mirror of
https://github.com/MariaDB/server.git
synced 2025-01-19 05:22:25 +01:00
9c2a63e35e
Cleaned up embedded library access and query cache handling Changed min stack size to 128K (to allow longer MyISAM keys) Fixed wrong priority for XOR (should be less than NEG to get -1^1 to work) client/mysqldump.c: Fixed bugs found after merge include/mysql_embed.h: Disable query cache when using embedded version myisam/mi_check.c: Removed not used variable mysql-test/r/auto_increment.result: Fixed bugs found after merge mysql-test/r/bdb.result: Fixed bugs found after merge mysql-test/r/func_group.result: Fixed bugs found after merge mysql-test/r/func_str.result: Fixed bugs found after merge mysql-test/r/func_time.result: Fixed bugs found after merge mysql-test/r/group_by.result: Fixed bugs found after merge mysql-test/r/innodb.result: Fixed bugs found after merge mysql-test/r/insert.result: Fixed bugs found after merge mysql-test/r/join_outer.result: Fixed bugs found after merge mysql-test/r/loaddata.result: Fixed bugs found after merge mysql-test/r/multi_update.result: Fixed bugs found after merge mysql-test/r/mysqldump.result: Update results mysql-test/r/rpl_EE_error.result: Fixed bugs found after merge mysql-test/r/rpl_multi_update.result: Fixed bugs found after merge mysql-test/r/symlink.result: Update results mysql-test/r/type_blob.result: Update results mysql-test/r/type_datetime.result: Update results mysql-test/r/type_decimal.result: Update results mysql-test/r/type_enum.result: Fixed bugs found after merge mysql-test/r/type_timestamp.result: Update results mysql-test/r/union.result: Update results mysql-test/r/warnings.result: Update results mysql-test/t/bdb.test: Fix test for 4.1 mysql-test/t/innodb.test: Fix test for 4.1 mysql-test/t/multi_update.test: Fix test for 4.1 mysql-test/t/mysqldump.test: Fix test for 4.1 mysql-test/t/rpl_EE_error.test: Fix test for 4.1 mysql-test/t/rpl_multi_update.test: Fix test for 4.1 mysql-test/t/union.test: Cleanup mysys/charset.c: Check results from my_once_alloc() mysys/my_handler.c: part of 4.0 merge sql-common/client.c: Part of 4.0 merge sql/field.cc: After merge fixes sql/field.h: After merge fixes sql/ha_innodb.cc: Remove duplicate include files sql/item.cc: Changed automatic int conversion to be of type binary sql/item.h: After merge fixes sql/item_func.cc: Changed automatic int conversion to be of type binary sql/item_func.h: After merge fixes sql/item_strfunc.cc: Added comments sql/item_subselect.cc: Indentation fixes sql/item_sum.cc: Changed automatic int conversion to be of type binary sql/item_sum.h: After merge fixes sql/mysql_priv.h: Cleanup embedded library access checks sql/mysqld.cc: Changed min stack size to 128K (to allow longer MyISAM keys) sql/set_var.cc: Fixed compiler warnings sql/share/czech/errmsg.txt: Better error message sql/share/danish/errmsg.txt: Better error message sql/share/dutch/errmsg.txt: Better error message sql/share/english/errmsg.txt: Better error message sql/share/estonian/errmsg.txt: Better error message sql/share/french/errmsg.txt: Better error message sql/share/greek/errmsg.txt: Better error message sql/share/hungarian/errmsg.txt: Better error message sql/share/italian/errmsg.txt: Better error message sql/share/japanese/errmsg.txt: Better error message sql/share/korean/errmsg.txt: Better error message sql/share/norwegian-ny/errmsg.txt: Better error message sql/share/norwegian/errmsg.txt: Better error