diff options
| author | peter@mysql.com <> | 2002-11-30 20:58:53 +0300 |
|---|---|---|
| committer | peter@mysql.com <> | 2002-11-30 20:58:53 +0300 |
| commit | a24258375a59e37d728dffae05235c59d283a6ab (patch) | |
| tree | d6fd910fa1f2f46f32ad57ff34b8c30051905e04 /sql | |
| parent | 54ff0efe7cb79c2f3e7acc84f74905d750e51ba0 (diff) | |
| download | mariadb-git-a24258375a59e37d728dffae05235c59d283a6ab.tar.gz | |
SCRUM: Montymise code
fix mysql_change_user() for old clients
Diffstat (limited to 'sql')
| -rw-r--r-- | sql/mini_client.cc | 21 | ||||
| -rw-r--r-- | sql/mysqld.cc | 3 | ||||
| -rw-r--r-- | sql/password.c | 52 | ||||
| -rw-r--r-- | sql/sql_acl.cc | 170 | ||||
| -rw-r--r-- | sql/sql_class.h | 5 | ||||
| -rw-r--r-- | sql/sql_parse.cc | 241 |
6 files changed, 243 insertions, 249 deletions
diff --git a/sql/mini_client.cc b/sql/mini_client.cc index 7d3b10a34a9..27d6255d82a 100644 --- a/sql/mini_client.cc +++ b/sql/mini_client.cc @@ -490,7 +490,7 @@ mc_mysql_connect(MYSQL *mysql,const char *host, const char *user, uint net_read_timeout) { char buff[NAME_LEN+USERNAME_LENGTH+100],*end,*host_info; - char password_hash[20]; + char password_hash[SCRAMBLE41_LENGTH]; my_socket sock; ulong ip_addr; struct sockaddr_in sock_addr; @@ -856,28 +856,29 @@ mc_mysql_connect(MYSQL *mysql,const char *host, const char *user, /* Build full password hash as it is required to decode scramble */ password_hash_stage1(buff, passwd); /* Store copy as we'll need it later */ - memcpy(password_hash,buff,20); + memcpy(password_hash,buff,SCRAMBLE41_LENGTH); /* Finally hash complete password using hash we got from server */ password_hash_stage2(password_hash,(char*)net->read_pos); /* Decypt and store scramble 4 = hash for stage2 */ - password_crypt((char*)net->read_pos+4,mysql->scramble_buff,password_hash,20); - mysql->scramble_buff[20]=0; + password_crypt((char*)net->read_pos+4,mysql->scramble_buff,password_hash, + SCRAMBLE41_LENGTH); + mysql->scramble_buff[SCRAMBLE41_LENGTH]=0; /* Encode scramble with password. Recycle buffer */ - password_crypt(mysql->scramble_buff,buff,buff,20); + password_crypt(mysql->scramble_buff,buff,buff,SCRAMBLE41_LENGTH); } else { /* Create password to decode scramble */ create_key_from_old_password(passwd,password_hash); /* Decypt and store scramble 4 = hash for stage2 */ - password_crypt((char*)net->read_pos+4,mysql->scramble_buff,password_hash,20); - mysql->scramble_buff[20]=0; + password_crypt((char*)net->read_pos+4,mysql->scramble_buff,password_hash, + SCRAMBLE41_LENGTH); + mysql->scramble_buff[SCRAMBLE41_LENGTH]=0; /* Finally scramble decoded scramble with password */ - scramble(buff, mysql->scramble_buff, passwd, - (my_bool) (mysql->protocol_version == 9)); + scramble(buff, mysql->scramble_buff, passwd,0); } /* Write second package of authentication */ - if (my_net_write(net,buff,20) || net_flush(net)) + if (my_net_write(net,buff,SCRAMBLE41_LENGTH) || net_flush(net)) { net->last_errno= CR_SERVER_LOST; strmov(net->last_error,ER(net->last_errno)); diff --git a/sql/mysqld.cc b/sql/mysqld.cc index a82ec7a3a0a..c7e854611b9 100644 --- a/sql/mysqld.cc +++ b/sql/mysqld.cc @@ -2496,6 +2496,9 @@ static void create_new_thread(THD *thd) for (uint i=0; i < 8 ; i++) // Generate password teststring thd->scramble[i]= (char) (rnd(&sql_rand)*94+33); thd->scramble[8]=0; + // Back it up as old clients may need it + memcpy(thd->old_scramble,thd->scramble,9); + thd->real_id=pthread_self(); // Keep purify happy diff --git a/sql/password.c b/sql/password.c index 98cac1e07d0..7a3831d67b7 100644 --- a/sql/password.c +++ b/sql/password.c @@ -66,7 +66,6 @@ #define PVERSION41_CHAR '*' /* Scramble length for new password version */ -#define SCRAMBLE41_LENGTH 20 /* @@ -175,17 +174,12 @@ void create_random_string(int length,struct rand_struct *rand_st,char* target) none */ -inline void password_crypt(const char* from,char* to, const char* password,int length) +void password_crypt(const char* from,char* to, const char* password,int length) { const char *from_end=from+length; - while(from<from_end) - { - *to=*from^*password; - from++; - to++; - password++; - } + while (from < from_end) + *to++= *(from++) ^* (password++); } @@ -286,7 +280,9 @@ void password_hash_stage2(char *to,const char *salt) none */ -void make_scrambled_password(char *to,const char *password,my_bool force_old_scramble,struct rand_struct *rand_st) +void make_scrambled_password(char *to,const char *password, + my_bool force_old_scramble, + struct rand_struct *rand_st) { ulong hash_res[2]; /* Used for pre 4.1 password hashing */ unsigned short salt; /* Salt for 4.1 version password */ @@ -336,7 +332,6 @@ void get_salt_from_bin_password(ulong *res,unsigned char *password,ulong salt) unsigned char* password_end=password+SCRAMBLE41_LENGTH; *res=salt; res++; - bzero(res,5*sizeof(res[0])); /* Process password of known length*/ while (password<password_end) @@ -364,12 +359,14 @@ void get_salt_from_bin_password(ulong *res,unsigned char *password,ulong salt) !0 for invalid password */ -my_bool validate_password(const char* password, const char* message, ulong* salt) +my_bool validate_password(const char* password, const char* message, + ulong* salt) { char buffer[SCRAMBLE41_LENGTH]; /* Used for password validation */ char tmpsalt[8]; /* Temporary value to convert salt to string form */ - int i; ulong salt_candidate[6]; /* Computed candidate salt */ + ulong* sc=salt_candidate; /* we need to be able to increment */ + ulong* salt_end; /* Now we shall get stage1 encrypted password in buffer*/ password_crypt(password,buffer,message,SCRAMBLE41_LENGTH); @@ -381,9 +378,11 @@ my_bool validate_password(const char* password, const char* message, ulong* salt /* Convert password to salt to compare */ get_salt_from_bin_password(salt_candidate,buffer,salt[0]); - /* Now we shall get exactly the same password as we have stored for user */ - for(i=1;i<6;i++) - if (salt[i]!