into zim.(none):/home/brian/mysql/dep-5.1
client/mysql.cc:
Auto merged
mysql-test/r/grant.result:
Auto merged
mysql-test/r/grant2.result:
Auto merged
mysql-test/r/heap_btree.result:
Auto merged
mysql-test/t/grant.test:
Auto merged
mysql-test/t/grant2.test:
Auto merged
mysql-test/t/mysqlbinlog.test:
Auto merged
mysql-test/t/repair.test:
Auto merged
scripts/fill_func_tables.sh:
Auto merged
scripts/mysql_install_db.sh:
Auto merged
sql/field.cc:
Auto merged
sql/field.h:
Auto merged
sql/mysqld.cc:
Auto merged
sql/set_var.cc:
Auto merged
sql/sql_update.cc:
Auto merged
storage/heap/hp_delete.c:
Auto merged
storage/myisam/mi_update.c:
Auto merged
storage/myisam/sort.c:
Auto merged
mysql-test/r/mysqldump.result:
Fixing Result
mysql-test/r/repair.result:
Fixing result
mysql-test/t/mysqldump.test:
Merging change
storage/archive/ha_archive.cc:
Merging in change
"A SELECT privilege on a view is required for SHOW CREATE VIEW and it will stay
that way because of compatibility reasons." (see #20136)
a test case to illustrate how the ACLs work in this case (and ensure they will continue
to do so in the future)
mysql-test/r/grant.result:
Bug#20214: Incorrect error when user calls SHOW CREATE VIEW on non privileged view
a test case to illustrate how the ACLs work in this case (and ensure they will continue
to do so in the future)
mysql-test/t/grant.test:
Bug#20214: Incorrect error when user calls SHOW CREATE VIEW on non privileged view
a test case to illustrate how the ACLs work in this case (and ensure they will continue
to do so in the future)
"A SELECT privilege on a view is required for SHOW CREATE VIEW and it will stay
that way because of compatibility reasons." (see #20136)
a test case to illustrate how the ACLs work in this case (and ensure they will continue
to do so in the future)
This appears to have just been an oversight -- CREATE USER was not enforcing
the existing username limitations.
mysql-test/r/grant.result:
Add new results
mysql-test/t/grant.test:
Add new regression test
sql/sql_acl.cc:
Enforce the user and host name limits in mysql_create_user().
Add define YASSL_PREFIX when compiling yassl
Import patch from yaSSL
- avoid allocating memory for each call to 'EVP_md5' and
'EVP_des_ede3_cbc' which were not released until server was stopped
- Those functions are used from the SQL function 'des_encrypt' and
'des_decrypt'.
Add new define YASSL_PREFIX beforee including ssl.h to activate inclusion of prefix_*.h files
Bug#20022 mysql-test-run can't be run with secure connections turned on for all testcases
- Part 1, fixes rpl- and federated-tests where connection is made to 127.0.0.1
- Include prefix files that renames all public functions in yaSSLs
OpenSSL API to ya<function_name>. They will otherwise conflict
with OpenSSL functions if loaded by an application that uses OpenSSL
as well as libmysqlclient with yaSSL support.
Bug#18235: assertion/crash when windows mysqld is ended with ctrl-c
Two threads both try a shutdown sequence which creates a race to the
de-init/free of certain resources.
This exists in similar form in the client as 17926: "mysql.exe crashes
when ctrl-c is pressed in windows."
Update after merge to 5.0
BUG#18669: Session COM_STATISTICS breaks mysqladmin status.
Changed COM_STATISTICS to display the global status, instead of thead status, for slow queries and table opens.
- In function 'handle_grant_struct' when searching the memory structures for an
entry to modify, convert all entries here host.hostname is NULL to "" and compare that
with the host passed in argument "user_from".
- A user created with hostname "" is stored in "mysql.user" table as host="" but when loaded into
memory it'll be stored as host.hostname NULL. Specifiying "" as hostname means
that "any host" can connect. Thus is's correct to turn on allow_all_hosts
when such a user is found.
- Review and fix other places where host.hostname may be NULL.
