/mysql-test/r/sp.result @@ -2185,6 +2185,7 @@ Create Databases,Tables,Indexes To create new databases and tables Create routine Functions,Procedures To use CREATE FUNCTION/PROCEDURE Create temporary tables Databases To use CREATE TEMPORARY TABLE Create view Tables To create new views +Create user Server Admin To create new users Delete Tables To delete existing rows Drop Databases,Tables To drop databases, tables, and views Execute Functions,Procedures To execute stored routines @@ -2238,6 +2239,7 @@ Create Databases,Tables,Indexes To create new databases and tables Create routine Functions,Procedures To use CREATE FUNCTION/PROCEDURE Create temporary tables Databases To use CREATE TEMPORARY TABLE Create view Tables To create new views +Create user Server Admin To create new users Delete Tables To delete existing rows Drop Databases,Tables To drop databases, tables, and views Execute Functions,Procedures To execute stored routines diff --git a/mysql-test/r/system_mysql_db.result b/mysql-test/r/system_mysql_db.result index 532f0eca014..40a9c3b9af5 100644 --- a/mysql-test/r/system_mysql_db.result +++ b/mysql-test/r/system_mysql_db.result @@ -96,6 +96,7 @@ user CREATE TABLE `user` ( `Show_view_priv` enum('N','Y') character set utf8 NOT NULL default 'N', `Create_routine_priv` enum('N','Y') character set utf8 NOT NULL default 'N', `Alter_routine_priv` enum('N','Y') character set utf8 NOT NULL default 'N', + `Create_user_priv` enum('N','Y') character set utf8 NOT NULL default 'N', `ssl_type` enum('','ANY','X509','SPECIFIED') character set utf8 NOT NULL default '', `ssl_cipher` blob NOT NULL, `x509_issuer` blob NOT NULL, diff --git a/mysql-test/r/type_varchar.result b/mysql-test/r/type_varchar.result index 1c2653bd225..d2fe843a68b 100644 --- a/mysql-test/r/type_varchar.result +++ b/mysql-test/r/type_varchar.result @@ -376,3 +376,10 @@ explain select * from t1 where v like 'S%' order by v; id select_type table type possible_keys key key_len ref rows Extra 1 SIMPLE t1 range v v 13 NULL 2 Using where; Using filesort drop table t1; +create table t1 (pkcol varchar(16), othercol varchar(16), primary key (pkcol)); +insert into t1 values ('test', 'something'); +update t1 set othercol='somethingelse' where pkcol='test'; +select * from t1; +pkcol othercol +test somethingelse +drop table t1; diff --git a/mysql-test/t/grant2.test b/mysql-test/t/grant2.test index 7aefbb5d9ff..ffeea70763a 100644 --- a/mysql-test/t/grant2.test +++ b/mysql-test/t/grant2.test @@ -18,6 +18,7 @@ flush privileges; grant all privileges on `my\_1`.* to mysqltest_1@localhost with grant option; +grant create user on *.* to mysqltest_1@localhost; create user mysqltest_2@localhost; connect (user_a,localhost,mysqltest_1,,); connection user_a; @@ -30,7 +31,6 @@ grant update on mysql.* to mysqltest_1@localhost; connect (user_b,localhost,mysqltest_1,,); connection user_b; grant select on `my\_1`.* to mysqltest_2@localhost identified by 'pass'; ---error 1211 grant select on `my\_1`.* to mysqltest_3@localhost; disconnect user_b; connection default; @@ -52,6 +52,7 @@ flush privileges; # grant all privileges on `my\_%`.* to mysqltest_1@localhost with grant option; +grant create user on *.