=salt_candidate[i]) return 1; + /* Now we shall get exactly the same password as we have stored for user */ + for (salt_end=salt+5 ; salt < salt_end; ) + if (*++salt != *++sc) + return 1; + /* Or password correct*/ return 0; } @@ -400,11 +399,9 @@ my_bool validate_password(const char* password, const char* message, ulong* salt password length >0 */ -inline int get_password_length(my_bool force_old_scramble) +int get_password_length(my_bool force_old_scramble) { - if (force_old_scramble) - return 16; - else return SHA1_HASH_SIZE*2+4+1; + return (force_old_scramble) ? 16 : SHA1_HASH_SIZE*2+4+1; } @@ -420,9 +417,9 @@ inline int get_password_length(my_bool force_old_scramble) !0 password version char for newer passwords */ -inline char get_password_version(const char* password) +char get_password_version(const char* password) { - if (password==NULL) return 0; + if (password==NULL) return 0; if (password[0]==PVERSION41_CHAR) return PVERSION41_CHAR; return 0; } @@ -467,7 +464,6 @@ inline uint char_val(char X) void get_salt_from_password(ulong *res,const char *password) { - bzero(res,6*sizeof(res[0])); if (password) /* zero salt corresponds to empty password */ { if (password[0]==PVERSION41_CHAR) /* if new password */ @@ -553,19 +549,17 @@ void get_hash_and_password(ulong* salt, uint8 pversion, char* hash, unsigned cha if (pversion) /* New password version assumed */ { - salt_end=salt+6; + salt_end=salt+5; sprintf(hash,"%04x",(unsigned short)salt[0]); - salt++; /* position to the second element */ while (salt<salt_end) /* Iterate over these elements*/ { - val=*salt; - for(t=3;t>=0;t--) + val=*(++salt); + for (t=3; t>=0; t--) { bin_password[t]=val%256; val>>=8; /* Scroll 8 bits to get next part*/ } bin_password+=4; /* Get to next 4 chars*/ - salt++; } } else @@ -611,7 +605,7 @@ void get_hash_and_password(ulong* salt, uint8 pversion, char* hash, unsigned cha void create_key_from_old_password(const char* passwd, char* key) { - char buffer[20]; /* Buffer for various needs */ + char buffer[SCRAMBLE41_LENGTH]; /* Buffer for various needs */ ulong salt[6]; /* Salt (large for safety) */ /* At first hash password to the string stored in password */ make_scrambled_password(buffer,passwd,1,(struct rand_struct *)NULL); diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index 3ebd3fdbd3b..47b641bc519 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -102,10 +102,10 @@ my_bool acl_init(THD *org_thd, bool dont_read_acl_tables) if (dont_read_acl_tables) { DBUG_RETURN(0); /* purecov: tested */ - } - + } + priv_version++; /* Priveleges updated */ - + /* To be able to run this from boot, we allocate a temporary THD */ @@ -205,7 +205,7 @@ my_bool acl_init(THD *org_thd, bool dont_read_acl_tables) continue; /* purecov: tested */ } } - get_salt_from_password(user.salt,user.password); + get_salt_from_password(user.salt,user.password); user.access=get_access(table,3) & GLOBAL_ACLS; user.sort=get_sort(2,user.host.hostname,user.user); user.hostname_length= (user.host.hostname ? @@ -263,7 +263,7 @@ my_bool acl_init(THD *org_thd, bool dont_read_acl_tables) sizeof(ACL_USER),(qsort_cmp) acl_compare); end_read_record(&read_record_info); freeze_size(&acl_users); - + init_read_record(&read_record_info,thd,table=tables[2].table,NULL,1,0); VOID(my_init_dynamic_array(&acl_dbs,sizeof(ACL_DB),50,100)); while (!(read_record_info.read_record(&read_record_info))) @@ -452,17 +452,17 @@ static int acl_compare(ACL_ACCESS *a,ACL_ACCESS *b) Prepare crypted scramble to be sent to the client */ -void prepare_scramble(THD* thd, ACL_USER *acl_user,char* prepared_scramble) +void prepare_scramble(THD *thd, ACL_USER *acl_user,char* prepared_scramble) { /* Binary password format to be used for generation*/ - char bin_password[20]; + char bin_password[SCRAMBLE41_LENGTH]; /* Generate new long scramble for the thread */ - create_random_string(20,&thd->rand,thd->scramble); - thd->scramble[20]=0; + create_random_string(SCRAMBLE41_LENGTH,&thd->rand,thd->scramble); + thd->scramble[SCRAMBLE41_LENGTH]=0; /* Get binary form, First 4 bytes of prepared scramble is salt */ get_hash_and_password(acl_user->salt,acl_user->pversion,prepared_scramble,(unsigned char*)bin_password); /* Finally encrypt password to get prepared scramble */ - password_crypt(thd->scramble,prepared_scramble+4,bin_password,20); + password_crypt(thd->scramble,prepared_scramble+4,bin_password,SCRAMBLE41_LENGTH); } @@ -472,11 +472,11 @@ void prepare_scramble(THD* thd, ACL_USER *acl_user,char* prepared_scramble) /* Get master privilges for user (priviliges for all tables). Required before connecting to MySQL - + as we have 2 stage handshake now we cache user not to lookup - it second time. At the second stage we do not