BUG#19394 OPT_INNODB_THREAD_CONCURRENCY duplicated
Removed duplication (not a user-visible change)
client/Makefile.am:
Remove $yassl_includes
client/mysqltest.c:
Turn on ssl_verify_server_cert only if host is "localhost"
extra/yassl/include/openssl/crypto.h:
Add prefix file for ssl.h
extra/yassl/include/openssl/ssl.h:
Add include file "prefix_crypto.h" to rename SSL_* functions to yaSSL_*
extra/yassl/include/yassl_int.hpp:
Import patch yassl.diff
extra/yassl/src/Makefile.am:
Add defined YASSL_PREFIX when building yassl/testsuite
extra/yassl/src/ssl.cpp:
Import patch yassl.diff
extra/yassl/src/template_instnt.cpp:
Import patch yassl.diff
extra/yassl/src/yassl_int.cpp:
Import patch yassl.diff
extra/yassl/testsuite/Makefile.am:
Add defined YASSL_PREFIX when building yassl/testsuite
extra/yassl/yassl.vcproj:
Add define YASSL_PREFIX when compiling yassl
include/violite.h:
Add new define YASSL_PREFIX beforee including ssl.h to activate inclusion of prefix_*.h files
libmysql/Makefile.am:
Remove yassl_includes
libmysql_r/Makefile.am:
Remove yassl_includes
libmysqld/Makefile.am:
Remove yassl_includes
libmysqld/examples/Makefile.am:
Remove yassl_includes
mysql-test/r/analyze.result:
Add missing drop table
mysql-test/r/grant.result:
Reorder test result
Add test cases for users with hostname ""
mysql-test/r/ps.result:
Add missing drop table
mysql-test/t/analyze.test:
Add missing drop table
mysql-test/t/grant.test:
Add "use test"
Add test cases for users with hostname ""
- Test create, grant and drop as well as connecting as the user with hostname "".
mysql-test/t/ps.test:
Add missing drop table
server-tools/instance-manager/Makefile.am:
Remove yassl_includes
sql/Makefile.am:
Remove yassl_includes
sql/mysqld.cc:
We have three potential ways of hitting the iceberg:
- unireg_end() has basic de-init
- unireg_abort() has extended de-init
- main() has a de-init sequence similar to unireg_abort()
In the Windows version of the server, Control-C is handled
in a different thread from the one main() is in. The main
loop is told to end, then unireg_abort() is called. Its
de-init and that of main() will then race each other for
mutex- and cond-var-destroys, free(), and finally exit().
This patch introduces a special case for Windows that will eliminate
the race by ending the signal-handler via unireg_end() instead if
SIGINT is signalled. This seems the least intrusive fix that still
fixes user-visible behaviour.
Two of the startup options for mysqld, innodb_commit_concurrency
and innodb_thread_concurrency, were using the same enumeration
value. Changed to give innodb_commit_concurrency it's own value.
sql/sql_acl.cc:
Add check if host is NULL
Add check if grant_name->host.hostname is null
Convert places where host.hostname is NULL to "" before using it.
sql/sql_parse.cc:
Calculate and display the global statistics.
vio/Makefile.am:
Remove yassl_includes
extra/yassl/include/openssl/generate_prefix_files.pl:
New BitKeeper file ``extra/yassl/include/openssl/generate_prefix_files.pl''
extra/yassl/include/openssl/prefix_crypto.h:
New BitKeeper file ``extra/yassl/include/openssl/prefix_crypto.h''
extra/yassl/include/openssl/prefix_ssl.h:
New BitKeeper file ``extra/yassl/include/openssl/prefix_ssl.h''
Add define YASSL_PREFIX when compiling yassl
Import patch from yaSSL
- avoid allocating memory for each call to 'EVP_md5' and
'EVP_des_ede3_cbc' which were not released until server was stopped
- Those functions are used from the SQL function 'des_encrypt' and
'des_decrypt'.
Add new define YASSL_PREFIX beforee including ssl.h to activate inclusion of prefix_*.h files
Bug#20022 mysql-test-run can't be run with secure connections turned on for all testcases
- Part 1, fixes rpl- and federated-tests where connection is made to 127.0.0.1
- Include prefix files that renames all public functions in yaSSLs
OpenSSL API to ya<function_name>. They will otherwise conflict
with OpenSSL functions if loaded by an application that uses OpenSSL
as well as libmysqlclient with yaSSL support.
