into mockturtle.local:/home/dlenev/src/mysql-5.0-rt-merge
BitKeeper/etc/collapsed:
auto-union
mysql-test/mysql-test-run.pl:
Auto merged
sql/mysql_priv.h:
Auto merged
sql/sp.cc:
Auto merged
sql/sql_acl.cc:
Auto merged
mysql-test/r/sp.result:
Manual merge.
mysql-test/t/sp.test:
Manual merge.
into moonlight.intranet:/home/tomash/src/mysql_ab/mysql-5.0-bug21414
mysql-test/r/sp.result:
Auto merged
mysql-test/t/sp.test:
Auto merged
sql/mysql_priv.h:
Auto merged
sql/sp.cc:
Auto merged
sql/sql_acl.cc:
Auto merged
The problem was that if after FLUSH TABLES WITH READ LOCK the user
issued DROP/ALTER PROCEDURE/FUNCTION the operation would fail (as
expected), but after UNLOCK TABLE any attempt to execute the same
operation would lead to the error 1305 "PROCEDURE/FUNCTION does not
exist", and an attempt to execute any stored function will also fail.
This happened because under FLUSH TABLES WITH READ LOCK we couldn't open
and lock mysql.proc table for update, and this fact was erroneously
remembered by setting mysql_proc_table_exists to false, so subsequent
statements believed that mysql.proc doesn't exist, and thus that there
are no functions and procedures in the database.
As a solution, we remove mysql_proc_table_exists flag completely. The
reason is that this optimization didn't work most of the time anyway.
Even if open of mysql.proc failed for some reason when we were trying to
call a function or a procedure, we were setting mysql_proc_table_exists
back to true to force table reopen for the sake of producing the same
error message (the open can fail for number of reasons). The solution
could have been to remember the reason why open failed, but that's a lot
of code for optimization of a rare case. Hence we simply remove this
optimization.
mysql-test/r/sp.result:
Add result for bug#21414: SP: Procedure undroppable, to some extent.
mysql-test/t/sp.test:
Remove no longer relevant comment.
Add test case for bug#21414: SP: Procedure undroppable, to some extent.
sql/mysql_priv.h:
Remove declaration of mysql_proc_table_exists.
sql/sp.cc:
Remove references to mysql_proc_table_exists.
sql/sql_acl.cc:
Remove reference to mysql_proc_table_exists.
include/mysql_com.h:
USERNAME_LENGTH is changed to USERNAME_BYTE_LENGTH
mysql-test/r/ctype_utf8.result:
result fix
mysql-test/t/ctype_utf8.test:
test fix
sql/sp.cc:
NAME_LEN constant is changed to NAME_BYTE_LEN for database name buffer
USERNAME_LENGTH constant is changed to USERNAME_BYTE_LENGTH for user name buffer
sql/sp_head.cc:
NAME_LEN constant is changed to NAME_BYTE_LEN for database name buffer
USERNAME_LENGTH constant is changed to USERNAME_BYTE_LENGTH for user name buffer
sql/sql_acl.cc:
NAME_LEN constant is changed to NAME_BYTE_LEN for database name buffer
USERNAME_LENGTH constant is changed to USERNAME_BYTE_LENGTH for user name buffer
sql/sql_class.h:
NAME_LEN constant is changed to NAME_BYTE_LEN for database name buffer
sql/sql_parse.cc:
NAME_LEN constant is changed to NAME_BYTE_LEN for database name buffer
Function check_string_length() is fixed, now it check string lenght in symbols
sql/sql_repl.h:
NAME_LEN constant is changed to NAME_BYTE_LEN for database name buffer
USERNAME_LENGTH constant is changed to USERNAME_BYTE_LENGTH for user name buffer
into shellback.(none):/home/msvensson/mysql/mysql-5.0-maint
configure.in:
Auto merged
include/mysql.h:
Auto merged
include/mysql_com.h:
Auto merged
sql-common/client.c:
Auto merged
sql/item_strfunc.cc:
Auto merged
sql/item_strfunc.h:
Auto merged
sql/sql_acl.cc:
Auto merged
Bug#21432 Database/Table name limited to 64 bytes, not chars, problems with multi-byte
include/mysql_com.h:
Bug#20393 User name truncation in mysql client
Bug#21432 Database/Table name limited to 64 bytes, not chars, problems with multi-byte
added new constants NAME_BYTE_LEN, USERNAME_BYTE_LENGTH, SYSTEM_CHARSET_MBMAXLEN
mysql-test/r/ctype_utf8.result:
Bug#20393 User name truncation in mysql client
Bug#21432 Database/Table name limited to 64 bytes, not chars, problems with multi-byte
test case
mysql-test/t/ctype_utf8.test:
Bug#20393 User name truncation in mysql client
Bug#21432 Database/Table name limited to 64 bytes, not chars, problems with multi-byte
test case
sql-common/client.c:
Bug#20393 User name truncation in mysql client
Bug#21432 Database/Table name limited to 64 bytes, not chars, problems with multi-byte
increased buffers for user name & db
sql/sql_acl.cc:
Bug#20393 User name truncation in mysql client
Bug#21432 Database/Table name limited to 64 bytes, not chars, problems with multi-byte
check that user name is not longer than USERNAME_LENGTH symbols
sql/sql_parse.cc:
Bug#20393 User name truncation in mysql client
Bug#21432 Database/Table name limited to 64 bytes, not chars, problems with multi-byte
increased buffers for user name & db
sql/table.cc:
Bug#20393 User name truncation in mysql client
Bug#21432 Database/Table name limited to 64 bytes, not chars, problems with multi-byte
check that db name is not longer than NAME_LEN symbols
length limit", it's superseded by the fix for Bug#16899 "Possible buffer
overflow in handling of DEFINER-clause". Update test results.