lookup user in case + it second time. At the second stage we do not lookup user in case we already know it; - + */ ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user, @@ -488,7 +488,7 @@ ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user, *priv_user=(char*) user; bool password_correct=0; ACL_USER *acl_user=NULL; - + DBUG_ENTER("acl_getroot"); bzero(mqh,sizeof(USER_RESOURCES)); @@ -498,18 +498,18 @@ ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user, DBUG_RETURN((ulong) ~NO_ACCESS); /* purecov: tested */ } VOID(pthread_mutex_lock(&acl_cache->lock)); - - + + /* Get possible access from user_list. This is or'ed to others not fully specified - + If we have cached user use it, in other case look it up. */ - + if (stage && (*cur_priv_version==priv_version)) acl_user=*hint_user; - else + else for (uint i=0 ; i < acl_users.elements ; i++) { ACL_USER *acl_user_search=dynamic_element(&acl_users,i,ACL_USER*); @@ -517,30 +517,30 @@ ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user, { if (compare_hostname(&acl_user_search->host,host,ip)) { - /* Found mathing user */ + /* Found mathing user */ acl_user=acl_user_search; /* Store it as a cache */ *hint_user=acl_user; *cur_priv_version=priv_version; break; - } + } } - } - - + } + + /* Now we have acl_user found and may start our checks */ - - if (acl_user) - { - /* Password should present for both or absend for both */ + + if (acl_user) + { + /* Password should present for both or absend for both */ if (!acl_user->password && !*password || (acl_user->password && *password)) - { + { /* Quick check and accept for empty passwords*/ if (!acl_user->password && !*password) password_correct=1; else /* Normal password presents */ - { + { /* New version password is checked differently */ if (acl_user->pversion) { @@ -548,40 +548,40 @@ ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user, { if (!validate_password(password,message,acl_user->salt)) password_correct=1; - } + } else /* First stage - just prepare scramble */ prepare_scramble(thd,acl_user,prepared_scramble); } /* Old way to check password */ - else + else { - /* Checking the scramble at any stage. First - old clients */ + /* Checking the scramble at any stage. First - old clients */ if (!check_scramble(password,message,acl_user->salt, (my_bool) old_ver)) password_correct=1; - else /* Password incorrect */ + else /* Password incorrect */ /* At the first stage - prepare scramble */ if (!stage) - prepare_scramble(thd,acl_user,prepared_scramble); - } + prepare_scramble(thd,acl_user,prepared_scramble); + } } } } - + /* If user not found password_correct will also be zero */ - if (!password_correct) - goto unlock_and_exit; - + if (!password_correct) + goto unlock_and_exit; + /* OK. User found and password checked continue validation */ - - + + #ifdef HAVE_OPENSSL Vio *vio=thd->net.vio; /* - In this point we know that user is allowed to connect - from given host by given username/password pair. Now - we check if SSL is required, if user is using SSL and - if X509 certificate attributes are OK + In this point we know that user is allowed to connect + from given host by given username/password pair. Now + we check if SSL is required, if user is using SSL and + if X509 certificate attributes are OK */ switch (acl_user->ssl_type) { case SSL_TYPE_NOT_SPECIFIED: // Impossible @@ -594,8 +594,8 @@ ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user, break; case SSL_TYPE_X509: /* Client should have any valid certificate. */ /* - Connections with non-valid certificates are dropped already - in sslaccept() anyway, so we do not check validity here. + Connections with non-valid certificates are dropped already + in sslaccept() anyway, so we do not check validity here. */ if (SSL_get_peer_certificate(vio->ssl_)) user_access=acl_user->access; @@ -624,7 +624,7 @@ ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user, X509* cert=SSL_get_peer_certificate(vio->ssl_); DBUG_PRINT("info",("checkpoint 2")); /* If X509 issuer is speified, we check it... */ - if (acl_user->x509_issuer) + if (acl_user->x509_issuer) { DBUG_PRINT("info",("checkpoint 3")); char *ptr = X509_NAME_oneline(X509_get_issuer_name(cert), 0, 0); @@ -660,7 +660,7 @@ ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user, *mqh=acl_user->user_resource; if (!acl_user->user) *priv_user=(char*) ""; // Change to anonymous user /* purecov: inspected */ - + unlock_and_exit: VOID(pthread_mutex_unlock(&acl_cache->lock)); DBUG_RETURN(user_access); @@ -675,12 +675,12 @@ static byte* check_get_key(ACL_USER *buff,uint *length, } static void acl_update_user(const char *user, const char *host, - const char *password, + const char *password, enum SSL_type ssl_type, const char *ssl_cipher, const char *x509_issuer, const char *x509_subject, - USER_RESOURCES *mqh, + USER_RESOURCES *mqh, ulong privileges) { for (uint i=0 ; i < acl_users.elements ; i++) @@ -716,8 +716,8 @@ static void acl_update_user(const char *user, const char *host, if (!password[0]) /* If password is empty set it to null */ { acl_user->password=0; - acl_user->pversion=0; // just initialize - } + acl_user->pversion=0; // just initialize + } else { acl_user->password=(char*) ""; // Just point at something @@ -733,7 +733,7 @@ static void acl_update_user(const char *user, const char *host, static void acl_insert_user(const char *user, const char *host, - const char *password, + const char *password, enum SSL_type ssl_type, const char *ssl_cipher, const char *x509_issuer, @@ -926,7 +926,7 @@ int wild_case_compare(CHARSET_INFO *cs, const char *str,const char *wildstr) { if (*wildstr == wild_prefix && wildstr[1]) wildstr++; - if (my_toupper(cs, *wildstr++) != + if (my_toupper(cs, *wildstr++) != my_toupper(cs, *str++)) DBUG_RETURN(1); } if (! *wildstr ) DBUG_RETURN (*str != 0); @@ -1091,7 +1091,7 @@ bool check_change_password(THD *thd, const char *host, const char *user) RETURN VALUES 0 ok 1 ERROR; In this case the error is sent to the client. -*/ +*/ bool change_password(THD *thd, const char *host, const char *user, char *new_password) @@ -1107,7 +1107,7 @@ bool change_password(THD *thd, const char *host, const char *user, /* password should always be 0,16 or 45 chars; simple hack to avoid cracking */ length=(uint) strlen(new_password); - + if (length!=45) new_password[length & 16]=0; @@ -1133,8 +1133,8 @@ bool change_password(THD *thd, const char *host, const char *user, if (!new_password[0]) acl_user->password=0; else - acl_user->password=(char*) ""; // Point at something - + acl_user->password=(char*) ""; // Point at something + acl_cache->clear(1); // Clear locked hostname cache VOID(pthread_mutex_unlock(&acl_cache->lock)); @@ -1321,7 +1321,7 @@ static int replace_user_table(THD *thd, TABLE *table, const LEX_USER &combo, if (combo.password.str && combo.password.str[0]) { - if ((combo.password.length != HASH_PASSWORD_LENGTH) + if ((combo.password.length != HASH_PASSWORD_LENGTH) && combo.password.length != HASH_OLD_PASSWORD_LENGTH) { my_error(ER_PASSWORD_NO_MATCH,MYF(0)); @@ -1329,7 +1329,7 @@ static int replace_user_table(THD *thd, TABLE *table, const LEX_USER &combo, } password=combo.password.str; } - + table->field[0]->store(combo.host.str,combo.host.length, system_charset_info); table->field[1]->store(combo.user.str,combo.user.length, system_charset_info); table->file->index_init(0); @@ -1742,9 +1742,9 @@ static GRANT_TABLE *table_hash_search(const char *host,const char* ip, } else { - if ((host && !wild_case_compare(system_charset_info, + if ((host && !wild_case_compare(system_charset_info, host,grant_table->host)) || - (ip && !wild_case_compare(system_charset_info, + (ip && !wild_case_compare(system_charset_info, ip,grant_table->host))) found=grant_table; // Host ok } @@ -2676,9 +2676,9 @@ bool check_grant_db(THD *thd,const char *db) GRANT_TABLE *grant_table = (GRANT_TABLE*) hash_element(&hash_tables,idx); if (len < grant_table->key_length && !memcmp(grant_table->hash_key,helping,len) && - (thd->host && !wild_case_compare(system_charset_info, + (thd->host && !wild_case_compare(system_charset_info, thd->host,grant_table->host) || - (thd->ip && !wild_case_compare(system_charset_info, + (thd->ip && !wild_case_compare(system_charset_info, thd->ip,grant_table->host)))) { error=0; // Found match @@ -2764,7 +2764,7 @@ static uint command_lengths[]= }; -int mysql_show_grants(THD *thd,LEX_USER *lex_user) +int mysql_show_grants(THD *thd,LEX_USER *lex_user) { ulong want_access; uint counter,index; @@ -2803,7 +2803,7 @@ int mysql_show_grants(THD *thd,LEX_USER *lex_user) !my_strcasecmp(system_charset_info, lex_user->host.str, host)) break; } - if (counter == acl_users.elements) + if (counter == acl_users.elements) { my_printf_error(ER_NONEXISTING_GRANT,ER(ER_NONEXISTING_GRANT), MYF(0),lex_user->user.str,lex_user->host.str); @@ -2836,13 +2836,13 @@ int mysql_show_grants(THD *thd,LEX_USER *lex_user) global.append("ALL PRIVILEGES",14); else if (!(want_access & ~GRANT_ACL)) global.append("USAGE",5); - else + else { bool found=0; ulong j,test_access= want_access & ~GRANT_ACL; for (counter=0, j = SELECT_ACL;j <= GLOBAL_ACLS;counter++,j <<= 1) { - if (test_access & j) + if (test_access & j) { if (found) global.append(", ",2); @@ -2852,7 +2852,7 @@ int mysql_show_grants(THD *thd,LEX_USER *lex_user) } } global.append (" ON *.* TO '",12); - global.append(lex_user->user.str,lex_user->user.length); + global.append(lex_user->user.str,lex_user->user.length); global.append ("'@'",3); global.append(lex_user->host.str,lex_user->host.length); global.append ('\''); @@ -2901,9 +2901,9 @@ int mysql_show_grants(THD *thd,LEX_USER *lex_user) (acl_user->user_resource.questions | acl_user->user_resource.updates | acl_user->user_resource.connections)) { - global.append(" WITH",5); + global.append(" WITH",5); if (want_access & GRANT_ACL) - global.append(" GRANT OPTION",13); + global.append(" GRANT OPTION",13); if (acl_user->user_resource.questions) { char buff[22], *p; // just as in int2str @@ -2950,7 +2950,7 @@ int mysql_show_grants(THD *thd,LEX_USER *lex_user) !my_strcasecmp(system_charset_info, lex_user->host.str, host)) { want_access=acl_db->access; - if (want_access) + if (want_access) { String db(buff,sizeof(buff),system_charset_info); db.length(0); @@ -2976,10 +2976,10 @@ int mysql_show_grants(THD *thd,LEX_USER *lex_user) db.append (" ON `",5); db.append(acl_db->db); db.append ("`.