sql_acl.cc 180 KB
Newer Older
1
/* Copyright (C) 2000-2003 MySQL AB
unknown's avatar
unknown committed
2

unknown's avatar
unknown committed
3 4 5 6
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; either version 2 of the License, or
   (at your option) any later version.
unknown's avatar
unknown committed
7

unknown's avatar
unknown committed
8 9 10 11
   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.
unknown's avatar
unknown committed
12

unknown's avatar
unknown committed
13 14 15 16 17 18 19
   You should have received a copy of the GNU General Public License
   along with this program; if not, write to the Free Software
   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA */


/*
  The privileges are saved in the following tables:
20 21
  mysql/user	 ; super user who are allowed to do almost anything
  mysql/host	 ; host privileges. This is used if host is empty in mysql/db.
unknown's avatar
unknown committed
22 23 24 25 26 27 28 29 30 31
  mysql/db	 ; database privileges / user

  data in tables is sorted according to how many not-wild-cards there is
  in the relevant fields. Empty strings comes last.
*/

#include "mysql_priv.h"
#include "hash_filo.h"
#include <m_ctype.h>
#include <stdarg.h>
32 33
#include "sp_head.h"
#include "sp.h"
unknown's avatar
unknown committed
34

35 36 37 38
time_t mysql_db_table_last_check= 0L;

TABLE_FIELD_W_TYPE mysql_db_table_fields[MYSQL_DB_FIELD_COUNT] = {
  {
unknown's avatar
unknown committed
39 40
    { C_STRING_WITH_LEN("Host") },            
    { C_STRING_WITH_LEN("char(60)") },
41 42 43
    {NULL, 0}
  }, 
  {
unknown's avatar
unknown committed
44 45
    { C_STRING_WITH_LEN("Db") },            
    { C_STRING_WITH_LEN("char(64)") },
46 47 48
    {NULL, 0}
  }, 
  {
unknown's avatar
unknown committed
49 50
    { C_STRING_WITH_LEN("User") },
    { C_STRING_WITH_LEN("char(16)") },
51 52 53
    {NULL, 0}
  },
  {
unknown's avatar
unknown committed
54 55 56
    { C_STRING_WITH_LEN("Select_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
57 58
  },
  {
unknown's avatar
unknown committed
59 60 61
    { C_STRING_WITH_LEN("Insert_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
62 63
  },
  {
unknown's avatar
unknown committed
64 65 66
    { C_STRING_WITH_LEN("Update_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
67 68
  },
  {
unknown's avatar
unknown committed
69 70 71
    { C_STRING_WITH_LEN("Delete_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
72 73
  },
  {
unknown's avatar
unknown committed
74 75 76
    { C_STRING_WITH_LEN("Create_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
77 78
  },
  {
unknown's avatar
unknown committed
79 80 81
    { C_STRING_WITH_LEN("Drop_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
82 83
  },
  {
unknown's avatar
unknown committed
84 85 86
    { C_STRING_WITH_LEN("Grant_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
87 88
  },
  {
unknown's avatar
unknown committed
89 90 91
    { C_STRING_WITH_LEN("References_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
92 93
  },
  {
unknown's avatar
unknown committed
94 95 96
    { C_STRING_WITH_LEN("Index_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
97 98
  },
  {
unknown's avatar
unknown committed
99 100 101
    { C_STRING_WITH_LEN("Alter_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
102 103
  },
  {
unknown's avatar
unknown committed
104 105 106
    { C_STRING_WITH_LEN("Create_tmp_table_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
107 108
  },
  {
unknown's avatar
unknown committed
109 110 111
    { C_STRING_WITH_LEN("Lock_tables_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
112 113
  },
  {
unknown's avatar
unknown committed
114 115 116
    { C_STRING_WITH_LEN("Create_view_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
117 118
  },
  {
unknown's avatar
unknown committed
119 120 121
    { C_STRING_WITH_LEN("Show_view_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
122 123
  },
  {
unknown's avatar
unknown committed
124 125 126
    { C_STRING_WITH_LEN("Create_routine_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
127 128
  },
  {
unknown's avatar
unknown committed
129 130 131
    { C_STRING_WITH_LEN("Alter_routine_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
132 133
  },
  {
unknown's avatar
unknown committed
134 135 136
    { C_STRING_WITH_LEN("Execute_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
137 138
  },
  {
unknown's avatar
unknown committed
139 140 141
    { C_STRING_WITH_LEN("Event_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
142 143
  },
  {
unknown's avatar
unknown committed
144 145 146
    { C_STRING_WITH_LEN("Trigger_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
147 148 149 150
  }
};


151 152 153 154
#ifndef NO_EMBEDDED_ACCESS_CHECKS

#define FIRST_NON_YN_FIELD 26

unknown's avatar
unknown committed
155 156 157
class acl_entry :public hash_filo_element
{
public:
unknown's avatar
unknown committed
158
  ulong access;
unknown's avatar
unknown committed
159 160 161 162
  uint16 length;
  char key[1];					// Key will be stored here
};

unknown's avatar
unknown committed
163

unknown's avatar
unknown committed
164 165 166 167 168 169 170
static byte* acl_entry_get_key(acl_entry *entry,uint *length,
			       my_bool not_used __attribute__((unused)))
{
  *length=(uint) entry->length;
  return (byte*) entry->key;
}

unknown's avatar
unknown committed
171
#define IP_ADDR_STRLEN (3+1+3+1+3+1+3)
unknown's avatar
unknown committed
172
#define ACL_KEY_LENGTH (IP_ADDR_STRLEN+1+NAME_LEN+1+USERNAME_LENGTH+1)
unknown's avatar
unknown committed
173 174 175 176 177

static DYNAMIC_ARRAY acl_hosts,acl_users,acl_dbs;
static MEM_ROOT mem, memex;
static bool initialized=0;
static bool allow_all_hosts=1;
178
static HASH acl_check_hosts, column_priv_hash, proc_priv_hash, func_priv_hash;
unknown's avatar
unknown committed
179 180
static DYNAMIC_ARRAY acl_wild_hosts;
static hash_filo *acl_cache;
181
static uint grant_version=0; /* Version of priv tables. incremented by acl_load */
unknown's avatar
unknown committed
182
static ulong get_access(TABLE *form,uint fieldnr, uint *next_field=0);
unknown's avatar
unknown committed
183 184 185
static int acl_compare(ACL_ACCESS *a,ACL_ACCESS *b);
static ulong get_sort(uint count,...);
static void init_check_host(void);
186
static void rebuild_check_host(void);
187 188
static ACL_USER *find_acl_user(const char *host, const char *user,
                               my_bool exact);
189 190
static bool update_user_table(THD *thd, TABLE *table,
                              const char *host, const char *user,
191
			      const char *new_password, uint new_password_len);
unknown's avatar
unknown committed
192
static void update_hostname(acl_host_and_ip *host, const char *hostname);
193
static bool compare_hostname(const acl_host_and_ip *host,const char *hostname,
unknown's avatar
unknown committed
194
			     const char *ip);
195 196
static my_bool acl_load(THD *thd, TABLE_LIST *tables);
static my_bool grant_load(TABLE_LIST *tables);
unknown's avatar
unknown committed
197

198 199 200 201 202 203 204 205 206 207 208 209 210 211
/*
  Convert scrambled password to binary form, according to scramble type, 
  Binary form is stored in user.salt.
*/

static
void
set_user_salt(ACL_USER *acl_user, const char *password, uint password_len)
{
  if (password_len == SCRAMBLED_PASSWORD_CHAR_LENGTH)
  {
    get_salt_from_password(acl_user->salt, password);
    acl_user->salt_len= SCRAMBLE_LENGTH;
  }
212
  else if (password_len == SCRAMBLED_PASSWORD_CHAR_LENGTH_323)
213 214
  {
    get_salt_from_password_323((ulong *) acl_user->salt, password);
215
    acl_user->salt_len= SCRAMBLE_LENGTH_323;
216 217 218 219 220
  }
  else
    acl_user->salt_len= 0;
}

221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238
/*
  This after_update function is used when user.password is less than
  SCRAMBLE_LENGTH bytes.
*/

static void restrict_update_of_old_passwords_var(THD *thd,
                                                 enum_var_type var_type)
{
  if (var_type == OPT_GLOBAL)
  {
    pthread_mutex_lock(&LOCK_global_system_variables);
    global_system_variables.old_passwords= 1;
    pthread_mutex_unlock(&LOCK_global_system_variables);
  }
  else
    thd->variables.old_passwords= 1;
}

239

240
/*
241 242
  Initialize structures responsible for user/db-level privilege checking and
  load privilege information for them from tables in the 'mysql' database.
243 244 245

  SYNOPSIS
    acl_init()
246 247 248 249 250 251
      dont_read_acl_tables  TRUE if we want to skip loading data from
                            privilege tables and disable privilege checking.

  NOTES
    This function is mostly responsible for preparatory steps, main work
    on initialization and grants loading is done in acl_reload().
252 253 254 255 256 257

  RETURN VALUES
    0	ok
    1	Could not initialize grant's
*/

258
my_bool acl_init(bool dont_read_acl_tables)
unknown's avatar
unknown committed
259
{
unknown's avatar
unknown committed
260
  THD  *thd;
261
  my_bool return_val;
unknown's avatar
unknown committed
262 263
  DBUG_ENTER("acl_init");

264 265
  acl_cache= new hash_filo(ACL_CACHE_SIZE, 0, 0,
                           (hash_get_key) acl_entry_get_key,
266
                           (hash_free_key) free,
267 268
                           lower_case_file_system ?
                           system_charset_info : &my_charset_bin);
unknown's avatar
unknown committed
269
  if (dont_read_acl_tables)
270
  {
unknown's avatar
unknown committed
271
    DBUG_RETURN(0); /* purecov: tested */
unknown's avatar
unknown committed
272 273
  }

274 275 276
  /*
    To be able to run this from boot, we allocate a temporary THD
  */
unknown's avatar
unknown committed
277 278
  if (!(thd=new THD))
    DBUG_RETURN(1); /* purecov: inspected */
279
  thd->thread_stack= (char*) &thd;
280
  thd->store_globals();
281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314
  /*
    It is safe to call acl_reload() since acl_* arrays and hashes which
    will be freed there are global static objects and thus are initialized
    by zeros at startup.
  */
  return_val= acl_reload(thd);
  delete thd;
  /* Remember that we don't have a THD */
  my_pthread_setspecific_ptr(THR_THD,  0);
  DBUG_RETURN(return_val);
}


/*
  Initialize structures responsible for user/db-level privilege checking
  and load information about grants from open privilege tables.

  SYNOPSIS
    acl_load()
      thd     Current thread
      tables  List containing open "mysql.host", "mysql.user" and
              "mysql.db" tables.

  RETURN VALUES
    FALSE  Success
    TRUE   Error
*/

static my_bool acl_load(THD *thd, TABLE_LIST *tables)
{
  TABLE *table;
  READ_RECORD read_record_info;
  my_bool return_val= 1;
  bool check_no_resolve= specialflag & SPECIAL_NO_RESOLVE;
unknown's avatar
unknown committed
315
  char tmp_name[NAME_LEN+1];
316
  int password_length;
317 318
  DBUG_ENTER("acl_load");

319
  grant_version++; /* Privileges updated */
320

unknown's avatar
unknown committed
321 322
  acl_cache->clear(1);				// Clear locked hostname cache

323
  init_sql_alloc(&mem, ACL_ALLOC_BLOCK_SIZE, 0);
unknown's avatar
unknown committed
324
  init_read_record(&read_record_info,thd,table= tables[0].table,NULL,1,0);
325
  table->use_all_columns();
326
  VOID(my_init_dynamic_array(&acl_hosts,sizeof(ACL_HOST),20,50));
unknown's avatar
unknown committed
327 328 329
  while (!(read_record_info.read_record(&read_record_info)))
  {
    ACL_HOST host;
330 331
    update_hostname(&host.host,get_field(&mem, table->field[0]));
    host.db=	 get_field(&mem, table->field[1]);
332
    if (lower_case_table_names && host.db)
333 334
    {
      /*
335 336
        convert db to lower case and give a warning if the db wasn't
        already in lower case
337
      */
338 339
      (void) strmov(tmp_name, host.db);
      my_casedn_str(files_charset_info, host.db);
340 341 342
      if (strcmp(host.db, tmp_name) != 0)
        sql_print_warning("'host' entry '%s|%s' had database in mixed "
                          "case that has been forced to lowercase because "
343 344
                          "lower_case_table_names is set. It will not be "
                          "possible to remove this privilege using REVOKE.",
345 346
                          host.host.hostname ? host.host.hostname : "",
                          host.db ? host.db : "");
347
    }
unknown's avatar
unknown committed
348 349
    host.access= get_access(table,2);
    host.access= fix_rights_for_db(host.access);
350
    host.sort=	 get_sort(2,host.host.hostname,host.db);
unknown's avatar
SCRUM  
unknown committed
351 352
    if (check_no_resolve && hostname_requires_resolving(host.host.hostname))
    {
unknown's avatar
unknown committed
353
      sql_print_warning("'host' entry '%s|%s' "
unknown's avatar
SCRUM  
unknown committed
354
		      "ignored in --skip-name-resolve mode.",
355 356
			host.host.hostname ? host.host.hostname : "",
			host.db ? host.db : "");
unknown's avatar
SCRUM  
unknown committed
357 358
      continue;
    }
unknown's avatar
unknown committed
359
#ifndef TO_BE_REMOVED
360
    if (table->s->fields == 8)
unknown's avatar
unknown committed
361 362
    {						// Without grant
      if (host.access & CREATE_ACL)
363
	host.access|=REFERENCES_ACL | INDEX_ACL | ALTER_ACL | CREATE_TMP_ACL;
unknown's avatar
unknown committed
364 365 366 367 368 369 370 371 372 373
    }
#endif
    VOID(push_dynamic(&acl_hosts,(gptr) &host));
  }
  qsort((gptr) dynamic_element(&acl_hosts,0,ACL_HOST*),acl_hosts.elements,
	sizeof(ACL_HOST),(qsort_cmp) acl_compare);
  end_read_record(&read_record_info);
  freeze_size(&acl_hosts);

  init_read_record(&read_record_info,thd,table=tables[1].table,NULL,1,0);
374
  table->use_all_columns();
375
  VOID(my_init_dynamic_array(&acl_users,sizeof(ACL_USER),50,100));
376 377 378
  password_length= table->field[2]->field_length /
    table->field[2]->charset()->mbmaxlen;
  if (password_length < SCRAMBLED_PASSWORD_CHAR_LENGTH_323)
unknown's avatar
unknown committed
379
  {
380 381 382
    sql_print_error("Fatal error: mysql.user table is damaged or in "
                    "unsupported 3.20 format.");
    goto end;
unknown's avatar
unknown committed
383 384
  }

385
  DBUG_PRINT("info",("user table fields: %d, password length: %d",
386
		     table->s->fields, password_length));
387

388
  pthread_mutex_lock(&LOCK_global_system_variables);
389
  if (password_length < SCRAMBLED_PASSWORD_CHAR_LENGTH)
390
  {
391 392 393 394 395 396 397 398 399 400 401 402 403 404
    if (opt_secure_auth)
    {
      pthread_mutex_unlock(&LOCK_global_system_variables);
      sql_print_error("Fatal error: mysql.user table is in old format, "
                      "but server started with --secure-auth option.");
      goto end;
    }
    sys_old_passwords.after_update= restrict_update_of_old_passwords_var;
    if (global_system_variables.old_passwords)
      pthread_mutex_unlock(&LOCK_global_system_variables);
    else
    {
      global_system_variables.old_passwords= 1;
      pthread_mutex_unlock(&LOCK_global_system_variables);
405 406 407
      sql_print_warning("mysql.user table is not updated to new password format; "
                        "Disabling new password usage until "
                        "mysql_fix_privilege_tables is run");
408 409 410 411
    }
    thd->variables.old_passwords= 1;
  }
  else
412
  {
413 414
    sys_old_passwords.after_update= 0;
    pthread_mutex_unlock(&LOCK_global_system_variables);
415 416
  }

unknown's avatar
unknown committed
417 418 419 420
  allow_all_hosts=0;
  while (!(read_record_info.read_record(&read_record_info)))
  {
    ACL_USER user;
421 422
    update_hostname(&user.host, get_field(&mem, table->field[0]));
    user.user= get_field(&mem, table->field[1]);
unknown's avatar
SCRUM  
unknown committed
423 424
    if (check_no_resolve && hostname_requires_resolving(user.host.hostname))
    {
unknown's avatar
unknown committed
425 426
      sql_print_warning("'user' entry '%s@%s' "
                        "ignored in --skip-name-resolve mode.",
427 428
			user.user ? user.user : "",
			user.host.hostname ? user.host.hostname : "");
unknown's avatar
SCRUM  
unknown committed
429 430 431
      continue;
    }

432 433 434 435
    const char *password= get_field(&mem, table->field[2]);
    uint password_len= password ? strlen(password) : 0;
    set_user_salt(&user, password, password_len);
    if (user.salt_len == 0 && password_len != 0)
unknown's avatar
unknown committed
436
    {
437 438
      switch (password_len) {
      case 45: /* 4.1: to be removed */
unknown's avatar
unknown committed
439 440 441 442 443
        sql_print_warning("Found 4.1 style password for user '%s@%s'. "
                          "Ignoring user. "
                          "You should change password for this user.",
                          user.user ? user.user : "",
                          user.host.hostname ? user.host.hostname : "");
444 445
        break;
      default:
unknown's avatar
unknown committed
446 447 448
        sql_print_warning("Found invalid password for user: '%s@%s'; "
                          "Ignoring user", user.user ? user.user : "",
                           user.host.hostname ? user.host.hostname : "");
449 450
        break;
      }
unknown's avatar
unknown committed
451
    }
452
    else                                        // password is correct
unknown's avatar
unknown committed
453
    {
unknown's avatar
unknown committed
454 455
      uint next_field;
      user.access= get_access(table,3,&next_field) & GLOBAL_ACLS;
456 457 458 459
      /*
        if it is pre 5.0.1 privilege table then map CREATE privilege on
        CREATE VIEW & SHOW VIEW privileges
      */
460
      if (table->s->fields <= 31 && (user.access & CREATE_ACL))
461
        user.access|= (CREATE_VIEW_ACL | SHOW_VIEW_ACL);
462 463 464 465 466

      /*
        if it is pre 5.0.2 privilege table then map CREATE/ALTER privilege on
        CREATE PROCEDURE & ALTER PROCEDURE privileges
      */
467
      if (table->s->fields <= 33 && (user.access & CREATE_ACL))
468
        user.access|= CREATE_PROC_ACL;
469
      if (table->s->fields <= 33 && (user.access & ALTER_ACL))
470 471
        user.access|= ALTER_PROC_ACL;

472 473 474 475 476 477
      /*
        pre 5.0.3 did not have CREATE_USER_ACL
      */
      if (table->s->fields <= 36 && (user.access & GRANT_ACL))
        user.access|= CREATE_USER_ACL;

unknown's avatar
unknown committed
478 479

      /*
unknown's avatar
unknown committed
480
        if it is pre 5.1.6 privilege table then map CREATE privilege on
unknown's avatar
unknown committed
481 482
        CREATE|ALTER|DROP|EXECUTE EVENT
      */
unknown's avatar
unknown committed
483
      if (table->s->fields <= 37 && (user.access & SUPER_ACL))
unknown's avatar
unknown committed
484 485
        user.access|= EVENT_ACL;

486 487 488 489 490 491
      /*
        if it is pre 5.1.6 privilege then map TRIGGER privilege on CREATE.
      */
      if (table->s->fields <= 38 && (user.access & SUPER_ACL))
        user.access|= TRIGGER_ACL;

492 493 494
      user.sort= get_sort(2,user.host.hostname,user.user);
      user.hostname_length= (user.host.hostname ?
                             (uint) strlen(user.host.hostname) : 0);
unknown's avatar
VIEW  
unknown committed
495

496 497
      /* Starting from 4.0.2 we have more fields */
      if (table->s->fields >= 31)
498
      {
unknown's avatar
unknown committed
499
        char *ssl_type=get_field(&mem, table->field[next_field++]);
500 501 502 503 504 505 506 507 508
        if (!ssl_type)
          user.ssl_type=SSL_TYPE_NONE;
        else if (!strcmp(ssl_type, "ANY"))
          user.ssl_type=SSL_TYPE_ANY;
        else if (!strcmp(ssl_type, "X509"))
          user.ssl_type=SSL_TYPE_X509;
        else  /* !strcmp(ssl_type, "SPECIFIED") */
          user.ssl_type=SSL_TYPE_SPECIFIED;

unknown's avatar
unknown committed
509 510 511
        user.ssl_cipher=   get_field(&mem, table->field[next_field++]);
        user.x509_issuer=  get_field(&mem, table->field[next_field++]);
        user.x509_subject= get_field(&mem, table->field[next_field++]);
512

unknown's avatar
unknown committed
513 514 515 516 517
        char *ptr = get_field(&mem, table->field[next_field++]);
        user.user_resource.questions=ptr ? atoi(ptr) : 0;
        ptr = get_field(&mem, table->field[next_field++]);
        user.user_resource.updates=ptr ? atoi(ptr) : 0;
        ptr = get_field(&mem, table->field[next_field++]);
518
        user.user_resource.conn_per_hour= ptr ? atoi(ptr) : 0;
519
        if (user.user_resource.questions || user.user_resource.updates ||
520
            user.user_resource.conn_per_hour)
521
          mqh_used=1;
522

523
        if (table->s->fields >= 36)
524 525 526 527 528 529 530
        {
          /* Starting from 5.0.3 we have max_user_connections field */
          ptr= get_field(&mem, table->field[next_field++]);
          user.user_resource.user_conn= ptr ? atoi(ptr) : 0;
        }
        else
          user.user_resource.user_conn= 0;
531
      }
532 533 534
      else
      {
        user.ssl_type=SSL_TYPE_NONE;
535
        bzero((char *)&(user.user_resource),sizeof(user.user_resource));
unknown's avatar
unknown committed
536
#ifndef TO_BE_REMOVED
537
        if (table->s->fields <= 13)
538 539 540 541 542 543 544 545 546 547
        {						// Without grant
          if (user.access & CREATE_ACL)
            user.access|=REFERENCES_ACL | INDEX_ACL | ALTER_ACL;
        }
        /* Convert old privileges */
        user.access|= LOCK_TABLES_ACL | CREATE_TMP_ACL | SHOW_DB_ACL;
        if (user.access & FILE_ACL)
          user.access|= REPL_CLIENT_ACL | REPL_SLAVE_ACL;
        if (user.access & PROCESS_ACL)
          user.access|= SUPER_ACL | EXECUTE_ACL;
unknown's avatar
unknown committed
548
#endif
549 550
      }
      VOID(push_dynamic(&acl_users,(gptr) &user));
551 552
      if (!user.host.hostname ||
	  (user.host.hostname[0] == wild_many && !user.host.hostname[1]))
553
        allow_all_hosts=1;			// Anyone can connect
unknown's avatar
unknown committed
554
    }
unknown's avatar
unknown committed
555 556 557 558 559
  }
  qsort((gptr) dynamic_element(&acl_users,0,ACL_USER*),acl_users.elements,
	sizeof(ACL_USER),(qsort_cmp) acl_compare);
  end_read_record(&read_record_info);
  freeze_size(&acl_users);
unknown's avatar
unknown committed
560

unknown's avatar
unknown committed
561
  init_read_record(&read_record_info,thd,table=tables[2].table,NULL,1,0);
562
  table->use_all_columns();
563
  VOID(my_init_dynamic_array(&acl_dbs,sizeof(ACL_DB),50,100));
unknown's avatar
unknown committed
564 565 566
  while (!(read_record_info.read_record(&read_record_info)))
  {
    ACL_DB db;
567 568
    update_hostname(&db.host,get_field(&mem, table->field[MYSQL_DB_FIELD_HOST]));
    db.db=get_field(&mem, table->field[MYSQL_DB_FIELD_DB]);
569 570
    if (!db.db)
    {
unknown's avatar
unknown committed
571
      sql_print_warning("Found an entry in the 'db' table with empty database name; Skipped");
572
      continue;
573
    }
574
    db.user=get_field(&mem, table->field[MYSQL_DB_FIELD_USER]);
unknown's avatar
SCRUM  
unknown committed
575 576
    if (check_no_resolve && hostname_requires_resolving(db.host.hostname))
    {
unknown's avatar
unknown committed
577 578
      sql_print_warning("'db' entry '%s %s@%s' "
		        "ignored in --skip-name-resolve mode.",
579 580 581
		        db.db,
			db.user ? db.user : "",
			db.host.hostname ? db.host.hostname : "");
unknown's avatar
SCRUM  
unknown committed
582 583
      continue;
    }
unknown's avatar
unknown committed
584 585
    db.access=get_access(table,3);
    db.access=fix_rights_for_db(db.access);
586 587 588
    if (lower_case_table_names)
    {
      /*
589 590
        convert db to lower case and give a warning if the db wasn't
        already in lower case
591 592
      */
      (void)strmov(tmp_name, db.db);
593
      my_casedn_str(files_charset_info, db.db);
594 595 596 597
      if (strcmp(db.db, tmp_name) != 0)
      {
        sql_print_warning("'db' entry '%s %s@%s' had database in mixed "
                          "case that has been forced to lowercase because "
598 599
                          "lower_case_table_names is set. It will not be "
                          "possible to remove this privilege using REVOKE.",
600 601 602
		          db.db,
			  db.user ? db.user : "",
			  db.host.hostname ? db.host.hostname : "");
603 604
      }
    }
unknown's avatar
unknown committed
605 606
    db.sort=get_sort(3,db.host.hostname,db.db,db.user);
#ifndef TO_BE_REMOVED
607
    if (table->s->fields <=  9)
unknown's avatar
unknown committed
608 609 610 611 612 613 614 615 616 617 618 619 620
    {						// Without grant
      if (db.access & CREATE_ACL)
	db.access|=REFERENCES_ACL | INDEX_ACL | ALTER_ACL;
    }
#endif
    VOID(push_dynamic(&acl_dbs,(gptr) &db));
  }
  qsort((gptr) dynamic_element(&acl_dbs,0,ACL_DB*),acl_dbs.elements,
	sizeof(ACL_DB),(qsort_cmp) acl_compare);
  end_read_record(&read_record_info);
  freeze_size(&acl_dbs);
  init_check_host();

621 622 623 624 625
  initialized=1;
  return_val=0;

end:
  DBUG_RETURN(return_val);
unknown's avatar
unknown committed
626 627 628 629 630
}


void acl_free(bool end)
{
631
  free_root(&mem,MYF(0));
unknown's avatar
unknown committed
632 633 634 635 636 637 638 639 640 641 642 643 644 645
  delete_dynamic(&acl_hosts);
  delete_dynamic(&acl_users);
  delete_dynamic(&acl_dbs);
  delete_dynamic(&acl_wild_hosts);
  hash_free(&acl_check_hosts);
  if (!end)
    acl_cache->clear(1); /* purecov: inspected */
  else
  {
    delete acl_cache;
    acl_cache=0;
  }
}

646 647

/*
648 649
  Forget current user/db-level privileges and read new privileges
  from the privilege tables.
650 651 652

  SYNOPSIS
    acl_reload()
653 654 655 656 657 658 659 660 661 662 663
      thd  Current thread

  NOTE
    All tables of calling thread which were open and locked by LOCK TABLES
    statement will be unlocked and closed.
    This function is also used for initialization of structures responsible
    for user/db-level privilege checking.

