Commit graph

134 commits

Author SHA1 Message Date
tnurnberg@sin.intern.azundris.com
66cc732748 Merge sin.intern.azundris.com:/home/tnurnberg/19828/50-19828
into  sin.intern.azundris.com:/home/tnurnberg/19828/51-19828
2007-10-05 13:11:38 +02:00
tnurnberg@sin.intern.azundris.com
9254e8fb01 Bug#19828: Case sensitivity in hostname leads to inconsistent behavior
clean up SHOW GRANTS so it will show host-names with case as entered.
make REVOKE and friends case-sensitive to make things more intuitive.
Patch by Martin Friebe.
2007-09-20 18:10:35 +02:00
anozdrin/alik@ibm.
9fae9ef66f Patch for the following bugs:
- BUG#11986: Stored routines and triggers can fail if the code
    has a non-ascii symbol
  - BUG#16291: mysqldump corrupts string-constants with non-ascii-chars
  - BUG#19443: INFORMATION_SCHEMA does not support charsets properly
  - BUG#21249: Character set of SP-var can be ignored
  - BUG#25212: Character set of string constant is ignored (stored routines)
  - BUG#25221: Character set of string constant is ignored (triggers)

There were a few general problems that caused these bugs:
1. Character set information of the original (definition) query for views,
   triggers, stored routines and events was lost.
2. mysqldump output query in client character set, which can be
   inappropriate to encode definition-query.
3. INFORMATION_SCHEMA used strings with mixed encodings to display object
   definition;

1. No query-definition-character set.

In order to compile query into execution code, some extra data (such as
environment variables or the database character set) is used. The problem
here was that this context was not preserved. So, on the next load it can
differ from the original one, thus the result will be different.

The context contains the following data:
  - client character set;
  - connection collation (character set and collation);
  - collation of the owner database;

The fix is to store this context and use it each time we parse (compile)
and execute the object (stored routine, trigger, ...).

2. Wrong mysqldump-output.

The original query can contain several encodings (by means of character set
introducers). The problem here was that we tried to convert original query
to the mysqldump-client character set.

Moreover, we stored queries in different character sets for different
objects (views, for one, used UTF8, triggers used original character set).

The solution is
  - to store definition queries in the original character set;
  - to change SHOW CREATE statement to output definition query in the
    binary character set (i.e. without any conversion);
  - introduce SHOW CREATE TRIGGER statement;
  - to dump special statements to switch the context to the original one
    before dumping and restore it afterwards.

Note, in order to preserve the database collation at the creation time,
additional ALTER DATABASE might be used (to temporary switch the database
collation back to the original value). In this case, ALTER DATABASE
privilege will be required. This is a backward-incompatible change.

3. INFORMATION_SCHEMA showed non-UTF8 strings

The fix is to generate UTF8-query during the parsing, store it in the object
and show it in the INFORMATION_SCHEMA.

Basically, the idea is to create a copy of the original query convert it to
UTF8. Character set introducers are removed and all text literals are
converted to UTF8.

This UTF8 query is intended to provide user-readable output. It must not be
used to recreate the object.  Specialized SHOW CREATE statements should be
used for this.

The reason for this limitation is the following: the original query can
contain symbols from several character sets (by means of character set
introducers).

Example:

  - original query:
    CREATE VIEW v1 AS SELECT _cp1251 'Hello' AS c1;

  - UTF8 query (for INFORMATION_SCHEMA):
    CREATE VIEW v1 AS SELECT 'Hello' AS c1;
2007-06-28 21:34:54 +04:00
igor@olga.mysql.com
5fbb3c156f Post-merge fix 2007-05-11 23:22:56 -07:00
evgen@moonbone.local
6c8f547644 grant.result, grant.test:
Corrected test case for the bug#27878.
2007-05-12 00:46:07 +04:00
holyfoot/hf@mysql.com/hfmain.(none)
19b24f29e1 merging fix 2007-05-12 00:22:16 +05:00
holyfoot/hf@hfmain.(none)
350c35a04d Merge mysql.com:/home/hf/work/27957/my50-27957
into  mysql.com:/home/hf/work/27957/my51-27957
2007-05-12 00:22:15 +05:00
evgen@moonbone.local
34f478121f Bug#27878: Unchecked privileges on a view referring to a table from another
database.

If a user has a right to update anything in the current database then the 
access was granted and further checks of access rights for underlying tables
wasn't done correctly. The check is done before a view is opened and thus no
check of access rights for underlying tables can be carried out.
This allows a user to update through a view a table from another database for
which he hasn't enough rights.

