Commit graph

32 commits

Author SHA1 Message Date
Georgi Kodinov
31a9208bd0 Bug #12998841: libmysql divulges plaintext password upon request in 5.5
1. Clear text password client plugin disabled by default.
2. Added an environment variable LIBMYSQL_ENABLE_CLEARTEXT_PLUGIN, that
when set to something starting with '1', 'Y' or 'y' will enable the clear
text
plugin for all connections.
3. Added a new mysql_options() option : MYSQL_ENABLE_CLEARTEXT_PLUGIN
that takes an my_bool argument. When the value of the argument is non-zero
the clear text plugin is enabled for this connection only.
4. Added an enable-cleartext-plugin config file option that takes a numeric

argument. If the numeric value of the numeric argument is non-zero the
clear
text plugin is enabled for the connection
5. Added a boolean command line option "--enable_cleartext_plugin" to
mysql, mysqlslap and mysqladmin. When specified it will call mysql_options
with the effect of #3
6. Added a new CLEARTEXT option to the connect command in mysqltest.
When specified it will enable the cleartext plugin for usage.
7. Added test cases and updated existing ones that need the clear text
plugin.
2012-07-05 09:55:20 +03:00
Georgi Kodinov
26f0c1fd4b merge bug#13708485 5.1->5.5 2012-06-29 16:54:55 +03:00
Georgi Kodinov
428ff7f8a0 Bug #13708485: malformed resultset packet crashes client
Several fixes :

* sql-common/client.c
Added a validity check of the fields metadata packet sent 
by the server.
Now libmysql will check if the length of the data sent by
the server matches what's expected by the protocol before
using the data.

* client/mysqltest.cc
Fixed the error handling code in mysqltest to avoid sending
new commands when the reading the result set failed (and 
there are unread data in the pipe).

* sql_common.h + libmysql/libmysql.c + sql-common/client.c
unpack_fields() now generates a proper error when it fails.
Added a new argument to this function to support the error 
generation.

* sql/protocol.cc
Added a debug trigger to cause the server to send a NULL
insted of the packet expected by the client for testing 
purposes.
2012-06-28 18:38:55 +03:00
Kent Boortz
9da00ebec9 Updated/added copyright headers 2011-06-30 17:46:53 +02:00
Georgi Kodinov
881a76699e WL#1054: Pluggable authentication support
Merged the implementation to a new base tree.
2010-08-09 11:32:50 +03:00
Mats Kindahl
4ad8ef0602 WL#5016: Fix header file include guards
Adding header include file guards to files that are missing such.
2009-09-23 23:32:31 +02:00
holyfoot/hf@hfmain.(none)
b727a22d97 Merge mysql.com:/home/hf/work/25097/my50-25097
into  mysql.com:/home/hf/work/25097/my51-25097
2008-02-27 13:00:59 +04:00
holyfoot/hf@mysql.com/hfmain.(none)
140ca59538 Bug #25097 mysql_server_init fails silently if no errmsg.sys is present.
There was no way to return an error from the client library
if no MYSQL connections was established.
So here i added variables to store that king of errors and
made functions like mysql_error(NULL) to return these.
2008-02-27 12:42:43 +04:00
kostja@bodhi.(none)
96f8d086f8 Cleanup: use helper functions to set an error in MYSQL or MYSQL_STMT.
No functionality added or changed.
This is a pre-requisite for the fix for Bug#12713 Error in a stored 
function called from a SELECT doesn't cause ROLLBACK of statem

Address post-review comments.
2007-10-31 17:16:53 +03:00
monty@mysql.com/narttu.mysql.fi
088e2395f1 WL#3817: Simplify string / memory area types and make things more consistent (first part)
The following type conversions was done:

- Changed byte to uchar
- Changed gptr to uchar*
- Change my_string to char *
- Change my_size_t to size_t
- Change size_s to size_t

Removed declaration of byte, gptr, my_string, my_size_t and size_s. 

Following function parameter changes was done:
- All string functions in mysys/strings was changed to use size_t
  instead of uint for string lengths.
- All read()/write() functions changed to use size_t (including vio).
- All protocoll functions changed to use size_t instead of uint
- Functions that used a pointer to a string length was changed to use size_t*
- Changed malloc(), free() and related functions from using gptr to use void *
  as this requires fewer casts in the code and is more in line with how the
  standard functions work.
- Added extra length argument to dirname_part() to return the length of the
  created string.
- Changed (at least) following functions to take uchar* as argument:
  - db_dump()
  - my_net_write()
  - net_write_command()
  - net_store_data()
  - DBUG_DUMP()
  - decimal2bin() & bin2decimal()
- Changed my_compress() and my_uncompress() to use size_t. Changed one
  argument to my_uncompress() from a pointer to a value as we only return
  one value (makes function easier to use).
- Changed type of 'pack_data' argument to packfrm() to avoid casts.
- Changed in readfrm() and writefrom(), ha_discover and handler::discover()
  the type for argument 'frmdata' to uchar** to avoid casts.
- Changed most Field functions to use uchar* instead of char* (reduced a lot of
  casts).
- Changed field->val_xxx(xxx, new_ptr) to take const pointers.

