mirror of
https://github.com/MariaDB/server.git
synced 2025-01-17 20:42:30 +01:00
removed one more hack that - as usual - almost always worked
(but broke permission handling for *some* IP's after we started to compare in utf8) Bug #1636
This commit is contained in:
serg@serg.mylan
parent
6457b89948
commit
c752d2cad0
5 changed files with 11 additions and 14 deletions
|
|
@ -52,7 +52,8 @@ static byte* acl_entry_get_key(acl_entry *entry,uint *length,
|
|||
return (byte*) entry->key;
|
||||
}
|
||||
|
||||
#define ACL_KEY_LENGTH (sizeof(long)+NAME_LEN+USERNAME_LENGTH+1)
|
||||
#define IP_ADDR_STRLEN
|
||||
#define ACL_KEY_LENGTH (IP_ADDR_STRLEN+1+NAME_LEN+1+USERNAME_LENGTH+1)
|
||||
|
||||
static DYNAMIC_ARRAY acl_hosts,acl_users,acl_dbs;
|
||||
static MEM_ROOT mem, memex;
|
||||
|
|
@ -909,7 +910,7 @@ static void acl_insert_db(const char *user, const char *host, const char *db,
|
|||
Get privilege for a host, user and db combination
|
||||
*/
|
||||
|
||||
ulong acl_get(const char *host, const char *ip, const char *bin_ip,
|
||||
ulong acl_get(const char *host, const char *ip,
|
||||
const char *user, const char *db, my_bool db_is_pattern)
|
||||
{
|
||||
ulong host_access,db_access;
|
||||
|
|
@ -919,8 +920,7 @@ ulong acl_get(const char *host, const char *ip, const char *bin_ip,
|
|||
acl_entry *entry;
|
||||
|
||||
VOID(pthread_mutex_lock(&acl_cache->lock));
|
||||
memcpy_fixed(&key,bin_ip,sizeof(struct in_addr));
|
||||
end=strmov((tmp_db=strmov(key+sizeof(struct in_addr),user)+1),db);
|
||||
end=strmov((tmp_db=strmov(strmov(key, ip ? ip : "")+1,user)+1),db);
|
||||
if (lower_case_table_names)
|
||||
{
|
||||
my_casedn_str(&my_charset_latin1, tmp_db);
|
||||
|
|
@ -1331,7 +1331,7 @@ static bool test_if_create_new_users(THD *thd)
|
|||
bzero((char*) &tl,sizeof(tl));
|
||||
tl.db= (char*) "mysql";
|
||||
tl.real_name= (char*) "user";
|
||||
db_access=acl_get(thd->host, thd->ip, (char*) &thd->remote.sin_addr,
|
||||
db_access=acl_get(thd->host, thd->ip,
|
||||
thd->priv_user, tl.db, 0);
|
||||
if (!(db_access & INSERT_ACL))
|
||||
{
|
||||
|
|
|
|||
|
|
@ -134,7 +134,7 @@ public:
|
|||
my_bool acl_init(THD *thd, bool dont_read_acl_tables);
|
||||
void acl_reload(THD *thd);
|
||||
void acl_free(bool end=0);
|
||||
ulong acl_get(const char *host, const char *ip, const char *bin_ip,
|
||||
ulong acl_get(const char *host, const char *ip,
|
||||
const char *user, const char *db, my_bool db_is_pattern);
|
||||
int acl_getroot(THD *thd, USER_RESOURCES *mqh, const char *passwd,
|
||||
uint passwd_len);
|
||||
|
|
|
|||
|
|
@ -618,8 +618,7 @@ bool mysql_change_db(THD *thd, const char *name)
|
|||
if (test_all_bits(thd->master_access,DB_ACLS))
|
||||
db_access=DB_ACLS;
|
||||
else
|
||||
db_access= (acl_get(thd->host,thd->ip,(char*) &thd->remote.sin_addr,
|
||||
thd->priv_user,dbname,0) |
|
||||
db_access= (acl_get(thd->host,thd->ip, thd->priv_user,dbname,0) |
|
||||
thd->master_access);
|
||||
if (!(db_access & DB_ACLS) && (!grant_option || check_grant_db(thd,dbname)))
|
||||
{
|
||||
|
|
@ -684,8 +683,7 @@ int mysqld_show_create_db(THD *thd, char *dbname,
|
|||
if (test_all_bits(thd->master_access,DB_ACLS))
|
||||
db_access=DB_ACLS;
|
||||
else
|
||||
db_access= (acl_get(thd->host,thd->ip,(char*) &thd->remote.sin_addr,
|
||||
thd->priv_user,dbname,0) |
|
||||
db_access= (acl_get(thd->host,thd->ip, thd->priv_user,dbname,0) |
|
||||
thd->master_access);
|
||||
if (!(db_access & DB_ACLS) && (!grant_option || check_grant_db(thd,dbname)))
|
||||
{
|
||||
|
|
|
|||
|
|
@ -3376,7 +3376,7 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv,
|
|||
db_access= thd->db_access;
|
||||
if (!(thd->master_access & SELECT_ACL) &&
|
||||
(db && (!thd->db || strcmp(db,thd->db))))
|
||||
db_access=acl_get(thd->host, thd->ip, (char*) &thd->remote.sin_addr,
|
||||
db_access=acl_get(thd->host, thd->ip,
|
||||
thd->priv_user, db, test(want_access & GRANT_ACL));
|
||||
*save_priv=thd->master_access | db_access;
|
||||
DBUG_RETURN(FALSE);
|
||||
|
|
@ -3396,7 +3396,7 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv,
|
|||
DBUG_RETURN(FALSE); // Allow select on anything
|
||||
|
||||
if (db && (!thd->db || strcmp(db,thd->db)))
|
||||
db_access=acl_get(thd->host, thd->ip, (char*) &thd->remote.sin_addr,
|
||||
db_access=acl_get(thd->host, thd->ip,
|
||||
thd->priv_user, db, test(want_access & GRANT_ACL));
|
||||
else
|
||||
db_access=thd->db_access;
|
||||
|
|
|
|||
|
|
@ -75,8 +75,7 @@ mysqld_show_dbs(THD *thd,const char *wild)
|
|||
{
|
||||
#ifndef NO_EMBEDDED_ACCESS_CHECKS
|
||||
if (thd->master_access & (DB_ACLS | SHOW_DB_ACL) ||
|
||||
acl_get(thd->host, thd->ip, (char*) &thd->remote.sin_addr,
|
||||
thd->priv_user, file_name,0) ||
|
||||
acl_get(thd->host, thd->ip, thd->priv_user, file_name,0) ||
|
||||
(grant_option && !check_grant_db(thd, file_name)))
|
||||
#endif
|
||||
{
|
||||
|
|
|
|||
Loading…
Reference in a new issue