* TO '",8); - db.append(lex_user->user.str,lex_user->user.length); + db.append(lex_user->user.str,lex_user->user.length); db.append ("'@'",3); db.append(lex_user->host.str, lex_user->host.length); - db.append ('\''); + db.append ('\''); if (want_access & GRANT_ACL) db.append(" WITH GRANT OPTION",18); thd->packet.length(0); @@ -2998,7 +2998,7 @@ int mysql_show_grants(THD *thd,LEX_USER *lex_user) for (index=0 ; index < hash_tables.records ; index++) { const char *user,*host; - GRANT_TABLE *grant_table= (GRANT_TABLE*) hash_element(&hash_tables,index); + GRANT_TABLE *grant_table= (GRANT_TABLE*) hash_element(&hash_tables,index); if (!(user=grant_table->user)) user=""; @@ -3017,21 +3017,21 @@ int mysql_show_grants(THD *thd,LEX_USER *lex_user) if (test_all_bits(grant_table->privs,(TABLE_ACLS & ~GRANT_ACL))) global.append("ALL PRIVILEGES",14); - else + else { int found=0; ulong j,test_access= (want_access | grant_table->cols) & ~GRANT_ACL; for (counter=0, j = SELECT_ACL;j <= TABLE_ACLS; counter++,j <<= 1) { - if (test_access & j) + if (test_access & j) { if (found) global.append(", ",2); found = 1; global.append(command_array[counter],command_lengths[counter]); - if (grant_table->cols) + if (grant_table->cols) { uint found_col=0; for (uint col_index=0 ; @@ -3040,9 +3040,9 @@ int mysql_show_grants(THD *thd,LEX_USER *lex_user) { GRANT_COLUMN *grant_column = (GRANT_COLUMN*) hash_element(&grant_table->hash_columns,col_index); - if (grant_column->rights & j) + if (grant_column->rights & j) { - if (!found_col) + if (!found_col) { global.append(" (",2); found_col=1; @@ -3064,12 +3064,12 @@ int mysql_show_grants(THD *thd,LEX_USER *lex_user) global.append(".",1); global.append(grant_table->tname); global.append(" TO '",5); - global.append(lex_user->user.str,lex_user->user.length); + global.append(lex_user->user.str,lex_user->user.length); global.append("'@'",3); - global.append(lex_user->host.str,lex_user->host.length); + global.append(lex_user->host.str,lex_user->host.length); global.append('\''); if (want_access & GRANT_ACL) - global.append(" WITH GRANT OPTION",18); + global.append(" WITH GRANT OPTION",18); thd->packet.length(0); net_store_data(&thd->packet,global.ptr(),global.length()); if (my_net_write(&thd->net,(char*) thd->packet.ptr(), diff --git a/sql/sql_class.h b/sql/sql_class.h index ed97a3fffde..89be4741e5d 100644 --- a/sql/sql_class.h +++ b/sql/sql_class.h @@ -499,7 +499,10 @@ public: uint check_loops_counter; //last id used to check loops /* variables.transaction_isolation is reset to this after each commit */ enum_tx_isolation session_tx_isolation; - char scramble[21]; // extend scramble to handle new auth + // extend scramble to handle new auth + char scramble[SCRAMBLE41_LENGTH+1]; + // old scramble is needed to handle old clients + char old_scramble[SCRAMBLE_LENGTH+1]; uint8 query_cache_type; // type of query cache processing bool slave_thread; bool set_query_id,locked,count_cuted_fields,some_tables_deleted; diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc index bdb074b304d..cfca7420237 100644 --- a/sql/sql_parse.cc +++ b/sql/sql_parse.cc @@ -44,8 +44,6 @@ #else #define MIN_HANDSHAKE_SIZE 6 #endif /* HAVE_OPENSSL */ -#define SCRAMBLE_LENGTH 8 -#define SCRAMBLE41_LENGTH 20 #define MEM_ROOT_BLOCK_SIZE 8192 #define MEM_ROOT_PREALLOC 8192 @@ -129,7 +127,7 @@ extern pthread_mutex_t LOCK_user_conn; static int get_or_create_user_conn(THD *thd, const char *user, const char *host, - USER_RESOURCES *mqh) + USER_RESOURCES *mqh) { int return_val=0; uint temp_len, user_len, host_len; @@ -163,7 +161,7 @@ static int get_or_create_user_conn(THD *thd, const char *user, uc->connections = 1; uc->questions=uc->updates=uc->conn_per_hour=0; uc->user_resources=*mqh; - if (max_user_connections && mqh->connections > max_user_connections) + if (max_user_connections && mqh->connections > max_user_connections) uc->user_resources.connections = max_user_connections; uc->intime=thd->thr_create_time; if (hash_insert(&hash_user_connections, (byte*) uc)) @@ -178,7 +176,7 @@ static int get_or_create_user_conn(THD *thd, const char *user, end: (void) pthread_mutex_unlock(&LOCK_user_conn); return return_val; - + } @@ -189,16 +187,16 @@ end: */ static int check_user(THD *thd,enum_server_command command, const char *user, - const char *passwd, const char *db, bool check_count, + const char *passwd, const char *db, bool check_count, bool do_send_error, char* crypted_scramble,int stage, - bool had_password,uint *cur_priv_version, + bool had_password,uint *cur_priv_version, ACL_USER** hint_user) { thd->db=0; thd->db_length=0; USER_RESOURCES ur; - - /* We shall avoid dupplicate user allocations here */ + + /* We shall avoid dupplicate user allocations here */ if (!(thd->user)) if (!(thd->user = my_strdup(user, MYF(0)))) { @@ -211,15 +209,15 @@ static int check_user(THD *thd,enum_server_command command, const char *user, !