Other changes:
- Removed a lot of not needed casts
- Added a few new cast required by other changes
- Added some cast to my_multi_malloc() arguments for safety (as string lengths
  needs to be uint, not size_t).
- Fixed all calls to hash-get-key functions to use size_t*. (Needed to be done
  explicitely as this conflict was often hided by casting the function to
  hash_get_key).
- Changed some buffers to memory regions to uchar* to avoid casts.
- Changed some string lengths from uint to size_t.
- Changed field->ptr to be uchar* instead of char*. This allowed us to
  get rid of a lot of casts.
- Some changes from true -> TRUE, false -> FALSE, unsigned char -> uchar
- Include zlib.h in some files as we needed declaration of crc32()
- Changed MY_FILE_ERROR to be (size_t) -1.
- Changed many variables to hold the result of my_read() / my_write() to be
  size_t. This was needed to properly detect errors (which are
  returned as (size_t) -1).
- Removed some very old VMS code
- Changed packfrm()/unpackfrm() to not be depending on uint size
  (portability fix)
- Removed windows specific code to restore cursor position as this
  causes slowdown on windows and we should not mix read() and pread()
  calls anyway as this is not thread safe. Updated function comment to
  reflect this. Changed function that depended on original behavior of
  my_pwrite() to itself restore the cursor position (one such case).
- Added some missing checking of return value of malloc().
- Changed definition of MOD_PAD_CHAR_TO_FULL_LENGTH to avoid 'long' overflow.
- Changed type of table_def::m_size from my_size_t to ulong to reflect that
  m_size is the number of elements in the array, not a string/memory
  length.
- Moved THD::max_row_length() to table.cc (as it's not depending on THD).
  Inlined max_row_length_blob() into this function.
- More function comments
- Fixed some compiler warnings when compiled without partitions.
- Removed setting of LEX_STRING() arguments in declaration (portability fix).
- Some trivial indentation/variable name changes.
- Some trivial code simplifications:
  - Replaced some calls to alloc_root + memcpy to use
    strmake_root()/strdup_root().
  - Changed some calls from memdup() to strmake() (Safety fix)
  - Simpler loops in client-simple.c
2007-05-10 12:59:39 +03:00
kent@mysql.com/kent-amd64.(none)
6523aca729 my_strtoll10-x86.s:
Corrected spelling in copyright text
Makefile.am:
  Don't update the files from BitKeeper
Many files:
  Removed "MySQL Finland AB & TCX DataKonsult AB" from copyright header
  Adjusted year(s) in copyright header 
Many files:
  Added GPL copyright text
Removed files:
  Docs/Support/colspec-fix.pl
  Docs/Support/docbook-fixup.pl
  Docs/Support/docbook-prefix.pl
  Docs/Support/docbook-split
  Docs/Support/make-docbook
  Docs/Support/make-makefile
  Docs/Support/test-make-manual
  Docs/Support/test-make-manual-de
  Docs/Support/xwf
2006-12-31 01:02:27 +01:00
kent@mysql.com/kent-amd64.(none)
226a5c833f Many files:
Changed header to GPL version 2 only
2006-12-23 20:17:15 +01:00
kostja@bodhi.local
4bfc67fc3c Merge bk-internal.mysql.com:/home/bk/mysql-5.0
into  bodhi.local:/opt/local/work/mysql-5.0-runtime-merge
2006-08-02 14:13:01 +04:00
kostja@bodhi.local
2ce1a07c89 A fix and a test case for Bug#15752 "Lost connection to MySQL server
when calling a SP from C API"

The bug was caused by lack of checks for misuse in mysql_real_query. 
A stored procedure always returns at least one result, which is the 
status of execution of the procedure itself.
This result, or so-called OK packet, is similar to a result
returned by INSERT/UPDATE/CREATE operations: it contains the overall
status of execution, the number of affected rows and the number of
warnings. The client test program attached to the bug did not read this 
result and ivnoked the next query. In turn, libmysql had no check for 
such scenario and mysql_real_query was simply trying to send that query 
without reading the pending response, thus messing up the communication
protocol.