* to mysqltest_1@localhost; connect (user1,localhost,mysqltest_1,,); connection user1; select current_user(); @@ -68,7 +69,6 @@ set @@sql_mode='NO_AUTO_CREATE_USER'; select @@sql_mode; --error 1211 grant select on `my\_1`.* to mysqltest_4@localhost with grant option; ---error 1211 grant select on `my\_1`.* to mysqltest_4@localhost identified by 'mypass' with grant option; disconnect user1; @@ -248,9 +248,10 @@ show grants for '%@b'@'b'; show grants for '%@a'@'a'; drop user '%@a'@'a'; # -# USAGE WITH GRANT OPTION is sufficient. +# CREATE USER privilege is enough +# create user mysqltest_2@localhost; -grant usage on *.* to mysqltest_2@localhost with grant option; +grant create user on *.* to mysqltest_2@localhost; connect (user2,localhost,mysqltest_2,,); connection user2; --error 1142 @@ -262,22 +263,20 @@ disconnect user2; connection default; drop user mysqltest_2@localhost; # -# ALL PRIVILEGES without GRANT OPTION is not sufficient. +# INSERT/UPDATE/DELETE is ok too create user mysqltest_3@localhost; -grant all privileges on mysql.* to mysqltest_3@localhost; +grant INSERT,DELETE,UPDATE on mysql.* to mysqltest_3@localhost; connect (user3,localhost,mysqltest_3,,); connection user3; +show grants; +--error 1142 select host,user,password from mysql.user where user like 'mysqltest_%' order by host,user,password; insert into mysql.user set host='%', user='mysqltest_B'; ---error 1044 create user mysqltest_A@'%'; ---error 1044 rename user mysqltest_B@'%' to mysqltest_C@'%'; ---error 1044 -drop user mysqltest_B@'%'; +drop user mysqltest_C@'%'; disconnect user3; connection default; -drop user mysqltest_B@'%'; drop user mysqltest_3@localhost; # # Bug #3309: Test IP addresses with netmask diff --git a/mysql-test/t/type_varchar.test b/mysql-test/t/type_varchar.test index 0168128d513..9867cf4c057 100644 --- a/mysql-test/t/type_varchar.test +++ b/mysql-test/t/type_varchar.test @@ -97,3 +97,12 @@ explain select * from t1 where v like 'This is a test' order by v; explain select * from t1 where v='This is a test' order by v; explain select * from t1 where v like 'S%' order by v; drop table t1; + +# +# bug#9339 - meaningless Field_varstring::get_key_image +# +create table t1 (pkcol varchar(16), othercol varchar(16), primary key (pkcol)); +insert into t1 values ('test', 'something'); +update t1 set othercol='somethingelse' where pkcol='test'; +select * from t1; +drop table t1; diff --git a/scripts/mysql_create_system_tables.sh b/scripts/mysql_create_system_tables.sh index 0260bdea887..bb4c2f08193 100644 --- a/scripts/mysql_create_system_tables.sh +++ b/scripts/mysql_create_system_tables.sh @@ -146,6 +146,7 @@ then c_u="$c_u Show_view_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL," c_u="$c_u Create_routine_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL," c_u="$c_u Alter_routine_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL," + c_u="$c_u Create_user_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL," c_u="$c_u ssl_type enum('','ANY','X509', 'SPECIFIED') COLLATE utf8_general_ci DEFAULT '' NOT NULL," c_u="$c_u ssl_cipher BLOB NOT NULL," c_u="$c_u x509_issuer BLOB NOT NULL," @@ -161,22 +162,22 @@ then if test "$1" = "test" then - i_u="INSERT INTO user VALUES ('localhost','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0); - INSERT