Commit f48db1bc authored by unknown's avatar unknown
Browse files

Temporary solution for bug #13969 "Routines which are replicated from master 

can't be executed on slave". It will be possible to solve this problem
in more correct way when we will implement WL#2897 "Complete definer support
in the stored routines".


mysql-test/r/rpl_sp.result:
  Added test for bug #13969 "Routines which are replicated from master can't be
  executed on slave".
mysql-test/t/rpl_sp.test:
  Added test for bug #13969 "Routines which are replicated from master can't be
  executed on slave".
sql/sp_head.cc:
  sp_change_security_context():
    Currently the slave replication thread creates all stored routines with
    definer ''@'', ignoring the actual definer. When the slave replication
    thread executes these routines, it ignores the definer, and so the routines
    work. However, in case of a failover, the replica operates in a normal mysqld
    mode and changes security context to the definer when executing a routine.
    A proper fix for this issue is described in WL#2897 "Complete definer support
    in the stored routines". Until this WL is implemented, we need this temporary
    fix, which ignores errors when changing security context.
parent 63e7824f

mysql-test/r/rpl_sp.result

+8 −0
Original line number Diff line number Diff line
@@ -264,6 +264,14 @@ master-bin.000002 # Query 1 # use `mysqltest1`; insert into t1 values (1) 
select * from t1;

a

1

create procedure foo()

not deterministic

reads sql data

select * from t1;

call foo();

a

1

drop procedure foo;

drop function fn1;

drop database mysqltest1;

drop user "zedjzlcsjhd"@127.0.0.1;

mysql-test/t/rpl_sp.test

+17 −0
Original line number Diff line number Diff line
@@ -258,6 +258,23 @@ sync_slave_with_master; 
select * from t1;





#

# Test for bug #13969 "Routines which are replicated from master can't be

# executed on slave".

# 

connection master;

create procedure foo()

  not deterministic

  reads sql data

  select * from t1;

sync_slave_with_master;

# This should not fail

call foo();

connection master;

drop procedure foo;

sync_slave_with_master;





# Clean up

connection master;

drop function fn1;

sql/sp_head.cc

+15 −0
Original line number Diff line number Diff line
@@ -2650,9 +2650,24 @@ sp_change_security_context(THD *thd, sp_head *sp, Security_context **backup) 
                                sp->m_definer_host.str,

                                sp->m_db.str))

    {

#ifdef NOT_YET_REPLICATION_SAFE

      /*

        Until we don't properly replicate information about stored routine

        definer with stored routine creation statement all stored routines

        on slave are created under ''@'' definer. Therefore we won't be able

        to run any routine which was replicated from master on slave server

        if we emit error here. This will cause big problems for users

        who use slave for fail-over. So until we fully implement WL#2897

        "Complete definer support in the stored routines" we run suid

        stored routines for which we were unable to find definer under

        invoker security context.

      */

      my_error(ER_NO_SUCH_USER, MYF(0), sp->m_definer_user.str,

               sp->m_definer_host.str);

      return TRUE;

#else

      return FALSE;

#endif

    }

    *backup= thd->security_ctx;

    thd->security_ctx= &sp->m_security_ctx;