Bug#18235: assertion/crash when windows mysqld is ended with ctrl-c
Two threads both try a shutdown sequence which creates a race to the
de-init/free of certain resources.
This exists in similar form in the client as 17926: "mysql.exe crashes
when ctrl-c is pressed in windows."
Update after merge to 5.0
BUG#18669: Session COM_STATISTICS breaks mysqladmin status.
Changed COM_STATISTICS to display the global status, instead of thead status, for slow queries and table opens.
- In function 'handle_grant_struct' when searching the memory structures for an
entry to modify, convert all entries here host.hostname is NULL to "" and compare that
with the host passed in argument "user_from".
- A user created with hostname "" is stored in "mysql.user" table as host="" but when loaded into
memory it'll be stored as host.hostname NULL. Specifiying "" as hostname means
that "any host" can connect. Thus is's correct to turn on allow_all_hosts
when such a user is found.
- Review and fix other places where host.hostname may be NULL.
BUG#19394 OPT_INNODB_THREAD_CONCURRENCY duplicated
Removed duplication (not a user-visible change)
into a193-229-222-105.elisa-laajakaista.fi:/home/my/bk/mysql-5.1-new
mysql-test/mysql-test-run.pl:
Auto merged
mysql-test/mysql-test-run.sh:
Auto merged
mysql-test/r/grant.result:
Auto merged
mysql-test/r/heap_btree.result:
Auto merged
mysql-test/r/information_schema_db.result:
Auto merged
mysql-test/r/lock_multi.result:
Auto merged
mysql-test/r/sp.result:
Auto merged
mysql-test/r/subselect.result:
Auto merged
mysql-test/r/view_grant.result:
Auto merged
mysql-test/t/lock_multi.test:
Auto merged
mysql-test/t/sp.test:
Auto merged
mysql-test/t/view_grant.test:
Auto merged
mysys/default.c:
Auto merged
server-tools/instance-manager/guardian.cc:
Auto merged
sql/field.h:
Auto merged
sql/item.h:
Auto merged
sql/item_subselect.cc:
Auto merged
sql/item_timefunc.cc:
Auto merged
sql/lock.cc:
Auto merged
sql/mysql_priv.h:
Auto merged
sql/sql_acl.cc:
Auto merged
sql/sql_delete.cc:
Auto merged
sql/sql_insert.cc:
Auto merged
sql/sql_lex.h:
Auto merged
sql/sql_load.cc:
Auto merged
sql/sql_parse.cc:
Auto merged
sql/sql_show.cc:
Auto merged
sql/sql_update.cc:
Auto merged
sql/table.cc:
Auto merged
storage/heap/hp_write.c:
Auto merged
storage/ndb/src/ndbapi/DictCache.cpp:
Auto merged
storage/ndb/src/ndbapi/DictCache.hpp:
Auto merged
client/mysqlbinlog.cc:
Manual merge from 5.0
client/mysqldump.c:
Manual merge from 5.0
configure.in:
Manual merge from 5.0
mysql-test/r/mysqldump.result:
Manual merge from 5.0
mysql-test/t/mysqldump.test:
Manual merge from 5.0
mysql-test/t/rpl_insert_id.test:
Manual merge from 5.0
server-tools/instance-manager/manager.cc:
Manual merge from 5.0
sql/field.cc:
Manual merge from 5.0
sql/ha_ndbcluster.cc:
Manual merge from 5.0
sql/mysqld.cc:
Manual merge from 5.0
sql/sql_base.cc:
Manual merge from 5.0
sql/sql_lex.cc:
Manual merge from 5.0
sql/sql_select.cc:
Manual merge from 5.0
sql/sql_table.cc:
Manual merge from 5.0
into neptunus.(none):/home/msvensson/mysql/mysql-5.0-maint
mysql-test/r/grant.result:
Auto merged
mysql-test/t/grant.test:
Auto merged
sql/mysqld.cc:
Auto merged
sql/sql_acl.cc:
Auto merged
mysql-test/r/grant.result:
Reorder test result
mysql-test/t/grant.test:
Add "use test"
sql/sql_acl.cc:
Add check if host is NULL
Add check if grant_name->host.hostname is null
into neptunus.(none):/home/msvensson/mysql/mysql-5.0-maint
mysql-test/t/grant.test:
Auto merged
sql/sql_acl.cc:
Auto merged
mysql-test/r/grant.result:
SCCS merged
The check for view security was lacking several points :
1. Check with the right set of permissions : for each table ref that
participates in a view there were the right credentials to use in it's
security_ctx member, but these weren't used for checking the credentials.