message sql/share/polish/errmsg.txt: Better error message sql/share/romanian/errmsg.txt: Better error message sql/share/russian/errmsg.txt: Better error message sql/share/serbian/errmsg.txt: Better error message sql/share/slovak/errmsg.txt: Better error message sql/share/spanish/errmsg.txt: Better error message sql/share/swedish/errmsg.txt: Better error message sql/share/ukrainian/errmsg.txt: Better error message sql/sql_acl.h: Cleaned up embedded library acccess checks sql/sql_base.cc: After merge fixes sql/sql_client.cc: After merge fixes sql/sql_parse.cc: After merge fixes Changed access check code for embedded library (needed to make code shorter and ensure that check_table_access() is called) Recoded create-table handling for CREATE TABLE ... SELECT to make code shorter and faster sql/sql_prepare.cc: Add missing arguments sql/sql_select.cc: After merge fixes sql/sql_update.cc: After merge fixes sql/sql_yacc.yy: Fixed wrong priority for XOR (should be less than NEG to get -1^1 to work) sql/table.cc: After merge fixes
167 lines
5.6 KiB
C++
167 lines
5.6 KiB
C++
/* Copyright (C) 2000 MySQL AB & MySQL Finland AB & TCX DataKonsult AB
|
|
|
|
This program is free software; you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation; either version 2 of the License, or
|
|
(at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program; if not, write to the Free Software
|
|
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */
|
|
|
|
#define SELECT_ACL (1L << 0)
|
|
#define INSERT_ACL (1L << 1)
|
|
#define UPDATE_ACL (1L << 2)
|
|
#define DELETE_ACL (1L << 3)
|
|
#define CREATE_ACL (1L << 4)
|
|
#define DROP_ACL (1L << 5)
|
|
#define RELOAD_ACL (1L << 6)
|
|
#define SHUTDOWN_ACL (1L << 7)
|
|
#define PROCESS_ACL (1L << 8)
|
|
#define FILE_ACL (1L << 9)
|
|
#define GRANT_ACL (1L << 10)
|
|
#define REFERENCES_ACL (1L << 11)
|
|
#define INDEX_ACL (1L << 12)
|
|
#define ALTER_ACL (1L << 13)
|
|
#define SHOW_DB_ACL (1L << 14)
|
|
#define SUPER_ACL (1L << 15)
|
|
#define CREATE_TMP_ACL (1L << 16)
|
|
#define LOCK_TABLES_ACL (1L << 17)
|
|
#define EXECUTE_ACL (1L << 18)
|
|
#define REPL_SLAVE_ACL (1L << 19)
|
|
#define REPL_CLIENT_ACL (1L << 20)
|
|
|
|
|
|
#define DB_ACLS \
|
|
(UPDATE_ACL | SELECT_ACL | INSERT_ACL | DELETE_ACL | CREATE_ACL | DROP_ACL | \
|
|
GRANT_ACL | REFERENCES_ACL | INDEX_ACL | ALTER_ACL | CREATE_TMP_ACL | LOCK_TABLES_ACL)
|
|
|
|
#define TABLE_ACLS \
|
|
(SELECT_ACL | INSERT_ACL | UPDATE_ACL | DELETE_ACL | CREATE_ACL | DROP_ACL | \
|
|
GRANT_ACL | REFERENCES_ACL | INDEX_ACL | ALTER_ACL)
|
|
|
|
#define COL_ACLS \
|
|
(SELECT_ACL | INSERT_ACL | UPDATE_ACL | REFERENCES_ACL)
|
|
|
|
#define GLOBAL_ACLS \
|
|
(SELECT_ACL | INSERT_ACL | UPDATE_ACL | DELETE_ACL | CREATE_ACL | DROP_ACL | \
|
|
RELOAD_ACL | SHUTDOWN_ACL | PROCESS_ACL | FILE_ACL | GRANT_ACL | \
|
|
REFERENCES_ACL | INDEX_ACL | ALTER_ACL | SHOW_DB_ACL | SUPER_ACL | \
|
|
CREATE_TMP_ACL | LOCK_TABLES_ACL | REPL_SLAVE_ACL | REPL_CLIENT_ACL | \
|
|
EXECUTE_ACL)
|
|
|
|
#define EXTRA_ACL (1L << 29)
|
|
#define NO_ACCESS (1L << 30)
|
|
|
|
/*
|
|
Defines to change the above bits to how things are stored in tables
|
|
This is needed as the 'host' and 'db' table is missing a few privileges
|
|
*/
|
|
|
|
/* Continius bit-segments that needs to be shifted */
|
|
#define DB_REL1 (RELOAD_ACL | SHUTDOWN_ACL | PROCESS_ACL | FILE_ACL)
|
|
#define DB_REL2 (GRANT_ACL | REFERENCES_ACL)
|
|
|
|
