diff options
| author | unknown <kostja@oak.local> | 2003-07-01 23:40:59 +0400 |
|---|---|---|
| committer | unknown <kostja@oak.local> | 2003-07-01 23:40:59 +0400 |
| commit | dbb088b034e19e99ec209cbbc4eed3bff64172da (patch) | |
| tree | cbcae0aeb3eee5a5a448084ae5f0e9b5290fac26 /sql/item_strfunc.h | |
| parent | b871e549eeec215bd40554431de8d21942e596d6 (diff) | |
| download | mariadb-git-dbb088b034e19e99ec209cbbc4eed3bff64172da.tar.gz | |
First version of new authentification procedure: now authentification is one-stage (instead of two-stage in 4.1)
For now following tasks have been done:
- PASSWORD() function was rewritten. PASSWORD() now returns SHA1
hash_stage2; for new passwords user.password contains '*'hash_stage2; sql_yacc.yy also fixed;
- password.c: new functions were implemented, old rolled back to 4.0 state
- server code was rewritten to use new authorization algorithm (check_user(), change
user, and other stuff in sql/sql_parse.cc)
- client code was rewritten to use new authorization algorithm
(mysql_real_connect, myslq_authenticate in sql-common/client.c)
- now server barks on 45-byte-length 4.1.0 passwords and refuses 4.1.0-style
authentification. Users with 4.1.0 passwords are blocked (sql/sql_acl.cc)
- mysqladmin.c was fixed to work correctly with new passwords
Tests for 4.0-4.1.1, 4.1.1-4.1.1 (with or without db/password) logons was performed;
mysqladmin also was tested. Additional check are nevertheless necessary.
BitKeeper/etc/ignore:
Added start_mysqld.sh mysys/main.cc to the ignore list
client/mysqladmin.c:
fixed with new password api
include/mysql.h:
So as scramble_323 accepts only null-terminated message, two scramble buffs are necessary.
gotta be fixed
include/mysql_com.h:
new constants and password.c api changes
libmysql/libmysql.c:
mysql_change_user rewritten to work with new password api
scripts/mysql_create_system_tables.sh:
fixed 'Password' column length to 41
scripts/mysql_fix_privilege_tables.sql:
fixed 'Password' column length to 41
sql-common/client.c:
mysql_real_connect rewritten to support new handshake procedure
sql/item_strfunc.cc:
Item_func_password and Item_func_old_password rewritten with new password api
sql/item_strfunc.h:
bit commented, numbers replaced with #defined constants
sql/mysql_priv.h:
removed unnecessary declaration as now all constants defined is in mysql_com.h
sql/mysqld.cc:
scramble initialization moved to sql_parce.cc:check_connection
sql/password.c:
All 4.1 functions were rolled back to 4.0 with attempt to save all possible 4.0-4.1 changes.
Names for 4.0 functions were suffixed with '_323'
Functions for new handshake were added.
sql/slave.cc:
Fixed to new constant; Bug #766 remains to be fixed
sql/slave.h:
fixed to new constant; Buf #766 remains to be fixed
sql/sql_acl.cc:
rewritten to support new passwords (41 byte-long) and password api
sql/sql_acl.h:
ditto
sql/sql_class.cc:
initialization for new members added
sql/sql_class.h:
same thing as in struct mysql - scramble is used for new family of functions, scramble_323 - for old
sql/sql_parse.cc:
check_connections was renamed to check_connection as this name reflects better what this function does
authorization part of check_connection was rewritten
check_user was rewritten with new password and acl api
new function 'authenticate', which optionally re-request scramble from client was added
fixed some typos
COM_CHANGE_USER piece of dipsatch_command() was rewritten
sql/sql_repl.h:
HASH_PASSWORD_LENGTH replaced with SCRAMBLED_PASSWORD_CHAR_LENGTH
bug #766 remains
sql/sql_yacc.yy:
Two-argument form of PASSWORD() was removed
PASSWORD() function was fixed with new password api.
BitKeeper/etc/logging_ok:
Logging to logging@openlogging.org accepted
Diffstat (limited to 'sql/item_strfunc.h')
| -rw-r--r-- | sql/item_strfunc.h | 30 |
1 files changed, 22 insertions, 8 deletions
diff --git a/sql/item_strfunc.h b/sql/item_strfunc.h index 6cc6d730627..11f5a66b3d1 100644 --- a/sql/item_strfunc.h +++ b/sql/item_strfunc.h @@ -254,30 +254,44 @@ public: }; +/* + Item_func_password -- new (4.1.1) PASSWORD() function implementation. + Returns strcat('*', octet2hex(sha1(sha1(password)))). '*' stands for new + password format, sha1(sha1(password) is so-called hash_stage2 value. + Length of returned string is always 41 byte. To find out how entire + authentification procedure works, see comments in password.c. +*/ + class Item_func_password :public Item_str_func { - char tmp_value[64]; /* This should be enough for new password format */ + char tmp_value[SCRAMBLED_PASSWORD_CHAR_LENGTH+1]; public: Item_func_password(Item *a) :Item_str_func(a) {} - Item_func_password(Item *a, Item *b) :Item_str_func(a,b) {} - String *val_str(String *); - void fix_length_and_dec(); + String *val_str(String *str); + void fix_length_and_dec() { max_length= SCRAMBLED_PASSWORD_CHAR_LENGTH; } const char *func_name() const { return "password"; } }; +/* + Item_func_old_password -- PASSWORD() implementation used in MySQL 3.21 - 4.0 + compatibility mode. This item is created in sql_yacc.yy when + 'use_old_passwords' session variable is set, and to handle OLD_PASSWORD() + function. +*/ + class Item_func_old_password :public Item_str_func { - char tmp_value[17]; /* old password length +1 */ + char tmp_value[SCRAMBLED_PASSWORD_CHAR_LENGTH_323+1]; public: Item_func_old_password(Item *a) :Item_str_func(a) {} - String *val_str(String *); - void fix_length_and_dec() { max_length = get_password_length(1); } + String *val_str(String *str); + void fix_length_and_dec() { max_length= SCRAMBLED_PASSWORD_CHAR_LENGTH_323; } const char *func_name() const { return "old_password"; } + unsigned int size_of() { return sizeof(*this);} }; - class Item_func_des_encrypt :public Item_str_func { String tmp_value; |