Commit graph

31 commits

Author SHA1 Message Date
unknown
06bf59ad33 Bug#18630: Arguments of suid routine calculated in wrong security
context.

Routine arguments were evaluated in the security context of the routine
itself, not in the caller's context.

The bug is fixed the following way:

  - Item_func_sp::find_and_check_access() has been split into two
    functions: Item_func_sp::find_and_check_access() itself only
    finds the function and check that the caller have EXECUTE privilege
    on it.  New function set_routine_security_ctx() changes security
    context for SUID routines and checks that definer have EXECUTE
    privilege too.

  - new function sp_head::execute_trigger() is called from
    Table_triggers_list::process_triggers() instead of
    sp_head::execute_function(), and is effectively just as the
    sp_head::execute_function() is, with all non-trigger related code
    removed, and added trigger-specific security context switch.

  - call to Item_func_sp::find_and_check_access() stays outside
    of sp_head::execute_function(), and there is a code in
    sql_parse.cc before the call to sp_head::execute_procedure() that
    checks that the caller have EXECUTE privilege, but both
    sp_head::execute_function() and sp_head::execute_procedure() call
    set_routine_security_ctx() after evaluating their parameters,
    and restore the context after the body is executed.


mysql-test/r/sp-security.result:
  Add test case for bug#18630: Arguments of suid routine calculated
  in wrong security context.
mysql-test/t/sp-security.test:
  Add result for bug#18630: Arguments of suid routine calculated
  in wrong security context.
sql/item_func.cc:
  Do not change security context before executing the function, as it
  will be changed after argument evaluation.
  Do not change security context in Item_func_sp::find_and_check_access().
sql/item_func.h:
  Change prototype for Item_func_sp::find_and_check_access().
sql/sp_head.cc:
  Add set_routine_security_ctx() function.
  Add sp_head::execute_trigger() method.
  Change security context in sp_head::execute_trigger(), and in
  sp_head::execute_function() and sp_head::execute_procedure()
  after argument evaluation.
  Move pop_all_cursors() call to sp_head::execute().
sql/sp_head.h:
  Add declaration for sp_head::execute_trigger() and
  set_routine_security_ctx().
sql/sql_parse.cc:
  Do not change security context before executing the procedure, as it
  will be changed after argument evaluation.
sql/sql_trigger.cc:
  Call new sp_head::execute_trigger() instead of
  sp_head::execute_function(), which is responsible to switch
  security context.
2006-07-13 17:12:31 +04:00
unknown
5312b34910 Bug#19857: When a user with CREATE ROUTINE priv creates a routine it results in NULL p/w
sp_grant_privileges(), the function that GRANTs EXECUTE + ALTER privs on a SP,
did so creating a user-entry with not password; mysql_routine_grant() would then
write that "change" to the user-table.


mysql-test/r/sp-security.result:
  prove that creating a stored procedure will not destroy the creator's password
mysql-test/t/sp-security.test:
  prove that creating a stored procedure will not destroy the creator's password
sql/sql_acl.cc:
  get password from ACLs, convert to correct format, and use it when
  forcing GRANTS for SPs
2006-06-28 12:40:17 +02:00
unknown
f909f9965b Cleanup test cases that leaves "stuff" behind
mysql-test/r/ctype_latin2_ch.result:
  Drot table at end of test
mysql-test/r/grant2.result:
  Drop users
mysql-test/r/openssl_1.result:
  Drop users
mysql-test/r/rpl_openssl.result:
  Drop users
mysql-test/r/sp-security.result:
  Drop users
mysql-test/r/sp_notembedded.result:
  Drop table
mysql-test/r/trigger.result:
  Drop table
mysql-test/t/ctype_latin2_ch.test:
  Drop table
mysql-test/t/grant2.test:
  Drop users
mysql-test/t/openssl_1.test:
  Drop users
mysql-test/t/rpl_openssl.test:
  Drop users
mysql-test/t/sp-security.test:
  Drop users
mysql-test/t/sp_notembedded.test:
  Drop table
mysql-test/t/trigger.test:
  Drop table
2006-04-18 18:10:47 +02:00
unknown
3dd927cf1c Fix for BUG#13198: SP executes if definer does not exist.
Basically, this fix contains a test case and removing of a workaround
for replication. This fix became possible after pushing WL#2897
(Complete definer support in stored routines).


mysql-test/r/sp-security.result:
  Updated the result file to contain results of test for BUG#13198.
mysql-test/t/sp-security.test:
  Added a test case for BUG#13198.
sql/sp_head.cc:
  Removed the workaround for replication, since WL#2897 is pushed and
  now definer attribute/clause is fully supported in stored routines.
2006-03-02 16:23:42 +03:00
unknown
9a1fed13ee Implementation of WL#2897: Complete definer support in the stored routines.
The idea is to add DEFINER-clause in CREATE PROCEDURE and CREATE FUNCTION
statements. Almost all support of definer in stored routines had been already
done before this patch.

NOTE: this patch changes behaviour of dumping stored routines in mysqldump.
Before this patch, mysqldump did not dump DEFINER-clause for stored routines
and this was documented behaviour. In order to get full information about stored
routines, one should have dumped mysql.proc table. This patch changes this
behaviour, so that DEFINER-clause is dumped.

Since DEFINER-clause is not supported in CREATE PROCEDURE | FUNCTION statements
before this patch, the clause is covered by additional version-specific comments.


client/mysqldump.c:
  Updated the code for dumping stored routines: cover DEFINER-clause
  into version-specific comment.
mysql-test/r/gis.result:
  Updated result file after adding DEFINER-clause.
mysql-test/r/information_schema.result:
  Updated result file after adding DEFINER-clause.
mysql-test/r/mysqldump.result:
  Updated result file after adding DEFINER-clause.
mysql-test/r/rpl_ddl.result:
  Updated result file after adding DEFINER-clause.
mysql-test/r/rpl_sp.result:
  Updated result file after adding DEFINER-clause.
mysql-test/r/rpl_trigger.result:
  Updated result file after adding DEFINER-clause.
mysql-test/r/sp-security.result:
  Updated result file after adding DEFINER-clause.
mysql-test/r/sp.result:
  Updated result file after adding DEFINER-clause.
mysql-test/r/sql_mode.result:
  Updated result file after adding DEFINER-clause.
mysql-test/t/sp-security.test:
  Updated result file after adding DEFINER-clause.
sql/sp.cc:
  Added DEFINER-clause.
sql/sp_head.cc:
  Added a new convenient variant of set_definer() operation.
sql/sp_head.h:
  Updated result file after adding DEFINER-clause.
sql/sql_lex.h:
  Renamed trigger_definition_begin into stmt_definition_begin to be used for
  triggers and stored routines.
sql/sql_parse.cc:
  Check DEFINER-clause.
sql/sql_trigger.cc:
  Renamed trigger_definition_begin into stmt_definition_begin to be used for
  triggers and stored routines.
sql/sql_yacc.yy:
  Added DEFINER-clause.
2006-03-02 15:18:49 +03:00
unknown
85e54a08c4 Fix for BUG#7787: Stored procedures: improper warning for "grant execute" statement.
The problem was that error flag was not reset.