/* Privileges that needs to be reallocated (in continous chunks) */
|
|
#define DB_CHUNK1 (GRANT_ACL | REFERENCES_ACL | INDEX_ACL | ALTER_ACL)
|
|
#define DB_CHUNK2 (CREATE_TMP_ACL | LOCK_TABLES_ACL)
|
|
|
|
#define fix_rights_for_db(A) (((A) & 63) | (((A) & DB_REL1) << 4) | (((A) & DB_REL2) << 6))
|
|
#define get_rights_for_db(A) (((A) & 63) | (((A) & DB_CHUNK1) >> 4) | (((A) & DB_CHUNK2) >> 6))
|
|
#define fix_rights_for_table(A) (((A) & 63) | (((A) & ~63) << 4))
|
|
#define get_rights_for_table(A) (((A) & 63) | (((A) & ~63) >> 4))
|
|
#define fix_rights_for_column(A) (((A) & 7) | (((A) & ~7) << 8))
|
|
#define get_rights_for_column(A) (((A) & 7) | ((A) >> 8))
|
|
|
|
/* Classes */
|
|
|
|
struct acl_host_and_ip
|
|
{
|
|
char *hostname;
|
|
long ip,ip_mask; // Used with masked ip:s
|
|
};
|
|
|
|
|
|
class ACL_ACCESS {
|
|
public:
|
|
ulong sort;
|
|
ulong access;
|
|
};
|
|
|
|
|
|
/* ACL_HOST is used if no host is specified */
|
|
|
|
class ACL_HOST :public ACL_ACCESS
|
|
{
|
|
public:
|
|
acl_host_and_ip host;
|
|
char *db;
|
|
};
|
|
|
|
|
|
class ACL_USER :public ACL_ACCESS
|
|
{
|
|
public:
|
|
acl_host_and_ip host;
|
|
uint hostname_length;
|
|
USER_RESOURCES user_resource;
|
|
char *user;
|
|
uint8 salt[SCRAMBLE_LENGTH+1]; // scrambled password in binary form
|
|
uint8 salt_len; // 0 - no password, 4 - 3.20, 8 - 3.23, 20 - 4.1.1
|
|
enum SSL_type ssl_type;
|
|
const char *ssl_cipher, *x509_issuer, *x509_subject;
|
|
};
|
|
|
|
|
|
class ACL_DB :public ACL_ACCESS
|
|
{
|
|
public:
|
|
acl_host_and_ip host;
|
|
char *user,*db;
|
|
};
|
|
|
|
/* prototypes */
|
|
|
|
bool hostname_requires_resolving(const char *hostname);
|
|
my_bool acl_init(THD *thd, bool dont_read_acl_tables);
|
|
void acl_reload(THD *thd);
|
|
void acl_free(bool end=0);
|
|
ulong acl_get(const char *host, const char *ip,
|
|
const char *user, const char *db, my_bool db_is_pattern);
|
|
int acl_getroot(THD *thd, USER_RESOURCES *mqh, const char *passwd,
|
|
uint passwd_len);
|
|
bool acl_check_host(const char *host, const char *ip);
|
|
bool check_change_password(THD *thd, const char *host, const char *user);
|
|
bool change_password(THD *thd, const char *host, const char *user,
|
|
char *password);
|
|
int mysql_grant(THD *thd, const char *db, List <LEX_USER> &user_list,
|
|
ulong rights, bool revoke);
|
|
int mysql_table_grant(THD *thd, TABLE_LIST *table, List <LEX_USER> &user_list,
|
|
List <LEX_COLUMN> &column_list, ulong rights,
|
|
bool revoke);
|
|
my_bool grant_init(THD *thd);
|
|
void grant_free(void);
|
|
void grant_reload(THD *thd);
|
|
bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables,
|
|
uint show_command, bool dont_print_error);
|
|
bool check_grant_column (THD *thd,TABLE *table, const char *name, uint length,
|
|
uint show_command=0);
|
|
bool check_grant_all_columns(THD *thd, ulong want_access, TABLE *table);
|
|
bool check_grant_db(THD *thd,const char *db);
|
|
ulong get_table_grant(THD *thd, TABLE_LIST *table);
|
|
ulong get_column_grant(THD *thd, TABLE_LIST *table, Field *field);
|
|
int mysql_show_grants(THD *thd, LEX_USER *user);
|
|
void get_privilege_desc(char *to, uint max_length, ulong access);
|
|
void get_mqh(const char *user, const char *host, USER_CONN *uc);
|
|
int mysql_drop_user(THD *thd, List <LEX_USER> &list);
|
|
int mysql_revoke_all(THD *thd, List <LEX_USER> &list);
|
|
|
|
#ifdef NO_EMBEDDED_ACCESS_CHECKS
|
|
#define check_grant(A,B,C,D,E) 0
|
|
#define check_grant_db(A,B) 0
|
|
#endif
|