INTO user VALUES ('$hostname','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0); - REPLACE INTO user VALUES ('127.0.0.1','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0); + i_u="INSERT INTO user VALUES ('localhost','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0); + INSERT INTO user VALUES ('$hostname','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0); + REPLACE INTO user VALUES ('127.0.0.1','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0); INSERT INTO user (host,user) values ('localhost',''); INSERT INTO user (host,user) values ('$hostname','');" else - i_u="INSERT INTO user VALUES ('localhost','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0);" + i_u="INSERT INTO user VALUES ('localhost','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0);" if test "$windows" = "0" then i_u="$i_u - INSERT INTO user VALUES ('$hostname','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0); + INSERT INTO user VALUES ('$hostname','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0); INSERT INTO user (host,user) values ('$hostname',''); INSERT INTO user (host,user) values ('localhost','');" else i_u="$i_u - INSERT INTO user VALUES ('localhost','','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0);" + INSERT INTO user VALUES ('localhost','','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0);" fi fi fi diff --git a/scripts/mysql_fix_privilege_tables.sql b/scripts/mysql_fix_privilege_tables.sql index 344f8ca5bb3..dee4ebd3d2f 100644 --- a/scripts/mysql_fix_privilege_tables.sql +++ b/scripts/mysql_fix_privilege_tables.sql @@ -291,6 +291,18 @@ UPDATE db SET Create_routine_priv=Create_priv, Alter_routine_priv=Alter_priv, Ex ALTER TABLE user ADD max_user_connections int(11) unsigned DEFAULT '0' NOT NULL AFTER max_connections; # +# user.Create_user_priv +# + +SET @hadCreateUserPriv:=0; +SELECT @hadCreateUserPriv:=1 FROM user WHERE Create_user_priv LIKE '%'; + +ALTER TABLE user ADD Create_user_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL AFTER Alter_routine_priv; +UPDATE user LEFT JOIN db USING (Host,User) SET Create_user_priv='Y' + WHERE @hadCreateUserPriv = 0 AND + (user.Grant_priv = 'Y' OR db.Grant_priv = 'Y'); + +# # Create some possible missing tables # CREATE TABLE IF NOT EXISTS procs_priv ( diff --git a/sql/field.cc b/sql/field.cc index 89853de8c45..b8d17f1b7d2 100644 --- a/sql/field.cc +++ b/sql/field.cc @@ -5722,12 +5722,12 @@ void Field_varstring::get_key_image(char *buff, uint length, imagetype type) { uint f_length= length_bytes == 1 ? (uint) (uchar) *ptr : uint2korr(ptr); uint char_length= length / field_charset->mbmaxlen; - char_length= my_charpos(field_charset, ptr, ptr + length_bytes, - char_length); + char *pos= ptr+length_bytes; + char_length= my_charpos(field_charset, pos, pos + f_length, char_length); set_if_smaller(f_length, char_length); /* Key is always stored with 2 bytes */ int2store(buff,f_length); - memcpy(buff+HA_KEY_BLOB_LENGTH, ptr+length_bytes, f_length); + memcpy(buff+HA_KEY_BLOB_LENGTH, pos, f_length); if (f_length < length) { /* diff --git a/sql/handler.cc b/sql/handler.cc index d23553014ef..53d4c4dfa4f 100644 --- a/sql/handler.cc +++ b/sql/handler.cc @@ -837,9 +837,9 @@ int ha_recover(HASH *commit_list) /* commit_list