diff options
| author | Marc Alff <marc.alff@sun.com> | 2009-12-03 02:57:30 -0700 |
|---|---|---|
| committer | Marc Alff <marc.alff@sun.com> | 2009-12-03 02:57:30 -0700 |
| commit | 560e76c567c3551f5a4320acfc954200e8330ad8 (patch) | |
| tree | d9212d30101024f8dae4a6dd59a6405151ed831c /sql/sql_connect.cc | |
| parent | 203d9f1eabf9a324d8f98cf3d9897efb89fe92dd (diff) | |
| parent | 20b95d0831182601e2f92c71a5319f919ca4eb8c (diff) | |
| download | mariadb-git-560e76c567c3551f5a4320acfc954200e8330ad8.tar.gz | |
Merge mysql-next-mr (revno 2937) --> mysql-next-mr-marc
Diffstat (limited to 'sql/sql_connect.cc')
| -rw-r--r-- | sql/sql_connect.cc | 43 |
1 files changed, 26 insertions, 17 deletions
diff --git a/sql/sql_connect.cc b/sql/sql_connect.cc index f5f962a02a3..8ecafce6f93 100644 --- a/sql/sql_connect.cc +++ b/sql/sql_connect.cc @@ -377,7 +377,8 @@ check_user(THD *thd, enum enum_server_command command, if (send_old_password_request(thd) || my_net_read(net) != SCRAMBLE_LENGTH_323 + 1) { - inc_host_errors(&thd->remote.sin_addr); + inc_host_errors(thd->main_security_ctx.ip); + my_error(ER_HANDSHAKE_ERROR, MYF(0), thd->main_security_ctx.host_or_ip); DBUG_RETURN(1); } @@ -498,9 +499,9 @@ check_user(THD *thd, enum enum_server_command command, thd->main_security_ctx.host_or_ip, passwd_len ? ER(ER_YES) : ER(ER_NO)); /* - log access denied messages to the error log when log-warnings = 2 + Log access denied messages to the error log when log-warnings = 2 so that the overhead of the general query log is not required to track - failed connections + failed connections. */ if (global_system_variables.log_warnings > 1) { @@ -666,9 +667,9 @@ static int check_connection(THD *thd) if (!thd->main_security_ctx.host) // If TCP/IP connection { - char ip[30]; + char ip[NI_MAXHOST]; - if (vio_peer_addr(net->vio, ip, &thd->peer_port)) + if (vio_peer_addr(net->vio, ip, &thd->peer_port, NI_MAXHOST)) { my_error(ER_BAD_HOST_ERROR, MYF(0), thd->main_security_ctx.host_or_ip); return 1; @@ -676,12 +677,15 @@ static int check_connection(THD *thd) if (!(thd->main_security_ctx.ip= my_strdup(ip,MYF(MY_WME)))) return 1; /* The error is set by my_strdup(). */ thd->main_security_ctx.host_or_ip= thd->main_security_ctx.ip; - vio_in_addr(net->vio,&thd->remote.sin_addr); if (!(specialflag & SPECIAL_NO_RESOLVE)) { - vio_in_addr(net->vio,&thd->remote.sin_addr); - thd->main_security_ctx.host= - ip_to_hostname(&thd->remote.sin_addr, &connect_errors); + if (ip_to_hostname(&net->vio->remote, thd->main_security_ctx.ip, + &thd->main_security_ctx.host, &connect_errors)) + { + my_error(ER_BAD_HOST_ERROR, MYF(0), ip); + return 1; + } + /* Cut very long hostnames to avoid possible overflows */ if (thd->main_security_ctx.host) { @@ -714,7 +718,7 @@ static int check_connection(THD *thd) thd->main_security_ctx.host_or_ip= thd->main_security_ctx.host; thd->main_security_ctx.ip= 0; /* Reset sin_addr */ - bzero((char*) &thd->remote, sizeof(thd->remote)); + bzero((char*) &net->vio->remote, sizeof(net->vio->remote)); } vio_keepalive(net->vio, TRUE); @@ -769,7 +773,8 @@ static int check_connection(THD *thd) (pkt_len= my_net_read(net)) == packet_error || pkt_len < MIN_HANDSHAKE_SIZE) { - inc_host_errors(&thd->remote.sin_addr); + inc_host_errors(thd->main_security_ctx.ip); + my_error(ER_HANDSHAKE_ERROR, MYF(0), thd->main_security_ctx.host_or_ip); return 1; @@ -779,7 +784,7 @@ static int check_connection(THD *thd) #include "_cust_sql_parse.h" #endif if (connect_errors) - reset_host_errors(&thd->remote.sin_addr); + reset_host_errors(thd->main_security_ctx.ip); if (thd->packet.alloc(thd->variables.net_buffer_length)) return 1; /* The error is set by alloc(). */ @@ -813,7 +818,7 @@ static int check_connection(THD *thd) /* Do the SSL layering. */ if (!ssl_acceptor_fd) { - inc_host_errors(&thd->remote.sin_addr); + inc_host_errors(thd->main_security_ctx.ip); my_error(ER_HANDSHAKE_ERROR, MYF(0), thd->main_security_ctx.host_or_ip); return 1; } @@ -821,7 +826,8 @@ static int check_connection(THD *thd) if (sslaccept(ssl_acceptor_fd, net->vio, net->read_timeout)) { DBUG_PRINT("error", ("Failed to accept new SSL connection")); - inc_host_errors(&thd->remote.sin_addr); + inc_host_errors(thd->main_security_ctx.ip); + my_error(ER_HANDSHAKE_ERROR, MYF(0), thd->main_security_ctx.host_or_ip); return 1; } @@ -831,7 +837,8 @@ static int check_connection(THD *thd) { DBUG_PRINT("error", ("Failed to read user information (pkt_len= %lu)", pkt_len)); - inc_host_errors(&thd->remote.sin_addr); + inc_host_errors(thd->main_security_ctx.ip); + my_error(ER_HANDSHAKE_ERROR, MYF(0), thd->main_security_ctx.host_or_ip); return 1; } @@ -840,7 +847,8 @@ static int check_connection(THD *thd) if (end >= (char*) net->read_pos+ pkt_len +2) { - inc_host_errors(&thd->remote.sin_addr); + inc_host_errors(thd->main_security_ctx.ip); + my_error(ER_HANDSHAKE_ERROR, MYF(0), thd->main_security_ctx.host_or_ip); return 1; } @@ -878,7 +886,8 @@ static int check_connection(THD *thd) if (passwd + passwd_len + db_len > (char *)net->read_pos + pkt_len) { - inc_host_errors(&thd->remote.sin_addr); + inc_host_errors(thd->main_security_ctx.ip); + my_error(ER_HANDSHAKE_ERROR, MYF(0), thd->main_security_ctx.host_or_ip); return 1; } |