diff options
| author | unknown <monty@mysql.com> | 2004-11-03 13:01:38 +0200 |
|---|---|---|
| committer | unknown <monty@mysql.com> | 2004-11-03 13:01:38 +0200 |
| commit | 614cda698a2c07ae158cbaf9a0a102a04866e28c (patch) | |
| tree | 39f6697332c041cfd44f3c685d341ba5024ca0f5 /sql/sql_acl.cc | |
| parent | 09e0503538cbf882cdb1c215a45becfd3826d67a (diff) | |
| parent | f5a47f156b6778a0f6751556e56a0afe25d6be13 (diff) | |
| download | mariadb-git-614cda698a2c07ae158cbaf9a0a102a04866e28c.tar.gz | |
Merge on pull
BitKeeper/etc/ignore:
auto-union
mysql-test/r/grant2.result:
Auto merged
mysql-test/r/sql_mode.result:
Auto merged
mysql-test/t/grant2.test:
Auto merged
sql/handler.cc:
Auto merged
sql/handler.h:
Auto merged
sql/mysql_priv.h:
Auto merged
sql/mysqld.cc:
Auto merged
sql/opt_range.cc:
Auto merged
sql/set_var.cc:
Auto merged
sql/sql_acl.cc:
Auto merged
sql/sql_lex.h:
Auto merged
sql/sql_parse.cc:
Auto merged
sql/sql_yacc.yy:
Auto merged
Diffstat (limited to 'sql/sql_acl.cc')
| -rw-r--r-- | sql/sql_acl.cc | 178 |
1 files changed, 101 insertions, 77 deletions
diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index 443b925521f..bed3130462d 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -203,7 +203,7 @@ my_bool acl_init(THD *org_thd, bool dont_read_acl_tables) host.sort= get_sort(2,host.host.hostname,host.db); if (check_no_resolve && hostname_requires_resolving(host.host.hostname)) { - sql_print_error("Warning: 'host' entry '%s|%s' " + sql_print_warning("'host' entry '%s|%s' " "ignored in --skip-name-resolve mode.", host.host.hostname, host.db, host.host.hostname); continue; @@ -271,8 +271,8 @@ my_bool acl_init(THD *org_thd, bool dont_read_acl_tables) user.user= get_field(&mem, table->field[1]); if (check_no_resolve && hostname_requires_resolving(user.host.hostname)) { - sql_print_error("Warning: 'user' entry '%s@%s' " - "ignored in --skip-name-resolve mode.", + sql_print_warning("'user' entry '%s@%s' " + "ignored in --skip-name-resolve mode.", user.user, user.host.hostname, user.host.hostname); continue; } @@ -284,16 +284,16 @@ my_bool acl_init(THD *org_thd, bool dont_read_acl_tables) { switch (password_len) { case 45: /* 4.1: to be removed */ - sql_print_error("Found 4.1 style password for user '%s@%s'. " - "Ignoring user. " - "You should change password for this user.", - user.user ? user.user : "", - user.host.hostname ? user.host.hostname : ""); + sql_print_warning("Found 4.1 style password for user '%s@%s'. " + "Ignoring user. " + "You should change password for this user.", + user.user ? user.user : "", + user.host.hostname ? user.host.hostname : ""); break; default: - sql_print_error("Found invalid password for user: '%s@%s'; " - "Ignoring user", user.user ? user.user : "", - user.host.hostname ? user.host.hostname : ""); + sql_print_warning("Found invalid password for user: '%s@%s'; " + "Ignoring user", user.user ? user.user : "", + user.host.hostname ? user.host.hostname : ""); break; } } @@ -375,15 +375,15 @@ my_bool acl_init(THD *org_thd, bool dont_read_acl_tables) db.db=get_field(&mem, table->field[1]); if (!db.db) { - sql_print_error("Found an entry in the 'db' table with empty database name; Skipped"); + sql_print_warning("Found an entry in the 'db' table with empty database name; Skipped"); continue; } db.user=get_field(&mem, table->field[2]); if (check_no_resolve && hostname_requires_resolving(db.host.hostname)) { - sql_print_error("Warning: 'db' entry '%s %s@%s' " - "ignored in --skip-name-resolve mode.", - db.db, db.user, db.host.hostname, db.host.hostname); + sql_print_warning("'db' entry '%s %s@%s' " + "ignored in --skip-name-resolve mode.", + db.db, db.user, db.host.hostname, db.host.hostname); continue; } db.access=get_access(table,3); @@ -740,9 +740,9 @@ int acl_getroot(THD *thd, USER_RESOURCES *mqh, else { if (global_system_variables.log_warnings) - sql_print_error("X509 ciphers mismatch: should be '%s' but is '%s'", - acl_user->ssl_cipher, - SSL_get_cipher(ssl)); + sql_print_information("X509 ciphers mismatch: should be '%s' but is '%s'", + acl_user->ssl_cipher, + SSL_get_cipher(ssl)); break; } } @@ -764,8 +764,8 @@ int acl_getroot(THD *thd, USER_RESOURCES *mqh, if (strcmp(acl_user->x509_issuer, ptr)) { if (global_system_variables.log_warnings) - sql_print_error("X509 issuer mismatch: should be '%s' " - "but is '%s'", acl_user->x509_issuer, ptr); + sql_print_information("X509 issuer mismatch: should be '%s' " + "but is '%s'", acl_user->x509_issuer, ptr); free(ptr); break; } @@ -782,7 +782,7 @@ int acl_getroot(THD *thd, USER_RESOURCES *mqh, if (strcmp(acl_user->x509_subject,ptr)) { if (global_system_variables.log_warnings) - sql_print_error("X509 