mysql-test/r/sp-security.result:
  Results for test case for BUG#7787.
mysql-test/t/sp-security.test:
  A test case for BUG#7787.
sql/sp.cc:
  Reset errors after sp_find_routine().
2006-02-22 13:44:04 +03:00
unknown
8a7bbefc2f Added new test case for BUG#14533: 'desc tbl' in stored procedure causes error 1142
which is no longer repeatable. (Unclear when this was fixed.)


mysql-test/r/sp-security.result:
  Updated results for new test case (BUG#14533)
mysql-test/t/sp-security.test:
  New test case for BUG#14533.
2006-02-01 14:46:30 +01:00
unknown
7ee0c6b5cf Merge neptunus.(none):/home/msvensson/mysql/mysqltestrun_check_testcases/my50-mysqltestrun_check_testcases
into  neptunus.(none):/home/msvensson/mysql/mysqltest_var/my50-mysqltest_var-integration


mysql-test/mysql-test-run.pl:
  Auto merged
mysql-test/r/query_cache.result:
  Auto merged
mysql-test/r/rpl000001.result:
  Auto merged
mysql-test/r/rpl_loaddata.result:
  Auto merged
mysql-test/r/rpl_loaddata_rule_m.result:
  Auto merged
mysql-test/r/rpl_loaddata_rule_s.result:
  Auto merged
mysql-test/r/rpl_misc_functions.result:
  Auto merged
mysql-test/r/rpl_replicate_do.result:
  Auto merged
mysql-test/r/sp-security.result:
  Auto merged
mysql-test/r/variables.result:
  Auto merged
mysql-test/r/view_grant.result:
  Auto merged
mysql-test/t/query_cache.test:
  Auto merged
mysql-test/t/rpl000001.test:
  Auto merged
mysql-test/t/rpl_loaddata.test:
  Auto merged
mysql-test/t/rpl_loaddata_rule_m.test:
  Auto merged
mysql-test/t/rpl_loaddata_rule_s.test:
  Auto merged
mysql-test/t/rpl_misc_functions.test:
  Auto merged
mysql-test/t/rpl_replicate_do.test:
  Auto merged
mysql-test/t/sp-security.test:
  Auto merged
mysql-test/t/trigger-compat.test:
  Auto merged
mysql-test/r/trigger-compat.result:
  Merge
2006-01-27 10:49:07 +01:00
unknown
313ea47da4 Add new option "check-testcases" to mysql-test-run.pl
Cleanup the sideeffects from most of the  testcases with sideeffects.


