1 files changed, 67 insertions, 5 deletions

diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc
index 78a92193b5d..f4048fd9775 100644
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -139,6 +139,8 @@ my_bool acl_init(THD *org_thd, bool dont_read_acl_tables)
   READ_RECORD read_record_info;
   MYSQL_LOCK *lock;
   my_bool return_val=1;
+  bool check_no_resolve= specialflag & SPECIAL_NO_RESOLVE;
+
   DBUG_ENTER("acl_init");
 
   if (!acl_cache)
@@ -198,6 +200,13 @@ my_bool acl_init(THD *org_thd, bool dont_read_acl_tables)
     host.access= get_access(table,2);
     host.access= fix_rights_for_db(host.access);
     host.sort=	 get_sort(2,host.host.hostname,host.db);
+    if (check_no_resolve && hostname_requires_resolving(host.host.hostname))
+    {
+      sql_print_error("Warning: 'host' entry '%s|%s' "
+		      "ignored in --skip-name-resolve mode.",
+		      host.host.hostname, host.db, host.host.hostname);
+      continue;
+    }
 #ifndef TO_BE_REMOVED
     if (table->fields ==  8)
     {						// Without grant
@@ -259,6 +268,14 @@ my_bool acl_init(THD *org_thd, bool dont_read_acl_tables)
     ACL_USER user;
     update_hostname(&user.host, get_field(&mem, table->field[0]));
     user.user= get_field(&mem, table->field[1]);
+    if (check_no_resolve && hostname_requires_resolving(user.host.hostname))
+    {
+      sql_print_error("Warning: 'user' entry '%s@%s' "
+		      "ignored in --skip-name-resolve mode.",
+		      user.user, user.host.hostname, user.host.hostname);
+      continue;
+    }
+
     const char *password= get_field(&mem, table->field[2]);
     uint password_len= password ? strlen(password) : 0;
     set_user_salt(&user, password, password_len);
@@ -353,6 +370,13 @@ my_bool acl_init(THD *org_thd, bool dont_read_acl_tables)
       continue;
     }
     db.user=get_field(&mem, table->field[2]);
+    if (check_no_resolve && hostname_requires_resolving(db.host.hostname))
+    {
+      sql_print_error("Warning: 'db' entry '%s %s@%s' "
+		      "ignored in --skip-name-resolve mode.",
+		      db.db, db.user, db.host.hostname, db.host.hostname);
+      continue;
+    }
     db.access=get_access(table,3);
     db.access=fix_rights_for_db(db.access);
     db.sort=get_sort(3,db.host.hostname,db.db,db.user);
@@ -632,8 +656,8 @@ int acl_getroot(THD *thd, USER_RESOURCES  *mqh,
   if (acl_user)
   {
     /* OK. User found and password checked continue validation */
-    Vio *vio=thd->net.vio;
 #ifdef HAVE_OPENSSL
+    Vio *vio=thd->net.vio;
     SSL *ssl= (SSL*) vio->ssl_arg;
 #endif
 
@@ -1256,6 +1280,25 @@ static bool compare_hostname(const acl_host_and_ip *host, const char *hostname,
 	  (ip && !wild_compare(ip,host->hostname,0)));
 }
 
+bool hostname_requires_resolving(const char *hostname)
+{
+  char cur;
+  if (!hostname)
+    return false;
+  int namelen= strlen(hostname);
+  int lhlen= strlen(my_localhost);
+  if ((namelen == lhlen) &&
+      !my_strnncoll(&my_charset_latin1, (const uchar *)hostname,  namelen,
+		    (const uchar *)my_localhost, strlen(my_localhost)))
+    return false;
+  for (; (cur=*hostname); hostname++)
+  {
+    if ((cur != '%') && (cur != '_') && (cur != '.') &&
+	((cur < '0') || (cur > '9')))
+      return true;
+  }
+  return false;
+}
 
 /*
   Update grants in the user and database privilege tables
@@ -2443,6 +2486,7 @@ my_bool grant_init(THD *org_thd)
   MYSQL_LOCK *lock;
   my_bool return_val= 1;
   TABLE *t_table, *c_table;
+  bool check_no_resolve= specialflag & SPECIAL_NO_RESOLVE;
   DBUG_ENTER("grant_init");
 
   grant_option = FALSE;
@@ -2492,13 +2536,31 @@ my_bool grant_init(THD *org_thd)
   do
   {
     GRANT_TABLE *mem_check;
-    if (!(mem_check=new GRANT_TABLE(t_table,c_table)) ||
-	mem_check->ok() && my_hash_insert(&column_priv_hash,(byte*) mem_check))
+    if (!(mem_check=new GRANT_TABLE(t_table,c_table)) || mem_check->ok())
     {
       /* This could only happen if we are out memory */
       grant_option= FALSE;			/* purecov: deadcode */
       goto end_unlock;
     }
+
+    if (check_no_resolve)
+    {
+      if (hostname_requires_resolving(mem_check->host))
+      {
+	char buff[MAX_FIELD_WIDTH];
+	sql_print_error("Warning: 'tables_priv' entry '%s %s@%s' "
+			"ignored in --skip-name-resolve mode.",
+			mem_check->tname, mem_check->user, 
+			mem_check->host, mem_check->host);
+	continue;
+      }
+    }
+
+    if (my_hash_insert(&column_priv_hash,(byte*) mem_check))
+    {
+      grant_option= FALSE;
+      goto end_unlock;
+    }
   }
   while (!t_table->file->index_next(t_table->record[0]));
 
@@ -3456,7 +3518,7 @@ int mysql_revoke_all(THD *thd,  List <LEX_USER> &list)
 {
   uint counter;
   int result;
-  ACL_USER *acl_user; ACL_DB *acl_db;
+  ACL_DB *acl_db;
   TABLE_LIST tables[4];
   DBUG_ENTER("mysql_revoke_all");
 
@@ -3470,7 +3532,7 @@ int mysql_revoke_all(THD *thd,  List <LEX_USER> &list)
   List_iterator <LEX_USER> user_list(list);
   while ((lex_user=user_list++))
   {
-    if (!(acl_user= check_acl_user(lex_user, &counter)))
+    if (!check_acl_user(lex_user, &counter))
     {
       sql_print_error("REVOKE ALL PRIVILEGES, GRANT: User '%s'@'%s' not exists",
 		      lex_user->user.str,