  RETURN VALUE
    FALSE  Success
    TRUE   Failure
664
*/
unknown's avatar
unknown committed
665

666
my_bool acl_reload(THD *thd)
unknown's avatar
unknown committed
667
{
668
  TABLE_LIST tables[3];
unknown's avatar
unknown committed
669 670 671
  DYNAMIC_ARRAY old_acl_hosts,old_acl_users,old_acl_dbs;
  MEM_ROOT old_mem;
  bool old_initialized;
672
  my_bool return_val= 1;
unknown's avatar
unknown committed
673 674
  DBUG_ENTER("acl_reload");

675
  if (thd->locked_tables)
unknown's avatar
unknown committed
676
  {					// Can't have locked tables here
677 678 679
    thd->lock=thd->locked_tables;
    thd->locked_tables=0;
    close_thread_tables(thd);
unknown's avatar
unknown committed
680
  }
681 682 683 684 685 686

  /*
    To avoid deadlocks we should obtain table locks before
    obtaining acl_cache->lock mutex.
  */
  bzero((char*) tables, sizeof(tables));
687 688 689 690 691 692
  tables[0].alias= tables[0].table_name= (char*) "host";
  tables[1].alias= tables[1].table_name= (char*) "user";
  tables[2].alias= tables[2].table_name= (char*) "db";
  tables[0].db=tables[1].db=tables[2].db=(char*) "mysql";
  tables[0].next_local= tables[0].next_global= tables+1;
  tables[1].next_local= tables[1].next_global= tables+2;
693 694 695 696 697 698 699 700 701
  tables[0].lock_type=tables[1].lock_type=tables[2].lock_type=TL_READ;

  if (simple_open_n_lock_tables(thd, tables))
  {
    sql_print_error("Fatal error: Can't open and lock privilege tables: %s",
		    thd->net.last_error);
    goto end;
  }

unknown's avatar
unknown committed
702 703 704 705 706 707 708 709 710 711
  if ((old_initialized=initialized))
    VOID(pthread_mutex_lock(&acl_cache->lock));

  old_acl_hosts=acl_hosts;
  old_acl_users=acl_users;
  old_acl_dbs=acl_dbs;
  old_mem=mem;
  delete_dynamic(&acl_wild_hosts);
  hash_free(&acl_check_hosts);

712
  if ((return_val= acl_load(thd, tables)))
unknown's avatar
unknown committed
713
  {					// Error. Revert to old list
714
    DBUG_PRINT("error",("Reverting to old privileges"));
715
    acl_free();				/* purecov: inspected */
unknown's avatar
unknown committed
716 717 718 719 720 721 722 723
    acl_hosts=old_acl_hosts;
    acl_users=old_acl_users;
    acl_dbs=old_acl_dbs;
    mem=old_mem;
    init_check_host();
  }
  else
  {
724
    free_root(&old_mem,MYF(0));
unknown's avatar
unknown committed
725 726 727 728 729 730
    delete_dynamic(&old_acl_hosts);
    delete_dynamic(&old_acl_users);
    delete_dynamic(&old_acl_dbs);
  }
  if (old_initialized)
    VOID(pthread_mutex_unlock(&acl_cache->lock));
731 732 733
end:
  close_thread_tables(thd);
  DBUG_RETURN(return_val);
unknown's avatar
unknown committed
734 735 736
}


unknown's avatar
unknown committed
737 738
/*
  Get all access bits from table after fieldnr
unknown's avatar
unknown committed
739 740

  IMPLEMENTATION
unknown's avatar
unknown committed
741 742
  We know that the access privileges ends when there is no more fields
  or the field is not an enum with two elements.
unknown's avatar
unknown committed
743 744 745 746 747 748 749 750 751 752 753

  SYNOPSIS
    get_access()
    form        an open table to read privileges from.
                The record should be already read in table->record[0]
    fieldnr     number of the first privilege (that is ENUM('N','Y') field
    next_field  on return - number of the field next to the last ENUM
                (unless next_field == 0)

  RETURN VALUE
    privilege mask
unknown's avatar
unknown committed
754
*/
unknown's avatar
unknown committed
755

unknown's avatar
unknown committed
756
static ulong get_access(TABLE *form, uint fieldnr, uint *next_field)
unknown's avatar
unknown committed
757
{
unknown's avatar
unknown committed
758
  ulong access_bits=0,bit;
unknown's avatar
unknown committed
759
  char buff[2];
unknown's avatar
unknown committed
760
  String res(buff,sizeof(buff),&my_charset_latin1);
unknown's avatar
unknown committed
761 762
  Field **pos;

unknown's avatar
unknown committed
763 764 765
  for (pos=form->field+fieldnr, bit=1;
       *pos && (*pos)->real_type() == FIELD_TYPE_ENUM &&
	 ((Field_enum*) (*pos))->typelib->count == 2 ;
unknown's avatar
unknown committed
766
       pos++, fieldnr++, bit<<=1)
unknown's avatar
unknown committed
767
  {
768
    (*pos)->val_str(&res);
unknown's avatar
unknown committed
769
    if (my_toupper(&my_charset_latin1, res[0]) == 'Y')
unknown's avatar
unknown committed
770
      access_bits|= bit;
unknown's avatar
unknown committed
771
  }
unknown's avatar
unknown committed
772 773
  if (next_field)
    *next_field=fieldnr;
unknown's avatar
unknown committed
774 775 776 777 778
  return access_bits;
}


/*
unknown's avatar
unknown committed
779 780 781 782 783
  Return a number which, if sorted 'desc', puts strings in this order:
    no wildcards
    wildcards
    empty string
*/
unknown's avatar
unknown committed
784 785 786 787 788 789 790

static ulong get_sort(uint count,...)
{
  va_list args;
  va_start(args,count);
  ulong sort=0;

791 792 793
  /* Should not use this function with more than 4 arguments for compare. */
  DBUG_ASSERT(count <= 4);

unknown's avatar
unknown committed
794 795
  while (count--)
  {
796 797 798
    char *start, *str= va_arg(args,char*);
    uint chars= 0;
    uint wild_pos= 0;           /* first wildcard position */
unknown's avatar
unknown committed
799

unknown's avatar
unknown committed
800
    if ((start= str))
unknown's avatar
unknown committed
801 802 803 804
    {
      for (; *str ; str++)
      {
	if (*str == wild_many || *str == wild_one || *str == wild_prefix)
805
        {
unknown's avatar
unknown committed
806
          wild_pos= (uint) (str - start) + 1;
807 808
          break;
        }
unknown's avatar
unknown committed
809
        chars= 128;                             // Marker that chars existed
unknown's avatar
unknown committed
810 811
      }
    }
unknown's avatar
unknown committed
812
    sort= (sort << 8) + (wild_pos ? min(wild_pos, 127) : chars);
unknown's avatar
unknown committed
813 814 815 816 817 818 819 820 821 822 823 824 825 826 827
  }
  va_end(args);
  return sort;
}


static int acl_compare(ACL_ACCESS *a,ACL_ACCESS *b)
{
  if (a->sort > b->sort)
    return -1;
  if (a->sort < b->sort)
    return 1;
  return 0;
}

828

829
/*
unknown's avatar
unknown committed
830 831
  Seek ACL entry for a user, check password, SSL cypher, and if
  everything is OK, update THD user data and USER_RESOURCES struct.
832

unknown's avatar
unknown committed
833 834 835 836
  IMPLEMENTATION
   This function does not check if the user has any sensible privileges:
   only user's existence and  validity is checked.
   Note, that entire operation is protected by acl_cache_lock.
unknown's avatar
unknown committed
837

838
  SYNOPSIS
839 840
    acl_getroot()
    thd         thread handle. If all checks are OK,
841 842
                thd->security_ctx->priv_user/master_access are updated.
                thd->security_ctx->host/ip/user are used for checks.
843 844
    mqh         user resources; on success mqh is reset, else
                unchanged
845
    passwd      scrambled & crypted password, received from client
846 847 848 849 850 851 852
                (to check): thd->scramble or thd->scramble_323 is
                used to decrypt passwd, so they must contain
                original random string,
    passwd_len  length of passwd, must be one of 0, 8,
                SCRAMBLE_LENGTH_323, SCRAMBLE_LENGTH
    'thd' and 'mqh' are updated on success; other params are IN.
  
unknown's avatar
unknown committed
853
  RETURN VALUE
854 855
    0  success: thd->priv_user, thd->priv_host, thd->master_access, mqh are
       updated
856
    1  user not found or authentication failure
unknown's avatar
unknown committed
857
    2  user found, has long (4.1.1) salt, but passwd is in old (3.23) format.
858
   -1  user found, has short (3.23) salt, but passwd is in new (4.1.1) format.
unknown's avatar
unknown committed
859 860
*/

861 862
int acl_getroot(THD *thd, USER_RESOURCES  *mqh,
                const char *passwd, uint passwd_len)
unknown's avatar
unknown committed
863
{
unknown's avatar
merge  
unknown committed
864 865 866
  ulong user_access= NO_ACCESS;
  int res= 1;
  ACL_USER *acl_user= 0;
867
  Security_context *sctx= thd->security_ctx;
868
  DBUG_ENTER("acl_getroot");
unknown's avatar
unknown committed
869 870

  if (!initialized)
871
  {
872 873 874
    /* 
      here if mysqld's been started with --skip-grant-tables option.
    */
875
    sctx->skip_grants();
unknown's avatar
merge  
unknown committed
876
    bzero((char*) mqh, sizeof(*mqh));
877
    DBUG_RETURN(0);
878
  }
879

unknown's avatar
unknown committed
880
  VOID(pthread_mutex_lock(&acl_cache->lock));
unknown's avatar
unknown committed
881

unknown's avatar
unknown committed
882
  /*
883 884 885
    Find acl entry in user database. Note, that find_acl_user is not the same,
    because it doesn't take into account the case when user is not empty,
    but acl_user->user is empty
unknown's avatar
unknown committed
886
  */
unknown's avatar
unknown committed
887

888
  for (uint i=0 ; i < acl_users.elements ; i++)
889
  {
unknown's avatar
unknown committed
890
    ACL_USER *acl_user_tmp= dynamic_element(&acl_users,i,ACL_USER*);
891
    if (!acl_user_tmp->user || !strcmp(sctx->user, acl_user_tmp->user))
unknown's avatar
unknown committed
892
    {
893
      if (compare_hostname(&acl_user_tmp->host, sctx->host, sctx->ip))
unknown's avatar
unknown committed
894
      {
895
        /* check password: it should be empty or valid */
unknown's avatar
unknown committed
896
        if (passwd_len == acl_user_tmp->salt_len)
unknown's avatar
unknown committed
897
        {
unknown's avatar
unknown committed
898
          if (acl_user_tmp->salt_len == 0 ||
unknown's avatar
unknown committed
899 900
              (acl_user_tmp->salt_len == SCRAMBLE_LENGTH ?
              check_scramble(passwd, thd->scramble, acl_user_tmp->salt) :
901
              check_scramble_323(passwd, thd->scramble,
unknown's avatar
unknown committed
902
                                 (ulong *) acl_user_tmp->salt)) == 0)
903
          {
unknown's avatar
unknown committed
904
            acl_user= acl_user_tmp;
905 906
            res= 0;
          }
unknown's avatar
unknown committed
907
        }
908
        else if (passwd_len == SCRAMBLE_LENGTH &&
unknown's avatar
unknown committed
909
                 acl_user_tmp->salt_len == SCRAMBLE_LENGTH_323)
910
          res= -1;
unknown's avatar
unknown committed
911
        else if (passwd_len == SCRAMBLE_LENGTH_323 &&
unknown's avatar
unknown committed
912
                 acl_user_tmp->salt_len == SCRAMBLE_LENGTH)
unknown's avatar
unknown committed
913
          res= 2;
914 915
        /* linear search complete: */
        break;
unknown's avatar
unknown committed
916
      }
unknown's avatar
unknown committed
917
    }
918
  }
919 920 921 922
  /*
    This was moved to separate tree because of heavy HAVE_OPENSSL case.
    If acl_user is not null, res is 0.
  */
unknown's avatar
unknown committed
923 924 925

  if (acl_user)
  {
926
    /* OK. User found and password checked continue validation */
927
#ifdef HAVE_OPENSSL
unknown's avatar
unknown committed
928
    Vio *vio=thd->net.vio;
unknown's avatar
unknown committed
929
    SSL *ssl= (SSL*) vio->ssl_arg;
930
#endif
unknown's avatar
merge  
unknown committed
931

932
    /*
unknown's avatar
unknown committed
933
      At this point we know that user is allowed to connect
934 935 936 937 938 939
      from given host by given username/password pair. Now
      we check if SSL is required, if user is using SSL and
      if X509 certificate attributes are OK
    */
    switch (acl_user->ssl_type) {
    case SSL_TYPE_NOT_SPECIFIED:		// Impossible
unknown's avatar
merge  
unknown committed
940 941
    case SSL_TYPE_NONE:				// SSL is not required
      user_access= acl_user->access;
942
      break;
943
#ifdef HAVE_OPENSSL
unknown's avatar
merge  
unknown committed
944
    case SSL_TYPE_ANY:				// Any kind of SSL is ok
945
      if (vio_type(vio) == VIO_TYPE_SSL)
unknown's avatar
merge  
unknown committed
946
	user_access= acl_user->access;
947 948 949 950 951
      break;
    case SSL_TYPE_X509: /* Client should have any valid certificate. */
      /*
	Connections with non-valid certificates are dropped already
	in sslaccept() anyway, so we do not check validity here.
unknown's avatar
merge  
unknown committed
952

unknown's avatar
unknown committed
953 954
	We need to check for absence of SSL because without SSL
	we should reject connection.
955
      */
unknown's avatar
unknown committed
956
      if (vio_type(vio) == VIO_TYPE_SSL &&
unknown's avatar
unknown committed
957 958
	  SSL_get_verify_result(ssl) == X509_V_OK &&
	  SSL_get_peer_certificate(ssl))
unknown's avatar
merge  
unknown committed
959
	user_access= acl_user->access;
960 961 962 963 964 965 966 967
      break;
    case SSL_TYPE_SPECIFIED: /* Client should have specified attrib */
      /*
	We do not check for absence of SSL because without SSL it does
	not pass all checks here anyway.
	If cipher name is specified, we compare it to actual cipher in
	use.
      */
unknown's avatar
unknown committed
968
      X509 *cert;
unknown's avatar
unknown committed
969
      if (vio_type(vio) != VIO_TYPE_SSL ||
unknown's avatar
unknown committed
970
	  SSL_get_verify_result(ssl) != X509_V_OK)
unknown's avatar
unknown committed
971
	break;
972
      if (acl_user->ssl_cipher)
unknown's avatar
unknown committed
973
      {
974
	DBUG_PRINT("info",("comparing ciphers: '%s' and '%s'",
unknown's avatar
unknown committed
975 976
			   acl_user->ssl_cipher,SSL_get_cipher(ssl)));
	if (!strcmp(acl_user->ssl_cipher,SSL_get_cipher(ssl)))
unknown's avatar
merge  
unknown committed
977
	  user_access= acl_user->access;
978 979
	else
	{
unknown's avatar
unknown committed
980
	  if (global_system_variables.log_warnings)
unknown's avatar
unknown committed
981 982 983
	    sql_print_information("X509 ciphers mismatch: should be '%s' but is '%s'",
			      acl_user->ssl_cipher,
			      SSL_get_cipher(ssl));
984 985
	  break;
	}
unknown's avatar
unknown committed
986
      }
987 988
      /* Prepare certificate (if exists) */
      DBUG_PRINT("info",("checkpoint 1"));
unknown's avatar
unknown committed
989 990 991 992 993
      if (!(cert= SSL_get_peer_certificate(ssl)))
      {
	user_access=NO_ACCESS;
	break;
      }
994
      DBUG_PRINT("info",("checkpoint 2"));
995
      /* If X509 issuer is specified, we check it... */
996
      if (acl_user->x509_issuer)
unknown's avatar
unknown committed
997
      {
unknown's avatar
unknown committed
998
        DBUG_PRINT("info",("checkpoint 3"));
unknown's avatar
unknown committed
999 1000
        char *ptr = X509_NAME_oneline(X509_get_issuer_name(cert), 0, 0);
        DBUG_PRINT("info",("comparing issuers: '%s' and '%s'",
1001
			   acl_user->x509_issuer, ptr));
unknown's avatar
unknown committed
1002
        if (strcmp(acl_user->x509_issuer, ptr))
1003
        {
unknown's avatar
unknown committed
1004
          if (global_system_variables.log_warnings)
unknown's avatar
unknown committed
1005 1006
            sql_print_information("X509 issuer mismatch: should be '%s' "
			      "but is '%s'", acl_user->x509_issuer, ptr);
1007
          free(ptr);
1008
          user_access=NO_ACCESS;
unknown's avatar
unknown committed
1009
          break;
1010
        }
unknown's avatar
merge  
unknown committed
1011
        user_access= acl_user->access;
unknown's avatar
unknown committed
1012
        free(ptr);
unknown's avatar
unknown committed
1013
      }
1014 1015 1016 1017
      DBUG_PRINT("info",("checkpoint 4"));
      /* X509 subject is specified, we check it .. */
      if (acl_user->x509_subject)
      {
unknown's avatar
unknown committed
1018 1019 1020 1021
        char *ptr= X509_NAME_oneline(X509_get_subject_name(cert), 0, 0);
        DBUG_PRINT("info",("comparing subjects: '%s' and '%s'",
                           acl_user->x509_subject, ptr));
        if (strcmp(acl_user->x509_subject,ptr))
1022
        {
unknown's avatar
unknown committed
1023
          if (global_system_variables.log_warnings)
1024
            sql_print_information("X509 subject mismatch: should be '%s' but is '%s'",
unknown's avatar
unknown committed
1025
                            acl_user->x509_subject, ptr);
1026 1027 1028
          free(ptr);
          user_access=NO_ACCESS;
          break;
1029
        }
1030
        user_access= acl_user->access;
unknown's avatar
unknown committed
1031
        free(ptr);
1032 1033
      }
      break;
unknown's avatar
unknown committed
1034
#else  /* HAVE_OPENSSL */
unknown's avatar
unknown committed
1035
    default:
1036
      /*
unknown's avatar
unknown committed
1037 1038 1039
        If we don't have SSL but SSL is required for this user the 
        authentication should fail.
      */
1040 1041
      break;
#endif /* HAVE_OPENSSL */
unknown's avatar
unknown committed
1042
    }
1043 1044
    sctx->master_access= user_access;
    sctx->priv_user= acl_user->user ? sctx->user : (char *) "";
1045
    *mqh= acl_user->user_resource;
1046

1047
    if (acl_user->host.hostname)
1048
      strmake(sctx->priv_host, acl_user->host.hostname, MAX_HOSTNAME);
1049
    else
1050
      *sctx->priv_host= 0;
1051
  }
unknown's avatar
unknown committed
1052
  VOID(pthread_mutex_unlock(&acl_cache->lock));
1053
  DBUG_RETURN(res);
unknown's avatar
unknown committed
1054 1055 1056
}


1057
/*
1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075
  This is like acl_getroot() above, but it doesn't check password,
  and we don't care about the user resources.

  SYNOPSIS
    acl_getroot_no_password()
      sctx               Context which should be initialized
      user               user name
      host               host name
      ip                 IP
      db                 current data base name

  RETURN
    FALSE  OK
    TRUE   Error
*/

bool acl_getroot_no_password(Security_context *sctx, char *user, char *host,
                             char *ip, char *db)
1076 1077
{
  int res= 1;
1078
  uint i;
1079 1080 1081
  ACL_USER *acl_user= 0;
  DBUG_ENTER("acl_getroot_no_password");

1082 1083
  DBUG_PRINT("enter", ("Host: '%s', Ip: '%s', User: '%s', db: '%s'",
                       (host ? host : "(NULL)"), (ip ? ip : "(NULL)"),
1084
                       user, (db ? db : "(NULL)")));
1085 1086 1087 1088 1089
  sctx->user= user;
  sctx->host= host;
  sctx->ip= ip;
  sctx->host_or_ip= host ? host : (ip ? ip : "");

1090 1091
  if (!initialized)
  {
1092
    /*
1093 1094
      here if mysqld's been started with --skip-grant-tables option.
    */
1095
    sctx->skip_grants();
1096
    DBUG_RETURN(FALSE);
1097 1098 1099 1100
  }

  VOID(pthread_mutex_lock(&acl_cache->lock));

1101 1102
  sctx->master_access= 0;
  sctx->db_access= 0;
1103 1104
  sctx->priv_user= (char *) "";
  *sctx->priv_host= 0;
1105

1106 1107 1108
  /*
     Find acl entry in user database.
     This is specially tailored to suit the check we do for CALL of
1109
     a stored procedure; user is set to what is actually a
1110 1111
     priv_user, which can be ''.
  */
1112
  for (i=0 ; i < acl_users.elements ; i++)
1113 1114
  {
    acl_user= dynamic_element(&acl_users,i,ACL_USER*);
1115
    if ((!acl_user->user && !user[0]) ||
1116
	(acl_user->user && strcmp(user, acl_user->user) == 0))
1117
    {
1118
      if (compare_hostname(&acl_user->host, host, ip))
1119 1120 1121 1122 1123 1124 1125 1126 1127
      {
	res= 0;
	break;
      }
    }
  }

  if (acl_user)
  {
1128 1129 1130 1131
    for (i=0 ; i < acl_dbs.elements ; i++)
    {
      ACL_DB *acl_db= dynamic_element(&acl_dbs, i, ACL_DB*);
      if (!acl_db->user ||
1132
	  (user && user[0] && !strcmp(user, acl_db->user)))
1133
      {
1134
	if (compare_hostname(&acl_db->host, host, ip))
1135
	{
1136
	  if (!acl_db->db || (db && !wild_compare(db, acl_db->db, 0)))
1137
	  {
1138
	    sctx->db_access= acl_db->access;
1139 1140 1141 1142 1143
	    break;
	  }
	}
      }
    }
1144 1145
    sctx->master_access= acl_user->access;
    sctx->priv_user= acl_user->user ? user : (char *) "";
1146 1147

    if (acl_user->host.hostname)
1148
      strmake(sctx->priv_host, acl_user->host.hostname, MAX_HOSTNAME);
1149
    else
1150
      *sctx->priv_host= 0;
1151 1152 1153 1154 1155
  }
  VOID(pthread_mutex_unlock(&acl_cache->lock));
  DBUG_RETURN(res);
}

unknown's avatar
unknown committed
1156 1157 1158 1159 1160 1161 1162
static byte* check_get_key(ACL_USER *buff,uint *length,
			   my_bool not_used __attribute__((unused)))
{
  *length=buff->hostname_length;
  return (byte*) buff->host.hostname;
}

1163

unknown's avatar
unknown committed
1164
static void acl_update_user(const char *user, const char *host,
1165
			    const char *password, uint password_len,
1166 1167 1168 1169
			    enum SSL_type ssl_type,
			    const char *ssl_cipher,
			    const char *x509_issuer,
			    const char *x509_subject,
unknown's avatar
unknown committed
1170
			    USER_RESOURCES  *mqh,
unknown's avatar
unknown committed
1171
			    ulong privileges)
unknown's avatar
unknown committed
1172
{
1173 1174
  safe_mutex_assert_owner(&acl_cache->lock);

unknown's avatar
unknown committed
1175 1176 1177 1178
  for (uint i=0 ; i < acl_users.elements ; i++)
  {
    ACL_USER *acl_user=dynamic_element(&acl_users,i,ACL_USER*);
    if (!acl_user->user && !user[0] ||
1179
	acl_user->user && !strcmp(user,acl_user->user))
unknown's avatar
unknown committed
1180 1181
    {
      if (!acl_user->host.hostname && !host[0] ||
unknown's avatar
unknown committed
1182
	  acl_user->host.hostname &&
1183
	  !my_strcasecmp(system_charset_info, host, acl_user->host.hostname))
unknown's avatar
unknown committed
1184 1185
      {
	acl_user->access=privileges;
1186
	if (mqh->specified_limits & USER_RESOURCES::QUERIES_PER_HOUR)
1187
	  acl_user->user_resource.questions=mqh->questions;
1188
	if (mqh->specified_limits & USER_RESOURCES::UPDATES_PER_HOUR)
1189
	  acl_user->user_resource.updates=mqh->updates;
1190 1191 1192 1193
	if (mqh->specified_limits & USER_RESOURCES::CONNECTIONS_PER_HOUR)
	  acl_user->user_resource.conn_per_hour= mqh->conn_per_hour;
	if (mqh->specified_limits & USER_RESOURCES::USER_CONNECTIONS)
	  acl_user->user_resource.user_conn= mqh->user_conn;
1194 1195 1196 1197 1198 1199 1200 1201 1202 1203
	if (ssl_type != SSL_TYPE_NOT_SPECIFIED)
	{
	  acl_user->ssl_type= ssl_type;
	  acl_user->ssl_cipher= (ssl_cipher ? strdup_root(&mem,ssl_cipher) :
				 0);
	  acl_user->x509_issuer= (x509_issuer ? strdup_root(&mem,x509_issuer) :
				  0);
	  acl_user->x509_subject= (x509_subject ?
				   strdup_root(&mem,x509_subject) : 0);
	}
unknown's avatar
unknown committed
1204 1205
	if (password)
	  set_user_salt(acl_user, password, password_len);
1206
        /* search complete: */
unknown's avatar
unknown committed
1207 1208 1209 1210 1211 1212 1213 1214
	break;
      }
    }
  }
}


static void acl_insert_user(const char *user, const char *host,
1215
			    const char *password, uint password_len,
1216 1217 1218 1219
			    enum SSL_type ssl_type,
			    const char *ssl_cipher,
			    const char *x509_issuer,
			    const char *x509_subject,
1220
			    USER_RESOURCES *mqh,
unknown's avatar
unknown committed
1221
			    ulong privileges)
unknown's avatar
unknown committed
1222 1223
{
  ACL_USER acl_user;
1224 1225 1226

  safe_mutex_assert_owner(&acl_cache->lock);

1227
  acl_user.user=*user ? strdup_root(&mem,user) : 0;
unknown's avatar
unknown committed
1228
  update_hostname(&acl_user.host, *host ? strdup_root(&mem, host): 0);
unknown's avatar
unknown committed
1229
  acl_user.access=privileges;
1230
  acl_user.user_resource = *mqh;
unknown's avatar
unknown committed
1231
  acl_user.sort=get_sort(2,acl_user.host.hostname,acl_user.user);
1232
  acl_user.hostname_length=(uint) strlen(host);
1233 1234 1235 1236 1237
  acl_user.ssl_type= (ssl_type != SSL_TYPE_NOT_SPECIFIED ?
		      ssl_type : SSL_TYPE_NONE);
  acl_user.ssl_cipher=	ssl_cipher   ? strdup_root(&mem,ssl_cipher) : 0;
  acl_user.x509_issuer= x509_issuer  ? strdup_root(&mem,x509_issuer) : 0;
  acl_user.x509_subject=x509_subject ? strdup_root(&mem,x509_subject) : 0;
1238 1239

  set_user_salt(&acl_user, password, password_len);
unknown's avatar
unknown committed
1240 1241

  VOID(push_dynamic(&acl_users,(gptr) &acl_user));
1242 1243
  if (!acl_user.host.hostname ||
      (acl_user.host.hostname[0] == wild_many && !acl_user.host.hostname[1]))
unknown's avatar
unknown committed
1244
    allow_all_hosts=1;		// Anyone can connect /* purecov: tested */
unknown's avatar
unknown committed
1245 1246 1247
  qsort((gptr) dynamic_element(&acl_users,0,ACL_USER*),acl_users.elements,
	sizeof(ACL_USER),(qsort_cmp) acl_compare);

1248 1249
  /* Rebuild 'acl_check_hosts' since 'acl_users' has been modified */
  rebuild_check_host();
unknown's avatar
unknown committed
1250 1251 1252 1253
}


static void acl_update_db(const char *user, const char *host, const char *db,
unknown's avatar
unknown committed
1254
			  ulong privileges)
unknown's avatar
unknown committed
1255
{
1256 1257
  safe_mutex_assert_owner(&acl_cache->lock);

unknown's avatar
unknown committed
1258 1259 1260 1261 1262 1263 1264 1265
  for (uint i=0 ; i < acl_dbs.elements ; i++)
  {
    ACL_DB *acl_db=dynamic_element(&acl_dbs,i,ACL_DB*);
    if (!acl_db->user && !user[0] ||
	acl_db->user &&
	!strcmp(user,acl_db->user))
    {
      if (!acl_db->host.hostname && !host[0] ||
1266
	  acl_db->host.hostname &&
1267
	  !my_strcasecmp(system_charset_info, host, acl_db->host.hostname))
unknown's avatar
unknown committed
1268 1269 1270 1271 1272 1273 1274 1275 1276 1277 1278 1279 1280 1281 1282
      {
	if (!acl_db->db && !db[0] ||
	    acl_db->db && !strcmp(db,acl_db->db))
	{
	  if (privileges)
	    acl_db->access=privileges;
	  else
	    delete_dynamic_element(&acl_dbs,i);
	}
      }
    }
  }
}