mysql-test/mysql-test-run.pl:
  Add option "check-testcases" to mysql-test-run.pl
  Will execute "include/check-testcase.test" once before each tescase and record the output into "var/tmp/check-testcase.result"
  After the teastcase it will run again and this time compare the output with previously recorded file.
mysql-test/r/analyze.result:
  Drop table t1 at end of test
mysql-test/r/create_select_tmp.result:
  Drop table t1 at end of test
mysql-test/r/ctype_cp932.result:
  Drop table t1 at end of test
mysql-test/r/ctype_recoding.result:
  Drop table t1 at end of test
mysql-test/r/grant2.result:
  Drop user mysqltest_2 and mysqltest_A@'%'
mysql-test/r/join_outer.result:
  Drop view v1 to cleanup
mysql-test/r/ps_1general.result:
  Drop table t1 at end of test
mysql-test/r/query_cache.result:
  Drop function "f1"
mysql-test/r/read_only.result:
  Reset the "read_only" flag
mysql-test/r/rpl000001.result:
  Remove user "blafasel2"
mysql-test/r/rpl000017.result:
  Remove user "replicate"
mysql-test/r/rpl_failed_optimize.result:
  Drop table t1 to cleanup
mysql-test/r/rpl_flush_tables.result:
  Drop tables t3, t4, t5
mysql-test/r/rpl_ignore_revoke.result:
  Delete user "user_foo"
mysql-test/r/rpl_insert_id.result:
  Drop table t1 to cleanup
mysql-test/r/rpl_loaddata.result:
  Drop tyable t1 to cleanup
mysql-test/r/rpl_loaddata_rule_m.result:
  Drop tyable t1 to cleanup
mysql-test/r/rpl_loaddata_rule_s.result:
  Drop tyable t1 to cleanup
mysql-test/r/rpl_misc_functions.result:
  Drop tyable t1 to cleanup
mysql-test/r/rpl_multi_update3.result:
  Drop tyable t1 and t2 to cleanup
mysql-test/r/rpl_replicate_do.result:
  Drop tyable t1 to cleanup
mysql-test/r/rpl_skip_error.result:
  Drop tyable t1 to cleanup
mysql-test/r/rpl_slave_status.result:
  Drop tyable t1 to cleanup
mysql-test/r/sp-prelocking.result:
  Drop view v1 and tables t1, t2, t3 and t4 to cleanup
mysql-test/r/sp-security.result:
  Delete users to cleanup
  Delete remaining traces in tables_priv and procs_priv
mysql-test/r/subselect_innodb.result:
  Drop procedure p1 to cleanup
mysql-test/r/trigger-compat.result:
  Drop trigger wl2818_trg1 and wl2818_trg2.
  Drop table t1, t2
  Drop database mysqltest_db1
  And the users "mysqltest_dfn@localhost" and "mysqltest_inv@localhost"
mysql-test/r/type_bit.result:
  Drop tables t1 and t2 to cleanup
mysql-test/r/variables.result:
  Set GLOBAL max_join_size to 10 as it originally was in variables-master.opt
mysql-test/r/view_grant.result:
  Dop user "test@localhost" to cleanup
mysql-test/t/analyze.test:
  Drop table t1 to cleanup
mysql-test/t/create_select_tmp.test:
  Drop table t1 to cleanup
mysql-test/t/ctype_cp932.test:
  Drop table t1 to cleanup
mysql-test/t/ctype_recoding.test:
  Drop table t1 to cleanup
mysql-test/t/fulltext_var.test:
  Restore the original ft_boolean_syntax
mysql-test/t/grant2.test:
  Drop users "mysqltest_2" and "mysqltest_A@'%'" to cleanup
mysql-test/t/innodb_cache.test:
  Reset query_cache_size to original value
mysql-test/t/join_outer.test:
  Drop view v1 to cleanup
mysql-test/t/ps_1general.test:
  Drop table t1 to cleanup
mysql-test/t/query_cache.test:
  Drop function "f1" to cleanup
mysql-test/t/read_only.test:
  Reset the readonly flag
mysql-test/t/rpl000001.test:
  Delete user "blafasel2" to cleanup
mysql-test/t/rpl000017.test:
  Delete user "replicate" to cleanup
mysql-test/t/rpl_failed_optimize.test:
  Drop table t1 to cleanup
mysql-test/t/rpl_flush_tables.test:
  Droip table t3, t4 and t5 to cleanup
mysql-test/t/rpl_ignore_revoke.test:
  Delet user "user_foo" to cleanup
mysql-test/t/rpl_insert_id.test:
  drop table t1 to cleanup
mysql-test/t/rpl_loaddata.test:
  Drop table t1 to cleanup
mysql-test/t/rpl_loaddata_rule_m.test:
  Drop table t1 to cleanup
mysql-test/t/rpl_loaddata_rule_s.test:
  Drop table t1 to cleanup
mysql-test/t/rpl_misc_functions.test:
  Drop table t1 to cleanup
mysql-test/t/rpl_multi_update3.test:
  Drop table t1 and t2 to cleanup
mysql-test/t/rpl_replicate_do.test:
  Drop table t1 to cleanup
mysql-test/t/rpl_skip_error.test:
  Drop table t1 to cleanup
mysql-test/t/rpl_slave_status.test:
  Drop table t1 to cleanup
mysql-test/t/sp-prelocking.test:
  Drop table t1, t2 t3 and t4 to cleanup
  Drop view v1
mysql-test/t/sp-security.test:
  Delete  test users from mysql.user, mysql.db, mysql.procs_priv and mysql.tables_priv
  Drop table t1 to cleanup
mysql-test/t/subselect_innodb.test:
  Drop procedure p1 to cleanup
mysql-test/t/trigger-compat.test:
  Drop trigger wl2818_trg1 and wl2818_trg2 to cleanup
  Drop table t1, t2
  Drop users
  drop database mysqltest_db1
mysql-test/t/type_bit.test:
  drop table t1 and t2 to cleanup
mysql-test/t/variables-master.opt:
  Increase max_join_size to 100.
mysql-test/t/variables.test:
  Set max_join_size to 10, which was the original value in variables-master.opt
mysql-test/t/view_grant.test:
  Drop the user "test@localhost"
mysql-test/include/check-testcase.test:
  New BitKeeper file ``mysql-test/include/check-testcase.test''
2006-01-26 17:54:34 +01:00
unknown
718128db90 Fixed BUG#14834: Server denies to execute Stored Procedure
The problem was that databases with '_' in the name did not match a
  correct ACL with a literal '_' (i.e. '\_') in the db name, only identical
  strings matched. The fix makes this work, and also ACLs with wildcards in
  the db name work.


mysql-test/r/sp-security.result:
  New test case for BUG#14834
mysql-test/t/sp-security.test:
  New test case for BUG#14834
sql/sql_acl.cc:
  Match wild db:s in ACL in acl_getroot_no_password() (used for "suid" security
  context switching when invoking stored routines)
2005-12-15 15:23:16 +01:00
unknown
ccb796a9ce sp-security.result, sp.result, sp-security.test, sp.test:
Test for bug#12812 moved from sp.test to sp-security.test


mysql-test/t/sp.test:
  Test for bug#12812 moved from sp.test to sp-security.test
mysql-test/t/sp-security.test:
  Test for bug#12812 moved from sp.test to sp-security.test
mysql-test/r/sp.result:
  Test for bug#12812 moved from sp.test to sp-security.test
mysql-test/r/sp-security.result:
  Test for bug#12812 moved from sp.test to sp-security.test
2005-10-16 22:47:19 +04:00
unknown
3eda70b270 Fixes during review of new pushed code
Fixed new bug when running a SP without a default database


mysql-test/r/information_schema.result:
  Added test to cover changes made in default handling
mysql-test/r/sp-security.result:
  Added test when executing SP without a default database
mysql-test/t/information_schema.test:
  Added test to cover changes made in default handling
mysql-test/t/sp-security.test:
  Added test when executing SP without a default database
sql/item_strfunc.cc:
  Removed wrong push
sql/mysqld.cc:
  Indentation fix
sql/sql_base.cc:
  Use share->db instead of share->table_cache_key
  Remove assert that can never fail (because of test in previous row)
sql/sql_db.cc:
  Allow empty database name when called from SP
  (To allow on run without a default database)
sql/sql_parse.cc:
  Added comment
sql/sql_show.cc:
  Indentation fixes
  Simplified code by checking for 'wrong' condition first and doing continue instead of going down one level
  Simplified precision and decimal handling
2005-08-20 11:00:00 +03:00
unknown
e0607f0a83 Avoid spurious error when restoring INFORMATION_SCHEMA as the current
database after failing to execute a stored procedure in an inaccessible
database. (Bug #12318)


mysql-test/r/sp-security.result:
  Update results
mysql-test/t/sp-security.test:
  Add regression test
sql/mysql_priv.h:
  Add additional argument to mysql_change_db()
sql/sp.cc:
  Use mysql_change_db(), get rid of sp_change_db().
sql/sp.h:
  Get rid of sp_change_db().
sql/sql_db.cc:
  Handle no_access_check flag to mysql_change_db, and remove the send_ok()
  call.
sql/sql_parse.cc:
  Add extra argument to mysql_change_db(), and call send_ok() after
  successful calls to same (since it no longer does it for us).
2005-08-11 17:04:16 -07:00
unknown
213c05400a Merge sanja.is.com.ua:/home/bell/mysql/bk/mysql-5.0
into  sanja.is.com.ua:/home/bell/mysql/bk/work-bug6-5.0