This makes hard enforcing the SQL SECURITY DEFINER|INVOKER property
consistently.
2. Because of the above the security checking for views was just ruled out
in explicit ways in several places.
3. The security was checked only for the columns of the tables that are
brought into the query from a view. So if there is no column reference
outside of the view definition it was not detecting the lack of access to
the tables in the view in SQL SECURITY INVOKER mode.
The fix below tries to fix the above 3 points.
mysql-test/r/grant.result:
removed nondeterminism (unspecified order) in some test output
mysql-test/r/view_grant.result:
Somewhat extended test case for the bug and similar queries.
mysql-test/t/grant.test:
removed nondeterminism (unspecified order) in some test output
mysql-test/t/view_grant.test:
Somewhat extended test case for the bug and similar queries.
sql/mysql_priv.h:
A wrapper for setup_tables that also checks access to the tables
sql/sql_acl.cc:
removed artificial security check stop and used the table ref's credentials.
sql/sql_base.cc:
a wrapper for setup_tables to check access to the tables
sql/sql_delete.cc:
wrapper called.
sql/sql_insert.cc:
wrapper called
sql/sql_load.cc:
wrapper called
sql/sql_parse.cc:
wrapper called and artificial check stop removed
sql/sql_select.cc:
wrapper called
sql/sql_update.cc:
wrapper called
sql/table.cc:
Mask table access to the view error as well.
The check for view security was lacking several points :
1. Check with the right set of permissions : for each table ref that
participates in a view there were the right credentials to use in it's
security_ctx member, but these weren't used for checking the credentials.
This makes hard enforcing the SQL SECURITY DEFINER|INVOKER property
consistently.
2. Because of the above the security checking for views was just ruled out
in explicit ways in several places.
3. The security was checked only for the columns of the tables that are
brought into the query from a view. So if there is no column reference
outside of the view definition it was not detecting the lack of access to
the tables in the view in SQL SECURITY INVOKER mode.
The fix below tries to fix the above 3 points.
- In function 'handle_grant_struct' when searching the memory structures for an
entry to modify, convert all entries here host.hostname is NULL to "" and compare that
with the host passed in argument "user_from".
- A user created with hostname "" is stored in "mysql.user" table as host="" but when loaded into
memory it'll be stored as host.hostname NULL. Specifiying "" as hostname means
that "any host" can connect. Thus is's correct to turn on allow_all_hosts
when such a user is found.
- Review and fix other places where host.hostname may be NULL.
mysql-test/init_db.sql:
Rename: BitKeeper/deleted/.del-init_db.sql~af2dfeabaa348dd7 -> mysql-test/init_db.sql
mysql-test/r/grant.result:
Add test cases for users with hostname ""
mysql-test/t/grant.test:
Add test cases for users with hostname ""
- Test create, grant and drop as well as connecting as the user with hostname "".
sql/sql_acl.cc:
Convert places where host.hostname is NULL to "" before using it.
- In function 'handle_grant_struct' when searching the memory structures for an
entry to modify, convert all entries here host.hostname is NULL to "" and compare that
with the host passed in argument "user_from".
- A user created with hostname "" is stored in "mysql.user" table as host="" but when loaded into
memory it'll be stored as host.hostname NULL. Specifiying "" as hostname means
that "any host" can connect. Thus is's correct to turn on allow_all_hosts
when such a user is found.