mysql-test/r/grant.result:
A post-merge fix.
mysql-test/t/grant.test:
A new error is returned, use the default database after drop database.
sql/sql_acl.cc:
Remove an unneeded check.
into bodhi.local:/opt/local/work/mysql-5.0-14897
configure.in:
Auto merged
mysql-test/mysql-test-run.pl:
Auto merged
mysql-test/r/im_life_cycle.result:
Auto merged
mysql-test/t/im_life_cycle.imtest:
Auto merged
sql/field.cc:
Auto merged
sql/item.cc:
Auto merged
sql/item.h:
Auto merged
sql/item_cmpfunc.cc:
Auto merged
sql/item_func.cc:
Auto merged
sql/item_strfunc.cc:
Auto merged
sql/item_strfunc.h:
Auto merged
sql/mysql_priv.h:
Auto merged
sql/mysqld.cc:
Auto merged
sql/sql_acl.cc:
Auto merged
sql/sql_class.cc:
Auto merged
sql/sql_parse.cc:
Auto merged
sql/sql_view.cc:
Auto merged
sql/sql_yacc.yy:
Auto merged
sql/share/errmsg.txt:
Auto merged
mysql-test/r/grant.result:
Manual merge.
mysql-test/r/view.result:
Manual merge.
mysql-test/t/grant.test:
Manual merge.
mysql-test/t/view.test:
Manual merge.
Remove some sql_print_error() calls which were triggered by user error (i.e., not server-level events at all).
Also, convert an sql_print_error -> sql_print_information for a non-error server event.
sql/slave.cc:
Change sql_print_error to sql_print_information for non-error status message.
sql/sql_acl.cc:
Remove sql_print_error calls for events which are not server errors
User name (host name) has limit on length. The server code relies on these
limits when storing the names. The problem was that sometimes these limits
were not checked properly, so that could lead to buffer overflow.
The fix is to check length of user/host name in parser and if string is too
long, throw an error.
mysql-test/r/grant.result:
Updated result file.
mysql-test/r/sp.result:
Updated result file.
mysql-test/r/trigger.result:
Updated result file.
mysql-test/r/view.result:
Updated result file.
mysql-test/t/grant.test:
Added test for BUG#16899.
mysql-test/t/sp.test:
Added test for BUG#16899.
mysql-test/t/trigger.test:
Added test for BUG#16899.
mysql-test/t/view.test:
Added test for BUG#16899.
sql/mysql_priv.h:
Added prototype for new function.
sql/share/errmsg.txt:
Added new resources.
sql/sql_acl.cc:
Remove outdated checks.
sql/sql_parse.cc:
Add a new function for checking string length.
sql/sql_yacc.yy:
Check length of user/host name.
when X.509 subject was required for a connect, we tested whether it was the right
one, but did not refuse the connexion if not. fixed.