1283 1284 1285 1286 1287 1288 1289 1290 1291 1292 1293 1294 1295 1296
/*
  Insert a user/db/host combination into the global acl_cache

  SYNOPSIS
    acl_insert_db()
    user		User name
    host		Host name
    db			Database name
    privileges		Bitmap of privileges

  NOTES
    acl_cache->lock must be locked when calling this
*/

unknown's avatar
unknown committed
1297
static void acl_insert_db(const char *user, const char *host, const char *db,
unknown's avatar
unknown committed
1298
			  ulong privileges)
unknown's avatar
unknown committed
1299 1300
{
  ACL_DB acl_db;
1301
  safe_mutex_assert_owner(&acl_cache->lock);
unknown's avatar
unknown committed
1302
  acl_db.user=strdup_root(&mem,user);
1303
  update_hostname(&acl_db.host, *host ? strdup_root(&mem,host) : 0);
unknown's avatar
unknown committed
1304 1305 1306 1307 1308 1309 1310 1311 1312
  acl_db.db=strdup_root(&mem,db);
  acl_db.access=privileges;
  acl_db.sort=get_sort(3,acl_db.host.hostname,acl_db.db,acl_db.user);
  VOID(push_dynamic(&acl_dbs,(gptr) &acl_db));
  qsort((gptr) dynamic_element(&acl_dbs,0,ACL_DB*),acl_dbs.elements,
	sizeof(ACL_DB),(qsort_cmp) acl_compare);
}


1313 1314 1315

/*
  Get privilege for a host, user and db combination
1316 1317 1318

  as db_is_pattern changes the semantics of comparison,
  acl_cache is not used if db_is_pattern is set.
1319
*/
unknown's avatar
unknown committed
1320

1321
ulong acl_get(const char *host, const char *ip,
1322
              const char *user, const char *db, my_bool db_is_pattern)
unknown's avatar
unknown committed
1323
{
1324
  ulong host_access= ~(ulong)0, db_access= 0;
unknown's avatar
unknown committed
1325
  uint i,key_length;
unknown's avatar
unknown committed
1326
  char key[ACL_KEY_LENGTH],*tmp_db,*end;
unknown's avatar
unknown committed
1327
  acl_entry *entry;
unknown's avatar
unknown committed
1328
  DBUG_ENTER("acl_get");
unknown's avatar
unknown committed
1329 1330

  VOID(pthread_mutex_lock(&acl_cache->lock));
1331
  end=strmov((tmp_db=strmov(strmov(key, ip ? ip : "")+1,user)+1),db);
unknown's avatar
unknown committed
1332 1333
  if (lower_case_table_names)
  {
1334
    my_casedn_str(files_charset_info, tmp_db);
unknown's avatar
unknown committed
1335 1336
    db=tmp_db;
  }
unknown's avatar
unknown committed
1337
  key_length=(uint) (end-key);
1338
  if (!db_is_pattern && (entry=(acl_entry*) acl_cache->search(key,key_length)))
unknown's avatar
unknown committed
1339 1340 1341
  {
    db_access=entry->access;
    VOID(pthread_mutex_unlock(&acl_cache->lock));
unknown's avatar
unknown committed
1342 1343
    DBUG_PRINT("exit", ("access: 0x%lx", db_access));
    DBUG_RETURN(db_access);
unknown's avatar
unknown committed
1344 1345 1346 1347 1348 1349 1350 1351 1352 1353 1354 1355
  }

  /*
    Check if there are some access rights for database and user
  */
  for (i=0 ; i < acl_dbs.elements ; i++)
  {
    ACL_DB *acl_db=dynamic_element(&acl_dbs,i,ACL_DB*);
    if (!acl_db->user || !strcmp(user,acl_db->user))
    {
      if (compare_hostname(&acl_db->host,host,ip))
      {
1356
	if (!acl_db->db || !wild_compare(db,acl_db->db,db_is_pattern))
unknown's avatar
unknown committed
1357 1358 1359 1360 1361 1362 1363 1364 1365 1366 1367 1368 1369 1370 1371 1372 1373 1374 1375 1376 1377
	{
	  db_access=acl_db->access;
	  if (acl_db->host.hostname)
	    goto exit;				// Fully specified. Take it
	  break; /* purecov: tested */
	}
      }
    }
  }
  if (!db_access)
    goto exit;					// Can't be better

  /*
    No host specified for user. Get hostdata from host table
  */
  host_access=0;				// Host must be found
  for (i=0 ; i < acl_hosts.elements ; i++)
  {
    ACL_HOST *acl_host=dynamic_element(&acl_hosts,i,ACL_HOST*);
    if (compare_hostname(&acl_host->host,host,ip))
    {
1378
      if (!acl_host->db || !wild_compare(db,acl_host->db,db_is_pattern))
unknown's avatar
unknown committed
1379 1380 1381 1382 1383 1384 1385 1386
      {
	host_access=acl_host->access;		// Fully specified. Take it
	break;
      }
    }
  }
exit:
  /* Save entry in cache for quick retrieval */
1387 1388
  if (!db_is_pattern &&
      (entry= (acl_entry*) malloc(sizeof(acl_entry)+key_length)))
unknown's avatar
unknown committed
1389 1390 1391 1392 1393 1394 1395
  {
    entry->access=(db_access & host_access);
    entry->length=key_length;
    memcpy((gptr) entry->key,key,key_length);
    acl_cache->add(entry);
  }
  VOID(pthread_mutex_unlock(&acl_cache->lock));
unknown's avatar
unknown committed
1396 1397
  DBUG_PRINT("exit", ("access: 0x%lx", db_access & host_access));
  DBUG_RETURN(db_access & host_access);
unknown's avatar
unknown committed
1398 1399
}

1400 1401 1402 1403 1404 1405 1406
/*
  Check if there are any possible matching entries for this host

  NOTES
    All host names without wild cards are stored in a hash table,
    entries with wildcards are stored in a dynamic array
*/
unknown's avatar
unknown committed
1407 1408 1409 1410

static void init_check_host(void)
{
  DBUG_ENTER("init_check_host");
1411
  VOID(my_init_dynamic_array(&acl_wild_hosts,sizeof(struct acl_host_and_ip),
unknown's avatar
unknown committed
1412
			  acl_users.elements,1));
1413
  VOID(hash_init(&acl_check_hosts,system_charset_info,acl_users.elements,0,0,
unknown's avatar
unknown committed
1414
		 (hash_get_key) check_get_key,0,0));
unknown's avatar
unknown committed
1415 1416 1417 1418 1419 1420 1421 1422 1423 1424 1425 1426 1427 1428
  if (!allow_all_hosts)
  {
    for (uint i=0 ; i < acl_users.elements ; i++)
    {
      ACL_USER *acl_user=dynamic_element(&acl_users,i,ACL_USER*);
      if (strchr(acl_user->host.hostname,wild_many) ||
	  strchr(acl_user->host.hostname,wild_one) ||
	  acl_user->host.ip_mask)
      {						// Has wildcard
	uint j;
	for (j=0 ; j < acl_wild_hosts.elements ; j++)
	{					// Check if host already exists
	  acl_host_and_ip *acl=dynamic_element(&acl_wild_hosts,j,
					       acl_host_and_ip *);
1429
	  if (!my_strcasecmp(system_charset_info,
1430
                             acl_user->host.hostname, acl->hostname))
unknown's avatar
unknown committed
1431 1432 1433 1434 1435
	    break;				// already stored
	}
	if (j == acl_wild_hosts.elements)	// If new
	  (void) push_dynamic(&acl_wild_hosts,(char*) &acl_user->host);
      }
1436
      else if (!hash_search(&acl_check_hosts,(byte*) acl_user->host.hostname,
unknown's avatar
unknown committed
1437
			    (uint) strlen(acl_user->host.hostname)))
unknown's avatar
unknown committed
1438
      {
unknown's avatar
SCRUM  
unknown committed
1439
	if (my_hash_insert(&acl_check_hosts,(byte*) acl_user))
unknown's avatar
unknown committed
1440 1441 1442 1443 1444 1445 1446 1447 1448 1449 1450 1451 1452
	{					// End of memory
	  allow_all_hosts=1;			// Should never happen
	  DBUG_VOID_RETURN;
	}
      }
    }
  }
  freeze_size(&acl_wild_hosts);
  freeze_size(&acl_check_hosts.array);
  DBUG_VOID_RETURN;
}


1453 1454 1455 1456 1457 1458 1459 1460 1461 1462 1463 1464 1465 1466 1467 1468
/*
  Rebuild lists used for checking of allowed hosts

  We need to rebuild 'acl_check_hosts' and 'acl_wild_hosts' after adding,
  dropping or renaming user, since they contain pointers to elements of
  'acl_user' array, which are invalidated by drop operation, and use
  ACL_USER::host::hostname as a key, which is changed by rename.
*/
void rebuild_check_host(void)
{
  delete_dynamic(&acl_wild_hosts);
  hash_free(&acl_check_hosts);
  init_check_host();
}


unknown's avatar
unknown committed
1469 1470 1471 1472 1473 1474 1475 1476
/* Return true if there is no users that can match the given host */

bool acl_check_host(const char *host, const char *ip)
{
  if (allow_all_hosts)
    return 0;
  VOID(pthread_mutex_lock(&acl_cache->lock));

unknown's avatar
unknown committed
1477 1478
  if (host && hash_search(&acl_check_hosts,(byte*) host,(uint) strlen(host)) ||
      ip && hash_search(&acl_check_hosts,(byte*) ip,(uint) strlen(ip)))
unknown's avatar
unknown committed
1479 1480 1481 1482 1483 1484 1485 1486 1487 1488 1489 1490 1491 1492 1493 1494 1495 1496
  {
    VOID(pthread_mutex_unlock(&acl_cache->lock));
    return 0;					// Found host
  }
  for (uint i=0 ; i < acl_wild_hosts.elements ; i++)
  {
    acl_host_and_ip *acl=dynamic_element(&acl_wild_hosts,i,acl_host_and_ip*);
    if (compare_hostname(acl, host, ip))
    {
      VOID(pthread_mutex_unlock(&acl_cache->lock));
      return 0;					// Host ok
    }
  }
  VOID(pthread_mutex_unlock(&acl_cache->lock));
  return 1;					// Host is not allowed
}


unknown's avatar
unknown committed
1497 1498 1499 1500 1501 1502 1503 1504
/*
  Check if the user is allowed to change password

  SYNOPSIS:
    check_change_password()
    thd		THD
    host	hostname for the user
    user	user name
1505 1506 1507 1508
    new_password new password

  NOTE:
    new_password cannot be NULL
unknown's avatar
merge  
unknown committed
1509

unknown's avatar
unknown committed
1510
    RETURN VALUE
1511 1512
      0		OK
      1		ERROR  ; In this case the error is sent to the client.
unknown's avatar
unknown committed
1513 1514
*/

1515
bool check_change_password(THD *thd, const char *host, const char *user,
1516
                           char *new_password, uint new_password_len)
unknown's avatar
unknown committed
1517
{
unknown's avatar
unknown committed
1518 1519
  if (!initialized)
  {
unknown's avatar
unknown committed
1520
    my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0), "--skip-grant-tables");
1521
    return(1);
unknown's avatar
unknown committed
1522
  }
unknown's avatar
unknown committed
1523
  if (!thd->slave_thread &&
1524 1525 1526
      (strcmp(thd->security_ctx->user, user) ||
       my_strcasecmp(system_charset_info, host,
                     thd->security_ctx->priv_host)))
unknown's avatar
unknown committed
1527
  {
1528
    if (check_access(thd, UPDATE_ACL, "mysql",0,1,0,0))
unknown's avatar
unknown committed
1529
      return(1);
unknown's avatar
unknown committed
1530
  }
1531
  if (!thd->slave_thread && !thd->security_ctx->user[0])
unknown's avatar
unknown committed
1532
  {
unknown's avatar
unknown committed
1533 1534
    my_message(ER_PASSWORD_ANONYMOUS_USER, ER(ER_PASSWORD_ANONYMOUS_USER),
               MYF(0));
unknown's avatar
unknown committed
1535
    return(1);
unknown's avatar
unknown committed
1536
  }
1537
  uint len=strlen(new_password);
unknown's avatar
unknown committed
1538
  if (len && len != SCRAMBLED_PASSWORD_CHAR_LENGTH &&
1539 1540
      len != SCRAMBLED_PASSWORD_CHAR_LENGTH_323)
  {
unknown's avatar
unknown committed
1541
    my_error(ER_PASSWD_LENGTH, MYF(0), SCRAMBLED_PASSWORD_CHAR_LENGTH);
1542 1543
    return -1;
  }
unknown's avatar
unknown committed
1544 1545 1546 1547
  return(0);
}


1548 1549 1550 1551 1552 1553 1554 1555 1556 1557 1558 1559 1560
/*
  Change a password for a user

  SYNOPSIS
    change_password()
    thd			Thread handle
    host		Hostname
    user		User name
    new_password	New password for host@user

  RETURN VALUES
    0	ok
    1	ERROR; In this case the error is sent to the client.
unknown's avatar
unknown committed
1561
*/
1562

unknown's avatar
unknown committed
1563 1564 1565
bool change_password(THD *thd, const char *host, const char *user,
		     char *new_password)
{
1566 1567 1568 1569 1570
  TABLE_LIST tables;
  TABLE *table;
  /* Buffer should be extended when password length is extended. */
  char buff[512];
  ulong query_length;
1571
  uint new_password_len= strlen(new_password);
1572
  bool result= 1;
unknown's avatar
unknown committed
1573 1574 1575 1576 1577
  DBUG_ENTER("change_password");
  DBUG_PRINT("enter",("host: '%s'  user: '%s'  new_password: '%s'",
		      host,user,new_password));
  DBUG_ASSERT(host != 0);			// Ensured by parent

1578
  if (check_change_password(thd, host, user, new_password, new_password_len))
unknown's avatar
unknown committed
1579 1580
    DBUG_RETURN(1);

1581
  bzero((char*) &tables, sizeof(tables));
1582
  tables.alias= tables.table_name= (char*) "user";
1583 1584 1585 1586 1587 1588 1589
  tables.db= (char*) "mysql";

#ifdef HAVE_REPLICATION
  /*
    GRANT and REVOKE are applied the slave in/exclusion rules as they are
    some kind of updates to the mysql.% tables.
  */
1590
  if (thd->slave_thread && rpl_filter->is_on())
1591 1592 1593 1594 1595 1596 1597
  {
    /*
      The tables must be marked "updating" so that tables_ok() takes them into
      account in tests.  It's ok to leave 'updating' set after tables_ok.
    */
    tables.updating= 1;
    /* Thanks to bzero, tables.next==0 */
1598
    if (!(thd->spcont || rpl_filter->tables_ok(0, &tables)))
1599 1600 1601 1602 1603 1604 1605
      DBUG_RETURN(0);
  }
#endif

  if (!(table= open_ltable(thd, &tables, TL_WRITE)))
    DBUG_RETURN(1);

unknown's avatar
unknown committed
1606 1607
  VOID(pthread_mutex_lock(&acl_cache->lock));
  ACL_USER *acl_user;
1608
  if (!(acl_user= find_acl_user(host, user, TRUE)))
unknown's avatar
unknown committed
1609 1610
  {
    VOID(pthread_mutex_unlock(&acl_cache->lock));
unknown's avatar
unknown committed
1611
    my_message(ER_PASSWORD_NO_MATCH, ER(ER_PASSWORD_NO_MATCH), MYF(0));
1612
    goto end;
unknown's avatar
unknown committed
1613
  }
1614 1615 1616
  /* update loaded acl entry: */
  set_user_salt(acl_user, new_password, new_password_len);

1617
  if (update_user_table(thd, table,
unknown's avatar
unknown committed
1618
			acl_user->host.hostname ? acl_user->host.hostname : "",
unknown's avatar
unknown committed
1619
			acl_user->user ? acl_user->user : "",
1620
			new_password, new_password_len))
unknown's avatar
unknown committed
1621 1622
  {
    VOID(pthread_mutex_unlock(&acl_cache->lock)); /* purecov: deadcode */
1623
    goto end;
unknown's avatar
unknown committed
1624
  }
unknown's avatar
unknown committed
1625

unknown's avatar
unknown committed
1626 1627
  acl_cache->clear(1);				// Clear locked hostname cache
  VOID(pthread_mutex_unlock(&acl_cache->lock));
1628 1629 1630
  result= 0;
  if (mysql_bin_log.is_open())
  {
1631 1632 1633 1634 1635 1636
    query_length=
      my_sprintf(buff,
                 (buff,"SET PASSWORD FOR \"%-.120s\"@\"%-.120s\"=\"%-.120s\"",
                  acl_user->user ? acl_user->user : "",
                  acl_user->host.hostname ? acl_user->host.hostname : "",
                  new_password));
1637
    thd->clear_error();
1638
    thd->binlog_query(THD::MYSQL_QUERY_TYPE, buff, query_length, FALSE, FALSE);
1639 1640 1641 1642
  }
end:
  close_thread_tables(thd);
  DBUG_RETURN(result);
unknown's avatar
unknown committed
1643 1644 1645
}


1646 1647 1648 1649 1650 1651 1652 1653 1654 1655 1656 1657 1658 1659 1660 1661
/*
  Find user in ACL

  SYNOPSIS
    is_acl_user()
    host                 host name
    user                 user name

  RETURN
   FALSE  user not fond
   TRUE   there are such user
*/

bool is_acl_user(const char *host, const char *user)
{
  bool res;
1662 1663 1664 1665 1666

  /* --skip-grants */
  if (!initialized)
    return TRUE;

1667
  VOID(pthread_mutex_lock(&acl_cache->lock));
1668
  res= find_acl_user(host, user, TRUE) != NULL;
1669 1670 1671 1672 1673
  VOID(pthread_mutex_unlock(&acl_cache->lock));
  return res;
}


unknown's avatar
unknown committed
1674 1675 1676 1677 1678
/*
  Find first entry that matches the current user
*/

static ACL_USER *
1679
find_acl_user(const char *host, const char *user, my_bool exact)
unknown's avatar
unknown committed
1680
{
unknown's avatar
unknown committed
1681
  DBUG_ENTER("find_acl_user");
1682
  DBUG_PRINT("enter",("host: '%s'  user: '%s'",host,user));
1683 1684 1685

  safe_mutex_assert_owner(&acl_cache->lock);

unknown's avatar
unknown committed
1686 1687 1688
  for (uint i=0 ; i < acl_users.elements ; i++)
  {
    ACL_USER *acl_user=dynamic_element(&acl_users,i,ACL_USER*);
unknown's avatar
unknown committed
1689
    DBUG_PRINT("info",("strcmp('%s','%s'), compare_hostname('%s','%s'),",
1690 1691 1692 1693
                       user, acl_user->user ? acl_user->user : "",
                       host,
                       acl_user->host.hostname ? acl_user->host.hostname :
                       ""));
unknown's avatar
unknown committed
1694 1695 1696
    if (!acl_user->user && !user[0] ||
	acl_user->user && !strcmp(user,acl_user->user))
    {
1697
      if (exact ? !my_strcasecmp(system_charset_info, host,
1698 1699
                                 acl_user->host.hostname ?
				 acl_user->host.hostname : "") :
1700
          compare_hostname(&acl_user->host,host,host))
unknown's avatar
unknown committed
1701 1702 1703
      {
	DBUG_RETURN(acl_user);
      }
unknown's avatar
unknown committed
1704 1705
    }
  }
unknown's avatar
unknown committed
1706
  DBUG_RETURN(0);
unknown's avatar
unknown committed
1707 1708 1709
}


1710 1711 1712 1713 1714 1715 1716 1717 1718 1719 1720
/*
  Comparing of hostnames

  NOTES
  A hostname may be of type:
  hostname   (May include wildcards);   monty.pp.sci.fi
  ip	   (May include wildcards);   192.168.0.0
  ip/netmask			      192.168.0.0/255.255.255.0

  A net mask of 0.0.0.0 is not allowed.
*/
unknown's avatar
unknown committed
1721 1722 1723 1724 1725 1726 1727 1728 1729 1730 1731 1732 1733 1734 1735 1736 1737 1738 1739 1740 1741 1742

static const char *calc_ip(const char *ip, long *val, char end)
{
  long ip_val,tmp;
  if (!(ip=str2int(ip,10,0,255,&ip_val)) || *ip != '.')
    return 0;
  ip_val<<=24;
  if (!(ip=str2int(ip+1,10,0,255,&tmp)) || *ip != '.')
    return 0;
  ip_val+=tmp<<16;
  if (!(ip=str2int(ip+1,10,0,255,&tmp)) || *ip != '.')
    return 0;
  ip_val+=tmp<<8;
  if (!(ip=str2int(ip+1,10,0,255,&tmp)) || *ip != end)
    return 0;
  *val=ip_val+tmp;
  return ip;
}


static void update_hostname(acl_host_and_ip *host, const char *hostname)
{
1743
  host->hostname=(char*) hostname;             // This will not be modified!
1744
  if (!hostname ||
unknown's avatar
unknown committed
1745 1746 1747
      (!(hostname=calc_ip(hostname,&host->ip,'/')) ||
       !(hostname=calc_ip(hostname+1,&host->ip_mask,'\0'))))
  {
1748
    host->ip= host->ip_mask=0;			// Not a masked ip
unknown's avatar
unknown committed
1749 1750 1751 1752 1753 1754 1755 1756 1757 1758 1759 1760 1761
  }
}


static bool compare_hostname(const acl_host_and_ip *host, const char *hostname,
			     const char *ip)
{
  long tmp;
  if (host->ip_mask && ip && calc_ip(ip,&tmp,'\0'))
  {
    return (tmp & host->ip_mask) == host->ip;
  }
  return (!host->hostname ||
1762
	  (hostname && !wild_case_compare(system_charset_info,
1763 1764
                                          hostname, host->hostname)) ||
	  (ip && !wild_compare(ip, host->hostname, 0)));
unknown's avatar
unknown committed
1765 1766
}

unknown's avatar
SCRUM  
unknown committed
1767 1768 1769 1770
bool hostname_requires_resolving(const char *hostname)
{
  char cur;
  if (!hostname)
unknown's avatar
unknown committed
1771
    return FALSE;
unknown's avatar
SCRUM  
unknown committed
1772 1773 1774
  int namelen= strlen(hostname);
  int lhlen= strlen(my_localhost);
  if ((namelen == lhlen) &&
1775
      !my_strnncoll(system_charset_info, (const uchar *)hostname,  namelen,
unknown's avatar
SCRUM  
unknown committed
1776
		    (const uchar *)my_localhost, strlen(my_localhost)))
unknown's avatar
unknown committed
1777
    return FALSE;
unknown's avatar
SCRUM  
unknown committed
1778 1779
  for (; (cur=*hostname); hostname++)
  {
1780
    if ((cur != '%') && (cur != '_') && (cur != '.') && (cur != '/') &&
unknown's avatar
SCRUM  
unknown committed
1781
	((cur < '0') || (cur > '9')))
unknown's avatar
unknown committed
1782
      return TRUE;
unknown's avatar
SCRUM  
unknown committed
1783
  }
unknown's avatar
unknown committed
1784
  return FALSE;
unknown's avatar
SCRUM  
unknown committed
1785
}
unknown's avatar
unknown committed
1786

1787

1788
/*
1789 1790 1791 1792 1793 1794 1795 1796 1797 1798
  Update record for user in mysql.user privilege table with new password.

  SYNOPSIS
    update_user_table()
      thd               Thread handle
      table             Pointer to TABLE object for open mysql.user table
      host/user         Hostname/username pair identifying user for which
                        new password should be set
      new_password      New password
      new_password_len  Length of new password
1799
*/
unknown's avatar
unknown committed
1800

1801 1802
static bool update_user_table(THD *thd, TABLE *table,
                              const char *host, const char *user,
1803
			      const char *new_password, uint new_password_len)
unknown's avatar
unknown committed
1804
{
1805
  char user_key[MAX_KEY_LENGTH];
1806
  int error;
unknown's avatar
unknown committed
1807 1808 1809
  DBUG_ENTER("update_user_table");
  DBUG_PRINT("enter",("user: %s  host: %s",user,host));

1810
  table->use_all_columns();
1811 1812
  table->field[0]->store(host,(uint) strlen(host), system_charset_info);
  table->field[1]->store(user,(uint) strlen(user), system_charset_info);
unknown's avatar
unknown committed
1813
  key_copy((byte *) user_key, table->record[0], table->key_info,
1814
           table->key_info->key_length);
unknown's avatar
unknown committed
1815

1816
  if (table->file->index_read_idx(table->record[0], 0,
1817 1818
				  (byte *) user_key,
                                  table->key_info->key_length,
unknown's avatar
unknown committed
1819 1820
				  HA_READ_KEY_EXACT))
  {
unknown's avatar
unknown committed
1821 1822
    my_message(ER_PASSWORD_NO_MATCH, ER(ER_PASSWORD_NO_MATCH),
               MYF(0));	/* purecov: deadcode */
unknown's avatar
unknown committed
1823 1824
    DBUG_RETURN(1);				/* purecov: deadcode */
  }
unknown's avatar
unknown committed
1825
  store_record(table,record[1]);
1826
  table->field[2]->store(new_password, new_password_len, system_charset_info);
1827
  if ((error=table->file->ha_update_row(table->record[1],table->record[0])))
unknown's avatar
unknown committed
1828 1829
  {
    table->file->print_error(error,MYF(0));	/* purecov: deadcode */
1830
    DBUG_RETURN(1);
unknown's avatar
unknown committed
1831
  }
1832
  DBUG_RETURN(0);
unknown's avatar
unknown committed
1833 1834
}

unknown's avatar
unknown committed
1835

1836 1837 1838 1839 1840 1841
/*
  Return 1 if we are allowed to create new users
  the logic here is: INSERT_ACL is sufficient.
  It's also a requirement in opt_safe_user_create,
  otherwise CREATE_USER_ACL is enough.
*/
unknown's avatar
unknown committed
1842 1843 1844

static bool test_if_create_new_users(THD *thd)
{
1845
  Security_context *sctx= thd->security_ctx;
1846
  bool create_new_users= test(sctx->master_access & INSERT_ACL) ||
1847
                         (!opt_safe_user_create &&
1848
                          test(sctx->master_access & CREATE_USER_ACL));
1849
  if (!create_new_users)
unknown's avatar
unknown committed
1850 1851
  {
    TABLE_LIST tl;
unknown's avatar
unknown committed
1852
    ulong db_access;
unknown's avatar
unknown committed
1853 1854
    bzero((char*) &tl,sizeof(tl));
    tl.db=	   (char*) "mysql";
1855
    tl.table_name=  (char*) "user";
1856
    create_new_users= 1;
unknown's avatar
unknown committed
1857

1858 1859
    db_access=acl_get(sctx->host, sctx->ip,
		      sctx->priv_user, tl.db, 0);
unknown's avatar
unknown committed
1860 1861
    if (!(db_access & INSERT_ACL))
    {
unknown's avatar
unknown committed
1862
      if (check_grant(thd, INSERT_ACL, &tl, 0, UINT_MAX, 1))
unknown's avatar
unknown committed
1863 1864 1865 1866 1867 1868 1869
	create_new_users=0;
    }
  }
  return create_new_users;
}


unknown's avatar
unknown committed
1870
/****************************************************************************
1871
  Handle GRANT commands
unknown's avatar
unknown committed
1872 1873
****************************************************************************/

1874
static int replace_user_table(THD *thd, TABLE *table, const LEX_USER &combo,
unknown's avatar
unknown committed
1875
			      ulong rights, bool revoke_grant,
unknown's avatar
unknown committed
1876
			      bool can_create_user, bool no_auto_create)
unknown's avatar
unknown committed
1877 1878
{
  int error = -1;
unknown's avatar
unknown committed
1879
  bool old_row_exists=0;
1880
  const char *password= "";
1881
  uint password_len= 0;
unknown's avatar
unknown committed
1882
  char what= (revoke_grant) ? 'N' : 'Y';
1883
  byte user_key[MAX_KEY_LENGTH];
1884
  LEX *lex= thd->lex;
unknown's avatar
unknown committed
1885
  DBUG_ENTER("replace_user_table");
unknown's avatar
unknown committed
1886