(thd->client_capabilities & CLIENT_LONG_PASSWORD),&ur,crypted_scramble, stage,cur_priv_version,hint_user); - + DBUG_PRINT("info", ("Capabilities: %d packet_length: %d Host: '%s' User: '%s' Using password: %s Access: %u db: '%s'", thd->client_capabilities, thd->max_client_packet_length, thd->host_or_ip, thd->priv_user, had_password ? "yes": "no", thd->master_access, thd->db ? thd->db : "*none*")); - - /* in case we're going to retry we should not send error message at this point */ + + /* in case we're going to retry we should not send error message at this point */ if (thd->master_access & NO_ACCESS) { if (do_send_error) @@ -233,11 +231,11 @@ static int check_user(THD *thd,enum_server_command command, const char *user, thd->host_or_ip, had_password ? ER(ER_YES) : ER(ER_NO)); return(1); // Error already given - } - else + } + else return(-1); // do not report error in special handshake } - + if (check_count) { VOID(pthread_mutex_lock(&LOCK_thread_count)); @@ -262,16 +260,16 @@ static int check_user(THD *thd,enum_server_command command, const char *user, if ((ur.questions || ur.updates || ur.connections) && get_or_create_user_conn(thd,user,thd->host_or_ip,&ur)) return -1; - if (thd->user_connect && thd->user_connect->user_resources.connections && + if (thd->user_connect && thd->user_connect->user_resources.connections && check_for_max_user_connections(thd, thd->user_connect)) return -1; - + if (db && db[0]) { bool error=test(mysql_change_db(thd,db)); if (error && thd->user_connect) decrease_user_connections(thd->user_connect); - return error; + return error; } else send_ok(thd); // Ready to handle questions @@ -296,7 +294,7 @@ extern "C" void free_user(struct user_conn *uc) my_free((char*) uc,MYF(0)); } -void init_max_user_conn(void) +void init_max_user_conn(void) { (void) hash_init(&hash_user_connections,system_charset_info,max_connections, 0,0, @@ -309,7 +307,7 @@ static int check_for_max_user_connections(THD *thd, USER_CONN *uc) { int error=0; DBUG_ENTER("check_for_max_user_connections"); - + if (max_user_connections && (max_user_connections <= (uint) uc->connections)) { @@ -317,7 +315,7 @@ static int check_for_max_user_connections(THD *thd, USER_CONN *uc) error=1; goto end; } - uc->connections++; + uc->connections++; if (uc->user_resources.connections && uc->conn_per_hour++ >= uc->user_resources.connections) { @@ -441,7 +439,7 @@ static void reset_mqh(THD *thd, LEX_USER *lu, bool get_them=false) { (void) pthread_mutex_lock(&LOCK_user_conn); - if (lu) // for GRANT + if (lu) // for GRANT { USER_CONN *uc; uint temp_len=lu->user.length+lu->host.length+2; @@ -530,9 +528,9 @@ check_connections(THD *thd) ulong pkt_len=0; { /* buff[] needs to big enough to hold the server_version variable */ - char buff[SERVER_VERSION_LENGTH + + char buff[SERVER_VERSION_LENGTH + SCRAMBLE_LENGTH+64],*end; - int client_flags = CLIENT_LONG_FLAG | CLIENT_CONNECT_WITH_DB | + int client_flags = CLIENT_LONG_FLAG | CLIENT_CONNECT_WITH_DB | CLIENT_PROTOCOL_41 | CLIENT_SECURE_CONNECTION; if (opt_using_transactions) @@ -555,7 +553,7 @@ check_connections(THD *thd) int2store(end+3,thd->server_status); bzero(end+5,13); end+=18; - + // At this point we write connection message and read reply if (net_write_command(net,(uchar) protocol_version, "", 0, buff, (uint) (end-buff)) || @@ -588,7 +586,7 @@ check_connections(THD *thd) DBUG_PRINT("error", ("Failed to read user information (pkt_len= %lu)", pkt_len)); inc_host_errors(&thd->remote.sin_addr); - return(ER_HANDSHAKE_ERROR); + return(ER_HANDSHAKE_ERROR); } DBUG_PRINT("info", ("Reading user information over SSL layer")); if ((pkt_len=my_net_read(net)) == packet_error || @@ -615,81 +613,73 @@ check_connections(THD *thd) char *user= (char*) net->read_pos+5; char *passwd= strend(user)+1; char *db=0; - if (thd->client_capabilities & CLIENT_CONNECT_WITH_DB) - db=strend(passwd)+1; - + if (thd->client_capabilities & CLIENT_CONNECT_WITH_DB) + db=strend(passwd)+1; + /* We can get only old hash at this point */ - if (passwd[0] && strlen(passwd)!=SCRAMBLE_LENGTH) + if (passwd[0] && strlen(passwd)!=SCRAMBLE_LENGTH) return ER_HANDSHAKE_ERROR; - + if (thd->client_capabilities & CLIENT_INTERACTIVE) thd->variables.net_wait_timeout= thd->variables.net_interactive_timeout; if ((thd->client_capabilities & CLIENT_TRANSACTIONS) && opt_using_transactions) thd->net.return_status= &thd->server_status; net->read_timeout=(uint) thd->variables.net_read_timeout; - + char prepared_scramble[SCRAMBLE41_LENGTH+4]; /* Buffer for scramble and hash */ - + ACL_USER* cached_user; uint cur_priv_version; - + /* Simple connect only for old clients. New clients always use secure auth */ bool simple_connect=(!(thd->client_capabilities & CLIENT_SECURE_CONNECTION)); - + /* Store information if we used password. passwd will be dammaged */ bool using_password=test(passwd[0]); - + /* Check user permissions. If password failure we'll get scramble back */ if (check_user(thd,COM_CONNECT, user, passwd, db, 1, simple_connect, prepared_scramble,0,using_password,&cur_priv_version,&cached_user)<0) - { + { /* If The client is old we just have to return error */ if (simple_connect) - return -1; - + return -1; + /* Store current used and database as they are erased with next packet */ - + char tmp_user[USERNAME_LENGTH+1]; char tmp_db[NAME_LEN+1]; + tmp_user[0]=0; if (user) - { - strncpy(tmp_user,user,USERNAME_LENGTH+1); - /* Extra safety if we have too long data */ - tmp_user[USERNAME_LENGTH]=0; - } - else - tmp_user[0]=0; + strmake(tmp_user,user,USERNAME_LENGTH); + + tmp_db[0]=0; if (db) - { - strncpy(tmp_db,db,NAME_LEN+1); - tmp_db[NAME_LEN]=0; - } - else - tmp_db[0]=0; - + strmake(tmp_db,db,NAME_LEN); + /* Write hash and encrypted scramble to client */ - if (my_net_write(net,prepared_scramble,SCRAMBLE41_LENGTH+4) - || net_flush(net)) + if (my_net_write(net,prepared_scramble,SCRAMBLE41_LENGTH+4) + || net_flush(net)) { inc_host_errors(&thd->remote.sin_addr); return ER_HANDSHAKE_ERROR; - } - /* Reading packet back */ - if ((pkt_len=my_net_read(net)) == packet_error) + } + /* Reading packet back */ + if ((pkt_len=my_net_read(net)) == packet_error) { inc_host_errors(&thd->remote.sin_addr); return ER_HANDSHAKE_ERROR; } - /* We have to get very specific packet size */ - if (pkt_len!