- Review and fix other places where host.hostname may be NULL.
into mysql.com:/extern/mysql/5.1/generic/mysql-5.1-new
libmysql/libmysql.c:
Auto merged
mysql-test/r/binary.result:
Auto merged
mysql-test/r/federated.result:
Auto merged
mysql-test/r/func_math.result:
Auto merged
mysql-test/r/grant.result:
Auto merged
mysql-test/r/heap.result:
Auto merged
mysql-test/r/sp.result:
Auto merged
mysql-test/r/trigger.result:
Auto merged
mysql-test/r/type_decimal.result:
Auto merged
mysql-test/t/binary.test:
Auto merged
mysql-test/t/federated.test:
Auto merged
mysql-test/t/mysql.test:
Auto merged
mysql-test/t/sp.test:
Auto merged
mysql-test/t/trigger.test:
Auto merged
sql/field_conv.cc:
Auto merged
sql/ha_federated.cc:
Auto merged
sql/ha_federated.h:
Auto merged
sql/item_cmpfunc.cc:
Auto merged
sql/item_strfunc.h:
Auto merged
sql/sql_acl.cc:
Auto merged
sql/sql_base.cc:
Auto merged
sql/sql_trigger.cc:
Auto merged
sql/sql_yacc.yy:
Auto merged
sql/table.cc:
Auto merged
sql/table.h:
Auto merged
tests/mysql_client_test.c:
Auto merged
support-files/mysql.spec.sh:
Manual merge. (use local)
Check if the host of table hash record exactly matches host from GRANT command
mysql-test/r/grant.result:
Fix for bug#14385 GRANT and mapping to correct user account problems
test case
mysql-test/t/grant.test:
Fix for bug#14385 GRANT and mapping to correct user account problems
test case
Implement table-level TRIGGER privilege to control access to triggers.
Before this path global SUPER privilege was used for this purpose, that
was the big security problem.
In details, before this patch SUPER privilege was required:
- for the user at CREATE TRIGGER time to create a new trigger;
- for the user at DROP TRIGGER time to drop the existing trigger;
- for the definer at trigger activation time to execute the trigger (if the
definer loses SUPER privilege, all its triggers become unavailable);
This patch changes the behaviour in the following way:
- TRIGGER privilege on the subject table for trigger is required:
- for the user at CREATE TRIGGER time to create a new trigger;
- for the user at DROP TRIGGER time to drop the existing trigger;
- for the definer at trigger activation time to execute the trigger
(if the definer loses TRIGGER privilege on the subject table, all its
triggers on this table become unavailable).
- SUPER privilege is still required:
- for the user at CREATE TRIGGER time to explicitly set the trigger
definer to the user other than CURRENT_USER().
When the server works with database of the previous version (w/o TRIGGER
privilege), or if the database is being upgraded from the previous versions,
TRIGGER privilege is granted to whose users, who have CREATE privilege.
mysql-test/r/grant.result:
Updated the result file after adding TRIGGER privilege.
mysql-test/r/information_schema.result:
Updated the result file after adding TRIGGER privilege.
mysql-test/r/lowercase_table_grant.result:
Updated the result file after adding TRIGGER privilege.
mysql-test/r/ps.result:
Updated the result file after adding TRIGGER privilege.
mysql-test/r/sp.result:
Updated the result file after adding TRIGGER privilege.
mysql-test/r/trigger-compat.result:
Updated the result file after adding TRIGGER privilege.
mysql-test/r/trigger-grant.result:
Updated the result file after adding TRIGGER privilege.
mysql-test/t/trigger-compat.test:
Grant table-level TRIGGER privilege instead of global SUPER one.
mysql-test/t/trigger-grant.test:
1. Grant table-level TRIGGER privilege instead of global SUPER one.
2. Updated the test case to check that SUPER is required to specify
the user other than the current as a definer.
scripts/mysql_create_system_tables.sh:
Added TRIGGER privilege.
scripts/mysql_fix_privilege_tables.sql:
Added TRIGGER privilege.
sql/sql_acl.cc:
Added TRIGGER privilege.
sql/sql_acl.h:
Added TRIGGER privilege.
sql/sql_show.cc:
Added TRIGGER privilege.
sql/sql_trigger.cc:
Check TRIGGER privilege instead of SUPER.
sql/sql_yacc.yy:
Added TRIGGER privilege.