BitKeeper/etc/config:
  Auto merged
sql/item.cc:
  Auto merged
sql/item.h:
  Auto merged
sql/item_strfunc.cc:
  Auto merged
sql/item_strfunc.h:
  Auto merged
sql/sql_yacc.yy:
  Auto merged
mysql-test/r/sp-security.result:
  merge
mysql-test/r/view.result:
  merge
mysql-test/t/sp-security.test:
  merge
mysql-test/t/view.test:
  merge
sql/item_cmpfunc.cc:
  merge
sql/sql_class.h:
  merge
2005-07-16 00:17:05 +03:00
unknown
e84229b010 stop evaluation constant functions in WHERE (BUG#4663)
correct value of CURRENT_USER() in SP with "security definer" (BUG#7291)


BitKeeper/etc/config:
  switch off open logging
mysql-test/r/sp-security.result:
  correct value from current_user() in function run from "security definer"
mysql-test/r/view.result:
  evaluation constant functions in WHERE (BUG#4663)
mysql-test/t/sp-security.test:
  correct value from current_user() in function run from "security definer"
mysql-test/t/view.test:
  evaluation constant functions in WHERE (BUG#4663)
sql/item.cc:
  Item_static_string_func creation if it is need
sql/item.h:
  support of Item_static_string_func creation
sql/item_cmpfunc.cc:
  do not evaluate items during view creation
sql/item_create.cc:
  create Item_func_user
sql/item_strfunc.cc:
  Item_func_sysconst in case of converting value still have to correctly print itself
  => use Item_static_string_func instead of Item_string
      Item_func_user return USER() or CURRENT_USER()
sql/item_strfunc.h:
  support of correct charset conversion procedure in Item_func_sysconst
sql/sql_class.h:
  new method
sql/sql_yacc.yy:
  Item_func_user now support both USER() and CURRENT_USER(), so we have to pass parametr what it is
2005-07-16 00:01:44 +03:00
unknown
c7efc37f4c - Updated the sp-security result set after updating the test
mysql-test/r/sp-security.result:
  - Updated the result set
2005-07-07 17:55:16 +02:00
unknown
a5e742fedd fixed environment restoring in case of error during SP function execution (BUG#9503)
#define macro improvement


mysql-test/r/sp-security.result:
  BUG#9503: reseting correct parameters of thread after error in SP function
mysql-test/t/sp-security.test:
  BUG#9503: reseting correct parameters of thread after error in SP function
sql/item_func.cc:
  fixed environment restoring in case of error during SP function execution
sql/protocol.cc:
  added debug print
sql/sql_class.h:
  fixed #defines to force them to be alvaise in piar, and variable name made more complex for accident repeating in other code
2005-06-23 18:29:10 +03:00
unknown
55171821d2 Bug#10246 - Parser: bad syntax for GRANT EXECUTE
Rename some functions
  more fine-grained sp privileges
  make grant/revoke sp grammar less ambigious


mysql-test/r/sp-security.result:
  change test for new syntax
mysql-test/r/system_mysql_db.result:
  change test for new syntax
mysql-test/t/sp-security.test:
  change test for new syntax
scripts/mysql_create_system_tables.sh:
  now store routine_type for procs_priv
scripts/mysql_fix_privilege_tables.sql:
  now store routine_type for procs_priv
sql/item_func.cc:
  rename of function
sql/mysql_priv.h:
  rename of function
sql/sp_head.cc:
  extra arg for check_some_routine_access
sql/sql_acl.cc:
  rename of function. now handle func/proc acls seperately
sql/sql_acl.h:
  rename of function
sql/sql_parse.cc:
  rename of function
  grants for procs handled distinctly from funcs
sql/sql_show.cc:
  check_some_routine_access extra arg
sql/sql_base.cc:
  fix for build
sql/sql_yacc.yy:
  fix for build
2005-05-17 19:54:20 +01:00
unknown
31c4511d17 post-merge 2004-12-31 17:59:43 +01:00
unknown
09ce0b330b WL#925 - Privileges for stored routines
Implement fine-grained control over access to stored procedures
  Privileges are cached (same way as existing table/column privs)
  