=SCRAMBLE41_LENGTH) + /* We have to get very specific packet size */ + if (pkt_len!=SCRAMBLE41_LENGTH) { inc_host_errors(&thd->remote.sin_addr); - return ER_HANDSHAKE_ERROR; + return ER_HANDSHAKE_ERROR; } - /* Final attempt to check the user based on reply */ - if (check_user(thd,COM_CONNECT, tmp_user, (char*)net->read_pos, + /* Final attempt to check the user based on reply */ + if (check_user(thd,COM_CONNECT, tmp_user, (char*)net->read_pos, tmp_db, 1, 1,prepared_scramble,1,using_password,&cur_priv_version, &cached_user)) return -1; @@ -796,7 +786,7 @@ pthread_handler_decl(handle_one_connection,arg) send_error(thd,net->last_errno,NullS); statistic_increment(aborted_threads,&LOCK_status); } - + end_thread: close_connection(net); end_thread(thd,1); @@ -854,7 +844,7 @@ extern "C" pthread_handler_decl(handle_bootstrap,arg) while (fgets(buff, thd->net.max_packet, file)) { uint length=(uint) strlen(buff); - while (length && (my_isspace(system_charset_info, buff[length-1]) || + while (length && (my_isspace(system_charset_info, buff[length-1]) || buff[length-1] == ';')) length--; buff[length]=0; @@ -1043,7 +1033,7 @@ bool dispatch_command(enum enum_server_command command, THD *thd, char *user= (char*) packet; char *passwd= strend(user)+1; char *db= strend(passwd)+1; - + /* Save user and privileges */ uint save_master_access=thd->master_access; uint save_db_access= thd->db_access; @@ -1055,43 +1045,46 @@ bool dispatch_command(enum enum_server_command command, THD *thd, USER_CONN *save_uc= thd->user_connect; bool simple_connect; bool using_password; - + ulong pkt_len=0; /* Length of reply packet */ - + /* Small check for incomming packet */ if ((uint) ((uchar*) db - net->read_pos) > packet_length) goto restore_user_err; - + /* Now we shall basically perform authentication again */ - + /* We can get only old hash at this point */ - if (passwd[0] && strlen(passwd)!=SCRAMBLE_LENGTH) + if (passwd[0] && strlen(passwd)!=SCRAMBLE_LENGTH) goto restore_user_err; - - char prepared_scramble[SCRAMBLE41_LENGTH+4];/* Buffer for scramble,hash */ + + char prepared_scramble[SCRAMBLE41_LENGTH+4];/* Buffer for scramble,hash */ ACL_USER* cached_user; /* Cached user */ uint cur_priv_version; /* Cached grant version */ - + /* Simple connect only for old clients. New clients always use sec. auth*/ simple_connect=(!(thd->client_capabilities & CLIENT_SECURE_CONNECTION)); - + /* Store information if we used password. passwd will be dammaged */ using_password=test(passwd[0]); - - /* - Check user permissions. If password failure we'll get scramble back - Do not retry if we already have sent error (result>0) - */ + + if (simple_connect) /* Restore scramble for old clients */ + memcpy(thd->scramble,thd->old_scramble,9); + + /* + Check user permissions. If password failure we'll get scramble back + Do not retry if we already have sent error (result>0) + */ if (check_user(thd,COM_CHANGE_USER, user, passwd, db, 0, simple_connect, - prepared_scramble,0,using_password,&cur_priv_version,&cached_user)<0) + prepared_scramble,0,using_password,&cur_priv_version,&cached_user)<0) { /* If The client is old we just have to have auth failure */ if (simple_connect) goto restore_user; /* Error is already reported */ - + /* Store current used and database as they are erased with next packet */ - + char tmp_user[USERNAME_LENGTH+1]; char tmp_db[NAME_LEN+1]; @@ -1099,33 +1092,33 @@ bool dispatch_command(enum enum_server_command command, THD *thd, { strncpy(tmp_user,user,USERNAME_LENGTH+1); /* Extra safety if we have too long data */ - tmp_user[USERNAME_LENGTH]=0; - } + tmp_user[USERNAME_LENGTH]=0; + } else - tmp_user[0]=0; + tmp_user[0]=0; if (db) { strncpy(tmp_db,db,NAME_LEN+1); tmp_db[NAME_LEN]=0; - } - else + } + else tmp_db[0]=0; - + /* Write hash and encrypted scramble to client */ - if (my_net_write(net,prepared_scramble,SCRAMBLE41_LENGTH+4) - || net_flush(net)) - goto restore_user_err; - - /* Reading packet back */ - if ((pkt_len=my_net_read(net)) == packet_error) + if (my_net_write(net,prepared_scramble,SCRAMBLE41_LENGTH+4) + || net_flush(net)) goto restore_user_err; - - /* We have to get very specific packet size */ - if (pkt_len!=SCRAMBLE41_LENGTH) + + /* Reading packet back */ + if ((pkt_len=my_net_read(net)) == packet_error) + goto restore_user_err; + + /* We have to get very specific packet size */ + if (pkt_len!