and tc_heuristic_recover cannot be set both */ DBUG_ASSERT(commit_list==0 || tc_heuristic_recover==0); /* if either is set, total_ha_2pc must be set too */ - DBUG_ASSERT(dry_run || total_ha_2pc>opt_bin_log); + DBUG_ASSERT(dry_run || total_ha_2pc>(ulong)opt_bin_log); - if (total_ha_2pc <= opt_bin_log) + if (total_ha_2pc <= (ulong)opt_bin_log) DBUG_RETURN(0); if (commit_list) diff --git a/sql/item_func.cc b/sql/item_func.cc index 53c0cf4c05a..3be99479e67 100644 --- a/sql/item_func.cc +++ b/sql/item_func.cc @@ -4683,7 +4683,6 @@ Field * Item_func_sp::tmp_table_field(TABLE *t_arg) { Field *res= 0; - enum_field_types ftype; DBUG_ENTER("Item_func_sp::tmp_table_field"); if (m_sp) diff --git a/sql/item_sum.cc b/sql/item_sum.cc index 49f32cb0245..6b586c66ecf 100644 --- a/sql/item_sum.cc +++ b/sql/item_sum.cc @@ -2158,12 +2158,16 @@ int composite_key_cmp(void* arg, byte* key1, byte* key2) } +C_MODE_START + static int count_distinct_walk(void *elem, element_count count, void *arg) { (*((ulonglong*)arg))++; return 0; } +C_MODE_END + void Item_sum_count_distinct::cleanup() { @@ -2661,7 +2665,7 @@ int group_concat_key_cmp_with_distinct_and_order(void* arg,byte* key1, Append data from current leaf to item->result */ -int dump_leaf_key(byte* key, uint32 count __attribute__((unused)), +int dump_leaf_key(byte* key, element_count count __attribute__((unused)), Item_func_group_concat *item) { TABLE *table= item->table; diff --git a/sql/item_sum.h b/sql/item_sum.h index 6a60ec0b234..d03ef94b9cd 100644 --- a/sql/item_sum.h +++ b/sql/item_sum.h @@ -862,7 +862,8 @@ class Item_func_group_concat : public Item_sum friend int group_concat_key_cmp_with_distinct_and_order(void* arg, byte* key1, byte* key2); - friend int dump_leaf_key(byte* key, uint32 count __attribute__((unused)), + friend int dump_leaf_key(byte* key, + element_count count __attribute__((unused)), Item_func_group_concat *group_concat_item); public: diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index de5df4559db..b08429b2d4c 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -239,7 +239,7 @@ my_bool acl_init(THD *org_thd, bool dont_read_acl_tables) DBUG_PRINT("info",("user table fields: %d, password length: %d", table->s->fields, table->field[2]->field_length)); - + pthread_mutex_lock(&LOCK_global_system_variables); if (table->field[2]->field_length < SCRAMBLED_PASSWORD_CHAR_LENGTH) { @@ -323,6 +323,12 @@ my_bool acl_init(THD *org_thd, bool dont_read_acl_tables) if (table->s->fields <= 33 && (user.access & ALTER_ACL)) user.access|= ALTER_PROC_ACL; + /* + pre 5.0.3 did not have CREATE_USER_ACL + */ + if (table->s->fields <= 36 && (user.access & GRANT_ACL)) + user.access|= CREATE_USER_ACL; + user.sort= get_sort(2,user.host.hostname,user.user); user.hostname_length= (user.host.hostname ? (uint) strlen(user.host.hostname) : 0); @@ -1541,18 +1547,26 @@ end: } -/* Return 1 if we are allowed to create new users */ +/* + Return 1 if we are allowed to create new users + the logic here is: INSERT_ACL is sufficient. + It's also a requirement in opt_safe_user_create, + otherwise CREATE_USER_ACL is enough. +*/ static bool test_if_create_new_users(THD *thd) { - bool create_new_users=1; // Assume that we are allowed to create new users - if (opt_safe_user_create && !