subject mismatch: '%s' vs '%s'", + sql_print_information("X509 subject mismatch: '%s' vs '%s'", acl_user->x509_subject, ptr); } else @@ -2519,7 +2519,8 @@ int mysql_table_grant(THD *thd, TABLE_LIST *table_list, if (replace_table_table(thd, grant_table, tables[1].table, *Str, db_name, real_name, rights, column_priv, revoke_grant)) - { // Crashend table ?? + { + /* Should only happen if table is crashed */ result= -1; /* purecov: deadcode */ } else if (tables[2].table) @@ -2728,10 +2729,10 @@ my_bool grant_init(THD *org_thd) { if (hostname_requires_resolving(mem_check->host)) { - sql_print_error("Warning: 'tables_priv' entry '%s %s@%s' " - "ignored in --skip-name-resolve mode.", - mem_check->tname, mem_check->user, - mem_check->host, mem_check->host); + sql_print_warning("'tables_priv' entry '%s %s@%s' " + "ignored in --skip-name-resolve mode.", + mem_check->tname, mem_check->user, + mem_check->host, mem_check->host); continue; } } @@ -3736,7 +3737,7 @@ int mysql_drop_user(THD *thd, List <LEX_USER> &list) int mysql_revoke_all(THD *thd, List <LEX_USER> &list) { - uint counter; + uint counter, revoked; int result; ACL_DB *acl_db; TABLE_LIST tables[4]; @@ -3769,73 +3770,96 @@ int mysql_revoke_all(THD *thd, List <LEX_USER> &list) } /* Remove db access privileges */ - for (counter= 0 ; counter < acl_dbs.elements ; counter++) + /* + Because acl_dbs and column_priv_hash shrink and may re-order + as privileges are removed, removal occurs in a repeated loop + until no more privileges are revoked. + */ + do { - const char *user,*host; - - acl_db=dynamic_element(&acl_dbs,counter,ACL_DB*); - if (!(user=acl_db->user)) - user= ""; - if (!(host=acl_db->host.hostname)) - host= ""; - - if (!strcmp(lex_user->user.str,user) && - !my_strcasecmp(system_charset_info, lex_user->host.str, host)) + for (counter= 0, revoked= 0 ; counter < acl_dbs.elements ; ) { - if (replace_db_table(tables[1].table, acl_db->db, *lex_user, ~0, 1)) - result= -1; + const char *user,*host; + + acl_db=dynamic_element(&acl_dbs,counter,ACL_DB*); + if (!(user=acl_db->user)) + user= ""; + if (!(host=acl_db->host.hostname)) + host= ""; + + if (!strcmp(lex_user->user.str,user) && + !my_strcasecmp(system_charset_info, lex_user->host.str, host)) + { + if (!replace_db_table(tables[1].table, acl_db->db, *lex_user, ~0, 1)) + { + /* + Don't increment counter as replace_db_table deleted the + current element in acl_dbs. + */ + revoked= 1; + continue; + } + result= -1; // Something went wrong + } + counter++; } - } + } while (revoked); /* Remove column access */ - for (counter= 0 ; counter < column_priv_hash.records ; counter++) + do { - const char *user,*host; - GRANT_TABLE *grant_table= (GRANT_TABLE*) hash_element(&column_priv_hash, - counter); - if (!(user=grant_table->user)) - user= ""; - if (!(host=grant_table->host)) - host= ""; - - if (!strcmp(lex_user->user.str,user) && - !my_strcasecmp(system_charset_info, lex_user->host.str, host)) + for (counter= 0, revoked= 0 ; counter < column_priv_hash.records ; ) { - if (replace_table_table(thd,grant_table,tables[2].table,*lex_user, - grant_table->db, - grant_table->tname, - ~0, 0, 1)) - { - result= -1; - continue; - } - if (grant_table->cols) + const char *user,*host; + GRANT_TABLE *grant_table= (GRANT_TABLE*)hash_element(&column_priv_hash, + counter); + if (!(user=grant_table->user)) + user= ""; + if (!(host=grant_table->host)) + host= ""; + + if (!strcmp(lex_user->user.str,user) && + !my_strcasecmp(system_charset_info, lex_user->host.str, host)) { - List<LEX_COLUMN> columns; - if (replace_column_table(grant_table,tables[3].table, *lex_user, - columns, - grant_table->db, - grant_table->tname, - ~0, 1)) + if (replace_table_table(thd,grant_table,tables[2].table,*lex_user, + grant_table->db, + grant_table->tname, + ~0, 0, 1)) + { + result= -1; + } + else + { + if (!grant_table->cols) + { + revoked= 1; + continue; + } + List<LEX_COLUMN> columns; + if (!replace_column_table(grant_table,tables[3].table, *lex_user, + columns, + grant_table->db, + grant_table->tname, + ~0, 1)) + { + revoked= 1; + continue; + } result= -1; + } } + counter++; } - } + } while (revoked); } - + VOID(pthread_mutex_unlock(&acl_cache->lock)); rw_unlock(&LOCK_grant); close_thread_tables(thd); - - /* XXX this should not be necessary. The error message is already printed - by replace_xxx_table. my_error() should be use above instead of - sql_print_error(), and print ER_NONEXISTING_GRANT - as other grant - commands do */ - /* when this code is deleted, the error slot (error 1268) can be reused, - as this error code was not present in any MySQL release */ + if (result) my_error(ER_REVOKE_GRANTS, MYF(0)); - + DBUG_RETURN(result); } |