(corrected CS now --replace_results socket-path)
mysql-test/r/openssl_1.result:
Bug#20411: "GRANT ... REQUIRE ISSUER nnn AND SUBJECT mmm" fails to require both
test not only whether we can connect with a correct X.509 subject when one is
required, but also assure that we can't without one.
mysql-test/t/openssl_1.test:
Bug#20411: "GRANT ... REQUIRE ISSUER nnn AND SUBJECT mmm" fails to require both
test not only whether we can connect with a correct X.509 subject when one is
required, but also assure that we can't without one.
sql/sql_acl.cc:
Bug#20411: "GRANT ... REQUIRE ISSUER nnn AND SUBJECT mmm" fails to require both
actually refuse connexion if X.509 is required, but does not match. kudos to Al Smith.
into zippy.cornsilk.net:/home/cmiller/work/mysql/merge/mysql-5.0
BitKeeper/deleted/.del-mysql_client.result:
Auto merged
BitKeeper/deleted/.del-mysql_client.test:
Auto merged
client/mysql.cc:
Auto merged
mysql-test/r/func_time.result:
Auto merged
mysql-test/r/grant.result:
Auto merged
mysql-test/t/func_time.test:
Auto merged
mysql-test/t/grant.test:
Auto merged
sql/item_timefunc.cc:
Auto merged
sql/mysqld.cc:
Auto merged
sql/slave.cc:
Auto merged
sql/sql_acl.cc:
Auto merged
into zippy.cornsilk.net:/home/cmiller/work/mysql/merge/mysql-5.0
mysql-test/r/grant.result:
Auto merged
mysql-test/t/grant.test:
Auto merged
sql/mysqld.cc:
Auto merged
sql/sql_acl.cc:
Auto merged
slave.cc, sql_acl.cc:
- remove sql_print_error() for events that are not server errors
sql/slave.cc:
Bug #20402: DROP USER failure logged as ERROR rather than WARNING
remove sql_print_error() for events that are not server errors
sql/sql_acl.cc:
Bug #20402: DROP USER failure logged as ERROR rather than WARNING
remove sql_print_error() for events that are not server errors
The fix is: if user has privileges to view fields and user has any
(insert,select,delete,update) privileges on underlying view
then 'show fields' and select from I_S.COLUMNS table are sucsessful.
mysql-test/r/information_schema_db.result:
Bug#20543 select on information_schema strange warnings, view, different schemas/users
test result
mysql-test/t/information_schema_db.test:
Bug#20543 select on information_schema strange warnings, view, different schemas/users
test case
sql/sql_acl.cc:
Bug#20543 select on information_schema strange warnings, view, different schemas/users
checked that user has privileges on underlying view and if it's true
set allowed_show to true for top view.
sql/sql_show.cc:
Bug#20543 select on information_schema strange warnings, view, different schemas/users
removed unnecessary rights check.'tables->allowed_show' check is used instead
sql/sql_view.cc:
Bug#20543 select on information_schema strange warnings, view, different schemas/users
skip the check of SHOW_VIEW_ACL privilege on underlying view. It is done later during
execution of find_field_in_table_ref function.
sql/table.h:
Bug#20543 select on information_schema strange warnings, view, different schemas/users
'allowed_show' is set during rights check for view. If true then user has privileges
for 'show create view', etc
This appears to have just been an oversight -- CREATE USER was not enforcing
the existing username limitations.
mysql-test/r/grant.result:
Add new results
mysql-test/t/grant.test:
Add new regression test
sql/sql_acl.cc:
Enforce the user and host name limits in mysql_create_user().
client/mysql.cc:
Auto merged
client/sql_string.h:
Auto merged
configure.in:
Auto merged
myisam/mi_create.c:
Auto merged
mysql-test/r/date_formats.result:
Auto merged
mysql-test/t/date_formats.test:
Auto merged
ndb/src/kernel/blocks/dbtup/DbtupMeta.cpp:
Auto merged
ndb/src/mgmsrv/ConfigInfo.cpp:
Auto merged
sql/item_strfunc.cc:
Auto merged
sql/sql_class.cc:
Auto merged
sql/sql_string.h:
Auto merged
sql/table.cc:
Auto merged
into mysql.com:/home/gluh/MySQL/Merge/5.0-kt
sql/item.cc:
Auto merged
sql/item.h:
Auto merged
sql/sql_acl.cc:
Auto merged
sql/sql_parse.cc:
Auto merged
sql/sql_show.cc:
Auto merged
sql/sql_yacc.yy:
Auto merged
sql/table.cc:
Auto merged
tests/mysql_client_test.c:
Auto merged
user name is calculated on function execution stage instead of parse stage
mysql-test/r/sp_notembedded.result:
Bug#15298 SHOW GRANTS FOR CURRENT_USER: Incorrect output in DEFINER context
test case
mysql-test/t/sp_notembedded.test:
Bug#15298 SHOW GRANTS FOR CURRENT_USER: Incorrect output in DEFINER context
test case
sql/mysql_priv.h:
Bug#15298 SHOW GRANTS FOR CURRENT_USER: Incorrect output in DEFINER context
new get_current_user(THD *thd, LEX_USER *user) function
sql/sql_acl.cc:
Bug#15298 SHOW GRANTS FOR CURRENT_USER: Incorrect output in DEFINER context
user name is calculated using get_current_user() function
sql/sql_parse.cc:
Bug#15298 SHOW GRANTS FOR CURRENT_USER: Incorrect output in DEFINER context
new get_current_user() function
user name is calculated using get_current_user() function
sql/sql_yacc.yy:
Bug#15298 SHOW GRANTS FOR CURRENT_USER: Incorrect output in DEFINER context
empty LEX_USER struct for CURRENT USER,
user name is calculated on function execution stage
sp_grant_privileges(), the function that GRANTs EXECUTE + ALTER privs on a SP,
did so creating a user-entry with not password; mysql_routine_grant() would then
write that "change" to the user-table.
