Original revision in 6.0:
------------------------------------------------------------
revno: 2630.13.11
committer: Alexander Nozdrin <alik@mysql.com>
branch nick: 6.0-rt-wl4300
timestamp: Thu 2008-07-24 11:44:21 +0400
message:
A patch for WL#4300: Define privileges for tablespaces.
------------------------------------------------------------
per-file messages:
mysql-test/r/grant.result
Update result file: new columm 'Create_tablespace_priv' has been added to mysql.user.
mysql-test/r/ps.result
Update result file: new columm 'Create_tablespace_priv' has been added to mysql.user.
mysql-test/r/system_mysql_db.result
Update result file: new columm 'Create_tablespace_priv' has been added to mysql.user.
mysql-test/suite/falcon/r/falcon_tablespace_priv.result
Test case for WL#4300.
mysql-test/suite/falcon/t/falcon_tablespace_priv.test
Test case for WL#4300.
mysql-test/suite/ndb/r/ndb_dd_ddl.result
Test case for WL#4300.
mysql-test/suite/ndb/t/ndb_dd_ddl.test
Test case for WL#4300.
scripts/mysql_system_tables.sql
New columm 'Create_tablespace_priv' has been added to mysql.user.
scripts/mysql_system_tables_data.sql
'CREATE TABLESPACE' is granted by default to the root user.
scripts/mysql_system_tables_fix.sql
Grant 'CREATE TABLESPACE' privilege during system table upgrade
if a user had SUPER privilege.
sql/sql_acl.cc
Added CREATE TABLESPACE privilege.
sql/sql_acl.h
Added CREATE TABLESPACE privilege.
sql/sql_parse.cc
Check global 'CREATE TABLESPACE' privilege for the following SQL statements:
- CREATE | ALTER | DROP TABLESPACE
- CREATE | ALTER | DROP LOGFILE GROUP
sql/sql_show.cc
Added CREATE TABLESPACE privilege.
sql/sql_yacc.yy
Added CREATE TABLESPACE privilege.
The problem: described in the bug report.
The fix:
--increase buffers where it's necessary
(buffers which are used in stxnmov)
--decrease buffer lengths which are used
with gcc 4.3.2
Compiling MySQL with gcc 4.3.2 and later produces a number of
warnings, many of which are new with the recent compiler
versions.
This bug will be resolved in more than one patch to limit the
size of changesets. This is the second patch, fixing more
of the warnings.
The SQL-mode PAD_CHAR_TO_FULL_LENGTH could prevent a DROP USER
statement from privileges associated with the user being dropped.
What ocurred was that reading from the User and Host fields of
the tables tables_priv or columns_priv would yield values padded
with spaces, causing a failure to match a specified user or host
('user' != 'user ');
The solution is to disregard the PAD_CHAR_TO_FULL_LENGTH mode
when iterating over and matching values in the privileges tables
for a DROP USER statement.
with gcc 4.3.2
Compiling MySQL with gcc 4.3.2 and later produces a number of
warnings, many of which are new with the recent compiler
versions.
This bug will be resolved in more than one patch to limit the
size of changesets. This is the second patch, fixing more
of the warnings.
The crash happens because of uninitialized
lex->ssl_cipher, lex->x509_subject, lex->x509_issuer variables.
The fix is to add initialization of these variables for
stored procedures&functions.
Make the caller of Query_log_event, Execute_load_log_event
constructors and THD::binlog_query to provide the error code
instead of having the constructors to figure out the error code.
MySQL crashes if a user without proper privileges attempts to create a procedure.
The crash happens because more than one error state is pushed onto the Diagnostic
area. In this particular case the user is denied to implicitly create a new user
account with the implicitly granted privileges ALTER- and EXECUTE ROUTINE.
The new account is needed if the original user account contained a host mask.
A user account with a host mask is a distinct user account in this context.
An alternative would be to first get the most permissive user account which
include the current user connection and then assign privileges to that
account. This behavior change is considered out of scope for this bug patch.
The implicit assignment of privileges when a user creates a stored routine is a
considered to be a feature for user convenience and as such it is not
a critical operation. Any failure to complete this operation is thus considered
non-fatal (an error becomes a warning).