(thd->master_access & INSERT_ACL)) + bool create_new_users= test(thd->master_access & INSERT_ACL) || + (!opt_safe_user_create && + test(thd->master_access & CREATE_USER_ACL)); + if (!create_new_users) { TABLE_LIST tl; ulong db_access; bzero((char*) &tl,sizeof(tl)); tl.db= (char*) "mysql"; tl.table_name= (char*) "user"; + create_new_users= 1; db_access=acl_get(thd->host, thd->ip, thd->priv_user, tl.db, 0); @@ -1614,8 +1628,8 @@ static int replace_user_table(THD *thd, TABLE *table, const LEX_USER &combo, goto end; } /* - There are four options which affect the process of creation of - a new user(mysqld option --safe-create-user, 'insert' privilege + There are four options which affect the process of creation of + a new user (mysqld option --safe-create-user, 'insert' privilege on 'mysql.user' table, using 'GRANT' with 'IDENTIFIED BY' and SQL_MODE flag NO_AUTO_CREATE_USER). Below is the simplified rule how it should work. @@ -1623,6 +1637,8 @@ static int replace_user_table(THD *thd, TABLE *table, const LEX_USER &combo, else if (identified_by) => create else if (no_auto_create_user) => reject else create + + see also test_if_create_new_users() */ else if (((thd->variables.sql_mode & MODE_NO_AUTO_CREATE_USER) && !password_len) || !create_user) @@ -2925,7 +2941,7 @@ bool mysql_procedure_grant(THD *thd, TABLE_LIST *table_list, table_name= table_list->table_name; grant_name= proc_hash_search(Str->host.str, NullS, db_name, - Str->user.str, table_name, 1); + Str->user.str, table_name, 1); if (!grant_name) { if (revoke_grant) @@ -2946,7 +2962,7 @@ bool mysql_procedure_grant(THD *thd, TABLE_LIST *table_list, } my_hash_insert(&proc_priv_hash,(byte*) grant_name); } - + if (replace_proc_table(thd, grant_name, tables[1].table, *Str, db_name, table_name, rights, revoke_grant)) { @@ -3688,11 +3704,13 @@ static const char *command_array[]= "ALTER", "SHOW DATABASES", "SUPER", "CREATE TEMPORARY TABLES", "LOCK TABLES", "EXECUTE", "REPLICATION SLAVE", "REPLICATION CLIENT", "CREATE VIEW", "SHOW VIEW", "CREATE ROUTINE", "ALTER ROUTINE", + "CREATE USER" }; static uint command_lengths[]= { - 6, 6, 6, 6, 6, 4, 6, 8, 7, 4, 5, 10, 5, 5, 14, 5, 23, 11, 7, 17, 18, 11, 9, 14, 13 + 6, 6, 6, 6, 6, 4, 6, 8, 7, 4, 5, 10, 5, 5, 14, 5, 23, 11, 7, 17, 18, 11, 9, + 14, 13, 11 }; diff --git a/sql/sql_acl.h b/sql/sql_acl.h index e9e58e40e12..18eb123d402 100644 --- a/sql/sql_acl.h +++ b/sql/sql_acl.h @@ -39,12 +39,17 @@ #define SHOW_VIEW_ACL (1L << 22) #define CREATE_PROC_ACL (1L << 23) #define ALTER_PROC_ACL (1L << 24) +#define CREATE_USER_ACL (1L << 25) /* don't forget to update - static struct show_privileges_st sys_privileges[] - in sql_show.cc when adding new privileges! + 1. static struct show_privileges_st sys_privileges[] + 2. static const char *command_array[] and static uint command_lengths[] + 3. mysql_create_system_tables.sh, mysql_fix_privilege_tables.sql + 4. acl_init() or whatever - to define behaviour for old privilege tables + 5. sql_yacc.yy - for GRANT/REVOKE to work */ - +#define EXTRA_ACL (1L << 29) +#define NO_ACCESS (1L << 30) #define DB_ACLS \ (UPDATE_ACL | SELECT_ACL | INSERT_ACL | DELETE_ACL | CREATE_ACL | DROP_ACL | \ @@ -72,10 +77,7 @@ REFERENCES_ACL | INDEX_ACL | ALTER_ACL | SHOW_DB_ACL | SUPER_ACL | \ CREATE_TMP_ACL | LOCK_TABLES_ACL | REPL_SLAVE_ACL | REPL_CLIENT_ACL | \ EXECUTE_ACL | CREATE_VIEW_ACL | SHOW_VIEW_ACL | CREATE_PROC_ACL | \ - ALTER_PROC_ACL ) - -#define EXTRA_ACL (1L << 29) -#define NO_ACCESS (1L << 30) + ALTER_PROC_ACL | CREATE_USER_ACL) #define DEFAULT_CREATE_PROC_ACLS \ (ALTER_PROC_ACL | EXECUTE_ACL) @@ -85,25 +87,21 @@ This is needed as the 'host' and 'db' table is missing a few privileges */ -/* Continius bit-segments that needs to be shifted */ -#define DB_REL1 ((1L << 6) | (1L << 7) | (1L << 8) | (1L << 9)) -#define DB_REL2 ((1L << 10) | (1L << 11)) -#define DB_REL3 ((1L << 12) | (1L << 13) | (1L << 14) | (1L << 15)) -#define DB_REL4 ((1L << 16)) - /* Privileges that needs to be reallocated (in continous chunks) */ +#define DB_CHUNK0 (SELECT_ACL | INSERT_ACL | UPDATE_ACL | DELETE_ACL | \ + CREATE_ACL | DROP_ACL) #define DB_CHUNK1 (GRANT_ACL | REFERENCES_ACL | INDEX_ACL | ALTER_ACL) #define DB_CHUNK2 (CREATE_TMP_ACL | LOCK_TABLES_ACL) #define DB_CHUNK3 (CREATE_VIEW_ACL | SHOW_VIEW_ACL | \ CREATE_PROC_ACL | ALTER_PROC_ACL ) #define DB_CHUNK4 (EXECUTE_ACL) -#define fix_rights_for_db(A) (((A) & 63) | \ - (((A) & DB_REL1) << 4) | \ - (((A) & DB_REL2) << 6) | \ - (((A) & DB_REL3) << 9) | \ - (((A) & DB_REL4) << 2)) -#define get_rights_for_db(A) (((A) & 63) | \ +#define fix_rights_for_db(A) (((A) & DB_CHUNK0) | \ + (((A) << 4) & DB_CHUNK1) | \ + (((A) << 6) & DB_CHUNK2) | \ + (((A) << 9) & DB_CHUNK3) | \ + (((A) << 2) & DB_CHUNK4)) +#define get_rights_for_db(A) (((A) & DB_CHUNK0) | \ (((A) & DB_CHUNK1) >> 4) | \ (((A) & DB_CHUNK2) >> 6) | \ (((A) & DB_CHUNK3) >> 9) | \ @@ -190,8 +188,7 @@ bool mysql_table_grant(THD *thd, TABLE_LIST *table, List <LEX_USER> &user_list, bool mysql_procedure_grant(THD *thd, TABLE_LIST *table, List <LEX_USER> &user_list, ulong rights, bool revoke, bool no_error); -ACL_USER *check_acl_user(LEX_USER *user_name, - uint *acl_acl_userdx); +ACL_USER *check_acl_user(LEX_USER *user_name, uint *acl_acl_userdx); my_bool grant_init(THD *thd); void grant_free(void); void grant_reload(THD *thd); diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc index e8cc445e123..d765561f61e 100644 --- a/sql/sql_parse.cc +++ b/sql/sql_parse.cc @@ -3561,7 +3561,8 @@ unsent_create_error: #ifndef NO_EMBEDDED_ACCESS_CHECKS case SQLCOM_CREATE_USER: { - if (check_access(thd, GRANT_ACL,"mysql",0,1,0)) + if (check_access(thd, INSERT_ACL, "mysql", 0, 1, 1) && + check_global_access(thd,CREATE_USER_ACL)) break; if (!(res= mysql_create_user(thd, lex->users_list))) { @@ -3576,7 +3577,8 @@ unsent_create_error: } case SQLCOM_DROP_USER: { - if (check_access(thd, GRANT_ACL,"mysql",0,1,0)) + if (check_access(thd, DELETE_ACL, "mysql", 0, 1, 1) && + check_global_access(thd,CREATE_USER_ACL)) break; if (!(res= mysql_drop_user(thd, lex->users_list))) { @@ -3591,7 +3593,8 @@ unsent_create_error: } case SQLCOM_RENAME_USER: { - if (check_access(thd, GRANT_ACL,"mysql",0,1,0)) + if (check_access(thd, UPDATE_ACL, "mysql", 0, 1, 1) && + check_global_access(thd,CREATE_USER_ACL)) break; if (!(res= mysql_rename_user(thd, lex->users_list))) { @@ -3606,7 +3609,8 @@ unsent_create_error: } case SQLCOM_REVOKE_ALL: { - if (check_access(thd, GRANT_ACL ,"mysql",0,1,0)) + if (check_access(thd, UPDATE_ACL, "mysql", 0, 1, 1) && + check_global_access(thd,CREATE_USER_ACL)) break; if (!