mysql-test/r/sp-security.result:
prove that creating a stored procedure will not destroy the creator's password
mysql-test/t/sp-security.test:
prove that creating a stored procedure will not destroy the creator's password
sql/sql_acl.cc:
get password from ACLs, convert to correct format, and use it when
forcing GRANTS for SPs
into neptunus.(none):/home/msvensson/mysql/mysql-5.0-maint
mysql-test/r/grant.result:
Auto merged
mysql-test/t/grant.test:
Auto merged
sql/mysqld.cc:
Auto merged
sql/sql_acl.cc:
Auto merged
mysql-test/r/grant.result:
Reorder test result
mysql-test/t/grant.test:
Add "use test"
sql/sql_acl.cc:
Add check if host is NULL
Add check if grant_name->host.hostname is null
into neptunus.(none):/home/msvensson/mysql/mysql-5.0-maint
mysql-test/t/grant.test:
Auto merged
sql/sql_acl.cc:
Auto merged
mysql-test/r/grant.result:
SCCS merged
into mysql.com:/home/kgeorge/mysql/5.0/B18681
sql/sql_acl.cc:
Auto merged
sql/table.cc:
Auto merged
mysql-test/r/view_grant.result:
resolved conflict
mysql-test/t/view_grant.test:
resolved merge conflict
into mysql.com:/home/kgeorge/mysql/5.0/B18681
sql/mysql_priv.h:
Auto merged
sql/sql_acl.cc:
Auto merged
sql/sql_base.cc:
Auto merged
sql/sql_insert.cc:
Auto merged
sql/sql_select.cc:
Auto merged
When reading a view definition from a .frm file it was
throwing a SQL error if the DEFINER user is not defined.
Changed it to a warning to match the (documented) case
when a view with undefined DEFINER user is created.
mysql-test/r/view_grant.result:
test case for the bug
mysql-test/t/view_grant.test:
test case for the bug
sql/sql_acl.cc:
Initialized the members to no privileges so even if
the subsequent checks fail it will still initialize
the security context.
sql/table.cc:
Turned the error of undefined DEFINER user in reading
a view definition to a warning.
The check for view security was lacking several points :
1. Check with the right set of permissions : for each table ref that
participates in a view there were the right credentials to use in it's
security_ctx member, but these weren't used for checking the credentials.
This makes hard enforcing the SQL SECURITY DEFINER|INVOKER property
consistently.
2. Because of the above the security checking for views was just ruled out
in explicit ways in several places.
3. The security was checked only for the columns of the tables that are
brought into the query from a view. So if there is no column reference
outside of the view definition it was not detecting the lack of access to
the tables in the view in SQL SECURITY INVOKER mode.
The fix below tries to fix the above 3 points.
mysql-test/r/grant.result:
removed nondeterminism (unspecified order) in some test output
mysql-test/r/view_grant.result:
Somewhat extended test case for the bug and similar queries.
mysql-test/t/grant.test:
removed nondeterminism (unspecified order) in some test output
mysql-test/t/view_grant.test:
Somewhat extended test case for the bug and similar queries.
sql/mysql_priv.h:
A wrapper for setup_tables that also checks access to the tables
sql/sql_acl.cc:
removed artificial security check stop and used the table ref's credentials.
sql/sql_base.cc:
a wrapper for setup_tables to check access to the tables
sql/sql_delete.cc:
wrapper called.
sql/sql_insert.cc:
wrapper called
sql/sql_load.cc:
wrapper called
sql/sql_parse.cc:
wrapper called and artificial check stop removed
sql/sql_select.cc:
wrapper called
sql/sql_update.cc:
wrapper called
sql/table.cc:
Mask table access to the view error as well.
- In function 'handle_grant_struct' when searching the memory structures for an
entry to modify, convert all entries here host.hostname is NULL to "" and compare that
with the host passed in argument "user_from".