1887
  safe_mutex_assert_owner(&acl_cache->lock);
unknown's avatar
unknown committed
1888 1889

  if (combo.password.str && combo.password.str[0])
1890
  {
1891 1892
    if (combo.password.length != SCRAMBLED_PASSWORD_CHAR_LENGTH &&
        combo.password.length != SCRAMBLED_PASSWORD_CHAR_LENGTH_323)
1893
    {
1894
      my_error(ER_PASSWD_LENGTH, MYF(0), SCRAMBLED_PASSWORD_CHAR_LENGTH);
unknown's avatar
unknown committed
1895
      DBUG_RETURN(-1);
1896
    }
1897
    password_len= combo.password.length;
unknown's avatar
unknown committed
1898
    password=combo.password.str;
1899
  }
unknown's avatar
unknown committed
1900

1901 1902 1903 1904 1905
  table->use_all_columns();
  table->field[0]->store(combo.host.str,combo.host.length,
                         system_charset_info);
  table->field[1]->store(combo.user.str,combo.user.length,
                         system_charset_info);
1906 1907 1908
  key_copy(user_key, table->record[0], table->key_info,
           table->key_info->key_length);

unknown's avatar
unknown committed
1909
  if (table->file->index_read_idx(table->record[0], 0,
1910 1911
                                  user_key, table->key_info->key_length,
                                  HA_READ_KEY_EXACT))
unknown's avatar
unknown committed
1912
  {
1913 1914
    /* what == 'N' means revoke */
    if (what == 'N')
unknown's avatar
unknown committed
1915
    {
1916 1917 1918 1919
      my_error(ER_NONEXISTING_GRANT, MYF(0), combo.user.str, combo.host.str);
      goto end;
    }
    /*
1920 1921
      There are four options which affect the process of creation of
      a new user (mysqld option --safe-create-user, 'insert' privilege
1922 1923 1924 1925 1926 1927 1928
      on 'mysql.user' table, using 'GRANT' with 'IDENTIFIED BY' and
      SQL_MODE flag NO_AUTO_CREATE_USER). Below is the simplified rule
      how it should work.
      if (safe-user-create && ! INSERT_priv) => reject
      else if (identified_by) => create
      else if (no_auto_create_user) => reject
      else create
1929 1930

      see also test_if_create_new_users()
1931
    */
unknown's avatar
unknown committed
1932 1933 1934 1935 1936 1937
    else if (!password_len && no_auto_create)
    {
      my_error(ER_PASSWORD_NO_MATCH, MYF(0), combo.user.str, combo.host.str);
      goto end;
    }
    else if (!can_create_user)
1938
    {
unknown's avatar
unknown committed
1939
      my_error(ER_CANT_CREATE_USER_WITH_GRANT, MYF(0),
1940
               thd->security_ctx->user, thd->security_ctx->host_or_ip);
unknown's avatar
unknown committed
1941 1942
      goto end;
    }
unknown's avatar
unknown committed
1943
    old_row_exists = 0;
1944
    restore_record(table,s->default_values);
1945
    table->field[0]->store(combo.host.str,combo.host.length,
1946
                           system_charset_info);
1947
    table->field[1]->store(combo.user.str,combo.user.length,
1948
                           system_charset_info);
1949
    table->field[2]->store(password, password_len,
1950
                           system_charset_info);
unknown's avatar
unknown committed
1951 1952 1953
  }
  else
  {
unknown's avatar
unknown committed
1954
    old_row_exists = 1;
unknown's avatar
unknown committed
1955
    store_record(table,record[1]);			// Save copy for update
unknown's avatar
unknown committed
1956
    if (combo.password.str)			// If password given
1957
      table->field[2]->store(password, password_len, system_charset_info);
1958
    else if (!rights && !revoke_grant &&
1959 1960
             lex->ssl_type == SSL_TYPE_NOT_SPECIFIED &&
             !lex->mqh.specified_limits)
unknown's avatar
unknown committed
1961 1962 1963
    {
      DBUG_RETURN(0);
    }
unknown's avatar
unknown committed
1964 1965
  }

unknown's avatar
unknown committed
1966 1967 1968 1969
  /* Update table columns with new privileges */

  Field **tmp_field;
  ulong priv;
1970
  uint next_field;
unknown's avatar
unknown committed
1971 1972 1973 1974
  for (tmp_field= table->field+3, priv = SELECT_ACL;
       *tmp_field && (*tmp_field)->real_type() == FIELD_TYPE_ENUM &&
	 ((Field_enum*) (*tmp_field))->typelib->count == 2 ;
       tmp_field++, priv <<= 1)
unknown's avatar
unknown committed
1975
  {
unknown's avatar
unknown committed
1976
    if (priv & rights)				 // set requested privileges
unknown's avatar
unknown committed
1977
      (*tmp_field)->store(&what, 1, &my_charset_latin1);
unknown's avatar
unknown committed
1978
  }
1979
  rights= get_access(table, 3, &next_field);
1980 1981
  DBUG_PRINT("info",("table fields: %d",table->s->fields));
  if (table->s->fields >= 31)		/* From 4.0.0 we have more fields */
1982
  {
unknown's avatar
unknown committed
1983
    /* We write down SSL related ACL stuff */
1984
    switch (lex->ssl_type) {
1985
    case SSL_TYPE_ANY:
1986 1987
      table->field[next_field]->store(STRING_WITH_LEN("ANY"),
                                      &my_charset_latin1);
1988 1989 1990
      table->field[next_field+1]->store("", 0, &my_charset_latin1);
      table->field[next_field+2]->store("", 0, &my_charset_latin1);
      table->field[next_field+3]->store("", 0, &my_charset_latin1);
1991 1992
      break;
    case SSL_TYPE_X509:
1993 1994
      table->field[next_field]->store(STRING_WITH_LEN("X509"),
                                      &my_charset_latin1);
1995 1996 1997
      table->field[next_field+1]->store("", 0, &my_charset_latin1);
      table->field[next_field+2]->store("", 0, &my_charset_latin1);
      table->field[next_field+3]->store("", 0, &my_charset_latin1);
1998 1999
      break;
    case SSL_TYPE_SPECIFIED:
2000 2001
      table->field[next_field]->store(STRING_WITH_LEN("SPECIFIED"),
                                      &my_charset_latin1);
2002 2003 2004
      table->field[next_field+1]->store("", 0, &my_charset_latin1);
      table->field[next_field+2]->store("", 0, &my_charset_latin1);
      table->field[next_field+3]->store("", 0, &my_charset_latin1);
2005
      if (lex->ssl_cipher)
unknown's avatar
unknown committed
2006 2007
        table->field[next_field+1]->store(lex->ssl_cipher,
                                strlen(lex->ssl_cipher), system_charset_info);
2008
      if (lex->x509_issuer)
unknown's avatar
unknown committed
2009 2010
        table->field[next_field+2]->store(lex->x509_issuer,
                                strlen(lex->x509_issuer), system_charset_info);
2011
      if (lex->x509_subject)
unknown's avatar
unknown committed
2012 2013
        table->field[next_field+3]->store(lex->x509_subject,
                                strlen(lex->x509_subject), system_charset_info);
2014
      break;
unknown's avatar
unknown committed
2015
    case SSL_TYPE_NOT_SPECIFIED:
unknown's avatar
unknown committed
2016 2017
      break;
    case SSL_TYPE_NONE:
2018 2019 2020 2021
      table->field[next_field]->store("", 0, &my_charset_latin1);
      table->field[next_field+1]->store("", 0, &my_charset_latin1);
      table->field[next_field+2]->store("", 0, &my_charset_latin1);
      table->field[next_field+3]->store("", 0, &my_charset_latin1);
unknown's avatar
unknown committed
2022
      break;
2023
    }
unknown's avatar
unknown committed
2024
    next_field+=4;
unknown's avatar
unknown committed
2025

2026
    USER_RESOURCES mqh= lex->mqh;
2027
    if (mqh.specified_limits & USER_RESOURCES::QUERIES_PER_HOUR)
2028
      table->field[next_field]->store((longlong) mqh.questions, TRUE);
2029
    if (mqh.specified_limits & USER_RESOURCES::UPDATES_PER_HOUR)
2030
      table->field[next_field+1]->store((longlong) mqh.updates, TRUE);
2031
    if (mqh.specified_limits & USER_RESOURCES::CONNECTIONS_PER_HOUR)
2032
      table->field[next_field+2]->store((longlong) mqh.conn_per_hour, TRUE);
2033
    if (table->s->fields >= 36 &&
2034
        (mqh.specified_limits & USER_RESOURCES::USER_CONNECTIONS))
2035
      table->field[next_field+3]->store((longlong) mqh.user_conn, TRUE);
2036
    mqh_used= mqh_used || mqh.questions || mqh.updates || mqh.conn_per_hour;
2037
  }
unknown's avatar
unknown committed
2038
  if (old_row_exists)
unknown's avatar
unknown committed
2039 2040 2041 2042 2043
  {
    /*
      We should NEVER delete from the user table, as a uses can still
      use mysqld even if he doesn't have any privileges in the user table!
    */
unknown's avatar
unknown committed
2044
    if (cmp_record(table,record[1]) &&
2045
	(error=table->file->ha_update_row(table->record[1],table->record[0])))
unknown's avatar
unknown committed
2046 2047 2048 2049 2050 2051
    {						// This should never happen
      table->file->print_error(error,MYF(0));	/* purecov: deadcode */
      error= -1;				/* purecov: deadcode */
      goto end;					/* purecov: deadcode */
    }
  }
2052
  else if ((error=table->file->ha_write_row(table->record[0]))) // insert
unknown's avatar
unknown committed
2053
  {						// This should never happen
2054
    if (table->file->is_fatal_error(error, HA_CHECK_DUP))
unknown's avatar
unknown committed
2055 2056 2057 2058 2059 2060 2061 2062
    {
      table->file->print_error(error,MYF(0));	/* purecov: deadcode */
      error= -1;				/* purecov: deadcode */
      goto end;					/* purecov: deadcode */
    }
  }
  error=0;					// Privileges granted / revoked

2063
end:
unknown's avatar
unknown committed
2064 2065 2066
  if (!error)
  {
    acl_cache->clear(1);			// Clear privilege cache
unknown's avatar
unknown committed
2067
    if (old_row_exists)
2068 2069
      acl_update_user(combo.user.str, combo.host.str,
                      combo.password.str, password_len,
2070 2071 2072 2073 2074
		      lex->ssl_type,
		      lex->ssl_cipher,
		      lex->x509_issuer,
		      lex->x509_subject,
		      &lex->mqh,
2075
		      rights);
unknown's avatar
unknown committed
2076
    else
2077
      acl_insert_user(combo.user.str, combo.host.str, password, password_len,
2078 2079 2080 2081 2082
		      lex->ssl_type,
		      lex->ssl_cipher,
		      lex->x509_issuer,
		      lex->x509_subject,
		      &lex->mqh,
2083
		      rights);
unknown's avatar
unknown committed
2084 2085 2086 2087 2088 2089
  }
  DBUG_RETURN(error);
}


/*
unknown's avatar
unknown committed
2090
  change grants in the mysql.db table
unknown's avatar
unknown committed
2091 2092 2093 2094
*/

static int replace_db_table(TABLE *table, const char *db,
			    const LEX_USER &combo,
unknown's avatar
unknown committed
2095
			    ulong rights, bool revoke_grant)
unknown's avatar
unknown committed
2096
{
unknown's avatar
unknown committed
2097 2098
  uint i;
  ulong priv,store_rights;
unknown's avatar
unknown committed
2099
  bool old_row_exists=0;
unknown's avatar
unknown committed
2100
  int error;
unknown's avatar
unknown committed
2101
  char what= (revoke_grant) ? 'N' : 'Y';
2102
  byte user_key[MAX_KEY_LENGTH];
unknown's avatar
unknown committed
2103 2104
  DBUG_ENTER("replace_db_table");

2105 2106
  if (!initialized)
  {
unknown's avatar
unknown committed
2107
    my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0), "--skip-grant-tables");
2108 2109 2110
    DBUG_RETURN(-1);
  }

2111
  /* Check if there is such a user in user table in memory? */
2112
  if (!find_acl_user(combo.host.str,combo.user.str, FALSE))
unknown's avatar
unknown committed
2113
  {
unknown's avatar
unknown committed
2114
    my_message(ER_PASSWORD_NO_MATCH, ER(ER_PASSWORD_NO_MATCH), MYF(0));
unknown's avatar
unknown committed
2115 2116 2117
    DBUG_RETURN(-1);
  }

2118 2119 2120
  table->use_all_columns();
  table->field[0]->store(combo.host.str,combo.host.length,
                         system_charset_info);
2121
  table->field[1]->store(db,(uint) strlen(db), system_charset_info);
2122 2123
  table->field[2]->store(combo.user.str,combo.user.length,
                         system_charset_info);
2124 2125 2126
  key_copy(user_key, table->record[0], table->key_info,
           table->key_info->key_length);

2127
  if (table->file->index_read_idx(table->record[0],0,
2128 2129
                                  user_key, table->key_info->key_length,
                                  HA_READ_KEY_EXACT))
unknown's avatar
unknown committed
2130 2131 2132
  {
    if (what == 'N')
    { // no row, no revoke
unknown's avatar
unknown committed
2133
      my_error(ER_NONEXISTING_GRANT, MYF(0), combo.user.str, combo.host.str);
unknown's avatar
unknown committed
2134 2135
      goto abort;
    }
unknown's avatar
unknown committed
2136
    old_row_exists = 0;
2137
    restore_record(table, s->default_values);
2138 2139
    table->field[0]->store(combo.host.str,combo.host.length,
                           system_charset_info);
2140
    table->field[1]->store(db,(uint) strlen(db), system_charset_info);
2141 2142
    table->field[2]->store(combo.user.str,combo.user.length,
                           system_charset_info);
unknown's avatar
unknown committed
2143 2144 2145
  }
  else
  {
unknown's avatar
unknown committed
2146
    old_row_exists = 1;
unknown's avatar
unknown committed
2147
    store_record(table,record[1]);
unknown's avatar
unknown committed
2148 2149 2150
  }

  store_rights=get_rights_for_db(rights);
2151
  for (i= 3, priv= 1; i < table->s->fields; i++, priv <<= 1)
unknown's avatar
unknown committed
2152
  {
unknown's avatar
unknown committed
2153
    if (priv & store_rights)			// do it if priv is chosen
unknown's avatar
unknown committed
2154
      table->field [i]->store(&what,1, &my_charset_latin1);// set requested privileges
unknown's avatar
unknown committed
2155 2156 2157 2158
  }
  rights=get_access(table,3);
  rights=fix_rights_for_db(rights);

unknown's avatar
unknown committed
2159
  if (old_row_exists)
unknown's avatar
unknown committed
2160
  {
2161
    /* update old existing row */
unknown's avatar
unknown committed
2162 2163
    if (rights)
    {
2164 2165
      if ((error= table->file->ha_update_row(table->record[1],
                                             table->record[0])))
unknown's avatar
unknown committed
2166 2167 2168 2169
	goto table_error;			/* purecov: deadcode */
    }
    else	/* must have been a revoke of all privileges */
    {
2170
      if ((error= table->file->ha_delete_row(table->record[1])))
unknown's avatar
unknown committed
2171 2172 2173
	goto table_error;			/* purecov: deadcode */
    }
  }
2174
  else if (rights && (error= table->file->ha_write_row(table->record[0])))
unknown's avatar
unknown committed
2175
  {
2176
    if (table->file->is_fatal_error(error, HA_CHECK_DUP_KEY))
unknown's avatar
unknown committed
2177 2178 2179 2180
      goto table_error; /* purecov: deadcode */
  }

  acl_cache->clear(1);				// Clear privilege cache
unknown's avatar
unknown committed
2181
  if (old_row_exists)
unknown's avatar
unknown committed
2182 2183
    acl_update_db(combo.user.str,combo.host.str,db,rights);
  else
2184
  if (rights)
unknown's avatar
unknown committed
2185 2186 2187 2188
    acl_insert_db(combo.user.str,combo.host.str,db,rights);
  DBUG_RETURN(0);

  /* This could only happen if the grant tables got corrupted */
2189
table_error:
unknown's avatar
unknown committed
2190 2191
  table->file->print_error(error,MYF(0));	/* purecov: deadcode */

2192
abort:
unknown's avatar
unknown committed
2193 2194 2195 2196 2197 2198 2199 2200
  DBUG_RETURN(-1);
}


class GRANT_COLUMN :public Sql_alloc
{
public:
  char *column;
unknown's avatar
unknown committed
2201 2202 2203
  ulong rights;
  uint key_length;
  GRANT_COLUMN(String &c,  ulong y) :rights (y)
unknown's avatar
unknown committed
2204
  {
unknown's avatar
unknown committed
2205
    column= memdup_root(&memex,c.ptr(), key_length=c.length());
unknown's avatar
unknown committed
2206 2207 2208
  }
};

unknown's avatar
unknown committed
2209

unknown's avatar
unknown committed
2210 2211 2212 2213 2214 2215 2216
static byte* get_key_column(GRANT_COLUMN *buff,uint *length,
			    my_bool not_used __attribute__((unused)))
{
  *length=buff->key_length;
  return (byte*) buff->column;
}

unknown's avatar
unknown committed
2217

2218
class GRANT_NAME :public Sql_alloc
unknown's avatar
unknown committed
2219 2220
{
public:
2221 2222
  acl_host_and_ip host;
  char *db, *user, *tname, *hash_key;
2223
  ulong privs;
2224
  ulong sort;
unknown's avatar
unknown committed
2225
  uint key_length;
2226 2227 2228 2229 2230 2231 2232 2233 2234 2235 2236 2237
  GRANT_NAME(const char *h, const char *d,const char *u,
             const char *t, ulong p);
  GRANT_NAME (TABLE *form);
  virtual ~GRANT_NAME() {};
  virtual bool ok() { return privs != 0; }
};


class GRANT_TABLE :public GRANT_NAME
{
public:
  ulong cols;
unknown's avatar
unknown committed
2238
  HASH hash_columns;
unknown's avatar
unknown committed
2239 2240 2241 2242

  GRANT_TABLE(const char *h, const char *d,const char *u,
              const char *t, ulong p, ulong c);
  GRANT_TABLE (TABLE *form, TABLE *col_privs);
2243
  ~GRANT_TABLE();
2244 2245
  bool ok() { return privs != 0 || cols != 0; }
};
unknown's avatar
unknown committed
2246

2247

unknown's avatar
unknown committed
2248

2249 2250 2251
GRANT_NAME::GRANT_NAME(const char *h, const char *d,const char *u,
                       const char *t, ulong p)
  :privs(p)
2252 2253
{
  /* Host given by user */
2254
  update_hostname(&host, strdup_root(&memex, h));
2255 2256
  db =   strdup_root(&memex,d);
  user = strdup_root(&memex,u);
2257
  sort=  get_sort(3,host.hostname,db,user);
2258 2259
  tname= strdup_root(&memex,t);
  if (lower_case_table_names)
unknown's avatar
unknown committed
2260
  {
2261 2262
    my_casedn_str(files_charset_info, db);
    my_casedn_str(files_charset_info, tname);
2263 2264 2265 2266
  }
  key_length =(uint) strlen(d)+(uint) strlen(u)+(uint) strlen(t)+3;
  hash_key = (char*) alloc_root(&memex,key_length);
  strmov(strmov(strmov(hash_key,user)+1,db)+1,tname);
2267 2268 2269 2270 2271 2272 2273
}


GRANT_TABLE::GRANT_TABLE(const char *h, const char *d,const char *u,
                	 const char *t, ulong p, ulong c)
  :GRANT_NAME(h,d,u,t,p), cols(c)
{
2274
  (void) hash_init(&hash_columns,system_charset_info,
unknown's avatar
unknown committed
2275
                   0,0,0, (hash_get_key) get_key_column,0,0);
2276
}
unknown's avatar
unknown committed
2277

2278

2279
GRANT_NAME::GRANT_NAME(TABLE *form)
2280
{
2281
  update_hostname(&host, get_field(&memex, form->field[0]));
unknown's avatar
unknown committed
2282 2283
  db=    get_field(&memex,form->field[1]);
  user=  get_field(&memex,form->field[2]);
2284 2285
  if (!user)
    user= (char*) "";
2286
  sort=  get_sort(3, host.hostname, db, user);
unknown's avatar
unknown committed
2287
  tname= get_field(&memex,form->field[3]);
2288 2289 2290
  if (!db || !tname)
  {
    /* Wrong table row; Ignore it */
2291
    privs= 0;
2292 2293 2294 2295
    return;					/* purecov: inspected */
  }
  if (lower_case_table_names)
  {
2296 2297
    my_casedn_str(files_charset_info, db);
    my_casedn_str(files_charset_info, tname);
2298 2299 2300 2301 2302 2303 2304
  }
  key_length = ((uint) strlen(db) + (uint) strlen(user) +
                (uint) strlen(tname) + 3);
  hash_key = (char*) alloc_root(&memex,key_length);
  strmov(strmov(strmov(hash_key,user)+1,db)+1,tname);
  privs = (ulong) form->field[6]->val_int();
  privs = fix_rights_for_table(privs);
2305 2306 2307 2308 2309 2310 2311 2312 2313 2314 2315 2316 2317 2318 2319 2320
}


GRANT_TABLE::GRANT_TABLE(TABLE *form, TABLE *col_privs)
  :GRANT_NAME(form)
{
  byte key[MAX_KEY_LENGTH];

  if (!db || !tname)
  {
    /* Wrong table row; Ignore it */
    hash_clear(&hash_columns);                  /* allow for destruction */
    cols= 0;
    return;
  }
  cols= (ulong) form->field[7]->val_int();
2321 2322
  cols =  fix_rights_for_column(cols);

2323
  (void) hash_init(&hash_columns,system_charset_info,
unknown's avatar
unknown committed
2324
                   0,0,0, (hash_get_key) get_key_column,0,0);
2325 2326
  if (cols)
  {
2327 2328
    uint key_prefix_len;
    KEY_PART_INFO *key_part= col_privs->key_info->key_part;
2329
    col_privs->field[0]->store(host.hostname,
2330 2331
                               host.hostname ? (uint) strlen(host.hostname) :
                               0,
2332 2333 2334 2335
                               system_charset_info);
    col_privs->field[1]->store(db,(uint) strlen(db), system_charset_info);
    col_privs->field[2]->store(user,(uint) strlen(user), system_charset_info);
    col_privs->field[3]->store(tname,(uint) strlen(tname), system_charset_info);
2336 2337 2338 2339 2340 2341

    key_prefix_len= (key_part[0].store_length +
                     key_part[1].store_length +
                     key_part[2].store_length +
                     key_part[3].store_length);
    key_copy(key, col_privs->record[0], col_privs->key_info, key_prefix_len);
unknown's avatar
unknown committed
2342
    col_privs->field[4]->store("",0, &my_charset_latin1);
2343

2344
    col_privs->file->ha_index_init(0, 1);
2345
    if (col_privs->file->index_read(col_privs->record[0],
2346 2347
                                    (byte*) key,
                                    key_prefix_len, HA_READ_KEY_EXACT))
unknown's avatar
unknown committed
2348
    {
2349
      cols = 0; /* purecov: deadcode */
2350
      col_privs->file->ha_index_end();
2351
      return;
unknown's avatar
unknown committed
2352
    }
2353
    do
unknown's avatar
unknown committed
2354
    {
2355 2356 2357
      String *res,column_name;
      GRANT_COLUMN *mem_check;
      /* As column name is a string, we don't have to supply a buffer */
unknown's avatar
unknown committed
2358
      res=col_privs->field[4]->val_str(&column_name);
2359 2360 2361
      ulong priv= (ulong) col_privs->field[6]->val_int();
      if (!(mem_check = new GRANT_COLUMN(*res,
                                         fix_rights_for_column(priv))))
unknown's avatar
unknown committed
2362
      {
2363 2364 2365
        /* Don't use this entry */
        privs = cols = 0;			/* purecov: deadcode */
        return;				/* purecov: deadcode */
unknown's avatar
unknown committed
2366
      }
unknown's avatar
unknown committed
2367
      my_hash_insert(&hash_columns, (byte *) mem_check);
2368
    } while (!col_privs->file->index_next(col_privs->record[0]) &&
2369
             !key_cmp_if_same(col_privs,key,0,key_prefix_len));
2370
    col_privs->file->ha_index_end();
unknown's avatar
unknown committed
2371
  }
2372
}
unknown's avatar
unknown committed
2373

unknown's avatar
unknown committed
2374

2375 2376 2377 2378 2379 2380
GRANT_TABLE::~GRANT_TABLE()
{
  hash_free(&hash_columns);
}


2381
static byte* get_grant_table(GRANT_NAME *buff,uint *length,
unknown's avatar
unknown committed
2382 2383 2384 2385 2386 2387
			     my_bool not_used __attribute__((unused)))
{
  *length=buff->key_length;
  return (byte*) buff->hash_key;
}

unknown's avatar
unknown committed
2388

unknown's avatar
unknown committed
2389 2390 2391 2392 2393
void free_grant_table(GRANT_TABLE *grant_table)
{
  hash_free(&grant_table->hash_columns);
}

unknown's avatar
unknown committed
2394

unknown's avatar
unknown committed
2395 2396
/* Search after a matching grant. Prefer exact grants before not exact ones */

2397
static GRANT_NAME *name_hash_search(HASH *name_hash,
unknown's avatar
unknown committed
2398 2399 2400 2401
                                    const char *host,const char* ip,
                                    const char *db,
                                    const char *user, const char *tname,
                                    bool exact)
unknown's avatar
unknown committed
2402
{
unknown's avatar
unknown committed
2403
  char helping [NAME_LEN*2+USERNAME_LENGTH+3];
unknown's avatar
unknown committed
2404
  uint len;
2405
  GRANT_NAME *grant_name,*found=0;
2406
  HASH_SEARCH_STATE state;
unknown's avatar
unknown committed
2407 2408

  len  = (uint) (strmov(strmov(strmov(helping,user)+1,db)+1,tname)-helping)+ 1;
2409 2410
  for (grant_name= (GRANT_NAME*) hash_first(name_hash, (byte*) helping,
                                            len, &state);
2411 2412
       grant_name ;
       grant_name= (GRANT_NAME*) hash_next(name_hash,(byte*) helping,
2413
                                           len, &state))
unknown's avatar
unknown committed
2414 2415 2416
  {
    if (exact)
    {
2417 2418
      if (!grant_name->host.hostname ||
          (host &&
2419
	   !my_strcasecmp(system_charset_info, host,
unknown's avatar
unknown committed
2420 2421
                          grant_name->host.hostname)) ||
	  (ip && !strcmp(ip, grant_name->host.hostname)))
2422
	return grant_name;
unknown's avatar
unknown committed
2423 2424 2425
    }
    else
    {
2426
      if (compare_hostname(&grant_name->host, host, ip) &&
2427 2428
          (!found || found->sort < grant_name->sort))
	found=grant_name;					// Host ok
unknown's avatar
unknown committed
2429 2430 2431 2432 2433 2434
    }
  }
  return found;
}


2435
inline GRANT_NAME *
2436 2437
routine_hash_search(const char *host, const char *ip, const char *db,
                 const char *user, const char *tname, bool proc, bool exact)
2438
{
2439 2440 2441
  return (GRANT_TABLE*)
    name_hash_search(proc ? &proc_priv_hash : &func_priv_hash,
		     host, ip, db, user, tname, exact);
2442 2443 2444 2445 2446 2447 2448 2449 2450 2451 2452
}


inline GRANT_TABLE *
table_hash_search(const char *host, const char *ip, const char *db,
		  const char *user, const char *tname, bool exact)
{
  return (GRANT_TABLE*) name_hash_search(&column_priv_hash, host, ip, db,
					 user, tname, exact);
}

unknown's avatar
unknown committed
2453

unknown's avatar
unknown committed
2454
inline GRANT_COLUMN *
unknown's avatar
unknown committed
2455
column_hash_search(GRANT_TABLE *t, const char *cname, uint length)
unknown's avatar
unknown committed
2456 2457 2458 2459 2460 2461 2462 2463 2464
{
  return (GRANT_COLUMN*) hash_search(&t->hash_columns, (byte*) cname,length);
}


static int replace_column_table(GRANT_TABLE *g_t,
				TABLE *table, const LEX_USER &combo,
				List <LEX_COLUMN> &columns,
				const char *db, const char *table_name,
unknown's avatar
unknown committed
2465
				ulong rights, bool revoke_grant)
unknown's avatar
unknown committed
2466 2467 2468
{
  int error=0,result=0;
  byte key[MAX_KEY_LENGTH];
2469 2470
  uint key_prefix_length;
  KEY_PART_INFO *key_part= table->key_info->key_part;
unknown's avatar
unknown committed
2471 2472
  DBUG_ENTER("replace_column_table");