mysql-test/include/system_db_struct.inc:
  WL#925 - Privileges for stored routines
    New system table: procs_priv
mysql-test/r/connect.result:
  WL#925 - Privileges for stored routines
    New system table: procs_priv
mysql-test/r/grant.result:
  WL#925 - Privileges for stored routines
    user table has additional privilege attributes
    SHOW PRIVILEGES amended
mysql-test/r/grant2.result:
  Fix result
mysql-test/r/information_schema.result:
  WL#925 - Privileges for stored routines
    New system table procs_priv
    New user privileges
mysql-test/r/show_check.result:
  Fix result
mysql-test/r/sp-security.result:
  WL#925 - Privileges for stored routines
    Fix existing tests to work with new privileges
    New tests for new privileges
mysql-test/r/sp.result:
  WL#925 - Privileges for stored routines
    Fix SHOW PRIVILEGES results
mysql-test/r/system_mysql_db.result:
  WL#925 - Privileges for stored routines
    New system table: procs_priv
    user and db tables have new privilege attributes
mysql-test/t/grant2.test:
  Fix test
mysql-test/t/show_check.test:
  Fix test
mysql-test/t/sp-security.test:
  WL#925 - Privileges for stored routines
    Allow existing tests to run with new privilege checks
    New tests for privileges
mysql-test/t/system_mysql_db_fix.test:
  WL#925 - Privileges for stored routines
    New system table: procs_priv
scripts/mysql_create_system_tables.sh:
  WL#925 - Privileges for stored routines
    db and user has new privilege attributes
    new system table: procs_priv
scripts/mysql_fix_privilege_tables.sql:
  WL#925 - Privileges for stored routines
    new system table: procs_priv
scripts/mysql_install_db.sh:
  WL#925 - Privileges for stored routines
    Amend comment
sql/item_func.cc:
  WL#925 - Privileges for stored routines
    Privilege check for stored FUNCTION routine
sql/lex.h:
  WL#925 - Privileges for stored routines
    new token ROUTINE
sql/mysql_priv.h:
  WL#925 - Privileges for stored routines
    New function: check_procedure_access()
sql/mysqld.cc:
  WL#925 - Privileges for stored routines
    system option automatic-sp-privileges
sql/set_var.cc:
  WL#925 - Privileges for stored routines
    system option automatic-sp-privileges
sql/share/errmsg.txt:
  WL#925 - Privileges for stored routines
    rename errormessage to conform:
      ER_SP_ACCESS_DENIED_ERROR -> ER_PROCACCESS_DENIED_ERROR
    New error messages
      ER_NONEXISTING_PROC_GRANT, ER_PROC_AUTO_GRANT_FAIL, ER_PROC_AUTO_REVOKE_FAIL
sql/sp.cc:
  WL#925 - Privileges for stored routines
    new function: sp_exists_routine()
sql/sp.h:
  WL#925 - Privileges for stored routines
    new function: sp_exists_routine()
sql/sql_acl.cc:
  WL#925 - Privileges for stored routines
    Implementation for SP privileges.
    Privileges are cached in memory hash.
    New functions:
      mysql_procedure_grant()
      check_grant_procedure()
      sp_revoke_privileges()
      sp_grant_privileges()
sql/sql_acl.h:
  WL#925 - Privileges for stored routines
    New privilege bits: CREATE_PROC_ACL, ALTER_PROC_ACL
    Alter confusing bit-segments to be shifted
    New macros: fix_rights_for_procedure() get_rights_for_procedure()
    New functions:
      mysql_procedure_grant()
      check_grant_procedure()
      sp_grant_privileges()
      sp_revoke_privileges()
sql/sql_lex.h:
  WL#925 - Privileges for stored routines
    new all_privileges attribute in LEX
sql/sql_parse.cc:
  WL#925 - Privileges for stored routines
    Remove function: check_sp_definer_access()
    Add handling for SP grants/revokes
    Add privilege checks for stored procedure invocation
sql/sql_show.cc:
  WL#925 - Privileges for stored routines
    update result for SHOW PRIVILEGES
sql/sql_yacc.yy:
  WL#925 - Privileges for stored routines
    New token ROUTINE
    rename some rules
    handle CREATE ROUTINE / ALTER ROUTINE privileges
2004-12-23 10:46:24 +00:00
unknown
46ce3d0092 merge
mysql-test/r/sp-security.result:
  Auto merged
mysql-test/r/sp.result:
  Auto merged
mysql-test/t/sp-security.test:
  Auto merged
mysql-test/t/sp.test:
  Auto merged
sql/log_event.cc:
  Auto merged
sql/set_var.cc:
  Auto merged
sql/sp.cc:
  Auto merged
sql/sp_rcontext.cc:
  Auto merged
sql/sql_base.cc:
  Auto merged
sql/sql_insert.cc:
  Auto merged
sql/sql_load.cc:
  Auto merged
sql/sql_yacc.yy:
  Auto merged
2004-10-28 11:02:48 +03:00
unknown
a50cd5c53d Fixed BUG#6030: Stored procedure has no appropriate DROP privilege.
...and no ALTER privilege either.
  For now, only the definer and root can drop or alter an SP.


include/mysqld_error.h:
  New access denied error code when dropping/altering stored procedures.
include/sql_state.h:
  New access denied error code when dropping/altering stored procedures.
mysql-test/r/sp-error.result:
  Removed warning for "unitialized variable", as this popped up in unexpected
  places after the access control for drop/alter SPs was added. (And the warning
  was wrong and planned to be removed anyway.)
mysql-test/r/sp-security.result:
  Added tests for access control on who's allowed to drop and alter SPs.
mysql-test/r/sp.result:
  Updated results. (Warning removed.)
mysql-test/t/sp-error.test:
  Removed warning for "unitialized variable", as this popped up in unexpected
  places after the access control for drop/alter SPs was added. (And the warning
  was wrong and planned to be removed anyway.)
mysql-test/t/sp-security.test:
  Added tests for access control on who's allowed to drop and alter SPs.
sql/share/czech/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/danish/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/dutch/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/english/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/estonian/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/french/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/german/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/greek/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/hungarian/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/italian/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/japanese/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/korean/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/norwegian-ny/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/norwegian/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/polish/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/portuguese/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/romanian/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/russian/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/serbian/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/slovak/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/spanish/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/swedish/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/ukrainian/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/sql_parse.cc:
  Added minimal access control for DROP/ALTER PROCEDURE/FUNCTION. Only the definer
  and root are allowed to do this.
sql/sql_yacc.yy:
  Removed warning for "unitialized variable", as this popped up in unexpected
  places after the access control for drop/alter SPs was added. (And the warning
  was wrong and planned to be removed anyway.)
2004-10-22 20:29:06 +02:00
unknown
066c90563a errors without code removed
net_printf/send_error calls replaced by my_error family functions
-1/1 (sent/unsent) error reporting removed
(WL#2133)


