Commit e3d7877f authored by unknown's avatar unknown
Browse files

Fix for bug #13546 "Build errors with --with-embedded-server 

--with-embedded-privilege-control options". One more (hopefully last) build
failure which was introduced during work on WL#2787 "Add view definer/owner
to the view definition..."


libmysqld/lib_sql.cc:
  create_embedded_thd()/check_embedded_connection():
    Several security related THD members (user, host, ip, priv_user, ...) have
    moved to the Security_context class. New THD::security_ctx member points to
    active security context.
sql/sql_acl.cc:
  acl_getroot():
    Updated function description to refelect the fact that THD::user/host/ip/...
    members were moved to separate Security_context class.
sql/sql_parse.cc:
  check_user():
    Updated function description to refelect the fact that THD::user/host/ip/...
    members were moved to separate Security_context class.
parent 59922574

libmysqld/lib_sql.cc

+9 −8
Original line number Diff line number Diff line
@@ -514,8 +514,8 @@ void *create_embedded_thd(int client_flag, char *db) 
  thd->db= db;

  thd->db_length= db ? strip_sp(db) : 0;

#ifndef NO_EMBEDDED_ACCESS_CHECKS

  thd->db_access= DB_ACLS;

  thd->master_access= ~NO_ACCESS;

  thd->security_ctx->db_access= DB_ACLS;

  thd->security_ctx->master_access= ~NO_ACCESS;

#endif

  thd->net.query_cache_query= 0;
@@ -542,26 +542,27 @@ int check_embedded_connection(MYSQL *mysql) 
int check_embedded_connection(MYSQL *mysql)

{

  THD *thd= (THD*)mysql->thd;

  Security_context *sctx= thd->security_ctx;

  int result;

  char scramble_buff[SCRAMBLE_LENGTH];

  int passwd_len;



  if (mysql->options.client_ip)

  {

    thd->host= my_strdup(mysql->options.client_ip, MYF(0));

    thd->ip= my_strdup(thd->host, MYF(0));

    sctx->host= my_strdup(mysql->options.client_ip, MYF(0));

    sctx->ip= my_strdup(sctx->host, MYF(0));

  }

  else

    thd->host= (char*)my_localhost;

  thd->host_or_ip= thd->host;

    sctx->host= (char*)my_localhost;

  sctx->host_or_ip= sctx->host;



  if (acl_check_host(thd->host,thd->ip))

  if (acl_check_host(sctx->host, sctx->ip))

  {

    result= ER_HOST_NOT_PRIVILEGED;

    goto err;

  }



  thd->user= my_strdup(mysql->user, MYF(0));

  sctx->user= my_strdup(mysql->user, MYF(0));

  if (mysql->passwd && mysql->passwd[0])

  {

    memset(thd->scramble, 55, SCRAMBLE_LENGTH); // dummy scramble

sql/sql_acl.cc

+2 −2
Original line number Diff line number Diff line
@@ -693,8 +693,8 @@ static int acl_compare(ACL_ACCESS *a,ACL_ACCESS *b) 
  SYNOPSIS

    acl_getroot()

    thd         thread handle. If all checks are OK,

                thd->priv_user, thd->master_access are updated.

                thd->host, thd->ip, thd->user are used for checks.

                thd->security_ctx->priv_user/master_access are updated.

                thd->security_ctx->host/ip/user are used for checks.

    mqh         user resources; on success mqh is reset, else

                unchanged

    passwd      scrambled & crypted password, received from client

sql/sql_parse.cc

+3 −3
Original line number Diff line number Diff line
@@ -246,7 +246,7 @@ static int get_or_create_user_conn(THD *thd, const char *user, 


  SYNOPSIS

    check_user()

    thd          thread handle, thd->{host,user,ip} are used

    thd          thread handle, thd->security_ctx->{host,user,ip} are used

    command      originator of the check: now check_user is called

                 during connect and change user procedures; used for 

                 logging.
@@ -261,8 +261,8 @@ static int get_or_create_user_conn(THD *thd, const char *user, 
    are 'IN'.



  RETURN VALUE

    0  OK; thd->user, thd->master_access, thd->priv_user, thd->db and

       thd->db_access are updated; OK is sent to client;

    0  OK; thd->security_ctx->user/master_access/priv_user/db_access and

       thd->db are updated; OK is sent to client;

   -1  access denied or handshake error; error is sent to client;

   >0  error, not sent to client

*/