Implement table-level TRIGGER privilege to control access to triggers.
Before this path global SUPER privilege was used for this purpose, that
was the big security problem.
In details, before this patch SUPER privilege was required:
- for the user at CREATE TRIGGER time to create a new trigger;
- for the user at DROP TRIGGER time to drop the existing trigger;
- for the definer at trigger activation time to execute the trigger (if the
definer loses SUPER privilege, all its triggers become unavailable);
This patch changes the behaviour in the following way:
- TRIGGER privilege on the subject table for trigger is required:
- for the user at CREATE TRIGGER time to create a new trigger;
- for the user at DROP TRIGGER time to drop the existing trigger;
- for the definer at trigger activation time to execute the trigger
(if the definer loses TRIGGER privilege on the subject table, all its
triggers on this table become unavailable).
- SUPER privilege is still required:
- for the user at CREATE TRIGGER time to explicitly set the trigger
definer to the user other than CURRENT_USER().
When the server works with database of the previous version (w/o TRIGGER
privilege), or if the database is being upgraded from the previous versions,
TRIGGER privilege is granted to whose users, who have CREATE privilege.
merge before push
BUILD/SETUP.sh:
Auto merged
include/my_sys.h:
Auto merged
mysql-test/r/grant.result:
Auto merged
mysql-test/r/ps.result:
Auto merged
sql/Makefile.am:
Auto merged
sql/lex.h:
Auto merged
sql/mysqld.cc:
Auto merged
sql/set_var.cc:
Auto merged
sql/set_var.h:
Auto merged
sql/sp.cc:
Auto merged
sql/sp.h:
Auto merged
sql/sp_head.h:
Auto merged
sql/sql_acl.cc:
Auto merged
sql/sql_acl.h:
Auto merged
sql/sql_lex.cc:
Auto merged
sql/sql_parse.cc:
Auto merged
sql/sql_show.cc:
Auto merged
sql/table.cc:
Auto merged
sql/tztime.cc:
Auto merged
libmysqld/Makefile.am:
manual merge
mysql-test/r/information_schema.result:
manual merge
sql/share/errmsg.txt:
manual merge
sql/sp_head.cc:
manual merge
sql/sql_lex.h:
manual merge
sql/sql_yacc.yy:
manual merge
- fixed test results
- fixed bug caught by information_schema.test . Bison temporal
variables are very nice but extremely error-prone (Count one more
time just to be sure).
mysql-test/r/connect.result:
fix result for WL#1034 (internal CRON)
mysql-test/r/events.result:
fix result for WL#1034 (internal CRON)
mysql-test/r/grant.result:
fix result for WL#1034 (internal CRON)
mysql-test/r/information_schema.result:
fix result for WL#1034 (internal CRON)
mysql-test/r/lowercase_table_grant.result:
fix result for WL#1034 (internal CRON)
mysql-test/r/ps.result:
fix result for WL#1034 (internal CRON)
mysql-test/r/system_mysql_db.result:
fix result for WL#1034 (internal CRON)
mysql-test/t/events.test:
fix result for WL#1034 (internal CRON)
sql/sql_yacc.yy:
- fix bug introduced by me when making usage of temporal
bison variables. COUNT 7 times then write!
- fixed test results
- fixed bug caught by information_schema.test . Bison temporal
variables are very nice but extremely error-prone (Count one more
time just to be sure).
- Comparing host string against NULL caused crash.
- If host.hostname is NULL treat it as ""
mysql-test/r/grant.result:
Update test results
mysql-test/t/grant.test:
Add test for user with host ""
into neptunus.(none):/home/msvensson/mysql/bug15598/my50-bug15598
mysql-test/t/grant.test:
Auto merged
sql/sql_acl.cc:
Auto merged
mysql-test/r/grant.result:
SCCS merged
- When acl_user->host.hostname is NULL compare it as ""
mysql-test/r/grant.result:
Test user with host ''
mysql-test/t/grant.test:
Test user with host ''
sql/sql_acl.cc:
If acl_user->host.hostname is NULL compare it as ""