Now the mysql_update() and the mysql_test_update() functions are forces
re-checking of access rights after a view is opened.
2007-05-11 23:19:11 +04:00
ramil/ram@mysql.com/ramil.myoffice.izhnet.ru
49b187034d Merge mysql.com:/home/ram/work/mysql-5.0-maint
into  mysql.com:/home/ram/work/b27515/b27515.5.0
2007-04-24 14:08:03 +05:00
ramil/ram@mysql.com/ramil.myoffice.izhnet.ru
244c192347 after-merge fix 2007-04-24 13:53:12 +05:00
ramil/ram@mysql.com/ramil.myoffice.izhnet.ru
d13861546e after-merge fix 2007-04-24 11:26:40 +05:00
jani@a88-113-38-195.elisa-laajakaista.fi
455b325b53 Avoid resetting a variable. Fixed grant.test. 2007-04-13 14:04:57 +03:00
jani@a88-113-38-195.elisa-laajakaista.fi
defddfd255 Merged from 5.0 2007-04-13 12:47:44 +03:00
jani@a88-113-38-195.elisa-laajakaista.fi
52196018ce Merge a88-113-38-195.elisa-laajakaista.fi:/home/my/new/mysql-5.0-marvel
into  a88-113-38-195.elisa-laajakaista.fi:/home/my/new/mysql-5.1-marvel
2007-04-13 10:25:33 +03:00
jani@ua141d10.elisa.omakaista.fi
b4ba815967 Merge jamppa@bk-internal.mysql.com:/home/bk/mysql-5.1
into  ua141d10.elisa.omakaista.fi:/home/my/bk/mysql-5.1-marvel
2007-04-10 16:28:47 +03:00
jani@ua141d10.elisa.omakaista.fi
386ad0f1f7 Fixes for tests after merge from 5.0 2007-04-05 22:34:33 +03:00
gluh@mysql.com/eagle.(none)
2d47f0cb1b Bug#21432 Database/Table name limited to 64 bytes, not chars, problems with multi-byte 2007-04-03 16:13:27 +05:00
anozdrin/alik@ibm.opbmk
5441aefd1d Fix for BUG#27337: Privileges are not properly restored.
The problem was that THD::db_access variable was not restored after
database switch in stored-routine-execution code.

The fix is to restore THD::db_access in this case.

Unfortunately, this fix requires additional changes,
because in prepare_schema_table(), called on the parsing stage, we checked
privileges. That was wrong according to our design, but this flaw haven't
struck so far, because it was masked. All privilege checkings must be
done on the execution stage in order to be compatible with prepared statements
and stored routines. So, this patch also contains patch for
prepare_schema_table(), which moves the checkings to the execution phase.
2007-04-03 15:11:34 +04:00
jani@ua141d10.elisa.omakaista.fi
1c7beca65e Merge ua141d10.elisa.omakaista.fi:/home/my/bk/mysql-5.0-marvel
into  ua141d10.elisa.omakaista.fi:/home/my/bk/mysql-5.1-marvel
2007-03-29 17:27:42 +03:00
anozdrin/alik@booka.opbmk
30c8ec9fdc Fix for BUG#9504: Stored procedures: execute privilege doesn't
make 'use database' okay.

The problem was that we didn't check stored-routine privileges
in check_grant_db().

The patch adds this check.
2007-03-23 14:12:11 +03:00
msvensson@pilot.mysql.com
c481446873 Fix merge error 2007-02-06 17:22:56 +01:00
msvensson@neptunus.(none)
e4001b3b5a Merge neptunus.(none):/home/msvensson/mysql/mysql-5.1
into  neptunus.(none):/home/msvensson/mysql/mysql-5.1-maint
2007-02-06 15:46:17 +01:00
gkodinov/kgeorge@rakia.gmz
1096dbd5fa Merge gkodinov@bk-internal.mysql.com:/home/bk/mysql-5.1-opt
into  rakia.gmz:/home/kgeorge/mysql/autopush/B23556-5.1-opt
2007-02-01 10:59:14 +02:00
kaa@polly.local
866ab1c205 Merge polly.local:/tmp/maint/bug6774/my50-bug6774
into  polly.local:/tmp/maint/bug6774/my51-bug6774
2007-01-24 17:12:42 +03:00
kaa@polly.local
645de0c5d7 Added a test case for bug #6774 "Replication fails with Wrong usage of DB GRANT and GLOBAL PRIVILEGES" 2007-01-24 16:45:30 +03:00
andrey@example.com
e6a4727779 Fix for bug#22369: Alter table rename combined
with other alterations causes lost tables