include/mysqld_error.h:
  new errors added.
mysql-test/r/rpl_charset.result:
  new error
mysql-test/r/rpl_timezone.result:
  new error
mysql-test/r/sp-security.result:
  more clean error message
mysql-test/r/sp.result:
  now error state intercepted correctly
mysql-test/t/connect.test:
  new error message
mysql-test/t/rpl_charset.test:
  new error message
mysql-test/t/rpl_timezone.test:
  new error
mysql-test/t/sp-security.test:
  more correct error handling
mysql-test/t/sp.test:
  now error state intercepted correctly
sql/ha_innodb.cc:
  -1/1 (sent/unsent) error reporting removed
sql/ha_innodb.h:
  -1/1 (sent/unsent) error reporting removed
sql/item.cc:
  only boolean values should be returned by fix_fields()
sql/item_cmpfunc.cc:
  only boolean values should be returned by fix_fields()
sql/item_func.cc:
  only boolean values should be returned by fix_fields()
  net_printf/send_error calls replaced by my_error family functions
sql/item_row.cc:
  only boolean values should be returned by fix_fields()
sql/item_subselect.cc:
  only boolean values should be returned by fix_fields()
  -1/1 (sent/unsent) error reporting removed
sql/item_subselect.h:
  -1/1 (sent/unsent) error reporting removed
sql/item_sum.cc:
  only boolean values should be returned by fix_fields()
sql/item_timefunc.cc:
  only boolean values should be returned by fix_fields()
sql/item_uniq.h:
  only boolean values should be returned by fix_fields()
sql/mysql_priv.h:
  -1/1 (sent/unsent) error reporting removed
sql/mysqld.cc:
  net_printf/send_error calls replaced by my_error family functions
  changes in my_message_sql to support error handling correctly
sql/protocol.cc:
  net_printf/send_error calls replaced by my_error family functions
sql/protocol_cursor.cc:
  net_printf/send_error calls replaced by my_error family functions
sql/repl_failsafe.cc:
  net_printf/send_error calls replaced by my_error family functions
  -1/1 (sent/unsent) error reporting removed
sql/repl_failsafe.h:
  -1/1 (sent/unsent) error reporting removed
sql/set_var.cc:
  net_printf/send_error calls replaced by my_error family functions
sql/share/czech/errmsg.txt:
  new error messages
sql/share/danish/errmsg.txt:
  new error messages
sql/share/dutch/errmsg.txt:
  new error messages
sql/share/english/errmsg.txt:
  new error messages
sql/share/estonian/errmsg.txt:
  new error messages
sql/share/french/errmsg.txt:
  new error messages
sql/share/german/errmsg.txt:
  new error messages
sql/share/greek/errmsg.txt:
  new error messages
sql/share/hungarian/errmsg.txt:
  new error messages
sql/share/italian/errmsg.txt:
  new error messages
sql/share/japanese/errmsg.txt:
  new error messages
sql/share/korean/errmsg.txt:
  new error messages
sql/share/norwegian-ny/errmsg.txt:
  new error messages
sql/share/norwegian/errmsg.txt:
  new error messages
sql/share/polish/errmsg.txt:
  new error messages
sql/share/portuguese/errmsg.txt:
  new error messages
sql/share/romanian/errmsg.txt:
  new error messages
sql/share/russian/errmsg.txt:
  new error messages
sql/share/serbian/errmsg.txt:
  new error messages
sql/share/slovak/errmsg.txt:
  new error messages
sql/share/spanish/errmsg.txt:
  new error messages
sql/share/swedish/errmsg.txt:
  new error messages
sql/share/ukrainian/errmsg.txt:
  new error messages
sql/slave.cc:
  net_printf/send_error calls replaced by my_error family functions
  -1/1 (sent/unsent) error reporting removed
sql/slave.h:
  -1/1 (sent/unsent) error reporting removed
sql/sp.cc:
  net_printf/send_error calls replaced by my_error family functions
sql/sp_head.cc:
  new eror handling support
  net_printf/send_error calls replaced by my_error family functions
sql/sp_rcontext.cc:
  net_printf/send_error calls replaced by my_error family functions
sql/sql_acl.cc:
  net_printf/send_error calls replaced by my_error family functions
  -1/1 (sent/unsent) error reporting removed
sql/sql_acl.h:
  -1/1 (sent/unsent) error reporting removed
sql/sql_base.cc:
  -1/1 (sent/unsent) error reporting removed
  net_printf/send_error calls replaced by my_error family functions
sql/sql_class.cc:
  net_printf/send_error calls replaced by my_error family functions
sql/sql_class.h:
  my_messhage_sql now set/reset query_error flag
sql/sql_db.cc:
  -1/1 (sent/unsent) error reporting removed
sql/sql_delete.cc:
  -1/1 (sent/unsent) error reporting removed
  net_printf/send_error calls replaced by my_error family functions
sql/sql_do.cc:
  -1/1 (sent/unsent) error reporting removed
sql/sql_error.cc:
  -1/1 (sent/unsent) error reporting removed
sql/sql_handler.cc:
  -1/1 (sent/unsent) error reporting removed
  net_printf/send_error calls replaced by my_error family functions
sql/sql_help.cc:
  net_printf/send_error calls replaced by my_error family functions
  -1/1 (sent/unsent) error reporting removed
sql/sql_insert.cc:
  -1/1 (sent/unsent) error reporting removed
  net_printf/send_error calls replaced by my_error family functions
sql/sql_lex.h:
  -1/1 (sent/unsent) error reporting removed
sql/sql_load.cc:
  -1/1 (sent/unsent) error reporting removed
sql/sql_map.cc:
  errors without code removed
sql/sql_parse.cc:
  net_printf/send_error calls replaced by my_error family functions
  -1/1 (sent/unsent) error reporting removed from mysql_execute_command
sql/sql_prepare.cc:
  net_printf/send_error calls replaced by my_error family functions
  -1/1 (sent/unsent) error reporting removed
sql/sql_repl.cc:
  error messages fixed
  net_printf/send_error calls replaced by my_error family functions
  -1/1 (sent/unsent) error reporting removed
sql/sql_repl.h:
  -1/1 (sent/unsent) error reporting removed
sql/sql_select.cc:
  -1/1 (sent/unsent) error reporting removed
sql/sql_select.h:
  -1/1 (sent/unsent) error reporting removed
sql/sql_show.cc:
  -1/1 (sent/unsent) error reporting removed
  net_printf/send_error calls replaced by my_error family functions
sql/sql_table.cc:
  net_printf/send_error calls replaced by my_error family functions
  -1/1 (sent/unsent) error reporting removed
sql/sql_trigger.cc:
  -1/1 (sent/unsent) error reporting removed
sql/sql_udf.cc:
  net_printf/send_error calls replaced by my_error family functions
sql/sql_union.cc:
  -1/1 (sent/unsent) error reporting removed
sql/sql_update.cc:
  -1/1 (sent/unsent) error reporting removed
  net_printf/send_error calls replaced by my_error family functions
sql/sql_view.cc:
  -1/1 (sent/unsent) error reporting removed
sql/sql_view.h:
  -1/1 (sent/unsent) error reporting removed
sql/sql_yacc.yy:
  net_printf/send_error calls replaced by my_error family functions
2004-10-20 04:04:37 +03:00
unknown
46ea874fb7 After merge fixes
Note: The following tests fails
- fulltext (Sergei has promised to fix)
- rpl_charset (Guilhem should fix)
- rpl_timezone (Dimitray has promised to fix)

