diff options
| author | unknown <peter@mysql.com> | 2002-11-30 16:31:58 +0300 |
|---|---|---|
| committer | unknown <peter@mysql.com> | 2002-11-30 16:31:58 +0300 |
| commit | 05ba93c2793a1ae79f560a0fc153056f3d39ce43 (patch) | |
| tree | 8cb72ffc1f46d5e546f302958453ce4a83d26d5e /sql/sql_acl.h | |
| parent | 14754ce141aa6a061a94fa668094b0602edd69c5 (diff) | |
| download | mariadb-git-05ba93c2793a1ae79f560a0fc153056f3d39ce43.tar.gz | |
SCRUM: Secure auth
Implement mysql_change_user
Get rid of double user search at authentication
Some cleanups
client/mysqladmin.c:
Fix long line
include/mysql_com.h:
Fix long lines
libmysql/libmysql.c:
mysql_change_user() for new auth + some fixes
sql/password.c:
Add author info so who is guilty in errors would be known :)
sql/sql_acl.cc:
Move class definitions to .h
sql/sql_acl.h:
Add class definitions
sql/sql_parse.cc:
Get rid of double user search. Implement mysql_change_user
Diffstat (limited to 'sql/sql_acl.h')
| -rw-r--r-- | sql/sql_acl.h | 52 |
1 files changed, 51 insertions, 1 deletions
diff --git a/sql/sql_acl.h b/sql/sql_acl.h index 66e7d0dad7c..cfab9bf22cf 100644 --- a/sql/sql_acl.h +++ b/sql/sql_acl.h @@ -79,6 +79,55 @@ #define fix_rights_for_column(A) (((A) & COL_ACLS) | ((A & ~COL_ACLS) << 7)) #define get_rights_for_column(A) (((A) & COL_ACLS) | ((A & ~COL_ACLS) >> 7)) +/* Classes */ + +struct acl_host_and_ip +{ + char *hostname; + long ip,ip_mask; // Used with masked ip:s +}; + + +class ACL_ACCESS { +public: + ulong sort; + ulong access; +}; + + +/* ACL_HOST is used if no host is specified */ + +class ACL_HOST :public ACL_ACCESS +{ +public: + acl_host_and_ip host; + char *db; +}; + + +class ACL_USER :public ACL_ACCESS +{ +public: + acl_host_and_ip host; + uint hostname_length; + USER_RESOURCES user_resource; + char *user,*password; + ulong salt[6]; // New password has longer length + uint8 pversion; // password version + enum SSL_type ssl_type; + const char *ssl_cipher, *x509_issuer, *x509_subject; +}; + + +class ACL_DB :public ACL_ACCESS +{ +public: + acl_host_and_ip host; + char *user,*db; +}; + + + /* prototypes */ my_bool acl_init(THD *thd, bool dont_read_acl_tables); @@ -88,7 +137,8 @@ ulong acl_get(const char *host, const char *ip, const char *bin_ip, const char *user, const char *db); ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user, const char *password,const char *scramble,char **priv_user, - bool old_ver, USER_RESOURCES *max,char* prepared_scramble, int stage); + bool old_ver, USER_RESOURCES *max,char* prepared_scramble, + int stage, uint *cur_priv_version, ACL_USER **cached_user); bool acl_check_host(const char *host, const char *ip); bool check_change_password(THD *thd, const char *host, const char *user); bool change_password(THD *thd, const char *host, const char *user, |