Using RENAME clause combined with other clauses of ALTER TABLE led to
data loss (the data was there but not accessible). This could happen if the
changes do not change the table much. Adding and droppping of fields and
indices was safe. Renaming a column with MODIFY or CHANGE was unsafe operation,
if the actual column didn't change (changing from int to int, which is a noop)
  
Depending on the storage engine (SE) the behavior is different:
1)MyISAM/MEMORY - the ALTER TABLE statement completes
  without any error but next SELECT against the new table fails.
2)InnoDB (and every other transactional table) - The ALTER TABLE statement
  fails. There are the the following files in the db dir -
  `new_table_name.frm` and a temporary table's frm. If the SE is file
  based, then the data and index files will be present but with the old
  names. What happens is that for InnoDB the table is not renamed in the
  internal DDIC.

Fixed by adding additional call to mysql_rename_table() method, which should
not include FRM file rename, because it has been already done during file
names juggling.
2006-12-04 18:22:38 +01:00
gkodinov/kgeorge@macbook.gmz
06dd1244c3 Bug #23556: TRUNCATE TABLE still maps to DELETE
- TRUNCATE requires DROP privilege, not DELETE
2006-11-21 10:25:10 +02:00
kostja@bodhi.local
7290fa2fb7 Post-merge fixes. 2006-08-30 23:09:47 +04:00
kostja@bodhi.local
8566db3fc7 Remove the fix for Bug#10668 "CREATE USER does not enforce username
length limit", it's superseded by the fix for Bug#16899 "Possible buffer
overflow in handling of DEFINER-clause". Update test results.
2006-08-30 01:48:15 +04:00
kostja@bodhi.local
f8d34e1030 Merge bk-internal.mysql.com:/home/bk/mysql-5.0
into  bodhi.local:/opt/local/work/mysql-5.0-14897
2006-08-30 00:45:33 +04:00
anozdrin/alik@alik.
9af756efd3 Fix for BUG#16899: Possible buffer overflow in handling of DEFINER-clause
User name (host name) has limit on length. The server code relies on these
limits when storing the names. The problem was that sometimes these limits
were not checked properly, so that could lead to buffer overflow.

The fix is to check length of user/host name in parser and if string is too
long, throw an error.
2006-08-23 21:31:00 +04:00
msvensson@neptunus.(none)
b2a95f0dac Update result file for "grant" to 5.1 version 2006-08-22 14:16:39 +02:00
cmiller@zippy.cornsilk.net
f2f90320de Merge zippy.cornsilk.net:/home/cmiller/work/mysql/merge/mysql-5.0
into  zippy.cornsilk.net:/home/cmiller/work/mysql/merge/mysql-5.1
2006-08-21 12:59:46 -04:00
rburnett@bk-internal.mysql.com
d65095b451 Merge bk-internal.mysql.com:/data0/bk/tmp_reg
into  bk-internal.mysql.com:/data0/bk/mysql-5.1
2006-08-17 17:19:41 +02:00
cmiller@zippy.cornsilk.net
030ddb48f3 Merge zippy.cornsilk.net:/home/cmiller/work/mysql/merge/tmp_merge
into  zippy.cornsilk.net:/home/cmiller/work/mysql/merge/mysql-5.0
2006-08-17 10:47:23 -04:00
cmiller@zippy.cornsilk.net
c627a6ce84 Merge zippy.cornsilk.net:/home/cmiller/work/mysql/merge/tmp_merge
into  zippy.cornsilk.net:/home/cmiller/work/mysql/merge/mysql-5.0
2006-08-17 10:42:50 -04:00
holyfoot/hf@mysql.com/deer.(none)
81764f89cf Merge bk@192.168.21.1:mysql-5.0-kt
into  mysql.com:/home/hf/work/mysql-5.0.20910
2006-08-15 18:15:12 +05:00
brian@zim.(none)
8deb5beb9c Merge zim.(none):/home/brian/mysql/dep-5.0
into  zim.(none):/home/brian/mysql/dep-5.1
2006-08-14 15:24:29 -07:00
svoj@may.pils.ru
07a1ed651f Extended a test case for bug#7391. 2006-08-11 14:41:07 +05:00
holyfoot/hf@mysql.com/deer.(none)
1ada6ca108 bug #20910 (NOT NULL column reported as NULL in SHOW FIELDS)
two test results changed after the patch
2006-08-10 14:50:54 +05:00
tnurnberg@mysql.com/salvation.intern.azundris.com
f25bf84cf4 grant.result:
manual merge
2006-08-07 04:13:05 +02:00
tnurnberg@mysql.com/salvation.intern.azundris.com
f17b889289 Merge bk-internal.mysql.com:/home/bk/mysql-5.0-maint
into  mysql.com:/home/tnurnberg/work/mysql-5.0-maint-20214
2006-08-07 01:39:05 +02:00
tnurnberg@mysql.com/salvation.intern.azundris.com
35c523a6f8 Bug#20214: Incorrect error when user calls SHOW CREATE VIEW on non privileged view
"A SELECT privilege on a view is required for SHOW CREATE VIEW and it will stay
that way because of compatibility reasons." (see #20136)