Sanja needs to check out the calling of close_thread_tables() in sp_head.cc


myisam/mi_check.c:
  After merge fix
myisam/sort.c:
  After merge fix
mysql-test/mysql-test-run.sh:
  Export master socket to mysqltest
mysql-test/r/func_group.result:
  Make result repeatable
mysql-test/r/mysqlbinlog.result:
  After merge fix
mysql-test/r/ps_1general.result:
  After merge fix
mysql-test/r/ps_2myisam.result:
  After merge fix
mysql-test/r/ps_3innodb.result:
  After merge fix
mysql-test/r/ps_4heap.result:
  After merge fix
mysql-test/r/ps_5merge.result:
  After merge fix
mysql-test/r/ps_6bdb.result:
  After merge fix
mysql-test/r/rpl_flush_log_loop.result:
  After merge fix
mysql-test/r/rpl_replicate_do.result:
  After merge fix
mysql-test/r/rpl_temporary.result:
  After merge fix
mysql-test/r/rpl_timezone.result:
  After merge fix
  Note that this test fails now (Dimitry has promised to fix this)
mysql-test/r/rpl_user_variables.result:
  After merge fix
mysql-test/r/select.result:
  After merge fix
mysql-test/r/sp-error.result:
  After merge fix
mysql-test/r/sp-security.result:
  After merge fix
mysql-test/r/sp.result:
  After merge fix
mysql-test/r/user_var.result:
  After merge fix
mysql-test/r/variables.result:
  After merge fix
mysql-test/t/alter_table.test:
  After merge fix
mysql-test/t/derived.test:
  After merge fix
mysql-test/t/func_group.test:
  Make result repeatable
mysql-test/t/grant_cache.test:
  Use MASTER_MYSOCK instead of master.sock
mysql-test/t/multi_update.test:
  Use MASTER_MYSOCK instead of master.sock
mysql-test/t/rpl000015.test:
  Use MASTER_MYSOCK instead of master.sock
mysql-test/t/rpl000017.test:
  Use MASTER_MYSOCK instead of master.sock
mysql-test/t/rpl000018.test:
  Use MASTER_MYSOCK instead of master.sock
mysql-test/t/rpl_charset.test:
  After merge fix
mysql-test/t/rpl_heap.test:
  Use MASTER_MYSOCK instead of master.sock
mysql-test/t/rpl_rotate_logs.test:
  Use MASTER_MYSOCK instead of master.sock
mysql-test/t/sp-error.test:
  after merge fix
mysql-test/t/sp-security.test:
  after merge fix
mysql-test/t/user_var.test:
  after merge fix
scripts/mysql_fix_privilege_tables.sh:
  This can now be exectued from the source distribution
sql/handler.cc:
  Cleanup
sql/handler.h:
  More debugging
sql/item.h:
  Indentation fixes
sql/item_cmpfunc.cc:
  After merge fixes
sql/opt_range.cc:
  After merge fixes
sql/opt_range.h:
  After merge fixes
sql/sp.cc:
  After merge fixes
sql/sp_head.cc:
  Remove closing of thread tables in a SP function as this caused a core dump.
  (Has to be fixed better)
sql/sql_base.cc:
  More debugging
sql/sql_handler.cc:
  After merge fixes
  (We have to call ha_index_or_rnd_end() before calling close_thread_table())
sql/sql_parse.cc:
  More debugging
sql/sql_prepare.cc:
  After merge fixes
sql/sql_select.cc:
  After merge fixes
2004-07-15 04:19:07 +03:00
unknown
44d2934f0b Fixed BUG#3339: Stored procedures in nonexistent schemas are uncallable.
Also added some related security tests and corrected related error messages.


mysql-test/r/sp-error.result:
  New test case for BUG#3339, and updated results for other modified error messages.
mysql-test/r/sp-security.result:
  Added tests for creating procedures in another database with and wihout
  access rights.
mysql-test/t/sp-error.test:
  New test case for BUG#3339.
mysql-test/t/sp-security.test:
  Added tests for creating procedures in another database with and wihout
  access rights.
sql/sp.cc:
  Check existance (and access rights) for database when creating a stored routine.
sql/sp.h:
  New error return value for sp_create_* functions, for non existing database.
sql/sql_parse.cc:
  Check error return for create stored routine (non existing database),
  and corrected the error output for some other commands. (Use qualified
  name, not just name.)
2004-06-15 15:42:28 +02:00
unknown
645d19f694 WL#1366: Use the schema (db) associated with an SP.
Phase 4 (final): Remove associated stored procedures when a database is dropped.


mysql-test/r/sp-security.result:
  drop database now deletes associated SPs.
mysql-test/r/sp.result:
  drop database now deletes associated SPs.
mysql-test/t/sp-security.test:
  drop database now deletes associated SPs.
mysql-test/t/sp.test:
  drop database now deletes associated SPs.
sql/sp.cc:
  New function for deleting all SPs associated with a database.
sql/sp.h:
  New function for deleting all SPs associated with a database.
sql/sp_cache.cc:
  New function for just invalidating all SP caches (when dropping a database).
sql/sp_cache.h:
  New function for just invalidating all SP caches (when dropping a database).
sql/sql_db.cc:
  When dropping a database, also delete all associated SPs.
2004-03-22 14:44:41 +01:00
unknown
d2ad3cff19 WL#1366: Use the schema (db) associated with an SP.
Phase 3: Made qualified names work for functions as well.


mysql-test/r/sp-security.result:
  New testcases for functions with qualified names.
mysql-test/t/sp-security.test:
  New testcases for functions with qualified names.
sql/item_func.cc:
  Added error handling for stored function, if it doesn't exist.
sql/item_func.h:
  Set null_value if execution of a stored function fails.
sql/mysql_priv.h:
  Reverted previous change: No optional args for mysql_change_db().
  (SPs use a specially tailored function instead.)
sql/sp.cc:
  Copied mysql_change_db() from sql_db.cc and modified specially for SPs.
sql/sp_head.cc:
  Fixed error handling for errors in functions during query/statement execution.
sql/sql_db.cc:
  Reverted previous change: No optional args for mysql_change_db().
  (SPs use a specially tailored function instead.)
sql/sql_yacc.yy:
  Reworked the stored function/UDF invokation parsing and added qualified names
  for stored functions. UDFs now have precedence over stored functions (whith
  unqualified name). When using an unqualified name, only IDENT_sys is allowed
  (i.e. no unreserved keywords), since we get unresolvable reduce/reduce conflicts
  otherwise.
2004-03-19 19:01:54 +01:00
unknown
eb4aa092e5 WL#1366: Use the schema (db) associated with an SP.
Phase 2: Make SPs belong to a DB, and use qualified names.
  As a side effect, using USE in an SP is no longer allowed.
  (It just doesn't work otherwise.)