The patch back ports a stack implementation of the internal error handler interface.
This enables the use of multiple error handlers so that it is possible to intercept
and cancel errors thrown by lower layers. This is needed as a error handler already
is used in the call stack emitting the errors which needs to be converted.
The problem is that the server failed to follow the rule that
every X509 object retrieved using SSL_get_peer_certificate()
must be explicitly freed by X509_free(). This caused a memory
leak for builds linked against OpenSSL where the X509 object
is reference counted -- improper counting will prevent the
object from being destroyed once the session containing the
peer certificate is freed.
The solution is to explicitly free every X509 object used.
When the thread executing a DDL was killed after finished its
execution but before writing the binlog event, the error code in
the binlog event could be set wrongly to ER_SERVER_SHUTDOWN or
ER_QUERY_INTERRUPTED.
This patch fixed the problem by ignoring the kill status when
constructing the event for DDL statements.
This patch also included the following changes in order to
provide the test case.
1) modified mysqltest to support variable for connection command
2) modified mysql-test-run.pl, add new variable MYSQL_SLAVE to
run mysql client against the slave mysqld.
- Remove bothersome warning messages. This change focuses on the warnings
that are covered by the ignore file: support-files/compiler_warnings.supp.
- Strings are guaranteed to be max uint in length
The problem is that we cannot insert new record into memory table
when table size exceeds max memory table size.
The fix is to use schema_table_store_record() function which
converts memory table into MyISAM in case of table size exceeding.
Note:
There is no test case for this bug, the reason is that
1. The code that was added already is checked(i.e. works) with existing tests
2. Correct work of schema_table_store_record() is checked with other test cases
(information_schema tests)
So new code is fully covered with existing test cases.
This patch also fixes bugs 36963 and 35600.
- In many places a view was confused with an anonymous derived
table, i.e. access checking was skipped. Fixed by introducing a
predicate to tell the difference between named and anonymous
derived tables.
- When inserting fields for "SELECT * ", there was no
distinction between base tables and views, where one should be
made. View privileges are checked elsewhere.
- In QUICK_INDEX_MERGE_SELECT::read_keys_and_merge: when we got table->sort from Unique,
tell init_read_record() not to use rr_from_cache() because a) rowids are already sorted
and b) it might be that the the data is used by filesort(), which will need record rowids
(which rr_from_cache() cannot provide).
- Fully de-initialize the table->sort read in QUICK_INDEX_MERGE_SELECT::get_next(). This fixes BUG#35477.
(bk trigger: file as fix for BUG#35478).
When creating a temporary table that uses the same name as the mysql
privs table the server would crash on FLUSH PRIVILEGES.
This patches corrects the problem by setting a flag to ignore any
temporary table when trying to reload the privileges.
The bool data type was redefined to BOOL (4 bytes on windows).
Removed the #define and fixed some of the warnings that were uncovered
by this.
Note that the fix also disables 2 warnings :
4800 : 'type' : forcing value to bool 'true' or 'false' (performance warning)
4805: 'operation' : unsafe mix of type 'type' and type 'type' in operation
These warnings will be handled in a separate bug, as they are performance related or bogus.
Fixed to int the return type of functions that return more than
2 distinct values.
Each time the server reloads privileges containing table grants, the
system will allocate too much memory than needed because of badly
chosen growth prediction in the underlying dynamic arrays.
This patch introduces a new signature to the hash container initializer
which enables a much more pessimistic approach in favour for more
efficient memory useage.
This patch was supplied by Google Inc.
The cause of the crash is an assertion failure that we do not emit
an error message (grant not found) and then return "ok". The
assertion is valid, and we were ignoring the buggy behavior prior
to the "Diagnostics" result-verification.
Use an error handler to mutate innocuous missing-grant errors, when
removing routines, into warnings.
SQL-mode PAD_CHAR_TO_FULL_LENGTH affected mysqld's user-table too. If
enabled, user-name and host were space-padded and no longer matched
the login-data of incoming connexions.
Patch disregards pad-flag while loading privileges so ability to log
in does not depend on SQL-mode.