a test case to illustrate how the ACLs work in this case (and ensure they will continue
to do so in the future)
2006-08-03 14:58:13 +02:00
jimw@rama.(none)
36a26abd8f Bug #10668: CREATE USER does not enforce username length limit
This appears to have just been an oversight -- CREATE USER was not enforcing
  the existing username limitations.
2006-07-24 16:45:26 -07:00
monty@mysql.com
e50412ef38 Re-apply missing changeset, orignally pushed by elliot
Add define YASSL_PREFIX when compiling yassl

Import patch from yaSSL
- avoid allocating memory for each call to 'EVP_md5' and 
  'EVP_des_ede3_cbc' which were not released until server was stopped
- Those functions are used from the SQL function 'des_encrypt' and
  'des_decrypt'.

Add new define YASSL_PREFIX beforee including ssl.h to activate inclusion of prefix_*.h files

Bug#20022 mysql-test-run can't be run with secure connections turned on for all testcases
- Part 1, fixes rpl- and federated-tests where connection is made to 127.0.0.1

- Include prefix files that renames all public functions in yaSSLs
  OpenSSL API to ya<function_name>. They will otherwise conflict
  with OpenSSL functions if loaded by an application that uses OpenSSL
  as well as libmysqlclient with yaSSL support.

Bug#18235: assertion/crash when windows mysqld is ended with ctrl-c
  
Two threads both try a shutdown sequence which creates a race to the
de-init/free of certain resources.
  
This exists in similar form in the client as 17926: "mysql.exe crashes
when ctrl-c is pressed in windows."

Update after merge to 5.0

BUG#18669: Session COM_STATISTICS breaks mysqladmin status.
Changed COM_STATISTICS to display the global status, instead of thead status, for slow queries and table opens.

- In function 'handle_grant_struct' when searching the memory structures for an 
  entry to modify, convert all entries here host.hostname is NULL to "" and compare that 
  with the host passed in argument "user_from".
- A user created with hostname "" is stored in "mysql.user" table as host="" but when loaded into 
  memory it'll be stored as host.hostname NULL. Specifiying "" as hostname means
  that "any host" can connect. Thus is's correct to turn on allow_all_hosts
  when such a user is found. 
- Review and fix other places where host.hostname may be NULL.

BUG#19394 OPT_INNODB_THREAD_CONCURRENCY duplicated
Removed duplication (not a user-visible change)
2006-06-06 14:21:07 +03:00
jani@a193-229-222-105.elisa-laajakaista.fi
c81b4c01bf Merge a193-229-222-105.elisa-laajakaista.fi:/home/my/bk/mysql-5.0
into  a193-229-222-105.elisa-laajakaista.fi:/home/my/bk/mysql-5.1-new
2006-05-30 16:07:49 +03:00
msvensson@neptunus.(none)
076ddbf840 Merge neptunus.(none):/home/msvensson/mysql/mysql-5.0
into  neptunus.(none):/home/msvensson/mysql/mysql-5.0-maint
2006-05-29 15:06:37 +02:00
msvensson@neptunus.(none)
3e2c08cc99 Update after merge to 5.0 2006-05-29 15:05:31 +02:00
msvensson@neptunus.(none)
20e0714176 Merge neptunus.(none):/home/msvensson/mysql/bug16297/my50-bug16297
into  neptunus.(none):/home/msvensson/mysql/mysql-5.0-maint
2006-05-29 13:16:17 +02:00
gkodinov@mysql.com
a21a2b5bcd BUG#18681: View privileges are broken
The check for view security was lacking several points :
1. Check with the right set of permissions : for each table ref that
participates in a view there were the right credentials to use in it's
security_ctx member, but these weren't used for checking the credentials.
This makes hard enforcing the SQL SECURITY DEFINER|INVOKER property
consistently.
2. Because of the above the security checking for views was just ruled out
in explicit ways in several places.
3. The security was checked only for the columns of the tables that are
brought into the query from a view. So if there is no column reference
outside of the view definition it was not detecting the lack of access to
the tables in the view in SQL SECURITY INVOKER mode.

The fix below tries to fix the above 3 points.
2006-05-26 11:47:53 +03:00