diff options
| author | Oleksandr Byelkin <sanja@mariadb.com> | 2019-05-04 17:04:55 +0200 |
|---|---|---|
| committer | Oleksandr Byelkin <sanja@mariadb.com> | 2019-05-04 17:04:55 +0200 |
| commit | 8cbb14ef5d180687f131bc44a4e8fc84083d033c (patch) | |
| tree | 091f11e2d20f95656a7b12294782eb0488fd4fcc /sql/sql_acl.cc | |
| parent | 4345868382ca3525de5eb432302b6b9b957b47c1 (diff) | |
| parent | b85aa20065504bdda4bc03c2bd7eb7de38865c5d (diff) | |
| download | mariadb-git-8cbb14ef5d180687f131bc44a4e8fc84083d033c.tar.gz | |
Merge branch '10.1' into 10.2
Diffstat (limited to 'sql/sql_acl.cc')
| -rw-r--r-- | sql/sql_acl.cc | 33 |
1 files changed, 27 insertions, 6 deletions
diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index 871744c6b36..d5ef3c38b7b 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -861,8 +861,7 @@ class Grant_table_base void init(enum thr_lock_type lock_type, bool is_optional) { tl.open_type= OT_BASE_ONLY; - if (lock_type >= TL_WRITE_ALLOW_WRITE) - tl.updating= 1; + tl.i_s_requested_object= OPEN_TABLE_ONLY; if (is_optional) tl.open_strategy= TABLE_LIST::OPEN_IF_EXISTS; } @@ -1875,6 +1874,12 @@ static bool acl_load(THD *thd, const Grant_tables& tables) if (user_table.init_read_record(&read_record_info, thd)) DBUG_RETURN(true); + if (user_table.num_fields() < 13) // number of columns in 3.21 + { + sql_print_error("Fatal error: mysql.user table is damaged or in " + "unsupported 3.20 format."); + DBUG_RETURN(true); + } username_char_length= MY_MIN(user_table.user()->char_length(), USERNAME_CHAR_LENGTH); if (user_table.password()) // Password column might be missing. (MySQL 5.7.6+) @@ -12041,7 +12046,7 @@ struct MPVIO_EXT :public MYSQL_PLUGIN_VIO }; /** - a helper function to report an access denied error in all the proper places + a helper function to report an access denied error in most proper places */ static void login_failed_error(THD *thd) { @@ -13475,10 +13480,26 @@ bool acl_authenticate(THD *thd, uint com_change_user_pkt_len) /* Change a database if necessary */ if (mpvio.db.length) { - if (mysql_change_db(thd, &mpvio.db, FALSE)) + uint err = mysql_change_db(thd, &mpvio.db, FALSE); + if(err) { - /* mysql_change_db() has pushed the error message. */ - status_var_increment(thd->status_var.access_denied_errors); + if (err == ER_DBACCESS_DENIED_ERROR) + { + /* + Got an "access denied" error, which must be handled + other access denied errors (see login_failed_error()). + mysql_change_db() already sent error to client, and + wrote to general log, we only need to increment the counter + and maybe write a warning to error log. + */ + status_var_increment(thd->status_var.access_denied_errors); + if (global_system_variables.log_warnings > 1) + { + Security_context* sctx = thd->security_ctx; + sql_print_warning(ER_THD(thd, err), + sctx->priv_user, sctx->priv_host, mpvio.db.str); + } + } DBUG_RETURN(1); } } |