2473
  table->use_all_columns();
unknown's avatar
unknown committed
2474 2475 2476 2477 2478 2479 2480 2481
  table->field[0]->store(combo.host.str,combo.host.length,
                         system_charset_info);
  table->field[1]->store(db,(uint) strlen(db),
                         system_charset_info);
  table->field[2]->store(combo.user.str,combo.user.length,
                         system_charset_info);
  table->field[3]->store(table_name,(uint) strlen(table_name),
                         system_charset_info);
unknown's avatar
unknown committed
2482

2483 2484 2485 2486
  /* Get length of 3 first key parts */
  key_prefix_length= (key_part[0].store_length + key_part[1].store_length +
                      key_part[2].store_length + key_part[3].store_length);
  key_copy(key, table->record[0], table->key_info, key_prefix_length);
unknown's avatar
unknown committed
2487

2488
  rights&= COL_ACLS;				// Only ACL for columns
unknown's avatar
unknown committed
2489 2490 2491 2492

  /* first fix privileges for all columns in column list */

  List_iterator <LEX_COLUMN> iter(columns);
unknown's avatar
unknown committed
2493
  class LEX_COLUMN *column;
2494
  table->file->ha_index_init(0, 1);
unknown's avatar
unknown committed
2495
  while ((column= iter++))
unknown's avatar
unknown committed
2496
  {
unknown's avatar
unknown committed
2497
    ulong privileges= column->rights;
unknown's avatar
unknown committed
2498
    bool old_row_exists=0;
2499 2500 2501 2502
    byte user_key[MAX_KEY_LENGTH];

    key_restore(table->record[0],key,table->key_info,
                key_prefix_length);
unknown's avatar
unknown committed
2503
    table->field[4]->store(column->column.ptr(), column->column.length(),
2504
                           system_charset_info);
2505 2506 2507
    /* Get key for the first 4 columns */
    key_copy(user_key, table->record[0], table->key_info,
             table->key_info->key_length);
unknown's avatar
unknown committed
2508

2509 2510 2511
    if (table->file->index_read(table->record[0], user_key,
				table->key_info->key_length,
                                HA_READ_KEY_EXACT))
unknown's avatar
unknown committed
2512 2513 2514
    {
      if (revoke_grant)
      {
unknown's avatar
unknown committed
2515
	my_error(ER_NONEXISTING_TABLE_GRANT, MYF(0),
2516
                 combo.user.str, combo.host.str,
unknown's avatar
unknown committed
2517 2518 2519
                 table_name);                   /* purecov: inspected */
	result= -1;                             /* purecov: inspected */
	continue;                               /* purecov: inspected */
unknown's avatar
unknown committed
2520
      }
unknown's avatar
unknown committed
2521
      old_row_exists = 0;
2522
      restore_record(table, s->default_values);		// Get empty record
2523 2524
      key_restore(table->record[0],key,table->key_info,
                  key_prefix_length);
unknown's avatar
unknown committed
2525
      table->field[4]->store(column->column.ptr(),column->column.length(),
2526
                             system_charset_info);
unknown's avatar
unknown committed
2527 2528 2529
    }
    else
    {
unknown's avatar
unknown committed
2530
      ulong tmp= (ulong) table->field[6]->val_int();
unknown's avatar
unknown committed
2531 2532 2533 2534 2535 2536
      tmp=fix_rights_for_column(tmp);

      if (revoke_grant)
	privileges = tmp & ~(privileges | rights);
      else
	privileges |= tmp;
unknown's avatar
unknown committed
2537
      old_row_exists = 1;
unknown's avatar
unknown committed
2538
      store_record(table,record[1]);			// copy original row
unknown's avatar
unknown committed
2539 2540
    }

2541
    table->field[6]->store((longlong) get_rights_for_column(privileges), TRUE);
unknown's avatar
unknown committed
2542

unknown's avatar
unknown committed
2543
    if (old_row_exists)
unknown's avatar
unknown committed
2544
    {
unknown's avatar
unknown committed
2545
      GRANT_COLUMN *grant_column;
unknown's avatar
unknown committed
2546
      if (privileges)
2547
	error=table->file->ha_update_row(table->record[1],table->record[0]);
unknown's avatar
unknown committed
2548
      else
2549
	error=table->file->ha_delete_row(table->record[1]);
unknown's avatar
unknown committed
2550 2551 2552 2553 2554 2555
      if (error)
      {
	table->file->print_error(error,MYF(0)); /* purecov: inspected */
	result= -1;				/* purecov: inspected */
	goto end;				/* purecov: inspected */
      }
unknown's avatar
unknown committed
2556 2557
      grant_column= column_hash_search(g_t, column->column.ptr(),
                                       column->column.length());
unknown's avatar
unknown committed
2558
      if (grant_column)				// Should always be true
unknown's avatar
unknown committed
2559
	grant_column->rights= privileges;	// Update hash
unknown's avatar
unknown committed
2560 2561 2562
    }
    else					// new grant
    {
unknown's avatar
unknown committed
2563
      GRANT_COLUMN *grant_column;
2564
      if ((error=table->file->ha_write_row(table->record[0])))
unknown's avatar
unknown committed
2565 2566 2567 2568 2569
      {
	table->file->print_error(error,MYF(0)); /* purecov: inspected */
	result= -1;				/* purecov: inspected */
	goto end;				/* purecov: inspected */
      }
unknown's avatar
unknown committed
2570
      grant_column= new GRANT_COLUMN(column->column,privileges);
unknown's avatar
SCRUM  
unknown committed
2571
      my_hash_insert(&g_t->hash_columns,(byte*) grant_column);
unknown's avatar
unknown committed
2572 2573 2574 2575 2576 2577 2578 2579 2580 2581
    }
  }

  /*
    If revoke of privileges on the table level, remove all such privileges
    for all columns
  */

  if (revoke_grant)
  {
2582 2583
    byte user_key[MAX_KEY_LENGTH];
    key_copy(user_key, table->record[0], table->key_info,
unknown's avatar
unknown committed
2584 2585
             key_prefix_length);

2586
    if (table->file->index_read(table->record[0], user_key,
unknown's avatar
unknown committed
2587
				key_prefix_length,
2588
                                HA_READ_KEY_EXACT))
unknown's avatar
unknown committed
2589 2590
      goto end;

2591
    /* Scan through all rows with the same host,db,user and table */
unknown's avatar
unknown committed
2592 2593
    do
    {
unknown's avatar
unknown committed
2594
      ulong privileges = (ulong) table->field[6]->val_int();
unknown's avatar
unknown committed
2595
      privileges=fix_rights_for_column(privileges);
unknown's avatar
unknown committed
2596
      store_record(table,record[1]);
unknown's avatar
unknown committed
2597 2598 2599 2600 2601

      if (privileges & rights)	// is in this record the priv to be revoked ??
      {
	GRANT_COLUMN *grant_column = NULL;
	char  colum_name_buf[HOSTNAME_LENGTH+1];
2602
	String column_name(colum_name_buf,sizeof(colum_name_buf),
unknown's avatar
unknown committed
2603
                           system_charset_info);
unknown's avatar
unknown committed
2604 2605 2606

	privileges&= ~rights;
	table->field[6]->store((longlong)
2607
			       get_rights_for_column(privileges), TRUE);
2608
	table->field[4]->val_str(&column_name);
unknown's avatar
unknown committed
2609 2610 2611 2612 2613 2614
	grant_column = column_hash_search(g_t,
					  column_name.ptr(),
					  column_name.length());
	if (privileges)
	{
	  int tmp_error;
2615 2616
	  if ((tmp_error=table->file->ha_update_row(table->record[1],
						    table->record[0])))
unknown's avatar
unknown committed
2617 2618 2619 2620 2621 2622 2623 2624 2625 2626 2627
	  {					/* purecov: deadcode */
	    table->file->print_error(tmp_error,MYF(0)); /* purecov: deadcode */
	    result= -1;				/* purecov: deadcode */
	    goto end;				/* purecov: deadcode */
	  }
	  if (grant_column)
	    grant_column->rights  = privileges; // Update hash
	}
	else
	{
	  int tmp_error;
2628
	  if ((tmp_error = table->file->ha_delete_row(table->record[1])))
unknown's avatar
unknown committed
2629 2630 2631 2632 2633 2634 2635 2636 2637 2638
	  {					/* purecov: deadcode */
	    table->file->print_error(tmp_error,MYF(0)); /* purecov: deadcode */
	    result= -1;				/* purecov: deadcode */
	    goto end;				/* purecov: deadcode */
	  }
	  if (grant_column)
	    hash_delete(&g_t->hash_columns,(byte*) grant_column);
	}
      }
    } while (!table->file->index_next(table->record[0]) &&
2639
	     !key_cmp_if_same(table, key, 0, key_prefix_length));
unknown's avatar
unknown committed
2640 2641
  }

2642
end:
unknown's avatar
unknown committed
2643
  table->file->ha_index_end();
unknown's avatar
unknown committed
2644 2645 2646 2647 2648 2649 2650
  DBUG_RETURN(result);
}


static int replace_table_table(THD *thd, GRANT_TABLE *grant_table,
			       TABLE *table, const LEX_USER &combo,
			       const char *db, const char *table_name,
unknown's avatar
unknown committed
2651 2652
			       ulong rights, ulong col_rights,
			       bool revoke_grant)
unknown's avatar
unknown committed
2653
{
2654
  char grantor[USER_HOST_BUFF_SIZE];
unknown's avatar
unknown committed
2655
  int old_row_exists = 1;
unknown's avatar
unknown committed
2656
  int error=0;
unknown's avatar
unknown committed
2657
  ulong store_table_rights, store_col_rights;
2658
  byte user_key[MAX_KEY_LENGTH];
unknown's avatar
unknown committed
2659 2660
  DBUG_ENTER("replace_table_table");

2661 2662
  strxmov(grantor, thd->security_ctx->user, "@",
          thd->security_ctx->host_or_ip, NullS);
unknown's avatar
unknown committed
2663

unknown's avatar
unknown committed
2664 2665 2666 2667
  /*
    The following should always succeed as new users are created before
    this function is called!
  */
2668
  if (!find_acl_user(combo.host.str,combo.user.str, FALSE))
unknown's avatar
unknown committed
2669
  {
unknown's avatar
unknown committed
2670 2671
    my_message(ER_PASSWORD_NO_MATCH, ER(ER_PASSWORD_NO_MATCH),
               MYF(0));	/* purecov: deadcode */
unknown's avatar
unknown committed
2672 2673 2674
    DBUG_RETURN(-1);				/* purecov: deadcode */
  }

2675
  table->use_all_columns();
2676
  restore_record(table, s->default_values);     // Get empty record
2677 2678
  table->field[0]->store(combo.host.str,combo.host.length,
                         system_charset_info);
2679
  table->field[1]->store(db,(uint) strlen(db), system_charset_info);
2680 2681 2682 2683
  table->field[2]->store(combo.user.str,combo.user.length,
                         system_charset_info);
  table->field[3]->store(table_name,(uint) strlen(table_name),
                         system_charset_info);
unknown's avatar
unknown committed
2684
  store_record(table,record[1]);			// store at pos 1
2685 2686
  key_copy(user_key, table->record[0], table->key_info,
           table->key_info->key_length);
unknown's avatar
unknown committed
2687

2688 2689
  if (table->file->index_read_idx(table->record[0], 0,
                                  user_key, table->key_info->key_length,
unknown's avatar
unknown committed
2690 2691 2692 2693 2694 2695 2696 2697 2698
				  HA_READ_KEY_EXACT))
  {
    /*
      The following should never happen as we first check the in memory
      grant tables for the user.  There is however always a small change that
      the user has modified the grant tables directly.
    */
    if (revoke_grant)
    { // no row, no revoke
unknown's avatar
unknown committed
2699 2700
      my_error(ER_NONEXISTING_TABLE_GRANT, MYF(0),
               combo.user.str, combo.host.str,
2701
               table_name);		        /* purecov: deadcode */
unknown's avatar
unknown committed
2702 2703
      DBUG_RETURN(-1);				/* purecov: deadcode */
    }
unknown's avatar
unknown committed
2704
    old_row_exists = 0;
unknown's avatar
unknown committed
2705
    restore_record(table,record[1]);			// Get saved record
unknown's avatar
unknown committed
2706 2707
  }

unknown's avatar
unknown committed
2708 2709
  store_table_rights= get_rights_for_table(rights);
  store_col_rights=   get_rights_for_column(col_rights);
unknown's avatar
unknown committed
2710
  if (old_row_exists)
unknown's avatar
unknown committed
2711
  {
unknown's avatar
unknown committed
2712
    ulong j,k;
unknown's avatar
unknown committed
2713
    store_record(table,record[1]);
unknown's avatar
unknown committed
2714 2715
    j = (ulong) table->field[6]->val_int();
    k = (ulong) table->field[7]->val_int();
unknown's avatar
unknown committed
2716 2717 2718

    if (revoke_grant)
    {
2719
      /* column rights are already fixed in mysql_table_grant */
unknown's avatar
unknown committed
2720 2721 2722 2723
      store_table_rights=j & ~store_table_rights;
    }
    else
    {
unknown's avatar
unknown committed
2724 2725
      store_table_rights|= j;
      store_col_rights|=   k;
unknown's avatar
unknown committed
2726 2727 2728
    }
  }

2729
  table->field[4]->store(grantor,(uint) strlen(grantor), system_charset_info);
2730 2731
  table->field[6]->store((longlong) store_table_rights, TRUE);
  table->field[7]->store((longlong) store_col_rights, TRUE);
unknown's avatar
unknown committed
2732
  rights=fix_rights_for_table(store_table_rights);
unknown's avatar
unknown committed
2733
  col_rights=fix_rights_for_column(store_col_rights);
unknown's avatar
unknown committed
2734

unknown's avatar
unknown committed
2735
  if (old_row_exists)
unknown's avatar
unknown committed
2736 2737 2738
  {
    if (store_table_rights || store_col_rights)
    {
2739
      if ((error=table->file->ha_update_row(table->record[1],table->record[0])))
unknown's avatar
unknown committed
2740 2741
	goto table_error;			/* purecov: deadcode */
    }
2742
    else if ((error = table->file->ha_delete_row(table->record[1])))
unknown's avatar
unknown committed
2743 2744 2745 2746
      goto table_error;				/* purecov: deadcode */
  }
  else
  {
2747
    error=table->file->ha_write_row(table->record[0]);
2748
    if (table->file->is_fatal_error(error, HA_CHECK_DUP_KEY))
unknown's avatar
unknown committed
2749 2750 2751
      goto table_error;				/* purecov: deadcode */
  }

unknown's avatar
unknown committed
2752
  if (rights | col_rights)
unknown's avatar
unknown committed
2753
  {
unknown's avatar
unknown committed
2754
    grant_table->privs= rights;
2755
    grant_table->cols=	col_rights;
unknown's avatar
unknown committed
2756 2757 2758
  }
  else
  {
2759
    hash_delete(&column_priv_hash,(byte*) grant_table);
unknown's avatar
unknown committed
2760 2761 2762
  }
  DBUG_RETURN(0);

2763 2764
  /* This should never happen */
table_error:
unknown's avatar
unknown committed
2765 2766 2767 2768 2769
  table->file->print_error(error,MYF(0)); /* purecov: deadcode */
  DBUG_RETURN(-1); /* purecov: deadcode */
}


2770
static int replace_routine_table(THD *thd, GRANT_NAME *grant_name,
2771
			      TABLE *table, const LEX_USER &combo,
2772 2773
			      const char *db, const char *routine_name,
			      bool is_proc, ulong rights, bool revoke_grant)
2774
{
2775
  char grantor[USER_HOST_BUFF_SIZE];
2776 2777 2778
  int old_row_exists= 1;
  int error=0;
  ulong store_proc_rights;
2779
  DBUG_ENTER("replace_routine_table");
2780 2781 2782 2783 2784 2785 2786

  if (!initialized)
  {
    my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0), "--skip-grant-tables");
    DBUG_RETURN(-1);
  }

2787 2788
  strxmov(grantor, thd->security_ctx->user, "@",
          thd->security_ctx->host_or_ip, NullS);
2789 2790 2791 2792 2793

  /*
    The following should always succeed as new users are created before
    this function is called!
  */
unknown's avatar
unknown committed
2794
  if (!find_acl_user(combo.host.str, combo.user.str, FALSE))
2795 2796 2797 2798 2799
  {
    my_error(ER_PASSWORD_NO_MATCH,MYF(0));
    DBUG_RETURN(-1);
  }

2800
  table->use_all_columns();
2801
  restore_record(table, s->default_values);		// Get empty record
2802 2803 2804
  table->field[0]->store(combo.host.str,combo.host.length, &my_charset_latin1);
  table->field[1]->store(db,(uint) strlen(db), &my_charset_latin1);
  table->field[2]->store(combo.user.str,combo.user.length, &my_charset_latin1);
2805 2806 2807
  table->field[3]->store(routine_name,(uint) strlen(routine_name),
                         &my_charset_latin1);
  table->field[4]->store((longlong)(is_proc ? 
2808 2809
                                    TYPE_ENUM_PROCEDURE : TYPE_ENUM_FUNCTION),
                         TRUE);
2810 2811 2812 2813 2814 2815 2816 2817 2818 2819 2820 2821 2822 2823
  store_record(table,record[1]);			// store at pos 1

  if (table->file->index_read_idx(table->record[0],0,
				  (byte*) table->field[0]->ptr,0,
				  HA_READ_KEY_EXACT))
  {
    /*
      The following should never happen as we first check the in memory
      grant tables for the user.  There is however always a small change that
      the user has modified the grant tables directly.
    */
    if (revoke_grant)
    { // no row, no revoke
      my_error(ER_NONEXISTING_PROC_GRANT, MYF(0),
2824
               combo.user.str, combo.host.str, routine_name);
2825 2826 2827 2828 2829 2830 2831 2832 2833 2834 2835 2836 2837 2838 2839 2840 2841 2842 2843 2844 2845 2846 2847 2848
      DBUG_RETURN(-1);
    }
    old_row_exists= 0;
    restore_record(table,record[1]);			// Get saved record
  }

  store_proc_rights= get_rights_for_procedure(rights);
  if (old_row_exists)
  {
    ulong j;
    store_record(table,record[1]);
    j= (ulong) table->field[6]->val_int();

    if (revoke_grant)
    {
      /* column rights are already fixed in mysql_table_grant */
      store_proc_rights=j & ~store_proc_rights;
    }
    else
    {
      store_proc_rights|= j;
    }
  }

2849
  table->field[5]->store(grantor,(uint) strlen(grantor), &my_charset_latin1);
2850
  table->field[6]->store((longlong) store_proc_rights, TRUE);
2851 2852 2853 2854 2855 2856
  rights=fix_rights_for_procedure(store_proc_rights);

  if (old_row_exists)
  {
    if (store_proc_rights)
    {
2857
      if ((error=table->file->ha_update_row(table->record[1],table->record[0])))
2858 2859
	goto table_error;
    }
2860
    else if ((error= table->file->ha_delete_row(table->record[1])))
2861 2862 2863 2864
      goto table_error;
  }
  else
  {
2865
    error=table->file->ha_write_row(table->record[0]);
2866
    if (table->file->is_fatal_error(error, HA_CHECK_DUP_KEY))
2867 2868 2869 2870 2871 2872 2873 2874 2875
      goto table_error;
  }

  if (rights)
  {
    grant_name->privs= rights;
  }
  else
  {
2876
    hash_delete(is_proc ? &proc_priv_hash : &func_priv_hash,(byte*) grant_name);
2877 2878 2879 2880 2881 2882 2883 2884 2885 2886
  }
  DBUG_RETURN(0);

  /* This should never happen */
table_error:
  table->file->print_error(error,MYF(0));
  DBUG_RETURN(-1);
}


2887 2888 2889 2890 2891 2892 2893 2894 2895 2896 2897 2898 2899
/*
  Store table level and column level grants in the privilege tables

  SYNOPSIS
    mysql_table_grant()
    thd			Thread handle
    table_list		List of tables to give grant
    user_list		List of users to give grant
    columns		List of columns to give grant
    rights		Table level grant
    revoke_grant	Set to 1 if this is a REVOKE command

  RETURN
unknown's avatar
unknown committed
2900 2901
    FALSE ok
    TRUE  error
2902 2903
*/

unknown's avatar
unknown committed
2904
bool mysql_table_grant(THD *thd, TABLE_LIST *table_list,
unknown's avatar
unknown committed
2905 2906 2907
		      List <LEX_USER> &user_list,
		      List <LEX_COLUMN> &columns, ulong rights,
		      bool revoke_grant)
unknown's avatar
unknown committed
2908
{
2909
  ulong column_priv= 0;
unknown's avatar
unknown committed
2910
  List_iterator <LEX_USER> str_list (user_list);
2911
  LEX_USER *Str, *tmp_Str;
unknown's avatar
unknown committed
2912
  TABLE_LIST tables[3];
unknown's avatar
unknown committed
2913
  bool create_new_users=0;
2914
  char *db_name, *table_name;
unknown's avatar
unknown committed
2915 2916 2917 2918
  DBUG_ENTER("mysql_table_grant");

  if (!initialized)
  {
unknown's avatar
unknown committed
2919 2920
    my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0),
             "--skip-grant-tables");	/* purecov: inspected */
unknown's avatar
unknown committed
2921
    DBUG_RETURN(TRUE);				/* purecov: inspected */
unknown's avatar
unknown committed
2922 2923 2924
  }
  if (rights & ~TABLE_ACLS)
  {
unknown's avatar
unknown committed
2925 2926
    my_message(ER_ILLEGAL_GRANT_FOR_TABLE, ER(ER_ILLEGAL_GRANT_FOR_TABLE),
               MYF(0));
unknown's avatar
unknown committed
2927
    DBUG_RETURN(TRUE);
unknown's avatar
unknown committed
2928 2929
  }

2930
  if (!revoke_grant)
unknown's avatar
unknown committed
2931
  {
unknown's avatar
unknown committed
2932
    if (columns.elements)
unknown's avatar
unknown committed
2933
    {
2934 2935
      class LEX_COLUMN *column;
      List_iterator <LEX_COLUMN> column_iter(columns);
unknown's avatar
unknown committed
2936 2937 2938

      if (open_and_lock_tables(thd, table_list))
        DBUG_RETURN(TRUE);
2939 2940

      while ((column = column_iter++))
unknown's avatar
unknown committed
2941
      {
unknown's avatar
unknown committed
2942
        uint unused_field_idx= NO_CACHED_FIELD_INDEX;
unknown's avatar
unknown committed
2943 2944
        TABLE_LIST *dummy;
        Field *f=find_field_in_table_ref(thd, table_list, column->column.ptr(),
2945
                                         column->column.length(),
unknown's avatar
unknown committed
2946
                                         column->column.ptr(), NULL, NULL,
2947
                                         NULL, TRUE, FALSE,
unknown's avatar
unknown committed
2948
                                         &unused_field_idx, FALSE, &dummy);
unknown's avatar
unknown committed
2949
        if (f == (Field*)0)
2950
        {
unknown's avatar
unknown committed
2951 2952
          my_error(ER_BAD_FIELD_ERROR, MYF(0),
                   column->column.c_ptr(), table_list->alias);
unknown's avatar
unknown committed
2953
          DBUG_RETURN(TRUE);
2954
        }
unknown's avatar
unknown committed
2955 2956
        if (f == (Field *)-1)
          DBUG_RETURN(TRUE);
2957
        column_priv|= column->rights;
unknown's avatar
unknown committed
2958
      }
2959
      close_thread_tables(thd);
unknown's avatar
unknown committed
2960
    }
2961
    else
unknown's avatar
unknown committed
2962
    {
2963 2964 2965
      if (!(rights & CREATE_ACL))
      {
        char buf[FN_REFLEN];
2966
        build_table_filename(buf, sizeof(buf), table_list->db,
2967
                             table_list->table_name, reg_ext, 0);
2968 2969
        fn_format(buf, buf, "", "", MY_UNPACK_FILENAME  | MY_RESOLVE_SYMLINKS |
                                    MY_RETURN_REAL_PATH | MY_APPEND_EXT);
2970 2971
        if (access(buf,F_OK))
        {
unknown's avatar
unknown committed
2972
          my_error(ER_NO_SUCH_TABLE, MYF(0), table_list->db, table_list->alias);
unknown's avatar
unknown committed
2973
          DBUG_RETURN(TRUE);
2974 2975 2976 2977 2978 2979 2980 2981
        }
      }
      if (table_list->grant.want_privilege)
      {
        char command[128];
        get_privilege_desc(command, sizeof(command),
                           table_list->grant.want_privilege);
        my_error(ER_TABLEACCESS_DENIED_ERROR, MYF(0),
2982 2983
                 command, thd->security_ctx->priv_user,
                 thd->security_ctx->host_or_ip, table_list->alias);
2984 2985
        DBUG_RETURN(-1);
      }
unknown's avatar
unknown committed
2986 2987 2988 2989 2990 2991
    }
  }

  /* open the mysql.tables_priv and mysql.columns_priv tables */

  bzero((char*) &tables,sizeof(tables));
2992 2993 2994
  tables[0].alias=tables[0].table_name= (char*) "user";
  tables[1].alias=tables[1].table_name= (char*) "tables_priv";
  tables[2].alias=tables[2].table_name= (char*) "columns_priv";
unknown's avatar
VIEW  
unknown committed
2995
  tables[0].next_local= tables[0].next_global= tables+1;
unknown's avatar
unknown committed
2996
  /* Don't open column table if we don't need it ! */
unknown's avatar
VIEW  
unknown committed
2997 2998 2999 3000 3001
  tables[1].next_local=
    tables[1].next_global= ((column_priv ||
			     (revoke_grant &&
			      ((rights & COL_ACLS) || columns.elements)))
			    ? tables+2 : 0);
unknown's avatar
unknown committed
3002 3003 3004
  tables[0].lock_type=tables[1].lock_type=tables[2].lock_type=TL_WRITE;
  tables[0].db=tables[1].db=tables[2].db=(char*) "mysql";

3005 3006 3007 3008 3009
#ifdef HAVE_REPLICATION
  /*
    GRANT and REVOKE are applied the slave in/exclusion rules as they are
    some kind of updates to the mysql.% tables.
  */
3010
  if (thd->slave_thread && rpl_filter->is_on())
3011
  {
unknown's avatar
unknown committed
3012 3013 3014
    /*
      The tables must be marked "updating" so that tables_ok() takes them into
      account in tests.
3015
    */
3016
    tables[0].updating= tables[1].updating= tables[2].updating= 1;
unknown's avatar
unknown committed
3017
    if (!(thd->spcont || rpl_filter->tables_ok(0, tables)))
unknown's avatar
unknown committed
3018
      DBUG_RETURN(FALSE);
3019
  }
3020 3021
#endif

3022
  if (simple_open_n_lock_tables(thd,tables))
unknown's avatar
unknown committed
3023 3024
  {						// Should never happen
    close_thread_tables(thd);			/* purecov: deadcode */
unknown's avatar
unknown committed
3025
    DBUG_RETURN(TRUE);				/* purecov: deadcode */
unknown's avatar
unknown committed
3026 3027
  }

unknown's avatar
unknown committed
3028 3029
  if (!revoke_grant)
    create_new_users= test_if_create_new_users(thd);
unknown's avatar
unknown committed
3030
  bool result= FALSE;
3031
  rw_wrlock(&LOCK_grant);
3032
  pthread_mutex_lock(&acl_cache->lock);
unknown's avatar
unknown committed
3033 3034
  MEM_ROOT *old_root= thd->mem_root;
  thd->mem_root= &memex;
3035
  grant_version++;
unknown's avatar
unknown committed
3036

