added cmake checks for pam_ext.h and pam_appl.h headers
added check for pam_syslog()
added pam_syslog() if doesn't exist
all cmake checks performed from inside the plugin
- Initialize variables that could be used uninitialized
- Added extra end space to DbugStringItemTypeValue to get rid of warnings
from c_ptr()
- Session_sysvars_tracker::update() accessed unitialized memory if called
with NULL value.
- get_schema_stat_record() accessed unitialized memory if HA_KEY_LONG_HASH
was used
- parse_vcol_defs() accessed random memory for tables without keys.
* fix incorrect parentheses
* if there was no password on the command line or in .cnf file,
pkt will be "", and we need to request the user to enter the password
* wait() for the child process to die, let it rest in peace
* fix incorrect parentheses
* if there was no password on the command line or in .cnf file,
pkt will be "", and we need to request the user to enter the password
* make sure that auth->salt is always allocated on a permanent memroot.
when called from set_user_salt_if_needed(), user_copy and its auth_str
are on the thd memroot, but auth_copy->salt is then copied to auth->salt
* adjust service files so that systemd wouldn't interfere with our
setuid executables
also
* print the pam error message in debug mode
this matches the common behavior with pam_unix and helps to
catch password related errors
also, use abort() instead of sigsegv to avoid polluting
/var/log/messages with intentional crashes
This commit is based on the work of Michal Schorm, rebased on the
earliest MariaDB version.
Th command line used to generate this diff was:
find ./ -type f \
-exec sed -i -e 's/Foundation, Inc., 59 Temple Place, Suite 330, Boston, /Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, /g' {} \; \
-exec sed -i -e 's/Foundation, Inc. 59 Temple Place.* Suite 330, Boston, /Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, /g' {} \; \
-exec sed -i -e 's/MA.*.....-1307.*USA/MA 02110-1335 USA/g' {} \; \
-exec sed -i -e 's/Foundation, Inc., 59 Temple/Foundation, Inc., 51 Franklin/g' {} \; \
-exec sed -i -e 's/Place, Suite 330, Boston, MA.*02111-1307.*USA/Street, Fifth Floor, Boston, MA 02110-1335 USA/g' {} \; \
-exec sed -i -e 's/MA.*.....-1307/MA 02110-1335/g' {} \;
special cases:
* change systemd detection to use CHECK_LIBRARY_EXISTS at least once,
to have it detected by build_depends.cmake
* similarly, use find_library for pam
* unixODBC is weird, libodbc.so is in the unixODBC package, not
in the unixODBC-devel, where normally all .so files belong.
Packaging bug? As a workaround, use find_file(sql.h) instead of
find_path(sql.h) to make sure that /usr/include/sql.h (not /usr/include)
is cached by cmake, and later build_depends.cmake will select
unixODBC-devel, as a package owning /usr/include/sql.h file.
Revert the side effect of 7c40996cc8.
Do not convert password hash to its binary representation when a user
entry is loaded. Do it lazily on the first authenticatation attempt.
As a collateral - force all authentication plugins to follow the
protocol and read_packet at least once before accessing info->username
(username is not available before first client handshake packet is read).
Fix PAM and GSSAPI plugins to behave.
Support SET PASSWORD for authentication plugins.
Authentication plugin API is extended with two optional methods:
* hash_password() is used to compute a password hash (or digest)
from the plain-text password. This digest will be stored in mysql.user
table
* preprocess_hash() is used to convert this digest into some memory
representation that can be later used to authenticate a user.
Build-in plugins convert the hash from hexadecimal or base64 to binary,
to avoid doing it on every authentication attempt.
Note a change in behavior: when loading privileges (on startup or on
FLUSH PRIVILEGES) an account with an unknown plugin was loaded with a
warning (e.g. "Plugin 'foo' is not loaded"). But such an account could
not be used for authentication until the plugin is installed. Now an
account like that will not be loaded at all (with a warning, still).
Indeed, without plugin's preprocess_hash() method the server cannot know
how to load an account. Thus, if a new authentication plugin is
installed run-time, one might need FLUSH PRIVILEGES to activate all
existing accounts that were using this new plugin.
New version of PAM plugin (v2.0) added along with the old v1.0.
There the pam module is isolated in the auth_pam_tool application so
cannot crash the server.
allow more characters in a valid user/group name:
* POSIX allows dashes '-' and dots '.'
* also the name may end with a dollar sign '$'
for our purposes it's enough to allow [-.$] anywhere in the name
Remove ONLY_IF clause in MYSQL_ADD_PLUGIN and the requirement
that every plugin's CMakeLists.txt *must* do MYSQL_ADD_PLUGIN
for PLUGIN_XXX=YES to work. This was very fragile and cannot be
relied on.
Use a different implementation of =YES check - iterate all
PLUGIN_* variables and see which one doesn't have a matching target.
Revert all ONLY_IF changes in CMakeLists.txt files.
* Introduce a set of PLUGIN_xxx cmake options with values
NO, STATIC, DYNAMIC, AUTO, YES (abort if plugin is not compiled)
* Deprecate redundant and ambiguous WITH_xxx, WITH_PLUGIN_xxx,
WITH_xxx_STORAGE_ENGINE, WITHOUT_xxx, WITHOUT_PLUGIN_xxx,
WITHOUT_xxx_STORAGE_ENGINE
* Actually check whether a plugin is disabled (DISABLED keyword was
always present, but it was ignored until now).
* Support conditionally disabled plugins - keyword ONLY_IF
* Use ONLY_IF for conditionally skipping plugins, instead of
doing MYSQL_ADD_PLUGIN conditionally as before. Because if
MYSQL_ADD_PLUGIN isn't done at all, PLUGIN_xxx=YES cannot work.