include/mysqld_error.h:
  New error code (USE is no longer allowed in a stored procedure).
include/sql_state.h:
  New error state (USE is no longer allowed in a stored procedure).
mysql-test/r/sp-error.result:
  Updated result for test of USE in SP (not allowed now).
mysql-test/r/sp-security.result:
  Updated test results for new db column and qualified procedured names.
mysql-test/r/sp.result:
  Updated results for USE in SP (as it's no longer allowed), and
  for new db column in status result.
mysql-test/t/sp-error.test:
  Moved test of USE in SP from sp.test (as it's no longer allowed).
mysql-test/t/sp-security.test:
  Ajusted tests for new db column and qualified procedured names.
mysql-test/t/sp.test:
  Moved test of USE in SP to sp-error.test (as it's no longer allowed).
  Adjusted tests for new db column in status result.
sql/mysql_priv.h:
  mysql_change_db() now has optional arguments for use by SP with qualified names.
sql/share/czech/errmsg.txt:
  New error message: USE is not allowed in a stored procedure.
sql/share/danish/errmsg.txt:
  New error message: USE is not allowed in a stored procedure.
sql/share/dutch/errmsg.txt:
  New error message: USE is not allowed in a stored procedure.
sql/share/english/errmsg.txt:
  New error message: USE is not allowed in a stored procedure.
sql/share/estonian/errmsg.txt:
  New error message: USE is not allowed in a stored procedure.
sql/share/french/errmsg.txt:
  New error message: USE is not allowed in a stored procedure.
sql/share/german/errmsg.txt:
  New error message: USE is not allowed in a stored procedure.
sql/share/greek/errmsg.txt:
  New error message: USE is not allowed in a stored procedure.
sql/share/hungarian/errmsg.txt:
  New error message: USE is not allowed in a stored procedure.
sql/share/italian/errmsg.txt:
  New error message: USE is not allowed in a stored procedure.
sql/share/japanese/errmsg.txt:
  New error message: USE is not allowed in a stored procedure.
sql/share/korean/errmsg.txt:
  New error message: USE is not allowed in a stored procedure.
sql/share/norwegian-ny/errmsg.txt:
  New error message: USE is not allowed in a stored procedure.
sql/share/norwegian/errmsg.txt:
  New error message: USE is not allowed in a stored procedure.
sql/share/polish/errmsg.txt:
  New error message: USE is not allowed in a stored procedure.
sql/share/portuguese/errmsg.txt:
  New error message: USE is not allowed in a stored procedure.
sql/share/romanian/errmsg.txt:
  New error message: USE is not allowed in a stored procedure.
sql/share/russian/errmsg.txt:
  New error message: USE is not allowed in a stored procedure.
sql/share/serbian/errmsg.txt:
  New error message: USE is not allowed in a stored procedure.
sql/share/slovak/errmsg.txt:
  New error message: USE is not allowed in a stored procedure.
sql/share/spanish/errmsg.txt:
  New error message: USE is not allowed in a stored procedure.
sql/share/swedish/errmsg.txt:
  New error message: USE is not allowed in a stored procedure.
sql/share/ukrainian/errmsg.txt:
  New error message: USE is not allowed in a stored procedure.
sql/sp.cc:
  SPs are now "belong" to a DB and may have qualified names.
  New functions for changing DB ("use") when parsing and invoking SPs.
sql/sp.h:
  New functions for changing DB ("use") when parsing and invoking SPs.
sql/sp_cache.cc:
  Use the qualified name in the SP cache.
sql/sp_head.cc:
  New function for allocating a qualified SP name (used in sql_yacc.yy).
  Change DB when executing an SP (if needed).
  Moved thd_mem_root swap functions from sp_head.h.
sql/sp_head.h:
  New function for allocating a qualified SP name (used in sql_yacc.yy).
  Moved thd_mem_root swap functions to sp_head.cc.
sql/sql_db.cc:
  mysql_change_db() now has optional arguments for use by SP with qualified names
  (for use when reading an SP from database and executing it); also allow "unusing"
  a database, i.e. setting thd->thd to "".
sql/sql_yacc.yy:
  Initialize qualfied SP names correctly.
  USE is no longer allowed in an SP.
2004-03-11 17:18:59 +01:00
unknown
857b59578c Fixed BUG#2777: Stored procedure doesn't observe definer's rights.
SQL SECURITY DEFINER must enforce reduced rights too, not just additional rights.


mysql-test/r/sp-security.result:
  Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights.
mysql-test/t/sp-security.test:
  Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights.
sql/sql_acl.cc:
  Clear rights before changing them in acl_getroot_no_password so that
  reduced rights work too, and take care of db acls as well.
2004-03-02 11:52:19 +01:00
unknown
241bb22699 Forgot to wrap things in #ifndef NO_EMBEDDED_ACCESS_CHECKS for the embedded server.
Added missing cleanup in sp-security.test.


mysql-test/r/sp-security.result:
  Added clean-up.
mysql-test/t/sp-security.test:
  Added clean-up.
sql/item_func.cc:
  Forgot to wrap things in #ifndef NO_EMBEDDED_ACCESS_CHECKS for the embedded server.
sql/sp_head.cc:
  Forgot to wrap things in #ifndef NO_EMBEDDED_ACCESS_CHECKS for the embedded server.
sql/sp_head.h:
  Forgot to wrap things in #ifndef NO_EMBEDDED_ACCESS_CHECKS for the embedded server.
sql/sql_parse.cc:
  Forgot to wrap things in #ifndef NO_EMBEDDED_ACCESS_CHECKS for the embedded server.
2003-12-16 14:15:27 +01:00
unknown
a6f85eeac1 WL#1365: Implement definer's rights execution of stored procedures.
(Also put the hostpart back in the definer column.)


mysql-test/r/sp-error.result:
  Moved error test from sp.test
mysql-test/r/sp.result:
  Moved error test to sp-error.test.
  Put hostpart back into definer column in mysql.proc.
mysql-test/t/sp-error.test:
  Moved error test from sp.test
mysql-test/t/sp.test:
  Moved error test to sp-error.test.
  Put hostpart back into definer column in mysql.proc.
sql/item_func.cc:
  (Maybe) switch security context before invoking a stored function.
sql/sp.cc:
  Renamed creator into definer, for more consistent terminology, and put the
  hostpart back.
sql/sp_head.cc:
  Some fixes in the way things are allocated, and moved set_info() definition
  here from sp_head.h. creator is now called definer, and is split into a
  user and host part.
  Added functions for (possible) change and restore of privileges, for sql security
  definer calls.
sql/sp_head.h:
  Moved set_info() definition here from sp_head.h.
  creator is now called definer, and is split into a user and host part.
  Added functions for (possible) change and restore of privileges, for sql security
  definer calls.
sql/sql_acl.cc:
  New function acl_getroot_no_password() for getting the privileges used when
  calling an SP with sql security definer.
sql/sql_acl.h:
  New function acl_getroot_no_password() for getting the privileges used when
  calling an SP with sql security definer.
sql/sql_parse.cc:
  (Maybe) switch security context before invoking a stored procedure.
sql/sql_yacc.yy:
  Fixed typo.
2003-12-13 16:40:52 +01:00