3037
  while ((tmp_Str = str_list++))
unknown's avatar
unknown committed
3038
  {
3039
    int error;
unknown's avatar
unknown committed
3040
    GRANT_TABLE *grant_table;
3041 3042 3043 3044 3045
    if (!(Str= get_current_user(thd, tmp_Str)))
    {
      result= TRUE;
      continue;
    }  
unknown's avatar
unknown committed
3046
    /* Create user if needed */
unknown's avatar
unknown committed
3047
    error=replace_user_table(thd, tables[0].table, *Str,
unknown's avatar
unknown committed
3048
			     0, revoke_grant, create_new_users,
unknown's avatar
unknown committed
3049 3050
                             test(thd->variables.sql_mode &
                                  MODE_NO_AUTO_CREATE_USER));
3051
    if (error)
unknown's avatar
unknown committed
3052
    {
unknown's avatar
unknown committed
3053
      result= TRUE;				// Remember error
unknown's avatar
unknown committed
3054 3055 3056
      continue;					// Add next user
    }

unknown's avatar
VIEW  
unknown committed
3057 3058 3059
    db_name= (table_list->view_db.length ?
	      table_list->view_db.str :
	      table_list->db);
3060
    table_name= (table_list->view_name.length ?
unknown's avatar
VIEW  
unknown committed
3061
		table_list->view_name.str :
3062
		table_list->table_name);
unknown's avatar
VIEW  
unknown committed
3063

unknown's avatar
unknown committed
3064
    /* Find/create cached table grant */
unknown's avatar
VIEW  
unknown committed
3065
    grant_table= table_hash_search(Str->host.str, NullS, db_name,
3066
				   Str->user.str, table_name, 1);
unknown's avatar
unknown committed
3067 3068 3069 3070
    if (!grant_table)
    {
      if (revoke_grant)
      {
unknown's avatar
unknown committed
3071
	my_error(ER_NONEXISTING_TABLE_GRANT, MYF(0),
3072
                 Str->user.str, Str->host.str, table_list->table_name);
unknown's avatar
unknown committed
3073
	result= TRUE;
unknown's avatar
unknown committed
3074 3075
	continue;
      }
unknown's avatar
VIEW  
unknown committed
3076
      grant_table = new GRANT_TABLE (Str->host.str, db_name,
3077
				     Str->user.str, table_name,
unknown's avatar
unknown committed
3078 3079 3080 3081
				     rights,
				     column_priv);
      if (!grant_table)				// end of memory
      {
unknown's avatar
unknown committed
3082
	result= TRUE;				/* purecov: deadcode */
unknown's avatar
unknown committed
3083 3084
	continue;				/* purecov: deadcode */
      }
unknown's avatar
SCRUM  
unknown committed
3085
      my_hash_insert(&column_priv_hash,(byte*) grant_table);
unknown's avatar
unknown committed
3086 3087 3088 3089 3090
    }

    /* If revoke_grant, calculate the new column privilege for tables_priv */
    if (revoke_grant)
    {
3091 3092
      class LEX_COLUMN *column;
      List_iterator <LEX_COLUMN> column_iter(columns);
unknown's avatar
unknown committed
3093 3094 3095
      GRANT_COLUMN *grant_column;

      /* Fix old grants */
3096
      while ((column = column_iter++))
unknown's avatar
unknown committed
3097 3098
      {
	grant_column = column_hash_search(grant_table,
3099 3100
					  column->column.ptr(),
					  column->column.length());
unknown's avatar
unknown committed
3101
	if (grant_column)
3102
	  grant_column->rights&= ~(column->rights | rights);
unknown's avatar
unknown committed
3103 3104
      }
      /* scan trough all columns to get new column grant */
3105
      column_priv= 0;
unknown's avatar
unknown committed
3106 3107 3108 3109 3110 3111 3112 3113 3114 3115 3116 3117 3118 3119 3120 3121
      for (uint idx=0 ; idx < grant_table->hash_columns.records ; idx++)
      {
	grant_column= (GRANT_COLUMN*) hash_element(&grant_table->hash_columns,
						   idx);
	grant_column->rights&= ~rights;		// Fix other columns
	column_priv|= grant_column->rights;
      }
    }
    else
    {
      column_priv|= grant_table->cols;
    }


    /* update table and columns */

unknown's avatar
VIEW  
unknown committed
3122
    if (replace_table_table(thd, grant_table, tables[1].table, *Str,
3123
			    db_name, table_name,
unknown's avatar
unknown committed
3124
			    rights, column_priv, revoke_grant))
3125 3126
    {
      /* Should only happen if table is crashed */
unknown's avatar
unknown committed
3127
      result= TRUE;			       /* purecov: deadcode */
unknown's avatar
unknown committed
3128 3129 3130
    }
    else if (tables[2].table)
    {
unknown's avatar
VIEW  
unknown committed
3131
      if ((replace_column_table(grant_table, tables[2].table, *Str,
unknown's avatar
unknown committed
3132
				columns,
3133
				db_name, table_name,
unknown's avatar
unknown committed
3134 3135
				rights, revoke_grant)))
      {
unknown's avatar
unknown committed
3136
	result= TRUE;
unknown's avatar
unknown committed
3137 3138 3139 3140
      }
    }
  }
  grant_option=TRUE;
unknown's avatar
unknown committed
3141
  thd->mem_root= old_root;
3142
  pthread_mutex_unlock(&acl_cache->lock);
3143
  rw_unlock(&LOCK_grant);
unknown's avatar
unknown committed
3144
  if (!result)
3145
    send_ok(thd);
3146
  /* Tables are automatically closed */
unknown's avatar
unknown committed
3147 3148 3149 3150
  DBUG_RETURN(result);
}


3151
/*
3152
  Store routine level grants in the privilege tables
3153 3154

  SYNOPSIS
3155
    mysql_routine_grant()
3156
    thd			Thread handle
3157 3158
    table_list		List of routines to give grant
    is_proc             true indicates routine list are procedures
3159 3160 3161 3162 3163 3164 3165 3166 3167
    user_list		List of users to give grant
    rights		Table level grant
    revoke_grant	Set to 1 if this is a REVOKE command

  RETURN
    0	ok
    1	error
*/

3168 3169 3170
bool mysql_routine_grant(THD *thd, TABLE_LIST *table_list, bool is_proc,
			 List <LEX_USER> &user_list, ulong rights,
			 bool revoke_grant, bool no_error)
3171 3172
{
  List_iterator <LEX_USER> str_list (user_list);
3173
  LEX_USER *Str, *tmp_Str;
3174 3175
  TABLE_LIST tables[2];
  bool create_new_users=0, result=0;
3176
  char *db_name, *table_name;
3177
  DBUG_ENTER("mysql_routine_grant");
3178 3179 3180 3181 3182 3183 3184 3185 3186 3187 3188 3189 3190 3191 3192 3193 3194 3195

  if (!initialized)
  {
    if (!no_error)
      my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0),
               "--skip-grant-tables");
    DBUG_RETURN(TRUE);
  }
  if (rights & ~PROC_ACLS)
  {
    if (!no_error)
      my_message(ER_ILLEGAL_GRANT_FOR_TABLE, ER(ER_ILLEGAL_GRANT_FOR_TABLE),
        	 MYF(0));
    DBUG_RETURN(TRUE);
  }

  if (!revoke_grant)
  {
3196
    if (sp_exist_routines(thd, table_list, is_proc, no_error)<0)
3197 3198 3199 3200 3201 3202
      DBUG_RETURN(TRUE);
  }

  /* open the mysql.user and mysql.procs_priv tables */

  bzero((char*) &tables,sizeof(tables));
3203 3204
  tables[0].alias=tables[0].table_name= (char*) "user";
  tables[1].alias=tables[1].table_name= (char*) "procs_priv";
3205 3206 3207 3208 3209 3210 3211 3212 3213
  tables[0].next_local= tables[0].next_global= tables+1;
  tables[0].lock_type=tables[1].lock_type=TL_WRITE;
  tables[0].db=tables[1].db=(char*) "mysql";

#ifdef HAVE_REPLICATION
  /*
    GRANT and REVOKE are applied the slave in/exclusion rules as they are
    some kind of updates to the mysql.% tables.
  */
3214
  if (thd->slave_thread && rpl_filter->is_on())
3215 3216 3217 3218 3219 3220
  {
    /*
      The tables must be marked "updating" so that tables_ok() takes them into
      account in tests.
    */
    tables[0].updating= tables[1].updating= 1;
unknown's avatar
unknown committed
3221
    if (!(thd->spcont || rpl_filter->tables_ok(0, tables)))
3222 3223 3224 3225 3226 3227 3228 3229 3230 3231 3232 3233 3234
      DBUG_RETURN(FALSE);
  }
#endif

  if (simple_open_n_lock_tables(thd,tables))
  {						// Should never happen
    close_thread_tables(thd);
    DBUG_RETURN(TRUE);
  }

  if (!revoke_grant)
    create_new_users= test_if_create_new_users(thd);
  rw_wrlock(&LOCK_grant);
3235
  pthread_mutex_lock(&acl_cache->lock);
3236 3237 3238 3239 3240
  MEM_ROOT *old_root= thd->mem_root;
  thd->mem_root= &memex;

  DBUG_PRINT("info",("now time to iterate and add users"));

3241
  while ((tmp_Str= str_list++))
3242 3243 3244
  {
    int error;
    GRANT_NAME *grant_name;
3245 3246 3247 3248 3249
    if (!(Str= get_current_user(thd, tmp_Str)))
    {
      result= TRUE;
      continue;
    }  
3250 3251
    /* Create user if needed */
    error=replace_user_table(thd, tables[0].table, *Str,
unknown's avatar
unknown committed
3252
			     0, revoke_grant, create_new_users,
unknown's avatar
unknown committed
3253 3254
                             test(thd->variables.sql_mode &
                                  MODE_NO_AUTO_CREATE_USER));
3255 3256 3257 3258 3259 3260 3261
    if (error)
    {
      result= TRUE;				// Remember error
      continue;					// Add next user
    }

    db_name= table_list->db;
3262
    table_name= table_list->table_name;
3263

3264 3265
    grant_name= routine_hash_search(Str->host.str, NullS, db_name,
                                    Str->user.str, table_name, is_proc, 1);
3266 3267 3268 3269 3270 3271
    if (!grant_name)
    {
      if (revoke_grant)
      {
        if (!no_error)
          my_error(ER_NONEXISTING_PROC_GRANT, MYF(0),
3272
		   Str->user.str, Str->host.str, table_name);
3273 3274 3275 3276
	result= TRUE;
	continue;
      }
      grant_name= new GRANT_NAME(Str->host.str, db_name,
3277
				 Str->user.str, table_name,
3278 3279 3280 3281 3282 3283
				 rights);
      if (!grant_name)
      {
        result= TRUE;
	continue;
      }
3284
      my_hash_insert(is_proc ? &proc_priv_hash : &func_priv_hash,(byte*) grant_name);
3285
    }
3286

3287 3288
    if (replace_routine_table(thd, grant_name, tables[1].table, *Str,
			   db_name, table_name, is_proc, rights, revoke_grant))
3289 3290 3291 3292 3293 3294 3295
    {
      result= TRUE;
      continue;
    }
  }
  grant_option=TRUE;
  thd->mem_root= old_root;
3296
  pthread_mutex_unlock(&acl_cache->lock);
3297 3298 3299 3300 3301 3302 3303 3304
  rw_unlock(&LOCK_grant);
  if (!result && !no_error)
    send_ok(thd);
  /* Tables are automatically closed */
  DBUG_RETURN(result);
}


unknown's avatar
unknown committed
3305 3306
bool mysql_grant(THD *thd, const char *db, List <LEX_USER> &list,
                 ulong rights, bool revoke_grant)
unknown's avatar
unknown committed
3307 3308
{
  List_iterator <LEX_USER> str_list (list);
3309
  LEX_USER *Str, *tmp_Str;
unknown's avatar
unknown committed
3310
  char tmp_db[NAME_LEN+1];
unknown's avatar
unknown committed
3311
  bool create_new_users=0;
unknown's avatar
unknown committed
3312 3313 3314 3315
  TABLE_LIST tables[2];
  DBUG_ENTER("mysql_grant");
  if (!initialized)
  {
unknown's avatar
unknown committed
3316 3317
    my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0),
             "--skip-grant-tables");	/* purecov: tested */
unknown's avatar
unknown committed
3318
    DBUG_RETURN(TRUE);				/* purecov: tested */
unknown's avatar
unknown committed
3319 3320
  }

unknown's avatar
unknown committed
3321 3322 3323
  if (lower_case_table_names && db)
  {
    strmov(tmp_db,db);
3324
    my_casedn_str(files_charset_info, tmp_db);
unknown's avatar
unknown committed
3325 3326
    db=tmp_db;
  }
unknown's avatar
unknown committed
3327 3328

  /* open the mysql.user and mysql.db tables */
3329
  bzero((char*) &tables,sizeof(tables));
3330 3331
  tables[0].alias=tables[0].table_name=(char*) "user";
  tables[1].alias=tables[1].table_name=(char*) "db";
unknown's avatar
VIEW  
unknown committed
3332
  tables[0].next_local= tables[0].next_global= tables+1;
unknown's avatar
unknown committed
3333 3334
  tables[0].lock_type=tables[1].lock_type=TL_WRITE;
  tables[0].db=tables[1].db=(char*) "mysql";
3335 3336 3337 3338 3339 3340

#ifdef HAVE_REPLICATION
  /*
    GRANT and REVOKE are applied the slave in/exclusion rules as they are
    some kind of updates to the mysql.% tables.
  */
3341
  if (thd->slave_thread && rpl_filter->is_on())
3342
  {
unknown's avatar
unknown committed
3343 3344 3345
    /*
      The tables must be marked "updating" so that tables_ok() takes them into
      account in tests.
3346
    */
3347
    tables[0].updating= tables[1].updating= 1;
unknown's avatar
unknown committed
3348
    if (!(thd->spcont || rpl_filter->tables_ok(0, tables)))
unknown's avatar
unknown committed
3349
      DBUG_RETURN(FALSE);
3350
  }
3351 3352
#endif

3353
  if (simple_open_n_lock_tables(thd,tables))
unknown's avatar
unknown committed
3354 3355
  {						// This should never happen
    close_thread_tables(thd);			/* purecov: deadcode */
unknown's avatar
unknown committed
3356
    DBUG_RETURN(TRUE);				/* purecov: deadcode */
unknown's avatar
unknown committed
3357 3358
  }

unknown's avatar
unknown committed
3359 3360
  if (!revoke_grant)
    create_new_users= test_if_create_new_users(thd);
unknown's avatar
unknown committed
3361

3362
  /* go through users in user_list */
3363
  rw_wrlock(&LOCK_grant);
unknown's avatar
unknown committed
3364 3365 3366 3367
  VOID(pthread_mutex_lock(&acl_cache->lock));
  grant_version++;

  int result=0;
3368
  while ((tmp_Str = str_list++))
unknown's avatar
unknown committed
3369
  {
3370 3371 3372 3373
    if (!(Str= get_current_user(thd, tmp_Str)))
    {
      result= TRUE;
      continue;
unknown's avatar
unknown committed
3374
    }
unknown's avatar
unknown committed
3375 3376
    if (replace_user_table(thd, tables[0].table, *Str,
                           (!db ? rights : 0), revoke_grant, create_new_users,
unknown's avatar
unknown committed
3377 3378
                           test(thd->variables.sql_mode &
                                MODE_NO_AUTO_CREATE_USER)))
3379
      result= -1;
unknown's avatar
unknown committed
3380
    else if (db)
unknown's avatar
unknown committed
3381
    {
unknown's avatar
unknown committed
3382 3383 3384 3385 3386 3387 3388 3389 3390
      ulong db_rights= rights & DB_ACLS;
      if (db_rights  == rights)
      {
	if (replace_db_table(tables[1].table, db, *Str, db_rights,
			     revoke_grant))
	  result= -1;
      }
      else
      {
unknown's avatar
unknown committed
3391
	my_error(ER_WRONG_USAGE, MYF(0), "DB GRANT", "GLOBAL PRIVILEGES");
unknown's avatar
unknown committed
3392
	result= -1;
unknown's avatar
unknown committed
3393
      }
unknown's avatar
unknown committed
3394
    }
unknown's avatar
unknown committed
3395 3396
  }
  VOID(pthread_mutex_unlock(&acl_cache->lock));
3397
  rw_unlock(&LOCK_grant);
unknown's avatar
unknown committed
3398 3399 3400
  close_thread_tables(thd);

  if (!result)
3401
    send_ok(thd);
unknown's avatar
unknown committed
3402 3403 3404
  DBUG_RETURN(result);
}

unknown's avatar
unknown committed
3405 3406

/* Free grant array if possible */
unknown's avatar
unknown committed
3407 3408 3409 3410 3411

void  grant_free(void)
{
  DBUG_ENTER("grant_free");
  grant_option = FALSE;
3412
  hash_free(&column_priv_hash);
3413
  hash_free(&proc_priv_hash);
unknown's avatar
unknown committed
3414
  hash_free(&func_priv_hash);
3415
  free_root(&memex,MYF(0));
unknown's avatar
unknown committed
3416 3417 3418 3419
  DBUG_VOID_RETURN;
}


3420 3421 3422 3423 3424 3425
/*
  Initialize structures responsible for table/column-level privilege checking
  and load information for them from tables in the 'mysql' database.

  SYNOPSIS
    grant_init()
unknown's avatar
unknown committed
3426

3427 3428 3429 3430
  RETURN VALUES
    0	ok
    1	Could not initialize grant's
*/
unknown's avatar
unknown committed
3431

3432
my_bool grant_init()
unknown's avatar
unknown committed
3433
{
unknown's avatar
unknown committed
3434
  THD  *thd;
3435 3436 3437 3438 3439
  my_bool return_val;
  DBUG_ENTER("grant_init");

  if (!(thd= new THD))
    DBUG_RETURN(1);				/* purecov: deadcode */
3440
  thd->thread_stack= (char*) &thd;
3441 3442 3443 3444 3445 3446 3447 3448 3449 3450 3451 3452 3453 3454 3455 3456 3457 3458 3459 3460 3461 3462 3463 3464 3465 3466
  thd->store_globals();
  return_val=  grant_reload(thd);
  delete thd;
  /* Remember that we don't have a THD */
  my_pthread_setspecific_ptr(THR_THD,  0);
  DBUG_RETURN(return_val);
}


/*
  Initialize structures responsible for table/column-level privilege
  checking and load information about grants from open privilege tables.

  SYNOPSIS
    grant_load()
      thd     Current thread
      tables  List containing open "mysql.tables_priv" and
              "mysql.columns_priv" tables.

  RETURN VALUES
    FALSE - success
    TRUE  - error
*/

static my_bool grant_load(TABLE_LIST *tables)
{
unknown's avatar
unknown committed
3467
  MEM_ROOT *memex_ptr;
3468
  my_bool return_val= 1;
3469
  TABLE *t_table, *c_table, *p_table;
unknown's avatar
SCRUM  
unknown committed
3470
  bool check_no_resolve= specialflag & SPECIAL_NO_RESOLVE;
3471 3472 3473
  MEM_ROOT **save_mem_root_ptr= my_pthread_getspecific_ptr(MEM_ROOT**,
                                                           THR_MALLOC);
  DBUG_ENTER("grant_load");
unknown's avatar
unknown committed
3474 3475

  grant_option = FALSE;
3476
  (void) hash_init(&column_priv_hash,system_charset_info,
unknown's avatar
unknown committed
3477
		   0,0,0, (hash_get_key) get_grant_table,
unknown's avatar
unknown committed
3478
		   (hash_free_key) free_grant_table,0);
3479 3480 3481
  (void) hash_init(&proc_priv_hash,system_charset_info,
		   0,0,0, (hash_get_key) get_grant_table,
		   0,0);
3482 3483 3484
  (void) hash_init(&func_priv_hash,system_charset_info,
		   0,0,0, (hash_get_key) get_grant_table,
		   0,0);
3485
  init_sql_alloc(&memex, ACL_ALLOC_BLOCK_SIZE, 0);
unknown's avatar
unknown committed
3486

3487 3488
  t_table = tables[0].table;
  c_table = tables[1].table;
3489
  p_table= tables[2].table;
3490 3491
  t_table->file->ha_index_init(0, 1);
  p_table->file->ha_index_init(0, 1);
3492 3493 3494
  t_table->use_all_columns();
  c_table->use_all_columns();
  p_table->use_all_columns();
3495
  if (!t_table->file->index_first(t_table->record[0]))
unknown's avatar
unknown committed
3496
  {
3497 3498 3499 3500 3501
    memex_ptr= &memex;
    my_pthread_setspecific_ptr(THR_MALLOC, &memex_ptr);
    do
    {
      GRANT_TABLE *mem_check;
3502
      if (!(mem_check=new (memex_ptr) GRANT_TABLE(t_table,c_table)))
3503 3504 3505 3506 3507
      {
	/* This could only happen if we are out memory */
	grant_option= FALSE;
	goto end_unlock;
      }
unknown's avatar
unknown committed
3508

3509 3510
      if (check_no_resolve)
      {
3511
	if (hostname_requires_resolving(mem_check->host.hostname))
3512 3513 3514
	{
          sql_print_warning("'tables_priv' entry '%s %s@%s' "
                            "ignored in --skip-name-resolve mode.",
3515 3516 3517 3518
                            mem_check->tname,
                            mem_check->user ? mem_check->user : "",
                            mem_check->host.hostname ?
                            mem_check->host.hostname : "");
3519 3520 3521 3522 3523 3524 3525 3526 3527 3528 3529 3530 3531 3532 3533 3534
	  continue;
	}
      }

      if (! mem_check->ok())
	delete mem_check;
      else if (my_hash_insert(&column_priv_hash,(byte*) mem_check))
      {
	delete mem_check;
	grant_option= FALSE;
	goto end_unlock;
      }
    }
    while (!t_table->file->index_next(t_table->record[0]));
  }
  if (!p_table->file->index_first(p_table->record[0]))
unknown's avatar
unknown committed
3535
  {
3536 3537 3538
    memex_ptr= &memex;
    my_pthread_setspecific_ptr(THR_MALLOC, &memex_ptr);
    do
unknown's avatar
unknown committed
3539
    {
3540
      GRANT_NAME *mem_check;
3541
      HASH *hash;
3542
      if (!(mem_check=new (&memex) GRANT_NAME(p_table)))
3543 3544 3545 3546 3547
      {
	/* This could only happen if we are out memory */
	grant_option= FALSE;
	goto end_unlock;
      }
unknown's avatar
SCRUM  
unknown committed
3548

3549
      if (check_no_resolve)
unknown's avatar
SCRUM  
unknown committed
3550
      {
unknown's avatar
unknown committed
3551
	if (hostname_requires_resolving(mem_check->host.hostname))
3552 3553 3554 3555
	{
          sql_print_warning("'procs_priv' entry '%s %s@%s' "
                            "ignored in --skip-name-resolve mode.",
                            mem_check->tname, mem_check->user,
3556 3557
                            mem_check->host.hostname ?
                            mem_check->host.hostname : "");
3558 3559
	  continue;
	}
unknown's avatar
SCRUM  
unknown committed
3560
      }
3561 3562 3563 3564 3565 3566 3567 3568 3569 3570 3571 3572 3573 3574 3575 3576
      if (p_table->field[4]->val_int() == TYPE_ENUM_PROCEDURE)
      {
        hash= &proc_priv_hash;
      }
      else
      if (p_table->field[4]->val_int() == TYPE_ENUM_FUNCTION)
      {
        hash= &func_priv_hash;
      }
      else
      {
        sql_print_warning("'procs_priv' entry '%s' "
                          "ignored, bad routine type",
                          mem_check->tname);
	continue;
      }
unknown's avatar
SCRUM  
unknown committed
3577

3578 3579 3580
      mem_check->privs= fix_rights_for_procedure(mem_check->privs);
      if (! mem_check->ok())
	delete mem_check;
3581
      else if (my_hash_insert(hash, (byte*) mem_check))
3582 3583 3584 3585 3586
      {
	delete mem_check;
	grant_option= FALSE;
	goto end_unlock;
      }
unknown's avatar
SCRUM  
unknown committed
3587
    }
3588
    while (!p_table->file->index_next(p_table->record[0]));
unknown's avatar
unknown committed
3589
  }
3590
  grant_option= TRUE;
3591 3592 3593
  return_val=0;					// Return ok

end_unlock:
unknown's avatar
unknown committed
3594
  t_table->file->ha_index_end();
3595
  p_table->file->ha_index_end();
3596
  my_pthread_setspecific_ptr(THR_MALLOC, save_mem_root_ptr);
3597
  DBUG_RETURN(return_val);
unknown's avatar
unknown committed
3598 3599 3600
}


3601
/*
3602
  Reload information about table and column level privileges if possible.
3603 3604 3605

  SYNOPSIS
    grant_reload()
3606
      thd  Current thread
3607 3608

  NOTES
3609 3610 3611 3612 3613 3614 3615 3616
    Locked tables are checked by acl_reload() and doesn't have to be checked
    in this call.
    This function is also used for initialization of structures responsible
    for table/column-level privilege checking.