(res = mysql_revoke_all(thd, lex->users_list))) { @@ -3634,47 +3638,29 @@ unsent_create_error: uint counter; List_iterator <LEX_USER> user_list(lex->users_list); - while ((user=user_list++)) + while ((user= user_list++)) { - if (strcmp(thd->user, user->user.str) || - user->host.str && - my_strcasecmp(system_charset_info, - user->host.str, thd->host_or_ip)) - { - // We are trying to update another user, or create a new user - - if (!check_access(thd, GRANT_ACL, "mysql", 0, 1, 1)) - break; // We can update any existing, or add new users - - if (!check_acl_user(user, &counter) && - check_access(thd, INSERT_ACL, "mysql", 0, 1, 1)) - { - my_error(ER_NO_PERMISSION_TO_CREATE_USER, MYF(0), - thd->user, thd->host_or_ip); - goto error; // Can't create new user, user does not exists - } - if (check_acl_user(user, &counter) && - user->password.str && - check_access(thd, UPDATE_ACL, "mysql", 0, 1, 1)) - { - my_message(ER_PASSWORD_NOT_ALLOWED, - ER(ER_PASSWORD_NOT_ALLOWED), MYF(0)); - goto error; // Can't update password, user already exists - } - } - } - } - if (specialflag & SPECIAL_NO_RESOLVE) - { - LEX_USER *user; - List_iterator <LEX_USER> user_list(lex->users_list); - while ((user=user_list++)) - { - if (hostname_requires_resolving(user->host.str)) - push_warning_printf(thd, MYSQL_ERROR::WARN_LEVEL_WARN, - ER_WARN_HOSTNAME_WONT_WORK, - ER(ER_WARN_HOSTNAME_WONT_WORK), - user->host.str); + if (specialflag & SPECIAL_NO_RESOLVE && + hostname_requires_resolving(user->host.str)) + push_warning_printf(thd, MYSQL_ERROR::WARN_LEVEL_WARN, + ER_WARN_HOSTNAME_WONT_WORK, + ER(ER_WARN_HOSTNAME_WONT_WORK), + user->host.str); + // Are we trying to change a password of another user + DBUG_ASSERT(user->host.str != 0); + if (strcmp(thd->user, user->user.str) || + my_strcasecmp(system_charset_info, + user->host.str, thd->host_or_ip)) + { + // TODO: use check_change_password() + if (check_acl_user(user, &counter) && user->password.str && + check_access(thd, UPDATE_ACL,"mysql",0,1,1)) + { + my_message(ER_PASSWORD_NOT_ALLOWED, + ER(ER_PASSWORD_NOT_ALLOWED), MYF(0)); + goto error; + } + } } } if (first_table) diff --git a/sql/sql_show.cc b/sql/sql_show.cc index 124ce1805db..fadc445e85d 100644 --- a/sql/sql_show.cc +++ b/sql/sql_show.cc @@ -102,6 +102,7 @@ static struct show_privileges_st sys_privileges[]= {"Create routine","Functions,Procedures","To use CREATE FUNCTION/PROCEDURE"}, {"Create temporary tables","Databases","To use CREATE TEMPORARY TABLE"}, {"Create view", "Tables", "To create new views"}, + {"Create user", "Server Admin", "To create new users"}, {"Delete", "Tables", "To delete existing rows"}, {"Drop", "Databases,Tables", "To drop databases, tables, and views"}, {"Execute", "Functions,Procedures", "To execute stored routines"}, diff --git a/sql/sql_yacc.yy b/sql/sql_yacc.yy index cc6eadf5fd5..8141de31275 100644 --- a/sql/sql_yacc.yy +++ b/sql/sql_yacc.yy @@ -7903,6 +7903,7 @@ object_privilege: | SHOW VIEW_SYM { Lex->grant |= SHOW_VIEW_ACL; } | CREATE ROUTINE_SYM { Lex->grant |= CREATE_PROC_ACL; } | ALTER ROUTINE_SYM { Lex->grant |= ALTER_PROC_ACL; } + | CREATE USER { Lex->grant |= CREATE_USER_ACL; } ; |