- A user created with hostname "" is stored in "mysql.user" table as host="" but when loaded into
memory it'll be stored as host.hostname NULL. Specifiying "" as hostname means
that "any host" can connect. Thus is's correct to turn on allow_all_hosts
when such a user is found.
- Review and fix other places where host.hostname may be NULL.
mysql-test/init_db.sql:
Rename: BitKeeper/deleted/.del-init_db.sql~af2dfeabaa348dd7 -> mysql-test/init_db.sql
mysql-test/r/grant.result:
Add test cases for users with hostname ""
mysql-test/t/grant.test:
Add test cases for users with hostname ""
- Test create, grant and drop as well as connecting as the user with hostname "".
sql/sql_acl.cc:
Convert places where host.hostname is NULL to "" before using it.
after merge.
Concurrent read and update of privilege structures (like simultaneous
run of SHOW GRANTS and ADD USER) could result in server crash.
Ensure that proper locking of ACL structures is done.
No test case is provided because this bug can't be reproduced
deterministically.
sql/sql_acl.cc:
Ensure that access to ACL data is protected by acl_cache->lock mutex.
Use system_charset_info for host names consistently.
Remove check_acl_user(). Use find_acl_user() instead.
sql/sql_acl.h:
Remove check_acl_user() declaration.
sql/sql_parse.cc:
Use is_acl_user() instead of check_acl_user().
Problem:
if a user was granted privileges on database "d1",
it also was able to act on "D1" (i.e. in upper case),
even on Unix with case sensitive file system.
Fix:
Initialize grant hash to use binary comparison
if lower_case_file_system is not set (on most unixes),
and case insensitive comparison otherwise (Windows, MacOSX).
sql/sql_acl.cc:
Initialize hash to use binary comparison with case sensitive FS.
mysql-test/include/have_case_sensitive_file_system.inc:
New BitKeeper file ``mysql-test/include/have_case_sensitive_file_system.inc''
Backporting from 5.1
mysql-test/r/case_sensitive_file_system.require:
New BitKeeper file ``mysql-test/r/case_sensitive_file_system.require''
Backporting from 5.1
mysql-test/r/lowercase_fs_off.result:
Adding test case
mysql-test/t/lowercase_fs_off.test:
Adding test case
Concurrent read and update of privilege structures (like simultaneous
run of SHOW GRANTS and ADD USER) could result in server crash.
Ensure that proper locking of ACL structures is done.
No test case is provided because this bug can't be reproduced
deterministically.
sql/sql_acl.cc:
Ensure that access to ACL data is protected by acl_cache->lock mutex.
Use system_charset_info for host names consistently.
into neptunus.(none):/home/msvensson/mysql/bug17208/my50-bug17208
sql/mysql_priv.h:
Auto merged
sql/mysqld.cc:
Auto merged
sql-common/client.c:
Auto merged
sql/sql_acl.cc:
Auto merged
Crash happened when one selected data from one of INFORMATION_SCHEMA
tables and in order to build its contents server had to open view which
used stored function and table or view on which one had not global or
database-level privileges (e.g. had only table-level or had no
privileges at all).
The crash was caused by usage of check_grant() function, which assumes
that either number of tables to be inspected by it is limited explicitly
or table list used and thd->lex->query_tables_own_last value correspond
to each other (the latter should be either 0 or point to next_global
member of one of elements of this table list), in conditions when
above assumptions were not true. This fix just explicitly limits
number of tables to be inspected. Other negative effects which are
caused by the fact that thd->lex->query_tables_own_last might not
be set properly during processing of I_S tables are less disastrous
and will be reported and fixed separetely.
mysql-test/r/information_schema_db.result:
Fix for bug #18113 "SELECT * FROM information_schema.xxx crashes server"
test case
mysql-test/t/information_schema_db.test:
Fix for bug #18113 "SELECT * FROM information_schema.xxx crashes server"
test case
sql/sql_acl.cc:
added note
Check if the host of table hash record exactly matches host from GRANT command
mysql-test/r/grant.result:
Fix for bug#14385 GRANT and mapping to correct user account problems
test case
mysql-test/t/grant.test:
Fix for bug#14385 GRANT and mapping to correct user account problems
test case
- Use binary charset in acl_cache, to make searches case sensitive
- Add testcase
mysql-test/r/grant2.result:
Update test result
mysql-test/t/grant2.test:
Add test case for bug#17279, checking that user with access to TESTDB can't create TEStdb
sql/sql_acl.cc:
Use binary charset for the acl_cache to make the hash lookups case sensitive.
Thus denying user with access to "TESTDB" access to "TEStdb"