=SCRAMBLE41_LENGTH) goto restore_user; - - /* Final attempt to check the user based on reply */ - if (check_user(thd,COM_CONNECT, tmp_user, (char*)net->read_pos, + + /* Final attempt to check the user based on reply */ + if (check_user(thd,COM_CONNECT, tmp_user, (char*)net->read_pos, tmp_db, 0, 1,prepared_scramble,1,using_password,&cur_priv_version, &cached_user)) goto restore_user; @@ -1137,11 +1130,11 @@ bool dispatch_command(enum enum_server_command command, THD *thd, x_free((gptr) save_user); thd->password=using_password; break; - + /* Bad luck we shall restore old user */ restore_user_err: send_error(thd, ER_UNKNOWN_COM_ERROR); - + restore_user: x_free(thd->user); x_free(thd->db); @@ -1150,10 +1143,10 @@ bool dispatch_command(enum enum_server_command command, THD *thd, thd->db=save_db; thd->db_length=save_db_length; thd->user=save_user; - thd->priv_user=save_priv_user; + thd->priv_user=save_priv_user; break; } - + case COM_EXECUTE: { mysql_stmt_execute(thd, packet); @@ -1444,7 +1437,7 @@ bool alloc_query(THD *thd, char *packet, ulong packet_length) packet_length--; } char *pos=packet+packet_length; // Point at end null - while (packet_length > 0 && + while (packet_length > 0 && (pos[-1] == ';' || my_isspace(system_charset_info,pos[-1]))) { pos--; @@ -1496,7 +1489,7 @@ mysql_execute_command(THD *thd) if (thd->slave_thread) { - /* + /* Skip if we are in the slave thread, some table rules have been given and the table list says the query should not be replicated */ @@ -1515,7 +1508,7 @@ mysql_execute_command(THD *thd) } #endif } - + /* TODO: make derived tables processing 'inside' SELECT processing. TODO: solve problem with depended derived tables in subselects @@ -1532,13 +1525,13 @@ mysql_execute_command(THD *thd) (SELECT_LEX_UNIT *) cursor->derived, cursor))) - { + { if (res < 0 || thd->net.report_error) send_error(thd,thd->killed ? ER_SERVER_SHUTDOWN : 0); DBUG_VOID_RETURN; } } - if ((&lex->select_lex != lex->all_selects_list && + if ((&lex->select_lex != lex->all_selects_list && lex->unit.create_total_list(thd, lex, &tables)) || (table_rules_on && tables && thd->slave_thread && !tables_ok(thd,tables))) @@ -1568,7 +1561,7 @@ mysql_execute_command(THD *thd) unit->offset_limit_cnt= (ha_rows) unit->global_parameters->offset_limit; unit->select_limit_cnt= (ha_rows) (unit->global_parameters->select_limit+ unit->global_parameters->offset_limit); - if (unit->select_limit_cnt < + if (unit->select_limit_cnt < (ha_rows) unit->global_parameters->select_limit) unit->select_limit_cnt= HA_POS_ERROR; // no limit if (unit->select_limit_cnt == HA_POS_ERROR) @@ -1714,7 +1707,7 @@ mysql_execute_command(THD *thd) res = show_binlog_info(thd); break; } - + case SQLCOM_LOAD_MASTER_DATA: // sync with master if (check_global_access(thd, SUPER_ACL)) goto error; @@ -1723,7 +1716,7 @@ mysql_execute_command(THD *thd) else res = load_master_data(thd); break; - + #ifdef HAVE_INNOBASE_DB case SQLCOM_SHOW_INNODB_STATUS: { @@ -1899,7 +1892,7 @@ mysql_execute_command(THD *thd) select_lex->db=tables->db; if (check_access(thd,ALTER_ACL,tables->db,&tables->grant.privilege) || check_access(thd,INSERT_ACL | CREATE_ACL,select_lex->db,&priv) || - check_merge_table_access(thd, tables->db, + check_merge_table_access(thd, tables->db, (TABLE_LIST *) lex->create_info.merge_list.first)) goto error; /* purecov: inspected */ @@ -1981,7 +1974,7 @@ mysql_execute_command(THD *thd) res = show_binlogs(thd); break; } -#endif +#endif case SQLCOM_SHOW_CREATE: #ifdef DONT_ALLOW_SHOW_COMMANDS send_error(thd,ER_NOT_ALLOWED_COMMAND); /* purecov: inspected */ @@ -2611,7 +2604,7 @@ mysql_execute_command(THD *thd) if (user->password.str && (strcmp(thd->user,user->user.str) || user->host.str && - my_strcasecmp(system_charset_info, + my_strcasecmp(system_charset_info, user->host.str, thd->host_or_ip))) { if (check_access(thd, UPDATE_ACL, "mysql",0,1)) @@ -3012,7 +3005,7 @@ mysql_init_query(THD *thd) lex->select_lex.init_query(); lex->value_list.empty(); lex->param_list.empty(); - lex->unit.global_parameters= lex->unit.slave= lex->current_select= + lex->unit.global_parameters= lex->unit.slave= lex->current_select= lex->all_selects_list= &lex->select_lex; lex->select_lex.master= &lex->unit; lex->select_lex.prev= &lex->unit.slave; @@ -3020,7 +3013,7 @@ mysql_init_query(THD *thd) lex->select_lex.link_prev= (st_select_lex_node**)&(lex->all_selects_list); lex->olap=lex->describe=0; lex->derived_tables= false; - thd->check_loops_counter= thd->select_number= + thd->check_loops_counter= thd->select_number= lex->select_lex.select_number= 1; thd->free_list= 0; thd->total_warn_count=0; // Warnings for this query @@ -3037,7 +3030,7 @@ mysql_init_select(LEX *lex) SELECT_LEX *select_lex= lex->current_select->select_lex(); DBUG_ASSERT(select_lex->linkage != GLOBAL_OPTIONS_TYPE); select_lex->init_select(); - select_lex->master_unit()->select_limit= select_lex->select_limit= + select_lex->master_unit()->select_limit= select_lex->select_limit= lex->thd->variables.select_limit; lex->exchange= 0; lex->result= 0; @@ -3067,7 +3060,7 @@ mysql_new_select(LEX *lex, bool move_down) } else select_lex->include_neighbour(lex->current_select); - + select_lex->master_unit()->global_parameters= select_lex; DBUG_ASSERT(lex->current_select->linkage != GLOBAL_OPTIONS_TYPE); select_lex->include_global((st_select_lex_node**)&lex->all_selects_list); @@ -3577,10 +3570,10 @@ TABLE_LIST *st_select_lex::add_table_to_list(Table_ident *table, if (!alias) /* Alias is case sensitive */ if (!(alias_str=thd->memdup(alias_str,table->table.length+1))) DBUG_RETURN(0); - + if (!(ptr = (TABLE_LIST *) thd->calloc(sizeof(TABLE_LIST)))) DBUG_RETURN(0); /* purecov: inspected */ - if (table->db.str) + if (table->db.str) { ptr->db= table->db.str; ptr->db_length= table->db.length; @@ -3596,7 +3589,7 @@ TABLE_LIST *st_select_lex::add_table_to_list(Table_ident *table, ptr->db= empty_c_string; ptr->db_length= 0; } - + ptr->alias= alias_str; if (lower_case_table_names) { |