The fix is to return an error from mysql_real_query when it's called
prior to retrieval of all pending results.
2006-07-24 14:56:53 +04:00
holyfoot/hf@mysql.com/deer.(none)
eddaafb12b Merge bk@192.168.21.1:mysql-4.1
into  mysql.com:/home/hf/work/mysql-4.1.16017
2006-07-13 22:32:18 +05:00
holyfoot@deer.(none)
d8d42948b2 bug #20318 (ctype_ucs2_def test fails with embedded)
there was two problems about charsets in embedded server
1. mysys/charset.c - defined there default_charset_info variable is
modified by both server and client code (particularly when
--default-charset option is handled)
In embedded server we get two codelines modifying one variable.
I created separate default_client_charset_info for client code

2. mysql->charset and mysql->options.charset initialization isn't
properly done for embedded server - necessary calls added
2006-06-19 22:11:01 +05:00
holyfoot@deer.(none)
bc35c50063 bug #16017 (memory leaks in embedded server)
There actually was 3 different problems -
hash_user_connections wasn't cleaned
one strdupped database name wasn't freed
and stmt->mem_root wasn't cleaned as it was
replased with mysql->field_alloc for result
For the last one - i made the library using stmt's
fields to store result if it's the case.
2006-06-01 17:06:42 +05:00
konstantin@mysql.com
37ab172624 Remove stale declaration, fix a typo in comment. 2004-10-15 22:03:11 +04:00
hf@deer.(none)
94bfeb8393 Fixes for bugs in embedded library:
#4700 (Unsigned value returned as signed)
    just no appropriate checking
#4701 (Errors returned earlier than expected)
    all errors returned from send_command()
#4702 (Result isn't freed properly if there's no retrieval)
    flush_use_result has only 'client' version and should
    be made 'virtual'
2004-07-22 20:54:25 +05:00
konstantin@mysql.com
420c956d27 Intermediate commit of client library (cleanups + fixes of 3 items from
flaws list)
TODO: 
 * verify that no sequence of API calls produces SIGSEGV.
 That is, verify that mysql_stmt_init  -> mysql_stmt_fetch is OK,
 or mysql_stmt_prepare -> mysql_stmt_fetch_column is OK and sets
 meaningful error.
 * remove alloc_stmt_fields call
 * revise stmt->state codes and statement states.
 * there are other items in prepared statements 'to fix' document.

Done:
 - cleanups and comments
 - revision of prepared statement error codes.
 - mysql_stmt_prepare is now can always be called (that is, you can reprepare
   a statement)
 - new implementation of mysql_stmt_close and fetch cancellation
2004-03-16 01:04:04 +03:00
konstantin@oak.local
001ad87554 fix to make client.c compile on windows 2004-03-12 18:53:45 +03:00
monty@mysql.com
ede8169d24 Added missing SSL library (Should be in source distribution)
Fixed compiler warnings (a lot of hidden variables detected by the Forte compiler)
Added a lot of 'version_xxx' strings to 'show variables'
Prevent copying of TMP_TABLE_PARAM (This caused core dump bug on Solaris)
Fixed problem with printing sub selects to debug log
2003-11-28 12:18:13 +02:00
monty@mysql.com
7c6113a39f Merge key cache structures to one
Fixed compiler warnings (IRIX C compiler and VC++)
2003-11-20 22:06:25 +02:00
hf@deer.(none)
7a763f3fe3 SCRUM
prepared statements in embedded library
2003-09-17 15:18:18 +05:00
hf@deer.(none)
bf017a2eb0 SCRUM
Prepared statements in embedded server
Several changes in library code with two goals:
to make mysql_prepare_stmt working in embedded server
to get rid of #define mysql_interface_func mysql->methods->interface_func
in user's interface
2003-09-16 16:06:25 +05:00
hf@deer.(none)
a4f899dfc0 SCRUM - adding client into embedded server
error handling fixed
fetch_lengths made to work differently in embedded and client cases
2003-07-23 15:23:20 +05:00
hf@deer.(none)
b82e89d872 SCRUM
merged conflicts about my previous commit
it seems there are some errors left - gonna check...
2003-06-17 21:53:13 +05:00
hf@deer.(none)
c4e3a624b8 SCRUM
client capabilities included into libmysqld
some API methods became "virtual"
lots of duplicated code removed

IMHO all the above made library's code way more pleasant to look at, didn't it?
2003-06-17 21:32:31 +05:00
monty@narttu.mysql.fi
a1034db4b9 Cleanup after split of libmysql.c to client.c and libmysql.c. A 4.1 master/slave will now use the 4.1 protocol
Fixed wrong value for SQLSTATE_LENGTH
Added CLIENT_REMEMBER_OPTIONS to mysql_real_connect()
Changed mysql_port and mysql_unix_port to mysqld_xxxx
2003-06-14 11:37:42 +03:00
monty@narttu.mysql.fi
059b1e5612 After merge fixes 2003-06-05 23:19:56 +03:00
hf@deer.(none)
9ad3c1cdca SCRUM:
splittiln common client's parts
2003-06-03 15:02:57 +05:00
hf@deer.(none)
02d3d7e8bd SCRUM:
Here is another pack of changes about gathering common client code in
sql-common/client.c.
Now i symlink the client.c from sql/ and libmysql/. These directories
have client_settings.h files to be included to client.c. It contains
defines and declarations to compile client.c in appropriate manner.
Also i've added include/sql_common.h, containing declarations of what
is exported from client.c

I removed as many #ifdef-s from client.c as i dared to. I think it's better
push it with some extra #ifdef-s now (of course, if everythihg besides it is
ok) so other people can check the code.
2003-05-31 15:15:46 +05:00