  RETURN VALUE
    FALSE Success
    TRUE  Error
3617
*/
unknown's avatar
unknown committed
3618

3619
my_bool grant_reload(THD *thd)
unknown's avatar
unknown committed
3620
{
3621
  TABLE_LIST tables[3];
3622
  HASH old_column_priv_hash, old_proc_priv_hash, old_func_priv_hash;
3623
  bool old_grant_option;
unknown's avatar
unknown committed
3624
  MEM_ROOT old_mem;
3625
  my_bool return_val= 1;
unknown's avatar
unknown committed
3626 3627
  DBUG_ENTER("grant_reload");

3628 3629 3630 3631 3632
  /* Don't do anything if running with --skip-grant-tables */
  if (!initialized)
    DBUG_RETURN(0);

  bzero((char*) tables, sizeof(tables));
3633 3634 3635 3636 3637 3638 3639
  tables[0].alias= tables[0].table_name= (char*) "tables_priv";
  tables[1].alias= tables[1].table_name= (char*) "columns_priv";
  tables[2].alias= tables[2].table_name= (char*) "procs_priv";
  tables[0].db= tables[1].db= tables[2].db= (char *) "mysql";
  tables[0].next_local= tables[0].next_global= tables+1;
  tables[1].next_local= tables[1].next_global= tables+2;
  tables[0].lock_type= tables[1].lock_type= tables[2].lock_type= TL_READ;
3640 3641 3642 3643 3644 3645 3646 3647

  /*
    To avoid deadlocks we should obtain table locks before
    obtaining LOCK_grant rwlock.
  */
  if (simple_open_n_lock_tables(thd, tables))
    goto end;

3648
  rw_wrlock(&LOCK_grant);
unknown's avatar
unknown committed
3649
  grant_version++;
3650
  old_column_priv_hash= column_priv_hash;
3651
  old_proc_priv_hash= proc_priv_hash;
3652
  old_func_priv_hash= func_priv_hash;
unknown's avatar
unknown committed
3653
  old_grant_option= grant_option;
unknown's avatar
unknown committed
3654
  old_mem= memex;
unknown's avatar
unknown committed
3655

3656
  if ((return_val= grant_load(tables)))
unknown's avatar
unknown committed
3657
  {						// Error. Revert to old hash
3658
    DBUG_PRINT("error",("Reverting to old privileges"));
unknown's avatar
unknown committed
3659
    grant_free();				/* purecov: deadcode */
3660
    column_priv_hash= old_column_priv_hash;	/* purecov: deadcode */
3661
    proc_priv_hash= old_proc_priv_hash;
3662
    func_priv_hash= old_func_priv_hash;
unknown's avatar
unknown committed
3663
    grant_option= old_grant_option;		/* purecov: deadcode */
unknown's avatar
unknown committed
3664
    memex= old_mem;				/* purecov: deadcode */
unknown's avatar
unknown committed
3665 3666 3667
  }
  else
  {
3668
    hash_free(&old_column_priv_hash);
3669
    hash_free(&old_proc_priv_hash);
3670
    hash_free(&old_func_priv_hash);
3671
    free_root(&old_mem,MYF(0));
unknown's avatar
unknown committed
3672
  }
3673
  rw_unlock(&LOCK_grant);
3674 3675 3676
end:
  close_thread_tables(thd);
  DBUG_RETURN(return_val);
unknown's avatar
unknown committed
3677 3678 3679 3680
}


/****************************************************************************
3681
  Check table level grants
3682

3683
  SYNOPSIS
3684 3685 3686 3687 3688 3689 3690 3691 3692 3693 3694 3695 3696
   bool check_grant()
   thd		Thread handler
   want_access  Bits of privileges user needs to have
   tables	List of tables to check. The user should have 'want_access'
		to all tables in list.
   show_table	<> 0 if we are in show table. In this case it's enough to have
	        any privilege for the table
   number	Check at most this number of tables.
   no_errors	If 0 then we write an error. The error is sent directly to
		the client

   RETURN
     0  ok
3697
     1  Error: User did not have the requested privileges
3698 3699 3700 3701 3702 3703 3704

   NOTE
     This functions assumes that either number of tables to be inspected
     by it is limited explicitly (i.e. is is not UINT_MAX) or table list
     used and thd->lex->query_tables_own_last value correspond to each
     other (the latter should be either 0 or point to next_global member
     of one of elements of this table list).
unknown's avatar
unknown committed
3705 3706
****************************************************************************/

unknown's avatar
unknown committed
3707
bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables,
unknown's avatar
unknown committed
3708
		 uint show_table, uint number, bool no_errors)
unknown's avatar
unknown committed
3709
{
3710
  TABLE_LIST *table, *first_not_own_table= thd->lex->first_not_own_table();
3711
  Security_context *sctx= thd->security_ctx;
3712
  uint i;
3713
  ulong orig_want_access= want_access;
3714 3715
  DBUG_ENTER("check_grant");
  DBUG_ASSERT(number > 0);
unknown's avatar
unknown committed
3716

3717
  /*
unknown's avatar
unknown committed
3718 3719 3720 3721 3722 3723 3724 3725
    Walk through the list of tables that belong to the query and save the
    requested access (orig_want_privilege) to be able to use it when
    checking access rights to the underlying tables of a view. Our grant
    system gradually eliminates checked bits from want_privilege and thus
    after all checks are done we can no longer use it.
    The check that first_not_own_table is not reached is for the case when
    the given table list refers to the list for prelocking (contains tables
    of other queries). For simple queries first_not_own_table is 0.
3726 3727
  */
  for (i= 0, table= tables;
unknown's avatar
unknown committed
3728
       table != first_not_own_table && i < number;
3729 3730 3731 3732 3733 3734
       table= table->next_global, i++)
  {
    /* Remove SHOW_VIEW_ACL, because it will be checked during making view */
    table->grant.orig_want_privilege= (want_access & ~SHOW_VIEW_ACL);
  }

3735
  rw_rdlock(&LOCK_grant);
3736 3737 3738
  for (table= tables;
       table && number-- && table != first_not_own_table;
       table= table->next_global)
unknown's avatar
unknown committed
3739
  {
3740
    GRANT_TABLE *grant_table;
3741 3742 3743 3744 3745 3746 3747 3748
    sctx = test(table->security_ctx) ?
      table->security_ctx : thd->security_ctx;

    want_access= orig_want_access;
    want_access&= ~sctx->master_access;
    if (!want_access)
      continue;                                 // ok

3749
    if (!(~table->grant.privilege & want_access) || 
3750
        table->derived || table->schema_table)
unknown's avatar
unknown committed
3751
    {
unknown's avatar
VIEW  
unknown committed
3752 3753 3754 3755
      /*
        It is subquery in the FROM clause. VIEW set table->derived after
        table opening, but this function always called before table opening.
      */
3756 3757 3758 3759 3760 3761 3762 3763 3764 3765
      if (!table->referencing_view)
      {
        /*
          If it's a temporary table created for a subquery in the FROM
          clause, or an INFORMATION_SCHEMA table, drop the request for
          a privilege.
        */
        table->grant.want_privilege= 0;
      }
      continue;
unknown's avatar
unknown committed
3766
    }
3767 3768 3769
    if (!(grant_table= table_hash_search(sctx->host, sctx->ip,
                                         table->db, sctx->priv_user,
                                         table->table_name,0)))
unknown's avatar
unknown committed
3770 3771 3772 3773
    {
      want_access &= ~table->grant.privilege;
      goto err;					// No grants
    }
unknown's avatar
unknown committed
3774 3775
    if (show_table)
      continue;					// We have some priv on this
unknown's avatar
unknown committed
3776 3777 3778 3779 3780 3781 3782 3783 3784 3785 3786 3787 3788 3789 3790 3791

    table->grant.grant_table=grant_table;	// Remember for column test
    table->grant.version=grant_version;
    table->grant.privilege|= grant_table->privs;
    table->grant.want_privilege= ((want_access & COL_ACLS)
				  & ~table->grant.privilege);

    if (!(~table->grant.privilege & want_access))
      continue;

    if (want_access & ~(grant_table->cols | table->grant.privilege))
    {
      want_access &= ~(grant_table->cols | table->grant.privilege);
      goto err;					// impossible
    }
  }
3792
  rw_unlock(&LOCK_grant);
3793
  DBUG_RETURN(0);
unknown's avatar
unknown committed
3794

3795
err:
3796
  rw_unlock(&LOCK_grant);
unknown's avatar
unknown committed
3797
  if (!no_errors)				// Not a silent skip of table
unknown's avatar
unknown committed
3798
  {
3799 3800
    char command[128];
    get_privilege_desc(command, sizeof(command), want_access);
3801 3802
    my_error(ER_TABLEACCESS_DENIED_ERROR, MYF(0),
             command,
3803 3804
             sctx->priv_user,
             sctx->host_or_ip,
3805
             table ? table->table_name : "unknown");
unknown's avatar
unknown committed
3806
  }
3807
  DBUG_RETURN(1);
unknown's avatar
unknown committed
3808 3809 3810
}


3811 3812 3813 3814 3815 3816 3817 3818 3819 3820 3821 3822 3823 3824 3825 3826 3827 3828
/*
  Check column rights in given security context

  SYNOPSIS
    check_grant_column()
    thd                  thread handler
    grant                grant information structure
    db_name              db name
    table_name           table  name
    name                 column name
    length               column name length
    sctx                 security context

  RETURN
    FALSE OK
    TRUE  access denied
*/

unknown's avatar
VIEW  
unknown committed
3829
bool check_grant_column(THD *thd, GRANT_INFO *grant,
3830
			const char *db_name, const char *table_name,
3831
			const char *name, uint length,  Security_context *sctx)
unknown's avatar
unknown committed
3832 3833 3834
{
  GRANT_TABLE *grant_table;
  GRANT_COLUMN *grant_column;
unknown's avatar
VIEW  
unknown committed
3835
  ulong want_access= grant->want_privilege & ~grant->privilege;
unknown's avatar
unknown committed
3836 3837 3838
  DBUG_ENTER("check_grant_column");
  DBUG_PRINT("enter", ("table: %s  want_access: %u", table_name, want_access));

unknown's avatar
unknown committed
3839
  if (!want_access)
unknown's avatar
unknown committed
3840
    DBUG_RETURN(0);				// Already checked
unknown's avatar
unknown committed
3841

3842
  rw_rdlock(&LOCK_grant);
unknown's avatar
unknown committed
3843

3844
  /* reload table if someone has modified any grants */
unknown's avatar
unknown committed
3845

unknown's avatar
VIEW  
unknown committed
3846
  if (grant->version != grant_version)
unknown's avatar
unknown committed
3847
  {
unknown's avatar
VIEW  
unknown committed
3848
    grant->grant_table=
3849 3850
      table_hash_search(sctx->host, sctx->ip, db_name,
			sctx->priv_user,
unknown's avatar
unknown committed
3851
			table_name, 0);         /* purecov: inspected */
unknown's avatar
VIEW  
unknown committed
3852
    grant->version= grant_version;		/* purecov: inspected */
unknown's avatar
unknown committed
3853
  }
unknown's avatar
VIEW  
unknown committed
3854
  if (!(grant_table= grant->grant_table))
unknown's avatar
unknown committed
3855 3856 3857 3858 3859
    goto err;					/* purecov: deadcode */

  grant_column=column_hash_search(grant_table, name, length);
  if (grant_column && !(~grant_column->rights & want_access))
  {
3860
    rw_unlock(&LOCK_grant);
unknown's avatar
unknown committed
3861
    DBUG_RETURN(0);
unknown's avatar
unknown committed
3862 3863
  }

3864
err:
3865
  rw_unlock(&LOCK_grant);
3866 3867 3868 3869 3870 3871 3872 3873 3874 3875 3876 3877 3878 3879 3880 3881 3882 3883 3884 3885 3886 3887 3888 3889 3890 3891 3892 3893 3894 3895 3896 3897 3898 3899 3900 3901 3902 3903 3904 3905 3906 3907 3908 3909
  char command[128];
  get_privilege_desc(command, sizeof(command), want_access);
  my_error(ER_COLUMNACCESS_DENIED_ERROR, MYF(0),
           command,
           sctx->priv_user,
           sctx->host_or_ip,
           name,
           table_name);
  DBUG_RETURN(1);
}


/*
  Check the access right to a column depending on the type of table.

  SYNOPSIS
    check_column_grant_in_table_ref()
    thd              thread handler
    table_ref        table reference where to check the field
    name             name of field to check
    length           length of name

  DESCRIPTION
    Check the access rights to a column depending on the type of table
    reference where the column is checked. The function provides a
    generic interface to check column access rights that hides the
    heterogeneity of the column representation - whether it is a view
    or a stored table colum.

  RETURN
    FALSE OK
    TRUE  access denied
*/

bool check_column_grant_in_table_ref(THD *thd, TABLE_LIST * table_ref,
                                     const char *name, uint length)
{
  GRANT_INFO *grant;
  const char *db_name;
  const char *table_name;
  Security_context *sctx= test(table_ref->security_ctx) ?
                          table_ref->security_ctx : thd->security_ctx;

  if (table_ref->view || table_ref->field_translation)
unknown's avatar
unknown committed
3910
  {
3911
    /* View or derived information schema table. */
3912
    ulong view_privs;
3913 3914 3915
    grant= &(table_ref->grant);
    db_name= table_ref->view_db.str;
    table_name= table_ref->view_name.str;
3916 3917 3918 3919 3920 3921 3922 3923 3924 3925 3926 3927 3928 3929
    if (table_ref->belong_to_view && 
        (thd->lex->sql_command == SQLCOM_SHOW_FIELDS ||
         thd->lex->sql_command == SQLCOM_SHOW_CREATE))
    {
      view_privs= get_column_grant(thd, grant, db_name, table_name, name);
      if (view_privs & VIEW_ANY_ACL)
      {
        table_ref->belong_to_view->allowed_show= TRUE;
        return FALSE;
      }
      table_ref->belong_to_view->allowed_show= FALSE;
      my_message(ER_VIEW_NO_EXPLAIN, ER(ER_VIEW_NO_EXPLAIN), MYF(0));
      return TRUE;
    }
unknown's avatar
unknown committed
3930
  }
3931 3932 3933 3934 3935
  else
  {
    /* Normal or temporary table. */
    TABLE *table= table_ref->table;
    grant= &(table->grant);
unknown's avatar
unknown committed
3936 3937
    db_name= table->s->db.str;
    table_name= table->s->table_name.str;
3938 3939 3940 3941 3942 3943 3944 3945
  }

  if (grant->want_privilege)
    return check_grant_column(thd, grant, db_name, table_name, name,
                              length, sctx);
  else
    return FALSE;

unknown's avatar
unknown committed
3946 3947 3948
}


unknown's avatar
VIEW  
unknown committed
3949
bool check_grant_all_columns(THD *thd, ulong want_access, GRANT_INFO *grant,
3950
                             const char* db_name, const char *table_name,
unknown's avatar
VIEW  
unknown committed
3951
                             Field_iterator *fields)
unknown's avatar
unknown committed
3952
{
3953
  Security_context *sctx= thd->security_ctx;
unknown's avatar
unknown committed
3954 3955 3956
  GRANT_TABLE *grant_table;
  GRANT_COLUMN *grant_column;

unknown's avatar
VIEW  
unknown committed
3957
  want_access &= ~grant->privilege;
unknown's avatar
unknown committed
3958
  if (!want_access)
unknown's avatar
unknown committed
3959
    return 0;				// Already checked
unknown's avatar
unknown committed
3960 3961
  if (!grant_option)
    goto err2;
unknown's avatar
unknown committed
3962

3963
  rw_rdlock(&LOCK_grant);
unknown's avatar
unknown committed
3964

3965
  /* reload table if someone has modified any grants */
unknown's avatar
unknown committed
3966

unknown's avatar
VIEW  
unknown committed
3967
  if (grant->version != grant_version)
unknown's avatar
unknown committed
3968
  {
unknown's avatar
VIEW  
unknown committed
3969
    grant->grant_table=
3970 3971
      table_hash_search(sctx->host, sctx->ip, db_name,
			sctx->priv_user,
unknown's avatar
VIEW  
unknown committed
3972 3973
			table_name, 0);	/* purecov: inspected */
    grant->version= grant_version;		/* purecov: inspected */
unknown's avatar
unknown committed
3974
  }
3975
  /* The following should always be true */
unknown's avatar
VIEW  
unknown committed
3976
  if (!(grant_table= grant->grant_table))
unknown's avatar
unknown committed
3977 3978
    goto err;					/* purecov: inspected */

3979
  for (; !fields->end_of_fields(); fields->next())
unknown's avatar
unknown committed
3980
  {
unknown's avatar
VIEW  
unknown committed
3981 3982 3983
    const char *field_name= fields->name();
    grant_column= column_hash_search(grant_table, field_name,
				    (uint) strlen(field_name));
unknown's avatar
unknown committed
3984 3985 3986
    if (!grant_column || (~grant_column->rights & want_access))
      goto err;
  }
3987
  rw_unlock(&LOCK_grant);
unknown's avatar
unknown committed
3988 3989
  return 0;

unknown's avatar
unknown committed
3990
err:
3991
  rw_unlock(&LOCK_grant);
unknown's avatar
unknown committed
3992
err2:
3993 3994
  char command[128];
  get_privilege_desc(command, sizeof(command), want_access);
3995 3996
  my_error(ER_COLUMNACCESS_DENIED_ERROR, MYF(0),
           command,
3997 3998
           sctx->priv_user,
           sctx->host_or_ip,
3999 4000
           fields->name(),
           table_name);
unknown's avatar
unknown committed
4001 4002 4003 4004
  return 1;
}


4005
/*
unknown's avatar
unknown committed
4006
  Check if a user has the right to access a database
4007
  Access is accepted if he has a grant for any table/routine in the database
unknown's avatar
unknown committed
4008
  Return 1 if access is denied
4009
*/
unknown's avatar
unknown committed
4010 4011 4012

bool check_grant_db(THD *thd,const char *db)
{
4013
  Security_context *sctx= thd->security_ctx;
unknown's avatar
unknown committed
4014
  char helping [NAME_LEN+USERNAME_LENGTH+2];
unknown's avatar
unknown committed
4015
  uint len;
unknown's avatar
unknown committed
4016
  bool error= 1;
unknown's avatar
unknown committed
4017

4018
  len= (uint) (strmov(strmov(helping, sctx->priv_user) + 1, db) - helping) + 1;
4019
  rw_rdlock(&LOCK_grant);
unknown's avatar
unknown committed
4020

4021
  for (uint idx=0 ; idx < column_priv_hash.records ; idx++)
unknown's avatar
unknown committed
4022
  {
4023 4024
    GRANT_TABLE *grant_table= (GRANT_TABLE*) hash_element(&column_priv_hash,
							  idx);
unknown's avatar
unknown committed
4025 4026
    if (len < grant_table->key_length &&
	!memcmp(grant_table->hash_key,helping,len) &&
4027
        compare_hostname(&grant_table->host, sctx->host, sctx->ip))
unknown's avatar
unknown committed
4028 4029 4030 4031 4032
    {
      error=0;					// Found match
      break;
    }
  }
4033
  rw_unlock(&LOCK_grant);
unknown's avatar
unknown committed
4034 4035 4036
  return error;
}

4037 4038

/****************************************************************************
4039
  Check routine level grants
4040 4041

  SYNPOSIS
4042
   bool check_grant_routine()
4043 4044
   thd		Thread handler
   want_access  Bits of privileges user needs to have
4045 4046
   procs	List of routines to check. The user should have 'want_access'
   is_proc	True if the list is all procedures, else functions
4047 4048 4049 4050 4051 4052 4053 4054
   no_errors	If 0 then we write an error. The error is sent directly to
		the client

   RETURN
     0  ok
     1  Error: User did not have the requested privielges
****************************************************************************/

4055
bool check_grant_routine(THD *thd, ulong want_access,
4056
			 TABLE_LIST *procs, bool is_proc, bool no_errors)
4057 4058
{
  TABLE_LIST *table;
4059
  Security_context *sctx= thd->security_ctx;
4060 4061
  char *user= sctx->priv_user;
  char *host= sctx->priv_host;
4062
  DBUG_ENTER("check_grant_routine");
4063

4064
  want_access&= ~sctx->master_access;
4065 4066 4067 4068 4069 4070 4071
  if (!want_access)
    DBUG_RETURN(0);                             // ok

  rw_rdlock(&LOCK_grant);
  for (table= procs; table; table= table->next_global)
  {
    GRANT_NAME *grant_proc;
4072
    if ((grant_proc= routine_hash_search(host, sctx->ip, table->db, user,
4073
					 table->table_name, is_proc, 0)))
4074 4075 4076 4077 4078 4079 4080 4081 4082 4083 4084 4085 4086 4087 4088 4089 4090
      table->grant.privilege|= grant_proc->privs;

    if (want_access & ~table->grant.privilege)
    {
      want_access &= ~table->grant.privilege;
      goto err;
    }
  }
  rw_unlock(&LOCK_grant);
  DBUG_RETURN(0);
err:
  rw_unlock(&LOCK_grant);
  if (!no_errors)
  {
    char buff[1024];
    const char *command="";
    if (table)
4091
      strxmov(buff, table->db, ".", table->table_name, NullS);
4092 4093 4094
    if (want_access & EXECUTE_ACL)
      command= "execute";
    else if (want_access & ALTER_PROC_ACL)
4095
      command= "alter routine";
4096 4097 4098 4099 4100 4101 4102 4103 4104
    else if (want_access & GRANT_ACL)
      command= "grant";
    my_error(ER_PROCACCESS_DENIED_ERROR, MYF(0),
             command, user, host, table ? buff : "unknown");
  }
  DBUG_RETURN(1);
}


4105 4106
/*
  Check if routine has any of the 
4107
  routine level grants
4108 4109 4110 4111 4112 4113 4114 4115 4116
  
  SYNPOSIS
   bool    check_routine_level_acl()
   thd	        Thread handler
   db           Database name
   name         Routine name

  RETURN
   0            Ok 
4117
   1            error
4118 4119
*/

unknown's avatar
unknown committed
4120 4121
bool check_routine_level_acl(THD *thd, const char *db, const char *name, 
                             bool is_proc)
4122 4123 4124 4125 4126
{
  bool no_routine_acl= 1;
  if (grant_option)
  {
    GRANT_NAME *grant_proc;
4127
    Security_context *sctx= thd->security_ctx;
4128
    rw_rdlock(&LOCK_grant);
4129 4130 4131
    if ((grant_proc= routine_hash_search(sctx->priv_host,
                                         sctx->ip, db,
                                         sctx->priv_user,
4132
                                         name, is_proc, 0)))
4133 4134 4135 4136 4137 4138 4139
      no_routine_acl= !(grant_proc->privs & SHOW_PROC_ACLS);
    rw_unlock(&LOCK_grant);
  }
  return no_routine_acl;
}


unknown's avatar
unknown committed
4140
/*****************************************************************************
unknown's avatar
unknown committed
4141
  Functions to retrieve the grant for a table/column  (for SHOW functions)
unknown's avatar
unknown committed
4142 4143
*****************************************************************************/

unknown's avatar
unknown committed
4144
ulong get_table_grant(THD *thd, TABLE_LIST *table)
unknown's avatar
unknown committed
4145
{
unknown's avatar
unknown committed
4146
  ulong privilege;
4147
  Security_context *sctx= thd->security_ctx;
unknown's avatar
unknown committed
4148 4149 4150
  const char *db = table->db ? table->db : thd->db;
  GRANT_TABLE *grant_table;

4151
  rw_rdlock(&LOCK_grant);
4152 4153 4154
#ifdef EMBEDDED_LIBRARY
  grant_table= NULL;
#else
4155
  grant_table= table_hash_search(sctx->host, sctx->ip, db, sctx->priv_user,
4156
				 table->table_name, 0);
4157
#endif
unknown's avatar
unknown committed
4158 4159 4160 4161
  table->grant.grant_table=grant_table; // Remember for column test
  table->grant.version=grant_version;
  if (grant_table)
    table->grant.privilege|= grant_table->privs;
4162
  privilege= table->grant.privilege;
4163
  rw_unlock(&LOCK_grant);
4164
  return privilege;
unknown's avatar
unknown committed
4165 4166 4167
}


unknown's avatar
unknown committed
4168 4169 4170 4171 4172 4173 4174 4175 4176 4177 4178 4179 4180 4181 4182 4183 4184 4185
/*
  Determine the access priviliges for a field.

  SYNOPSIS
    get_column_grant()
    thd         thread handler
    grant       grants table descriptor
    db_name     name of database that the field belongs to
    table_name  name of table that the field belongs to
    field_name  name of field

  DESCRIPTION
    The procedure may also modify: grant->grant_table and grant->version.

  RETURN
    The access priviliges for the field db_name.table_name.field_name
*/

unknown's avatar
VIEW  
unknown committed
4186 4187 4188
ulong get_column_grant(THD *thd, GRANT_INFO *grant,
                       const char *db_name, const char *table_name,
                       const char *field_name)
unknown's avatar
unknown committed
4189 4190 4191
{
  GRANT_TABLE *grant_table;
  GRANT_COLUMN *grant_column;
unknown's avatar
unknown committed
4192
  ulong priv;
unknown's avatar
unknown committed
4193

4194
  rw_rdlock(&LOCK_grant);
4195
  /* reload table if someone has modified any grants */
unknown's avatar
VIEW  
unknown committed
4196
  if (grant->version != grant_version)
unknown's avatar
unknown committed
4197
  {
4198
    Security_context *sctx= thd->security_ctx;
unknown's avatar
VIEW  
unknown committed
4199
    grant->grant_table=
4200 4201
      table_hash_search(sctx->host, sctx->ip,
                        db_name, sctx->priv_user,
unknown's avatar
VIEW  
unknown committed
4202 4203
			table_name, 0);	        /* purecov: inspected */
    grant->version= grant_version;              /* purecov: inspected */
unknown's avatar
unknown committed
4204 4205
  }

unknown's avatar
VIEW  
unknown committed
4206 4207
  if (!(grant_table= grant->grant_table))
    priv= grant->privilege;
unknown's avatar
unknown committed
4208 4209
  else
  {
unknown's avatar
VIEW  
unknown committed
4210 4211
    grant_column= column_hash_search(grant_table, field_name,
                                     (uint) strlen(field_name));
unknown's avatar
unknown committed
4212
    if (!grant_column)
4213
      priv= (grant->privilege | grant_table->privs);
unknown's avatar
unknown committed
4214
    else
4215
      priv= (grant->privilege | grant_table->privs | grant_column->rights);
unknown's avatar
unknown committed
4216
  }
4217
  rw_unlock(&LOCK_grant);
unknown's avatar
unknown committed
4218 4219 4220
  return priv;
}

unknown's avatar
VIEW  
unknown committed
4221

4222
/* Help function for mysql_show_grants */
unknown's avatar
unknown committed
4223

4224 4225 4226 4227 4228 4229 4230 4231 4232 4233 4234 4235
static void add_user_option(String *grant, ulong value, const char *name)
{
  if (value)
  {
    char buff[22], *p; // just as in int2str
    grant->append(' ');
    grant->append(name, strlen(name));
    grant->append(' ');
    p=int10_to_str(value, buff, 10);
    grant->append(buff,p-buff);
  }
}
unknown's avatar
unknown committed
4236 4237

static const char *command_array[]=
unknown's avatar
unknown committed
4238
{
unknown's avatar
VIEW  
unknown committed
4239 4240 4241 4242
  "SELECT", "INSERT", "UPDATE", "DELETE", "CREATE", "DROP", "RELOAD",
  "SHUTDOWN", "PROCESS","FILE", "GRANT", "REFERENCES", "INDEX",
  "ALTER", "SHOW DATABASES", "SUPER", "CREATE TEMPORARY TABLES",
  "LOCK TABLES", "EXECUTE", "REPLICATION SLAVE", "REPLICATION CLIENT",
4243
  "CREATE VIEW", "SHOW VIEW", "CREATE ROUTINE", "ALTER ROUTINE",
4244
  "CREATE USER", "EVENT", "TRIGGER"
unknown's avatar
unknown committed
4245
};
4246

unknown's avatar
unknown committed
4247 4248
static uint command_lengths[]=
{
4249
  6, 6, 6, 6, 6, 4, 6, 8, 7, 4, 5, 10, 5, 5, 14, 5, 23, 11, 7, 17, 18, 11, 9,
4250
  14, 13, 11, 5, 7
unknown's avatar
unknown committed
4251 4252
};

unknown's avatar
unknown committed
4253

4254 4255 4256 4257 4258
static int show_routine_grants(THD *thd, LEX_USER *lex_user, HASH *hash,
                               const char *type, int typelen,
                               char *buff, int buffsize);


4259 4260 4261 4262 4263 4264 4265
/*
  SHOW GRANTS;  Send grants for a user to the client

  IMPLEMENTATION
   Send to client grant-like strings depicting user@host privileges
*/

unknown's avatar
unknown committed
4266
bool mysql_show_grants(THD *thd,LEX_USER *lex_user)
unknown's avatar
unknown committed
4267
{
unknown's avatar
unknown committed
4268 4269
  ulong want_access;
  uint counter,index;
unknown's avatar
unknown committed
4270
  int  error = 0;
unknown's avatar
unknown committed
4271 4272
  ACL_USER *acl_user;
  ACL_DB *acl_db;
unknown's avatar
unknown committed
4273
  char buff[1024];
4274
  Protocol *protocol= thd->protocol;
unknown's avatar
unknown committed
4275
  DBUG_ENTER("mysql_show_grants");
unknown's avatar
unknown committed
4276 4277 4278 4279

  LINT_INIT(acl_user);
  if (!initialized)
  {
unknown's avatar
unknown committed
4280
    my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0), "--skip-grant-tables");
unknown's avatar
unknown committed
4281
    DBUG_RETURN(TRUE);
unknown's avatar
unknown committed
4282
  }
unknown's avatar
unknown committed
4283

4284 4285 4286 4287 4288
  rw_rdlock(&LOCK_grant);
  VOID(pthread_mutex_lock(&acl_cache->lock));

  acl_user= find_acl_user(lex_user->host.str, lex_user->user.str, TRUE);
  if (!acl_user)
unknown's avatar
unknown committed
4289
  {
4290 4291 4292
    VOID(pthread_mutex_unlock(&acl_cache->lock));
    rw_unlock(&LOCK_grant);

unknown's avatar
unknown committed
4293 4294
    my_error(ER_NONEXISTING_GRANT, MYF(0),
             lex_user->user.str, lex_user->host.str);
unknown's avatar
unknown committed
4295
    DBUG_RETURN(TRUE);
unknown's avatar
unknown committed
4296 4297
  }

unknown's avatar
unknown committed
4298
  Item_string *field=new Item_string("",0,&my_charset_latin1);
unknown's avatar
unknown committed
4299 4300 4301 4302 4303 4304
  List<Item> field_list;
  field->name=buff;
  field->max_length=1024;
  strxmov(buff,"Grants for ",lex_user->user.str,"@",
	  lex_user->host.str,NullS);
  field_list.push_back(field);
4305 4306
  if (protocol->send_fields(&field_list,
                            Protocol::SEND_NUM_ROWS | Protocol::SEND_EOF))
4307 4308 4309
  {
    VOID(pthread_mutex_unlock(&acl_cache->lock));
    rw_unlock(&LOCK_grant);
unknown's avatar
unknown committed
4310

