Automatic merge with 5.2

5 files changed, 26 insertions, 11 deletions

diff --git a/sql/mysql_priv.h b/sql/mysql_priv.h
index 24e637df497..b38253c866a 100644
--- a/sql/mysql_priv.h
+++ b/sql/mysql_priv.h
@@ -943,6 +943,7 @@ inline bool check_merge_table_access(THD *thd, char *db, TABLE_LIST *table_list)
 inline bool check_some_routine_access(THD *thd, const char *db,
                                       const char *name, bool is_proc)
 { return false; }
+#define decrease_user_connections(X) do { } while(0)       /* nothing */
 #endif /*NO_EMBEDDED_ACCESS_CHECKS*/
 
 bool multi_update_precheck(THD *thd, TABLE_LIST *tables);
@@ -1176,7 +1177,9 @@ bool init_new_connection_handler_thread();
 void reset_mqh(LEX_USER *lu, bool get_them);
 bool check_mqh(THD *thd, uint check_command);
 void time_out_user_resource_limits(THD *thd, USER_CONN *uc);
+#ifndef NO_EMBEDDED_ACCESS_CHECKS
 void decrease_user_connections(USER_CONN *uc);
+#endif
 bool thd_init_client_charset(THD *thd, uint cs_number);
 inline bool is_supported_parser_charset(CHARSET_INFO *cs)
 {
diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc
index dc1405a00a4..61a6ac0cb87 100644
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -6978,7 +6978,6 @@ bool check_routine_level_acl(THD *thd, const char *db, const char *name,
 #undef HAVE_OPENSSL
 #ifdef NO_EMBEDDED_ACCESS_CHECKS
 #define initialized 0
-#define decrease_user_connections(X)        /* nothing */
 #define check_for_max_user_connections(X,Y)   0
 #define get_or_create_user_conn(A,B,C,D) 0
 #endif
@@ -8167,6 +8166,8 @@ bool acl_authenticate(THD *thd, uint connect_errors,
        max_user_connections) &&
       check_for_max_user_connections(thd, thd->user_connect))
   {
+    /* Ensure we don't decrement thd->user_connections->connections twice */
+    thd->user_connect= 0;
     status_var_increment(denied_connections);
     DBUG_RETURN(1); // The error is set in check_for_max_user_connections()
   }
@@ -8207,12 +8208,7 @@ bool acl_authenticate(THD *thd, uint connect_errors,
     if (mysql_change_db(thd, &mpvio.db, FALSE))
     {
       /* mysql_change_db() has pushed the error message. */
-      if (thd->user_connect)
-      {
-        status_var_increment(thd->status_var.access_denied_errors);
-        decrease_user_connections(thd->user_connect);
-        thd->user_connect= 0;
-      }
+      status_var_increment(thd->status_var.access_denied_errors);
       DBUG_RETURN(1);
     }
   }
diff --git a/sql/sql_class.cc b/sql/sql_class.cc
index 9bb1f83b06d..1ed0fbf5ece 100644
--- a/sql/sql_class.cc
+++ b/sql/sql_class.cc
@@ -1095,6 +1095,11 @@ void THD::cleanup(void)
     lock=locked_tables; locked_tables=0;
     close_thread_tables(this);
   }
+  if (user_connect)
+  {
+    decrease_user_connections(user_connect);
+    user_connect= 0;                            // Safety
+  }
   wt_thd_destroy(&transaction.wt);
 
 #if defined(ENABLED_DEBUG_SYNC)
diff --git a/sql/sql_connect.cc b/sql/sql_connect.cc
index debae2dd74d..f6bfe975d51 100644
--- a/sql/sql_connect.cc
+++ b/sql/sql_connect.cc
@@ -49,6 +49,7 @@ int get_or_create_user_conn(THD *thd, const char *user,
 
   DBUG_ASSERT(user != 0);
   DBUG_ASSERT(host != 0);
+  DBUG_ASSERT(thd->user_connect == 0);
 
   user_len= strlen(user);
   temp_len= (strmov(strmov(temp_user, user)+1, host) - temp_user)+1;
@@ -108,7 +109,7 @@ end:
 
 int check_for_max_user_connections(THD *thd, USER_CONN *uc)
 {
-  int error=0;
+  int error= 1;
   DBUG_ENTER("check_for_max_user_connections");
 
   (void) pthread_mutex_lock(&LOCK_user_conn);
@@ -116,7 +117,6 @@ int check_for_max_user_connections(THD *thd, USER_CONN *uc)
       max_user_connections < (uint) uc->connections)
   {
     my_error(ER_TOO_MANY_USER_CONNECTIONS, MYF(0), uc->user);
-    error=1;
     goto end;
   }
   time_out_user_resource_limits(thd, uc);
@@ -126,7 +126,6 @@ int check_for_max_user_connections(THD *thd, USER_CONN *uc)
     my_error(ER_USER_LIMIT_REACHED, MYF(0), uc->user,
              "max_user_connections",
              (long) uc->user_resources.user_conn);
-    error= 1;
     goto end;
   }
   if (uc->user_resources.conn_per_hour &&
@@ -135,10 +134,10 @@ int check_for_max_user_connections(THD *thd, USER_CONN *uc)
     my_error(ER_USER_LIMIT_REACHED, MYF(0), uc->user,
              "max_connections_per_hour",
              (long) uc->user_resources.conn_per_hour);
-    error=1;
     goto end;
   }
   uc->conn_per_hour++;
+  error= 0;
 
 end:
   if (error)
@@ -1028,8 +1027,17 @@ void end_connection(THD *thd)
 {
   NET *net= &thd->net;
   plugin_thdvar_cleanup(thd);
+
   if (thd->user_connect)
+  {
+    /*
+      We decrease this variable early to make it easy to log again quickly.
+      This code is not critical as we will in any case do this test
+      again in thd->cleanup()
+    */
     decrease_user_connections(thd->user_connect);
+    thd->user_connect= 0;
+  }
 
   if (thd->killed || (net->error && net->vio != 0))
   {
diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc
index 18dad6cfff0..204bc62cde3 100644
--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@@ -1132,12 +1132,15 @@ bool dispatch_command(enum enum_server_command command, THD *thd,
 
     /* Ensure we don't free security_ctx->user in case we have to revert */
     thd->security_ctx->user= 0;
+    thd->user_connect= 0;
 
     if (acl_authenticate(thd, 0, packet_length))
     {
       /* Free user if allocated by acl_authenticate */
       x_free(thd->security_ctx->user);
       *thd->security_ctx= save_security_ctx;
+      if (thd->user_connect)
+	decrease_user_connections(thd->user_connect);
       thd->user_connect= save_user_connect;
       thd->reset_db(save_db, save_db_length);
       thd->variables.character_set_client= save_character_set_client;