4311 4312
    DBUG_RETURN(TRUE);
  }
unknown's avatar
unknown committed
4313 4314 4315

  /* Add first global access grants */
  {
4316
    String global(buff,sizeof(buff),system_charset_info);
unknown's avatar
unknown committed
4317
    global.length(0);
4318
    global.append(STRING_WITH_LEN("GRANT "));
unknown's avatar
unknown committed
4319

unknown's avatar
unknown committed
4320
    want_access= acl_user->access;
unknown's avatar
unknown committed
4321
    if (test_all_bits(want_access, (GLOBAL_ACLS & ~ GRANT_ACL)))
4322
      global.append(STRING_WITH_LEN("ALL PRIVILEGES"));
unknown's avatar
unknown committed
4323
    else if (!(want_access & ~GRANT_ACL))
4324
      global.append(STRING_WITH_LEN("USAGE"));
unknown's avatar
unknown committed
4325
    else
unknown's avatar
unknown committed
4326 4327
    {
      bool found=0;
unknown's avatar
unknown committed
4328
      ulong j,test_access= want_access & ~GRANT_ACL;
unknown's avatar
unknown committed
4329 4330
      for (counter=0, j = SELECT_ACL;j <= GLOBAL_ACLS;counter++,j <<= 1)
      {
unknown's avatar
unknown committed
4331
	if (test_access & j)
unknown's avatar
unknown committed
4332 4333
	{
	  if (found)
4334
	    global.append(STRING_WITH_LEN(", "));
unknown's avatar
unknown committed
4335 4336 4337 4338 4339
	  found=1;
	  global.append(command_array[counter],command_lengths[counter]);
	}
      }
    }
4340
    global.append (STRING_WITH_LEN(" ON *.* TO '"));
4341 4342
    global.append(lex_user->user.str, lex_user->user.length,
		  system_charset_info);
4343
    global.append (STRING_WITH_LEN("'@'"));
4344 4345
    global.append(lex_user->host.str,lex_user->host.length,
		  system_charset_info);
unknown's avatar
unknown committed
4346
    global.append ('\'');
4347
    if (acl_user->salt_len)
unknown's avatar
unknown committed
4348
    {
4349 4350 4351 4352 4353
      char passwd_buff[SCRAMBLED_PASSWORD_CHAR_LENGTH+1];
      if (acl_user->salt_len == SCRAMBLE_LENGTH)
        make_password_from_salt(passwd_buff, acl_user->salt);
      else
        make_password_from_salt_323(passwd_buff, (ulong *) acl_user->salt);
4354
      global.append(STRING_WITH_LEN(" IDENTIFIED BY PASSWORD '"));
4355
      global.append(passwd_buff);
unknown's avatar
unknown committed
4356 4357
      global.append('\'');
    }
4358 4359
    /* "show grants" SSL related stuff */
    if (acl_user->ssl_type == SSL_TYPE_ANY)
4360
      global.append(STRING_WITH_LEN(" REQUIRE SSL"));
4361
    else if (acl_user->ssl_type == SSL_TYPE_X509)
4362
      global.append(STRING_WITH_LEN(" REQUIRE X509"));
4363
    else if (acl_user->ssl_type == SSL_TYPE_SPECIFIED)
4364
    {
4365
      int ssl_options = 0;
4366
      global.append(STRING_WITH_LEN(" REQUIRE "));
4367 4368
      if (acl_user->x509_issuer)
      {
4369
	ssl_options++;
4370
	global.append(STRING_WITH_LEN("ISSUER \'"));
4371
	global.append(acl_user->x509_issuer,strlen(acl_user->x509_issuer));
4372
	global.append('\'');
4373
      }
4374 4375
      if (acl_user->x509_subject)
      {
4376 4377
	if (ssl_options++)
	  global.append(' ');
4378
	global.append(STRING_WITH_LEN("SUBJECT \'"));
4379 4380
	global.append(acl_user->x509_subject,strlen(acl_user->x509_subject),
                      system_charset_info);
4381
	global.append('\'');
unknown's avatar
unknown committed
4382
      }
4383 4384
      if (acl_user->ssl_cipher)
      {
4385 4386
	if (ssl_options++)
	  global.append(' ');
4387
	global.append(STRING_WITH_LEN("CIPHER '"));
4388 4389
	global.append(acl_user->ssl_cipher,strlen(acl_user->ssl_cipher),
                      system_charset_info);
4390
	global.append('\'');
4391 4392
      }
    }
unknown's avatar
unknown committed
4393
    if ((want_access & GRANT_ACL) ||
4394 4395 4396 4397
	(acl_user->user_resource.questions ||
         acl_user->user_resource.updates ||
         acl_user->user_resource.conn_per_hour ||
         acl_user->user_resource.user_conn))
4398
    {
4399
      global.append(STRING_WITH_LEN(" WITH"));
unknown's avatar
unknown committed
4400
      if (want_access & GRANT_ACL)
4401
	global.append(STRING_WITH_LEN(" GRANT OPTION"));
4402 4403 4404 4405
      add_user_option(&global, acl_user->user_resource.questions,
		      "MAX_QUERIES_PER_HOUR");
      add_user_option(&global, acl_user->user_resource.updates,
		      "MAX_UPDATES_PER_HOUR");
4406
      add_user_option(&global, acl_user->user_resource.conn_per_hour,
4407
		      "MAX_CONNECTIONS_PER_HOUR");
4408 4409
      add_user_option(&global, acl_user->user_resource.user_conn,
		      "MAX_USER_CONNECTIONS");
unknown's avatar
unknown committed
4410
    }
4411
    protocol->prepare_for_resend();
4412
    protocol->store(global.ptr(),global.length(),global.charset());
4413
    if (protocol->write())
unknown's avatar
unknown committed
4414
    {
unknown's avatar
unknown committed
4415
      error= -1;
4416
      goto end;
unknown's avatar
unknown committed
4417 4418 4419 4420 4421 4422
    }
  }

  /* Add database access */
  for (counter=0 ; counter < acl_dbs.elements ; counter++)
  {
unknown's avatar
unknown committed
4423
    const char *user, *host;
unknown's avatar
unknown committed
4424 4425 4426

    acl_db=dynamic_element(&acl_dbs,counter,ACL_DB*);
    if (!(user=acl_db->user))
unknown's avatar
unknown committed
4427
      user= "";
unknown's avatar
unknown committed
4428
    if (!(host=acl_db->host.hostname))
unknown's avatar
unknown committed
4429
      host= "";
unknown's avatar
unknown committed
4430 4431

    if (!strcmp(lex_user->user.str,user) &&
4432
	!my_strcasecmp(system_charset_info, lex_user->host.str, host))
unknown's avatar
unknown committed
4433 4434
    {
      want_access=acl_db->access;
unknown's avatar
unknown committed
4435
      if (want_access)
unknown's avatar
unknown committed
4436
      {
4437
	String db(buff,sizeof(buff),system_charset_info);
unknown's avatar
unknown committed
4438
	db.length(0);
4439
	db.append(STRING_WITH_LEN("GRANT "));
unknown's avatar
unknown committed
4440 4441

	if (test_all_bits(want_access,(DB_ACLS & ~GRANT_ACL)))
4442
	  db.append(STRING_WITH_LEN("ALL PRIVILEGES"));
4443
	else if (!(want_access & ~GRANT_ACL))
4444
	  db.append(STRING_WITH_LEN("USAGE"));
unknown's avatar
unknown committed
4445 4446 4447
	else
	{
	  int found=0, cnt;
unknown's avatar
unknown committed
4448
	  ulong j,test_access= want_access & ~GRANT_ACL;
unknown's avatar
unknown committed
4449 4450 4451 4452 4453
	  for (cnt=0, j = SELECT_ACL; j <= DB_ACLS; cnt++,j <<= 1)
	  {
	    if (test_access & j)
	    {
	      if (found)
4454
		db.append(STRING_WITH_LEN(", "));
unknown's avatar
unknown committed
4455 4456 4457 4458 4459
	      found = 1;
	      db.append(command_array[cnt],command_lengths[cnt]);
	    }
	  }
	}
4460
	db.append (STRING_WITH_LEN(" ON "));
4461
	append_identifier(thd, &db, acl_db->db, strlen(acl_db->db));
4462
	db.append (STRING_WITH_LEN(".* TO '"));
4463 4464
	db.append(lex_user->user.str, lex_user->user.length,
		  system_charset_info);
4465
	db.append (STRING_WITH_LEN("'@'"));
4466 4467
	db.append(lex_user->host.str, lex_user->host.length,
                  system_charset_info);
unknown's avatar
unknown committed
4468
	db.append ('\'');
unknown's avatar
unknown committed
4469
	if (want_access & GRANT_ACL)
4470
	  db.append(STRING_WITH_LEN(" WITH GRANT OPTION"));
4471
	protocol->prepare_for_resend();
4472
	protocol->store(db.ptr(),db.length(),db.charset());
4473
	if (protocol->write())
unknown's avatar
unknown committed
4474
	{
unknown's avatar
unknown committed
4475
	  error= -1;
unknown's avatar
unknown committed
4476 4477 4478 4479 4480 4481
	  goto end;
	}
      }
    }
  }

4482
  /* Add table & column access */
4483
  for (index=0 ; index < column_priv_hash.records ; index++)
unknown's avatar
unknown committed
4484
  {
4485
    const char *user, *host;
4486 4487
    GRANT_TABLE *grant_table= (GRANT_TABLE*) hash_element(&column_priv_hash,
							  index);
unknown's avatar
unknown committed
4488 4489

    if (!(user=grant_table->user))
4490
      user= "";
4491 4492
    if (!(host= grant_table->host.hostname))
      host= "";
unknown's avatar
unknown committed
4493 4494

    if (!strcmp(lex_user->user.str,user) &&
4495
	!my_strcasecmp(system_charset_info, lex_user->host.str, host))
unknown's avatar
unknown committed
4496
    {
4497 4498
      ulong table_access= grant_table->privs;
      if ((table_access | grant_table->cols) != 0)
unknown's avatar
unknown committed
4499
      {
4500
	String global(buff, sizeof(buff), system_charset_info);
unknown's avatar
unknown committed
4501 4502
	ulong test_access= (table_access | grant_table->cols) & ~GRANT_ACL;

unknown's avatar
unknown committed
4503
	global.length(0);
4504
	global.append(STRING_WITH_LEN("GRANT "));
unknown's avatar
unknown committed
4505

4506
	if (test_all_bits(table_access, (TABLE_ACLS & ~GRANT_ACL)))
4507
	  global.append(STRING_WITH_LEN("ALL PRIVILEGES"));
unknown's avatar
unknown committed
4508
	else if (!test_access)
4509
	  global.append(STRING_WITH_LEN("USAGE"));
unknown's avatar
unknown committed
4510
	else
unknown's avatar
unknown committed
4511
	{
4512
          /* Add specific column access */
4513
	  int found= 0;
unknown's avatar
unknown committed
4514
	  ulong j;
unknown's avatar
unknown committed
4515

4516
	  for (counter= 0, j= SELECT_ACL; j <= TABLE_ACLS; counter++, j<<= 1)
unknown's avatar
unknown committed
4517
	  {
unknown's avatar
unknown committed
4518
	    if (test_access & j)
unknown's avatar
unknown committed
4519 4520
	    {
	      if (found)
4521
		global.append(STRING_WITH_LEN(", "));
4522
	      found= 1;
unknown's avatar
unknown committed
4523 4524
	      global.append(command_array[counter],command_lengths[counter]);

unknown's avatar
unknown committed
4525
	      if (grant_table->cols)
unknown's avatar
unknown committed
4526
	      {
4527
		uint found_col= 0;
unknown's avatar
unknown committed
4528 4529 4530 4531 4532 4533
		for (uint col_index=0 ;
		     col_index < grant_table->hash_columns.records ;
		     col_index++)
		{
		  GRANT_COLUMN *grant_column = (GRANT_COLUMN*)
		    hash_element(&grant_table->hash_columns,col_index);
unknown's avatar
unknown committed
4534
		  if (grant_column->rights & j)
unknown's avatar
unknown committed
4535
		  {
unknown's avatar
unknown committed
4536
		    if (!found_col)
unknown's avatar
unknown committed
4537
		    {
4538 4539 4540 4541 4542 4543 4544
		      found_col= 1;
		      /*
			If we have a duplicated table level privilege, we
			must write the access privilege name again.
		      */
		      if (table_access & j)
		      {
4545
			global.append(STRING_WITH_LEN(", "));
4546 4547 4548
			global.append(command_array[counter],
				      command_lengths[counter]);
		      }
4549
		      global.append(STRING_WITH_LEN(" ("));
unknown's avatar
unknown committed
4550 4551
		    }
		    else
4552
		      global.append(STRING_WITH_LEN(", "));
unknown's avatar
unknown committed
4553
		    global.append(grant_column->column,
4554 4555
				  grant_column->key_length,
				  system_charset_info);
unknown's avatar
unknown committed
4556 4557 4558 4559 4560 4561 4562 4563
		  }
		}
		if (found_col)
		  global.append(')');
	      }
	    }
	  }
	}
4564
	global.append(STRING_WITH_LEN(" ON "));
4565 4566 4567 4568 4569
	append_identifier(thd, &global, grant_table->db,
			  strlen(grant_table->db));
	global.append('.');
	append_identifier(thd, &global, grant_table->tname,
			  strlen(grant_table->tname));
4570
	global.append(STRING_WITH_LEN(" TO '"));
4571 4572
	global.append(lex_user->user.str, lex_user->user.length,
		      system_charset_info);
4573
	global.append(STRING_WITH_LEN("'@'"));
4574 4575
	global.append(lex_user->host.str,lex_user->host.length,
		      system_charset_info);
unknown's avatar
unknown committed
4576
	global.append('\'');
4577
	if (table_access & GRANT_ACL)
4578
	  global.append(STRING_WITH_LEN(" WITH GRANT OPTION"));
4579
	protocol->prepare_for_resend();
4580
	protocol->store(global.ptr(),global.length(),global.charset());
4581
	if (protocol->write())
unknown's avatar
unknown committed
4582
	{
unknown's avatar
unknown committed
4583
	  error= -1;
4584
	  break;
unknown's avatar
unknown committed
4585 4586 4587 4588
	}
      }
    }
  }
4589

4590
  if (show_routine_grants(thd, lex_user, &proc_priv_hash, 
4591
                          STRING_WITH_LEN("PROCEDURE"), buff, sizeof(buff)))
4592 4593 4594 4595 4596 4597
  {
    error= -1;
    goto end;
  }

  if (show_routine_grants(thd, lex_user, &func_priv_hash,
4598
                          STRING_WITH_LEN("FUNCTION"), buff, sizeof(buff)))
4599 4600 4601 4602 4603 4604 4605 4606 4607 4608 4609 4610 4611 4612 4613 4614 4615 4616 4617 4618 4619 4620
  {
    error= -1;
    goto end;
  }

end:
  VOID(pthread_mutex_unlock(&acl_cache->lock));
  rw_unlock(&LOCK_grant);

  send_eof(thd);
  DBUG_RETURN(error);
}

static int show_routine_grants(THD* thd, LEX_USER *lex_user, HASH *hash,
                               const char *type, int typelen,
                               char *buff, int buffsize)
{
  uint counter, index;
  int error= 0;
  Protocol *protocol= thd->protocol;
  /* Add routine access */
  for (index=0 ; index < hash->records ; index++)
4621
  {
4622
    const char *user, *host;
4623
    GRANT_NAME *grant_proc= (GRANT_NAME*) hash_element(hash, index);
4624 4625 4626

    if (!(user=grant_proc->user))
      user= "";
4627 4628
    if (!(host= grant_proc->host.hostname))
      host= "";
4629 4630

    if (!strcmp(lex_user->user.str,user) &&
4631
	!my_strcasecmp(system_charset_info, lex_user->host.str, host))
4632 4633 4634 4635
    {
      ulong proc_access= grant_proc->privs;
      if (proc_access != 0)
      {
4636
	String global(buff, buffsize, system_charset_info);
4637 4638 4639
	ulong test_access= proc_access & ~GRANT_ACL;

	global.length(0);
4640
	global.append(STRING_WITH_LEN("GRANT "));
4641 4642

	if (!test_access)
4643
 	  global.append(STRING_WITH_LEN("USAGE"));
4644 4645 4646 4647 4648 4649 4650 4651 4652 4653 4654
	else
	{
          /* Add specific procedure access */
	  int found= 0;
	  ulong j;

	  for (counter= 0, j= SELECT_ACL; j <= PROC_ACLS; counter++, j<<= 1)
	  {
	    if (test_access & j)
	    {
	      if (found)
4655
		global.append(STRING_WITH_LEN(", "));
4656 4657 4658 4659 4660
	      found= 1;
	      global.append(command_array[counter],command_lengths[counter]);
	    }
	  }
	}
4661
	global.append(STRING_WITH_LEN(" ON "));
4662 4663
        global.append(type,typelen);
        global.append(' ');
4664 4665 4666 4667 4668
	append_identifier(thd, &global, grant_proc->db,
			  strlen(grant_proc->db));
	global.append('.');
	append_identifier(thd, &global, grant_proc->tname,
			  strlen(grant_proc->tname));
4669
	global.append(STRING_WITH_LEN(" TO '"));
4670 4671
	global.append(lex_user->user.str, lex_user->user.length,
		      system_charset_info);
4672
	global.append(STRING_WITH_LEN("'@'"));
4673 4674 4675 4676
	global.append(lex_user->host.str,lex_user->host.length,
		      system_charset_info);
	global.append('\'');
	if (proc_access & GRANT_ACL)
4677
	  global.append(STRING_WITH_LEN(" WITH GRANT OPTION"));
4678 4679 4680 4681 4682 4683 4684 4685 4686 4687
	protocol->prepare_for_resend();
	protocol->store(global.ptr(),global.length(),global.charset());
	if (protocol->write())
	{
	  error= -1;
	  break;
	}
      }
    }
  }
4688
  return error;
unknown's avatar
unknown committed
4689 4690
}

unknown's avatar
unknown committed
4691 4692 4693 4694 4695 4696 4697 4698 4699 4700 4701 4702 4703 4704 4705 4706 4707 4708 4709 4710 4711 4712 4713 4714 4715 4716 4717 4718
/*
  Make a clear-text version of the requested privilege.
*/

void get_privilege_desc(char *to, uint max_length, ulong access)
{
  uint pos;
  char *start=to;
  DBUG_ASSERT(max_length >= 30);		// For end ',' removal

  if (access)
  {
    max_length--;				// Reserve place for end-zero
    for (pos=0 ; access ; pos++, access>>=1)
    {
      if ((access & 1) &&
	  command_lengths[pos] + (uint) (to-start) < max_length)
      {
	to= strmov(to, command_array[pos]);
	*to++=',';
      }
    }
    to--;					// Remove end ','
  }
  *to=0;
}


4719
void get_mqh(const char *user, const char *host, USER_CONN *uc)
unknown's avatar
unknown committed
4720 4721
{
  ACL_USER *acl_user;
4722 4723 4724

  pthread_mutex_lock(&acl_cache->lock);

4725
  if (initialized && (acl_user= find_acl_user(host,user, FALSE)))
4726 4727 4728
    uc->user_resources= acl_user->user_resource;
  else
    bzero((char*) &uc->user_resources, sizeof(uc->user_resources));
4729 4730

  pthread_mutex_unlock(&acl_cache->lock);
unknown's avatar
unknown committed
4731 4732
}

4733 4734 4735 4736 4737 4738 4739 4740 4741 4742 4743 4744 4745 4746 4747 4748 4749 4750 4751 4752 4753
/*
  Open the grant tables.

  SYNOPSIS
    open_grant_tables()
    thd                         The current thread.
    tables (out)                The 4 elements array for the opened tables.

  DESCRIPTION
    Tables are numbered as follows:
    0 user
    1 db
    2 tables_priv
    3 columns_priv

  RETURN
    1           Skip GRANT handling during replication.
    0           OK.
    < 0         Error.
*/

4754
#define GRANT_TABLES 5
4755 4756 4757 4758 4759 4760
int open_grant_tables(THD *thd, TABLE_LIST *tables)
{
  DBUG_ENTER("open_grant_tables");

  if (!initialized)
  {
unknown's avatar
unknown committed
4761
    my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0), "--skip-grant-tables");
4762 4763 4764
    DBUG_RETURN(-1);
  }

4765
  bzero((char*) tables, GRANT_TABLES*sizeof(*tables));
4766 4767 4768 4769 4770
  tables->alias= tables->table_name= (char*) "user";
  (tables+1)->alias= (tables+1)->table_name= (char*) "db";
  (tables+2)->alias= (tables+2)->table_name= (char*) "tables_priv";
  (tables+3)->alias= (tables+3)->table_name= (char*) "columns_priv";
  (tables+4)->alias= (tables+4)->table_name= (char*) "procs_priv";
unknown's avatar
VIEW  
unknown committed
4771 4772 4773
  tables->next_local= tables->next_global= tables+1;
  (tables+1)->next_local= (tables+1)->next_global= tables+2;
  (tables+2)->next_local= (tables+2)->next_global= tables+3;
4774
  (tables+3)->next_local= (tables+3)->next_global= tables+4;
4775
  tables->lock_type= (tables+1)->lock_type=
4776 4777 4778 4779
    (tables+2)->lock_type= (tables+3)->lock_type= 
    (tables+4)->lock_type= TL_WRITE;
  tables->db= (tables+1)->db= (tables+2)->db= 
    (tables+3)->db= (tables+4)->db= (char*) "mysql";
4780 4781 4782 4783 4784 4785

#ifdef HAVE_REPLICATION
  /*
    GRANT and REVOKE are applied the slave in/exclusion rules as they are
    some kind of updates to the mysql.% tables.
  */
4786
  if (thd->slave_thread && rpl_filter->is_on())
4787
  {
unknown's avatar
unknown committed
4788 4789 4790
    /*
      The tables must be marked "updating" so that tables_ok() takes them into
      account in tests.
4791
    */
4792 4793
    tables[0].updating=tables[1].updating=tables[2].updating=
      tables[3].updating=tables[4].updating=1;
unknown's avatar
unknown committed
4794
    if (!(thd->spcont || rpl_filter->tables_ok(0, tables)))
4795
      DBUG_RETURN(1);
4796 4797
    tables[0].updating=tables[1].updating=tables[2].updating=
      tables[3].updating=tables[4].updating=0;;
4798
  }
4799 4800
#endif

4801
  if (simple_open_n_lock_tables(thd, tables))
4802 4803 4804 4805 4806 4807 4808 4809 4810
  {						// This should never happen
    close_thread_tables(thd);
    DBUG_RETURN(-1);
  }

  DBUG_RETURN(0);
}

ACL_USER *check_acl_user(LEX_USER *user_name,
unknown's avatar
merge  
unknown committed
4811
			 uint *acl_acl_userdx)
4812 4813 4814 4815
{
  ACL_USER *acl_user= 0;
  uint counter;

4816 4817
  safe_mutex_assert_owner(&acl_cache->lock);

4818 4819 4820 4821 4822
  for (counter= 0 ; counter < acl_users.elements ; counter++)
  {
    const char *user,*host;
    acl_user= dynamic_element(&acl_users, counter, ACL_USER*);
    if (!(user=acl_user->user))
unknown's avatar
unknown committed
4823
      user= "";
4824
    if (!(host=acl_user->host.hostname))
4825
      host= "";
4826 4827 4828 4829 4830 4831 4832
    if (!strcmp(user_name->user.str,user) &&
	!my_strcasecmp(system_charset_info, user_name->host.str, host))
      break;
  }
  if (counter == acl_users.elements)
    return 0;

unknown's avatar
merge  
unknown committed
4833
  *acl_acl_userdx= counter;
unknown's avatar
unknown committed
4834
  return acl_user;
4835
}
unknown's avatar
unknown committed
4836

4837 4838 4839 4840 4841 4842 4843 4844 4845 4846 4847 4848 4849 4850 4851 4852 4853 4854 4855 4856 4857 4858
/*
  Modify a privilege table.

  SYNOPSIS
    modify_grant_table()
    table                       The table to modify.
    host_field                  The host name field.
    user_field                  The user name field.
    user_to                     The new name for the user if to be renamed,
                                NULL otherwise.

  DESCRIPTION
  Update user/host in the current record if user_to is not NULL.
  Delete the current record if user_to is NULL.

  RETURN
    0           OK.
    != 0        Error.
*/

static int modify_grant_table(TABLE *table, Field *host_field,
                              Field *user_field, LEX_USER *user_to)
4859
{
4860 4861
  int error;
  DBUG_ENTER("modify_grant_table");
4862

4863 4864 4865 4866 4867 4868 4869 4870
  if (user_to)
  {
    /* rename */
    store_record(table, record[1]);
    host_field->store(user_to->host.str, user_to->host.length,
                      system_charset_info);
    user_field->store(user_to->user.str, user_to->user.length,
                      system_charset_info);
4871
    if ((error= table->file->ha_update_row(table->record[1], table->record[0])))
4872 4873 4874 4875 4876
      table->file->print_error(error, MYF(0));
  }
  else
  {
    /* delete */
4877
    if ((error=table->file->ha_delete_row(table->record[0])))
4878 4879
      table->file->print_error(error, MYF(0));
  }
4880

4881 4882
  DBUG_RETURN(error);
}
4883

4884 4885 4886 4887 4888 4889
/*
  Handle a privilege table.

  SYNOPSIS
    handle_grant_table()
    tables                      The array with the four open tables.
4890
    table_no                    The number of the table to handle (0..4).
4891 4892 4893 4894 4895 4896 4897 4898 4899 4900 4901 4902 4903 4904 4905 4906 4907
    drop                        If user_from is to be dropped.
    user_from                   The the user to be searched/dropped/renamed.
    user_to                     The new name for the user if to be renamed,
                                NULL otherwise.

  DESCRIPTION
    Scan through all records in a grant table and apply the requested
    operation. For the "user" table, a single index access is sufficient,
    since there is an unique index on (host, user).
    Delete from grant table if drop is true.
    Update in grant table if drop is false and user_to is not NULL.
    Search in grant table if drop is false and user_to is NULL.
    Tables are numbered as follows:
    0 user
    1 db
    2 tables_priv
    3 columns_priv
4908
    4 procs_priv
4909 4910 4911 4912 4913 4914 4915 4916 4917 4918 4919 4920 4921 4922 4923 4924 4925 4926 4927

  RETURN
    > 0         At least one record matched.
    0           OK, but no record matched.
    < 0         Error.
*/

static int handle_grant_table(TABLE_LIST *tables, uint table_no, bool drop,
                              LEX_USER *user_from, LEX_USER *user_to)
{
  int result= 0;
  int error;
  TABLE *table= tables[table_no].table;
  Field *host_field= table->field[0];
  Field *user_field= table->field[table_no ? 2 : 1];
  char *host_str= user_from->host.str;
  char *user_str= user_from->user.str;
  const char *host;
  const char *user;
4928
  byte user_key[MAX_KEY_LENGTH];
unknown's avatar
unknown committed
4929
  uint key_prefix_length;
4930 4931
  DBUG_ENTER("handle_grant_table");

4932
  table->use_all_columns();
unknown's avatar
unknown committed
4933
  if (! table_no) // mysql.user table
4934
  {
4935 4936 4937 4938 4939 4940 4941 4942 4943 4944
    /*
      The 'user' table has an unique index on (host, user).
      Thus, we can handle everything with a single index access.
      The host- and user fields are consecutive in the user table records.
      So we set host- and user fields of table->record[0] and use the
      pointer to the host field as key.
      index_read_idx() will replace table->record[0] (its first argument)
      by the searched record, if it exists.
    */
    DBUG_PRINT("info",("read table: '%s'  search: '%s'@'%s'",
unknown's avatar
unknown committed
4945
                       table->s->table_name.str, user_str, host_str));
4946 4947
    host_field->store(host_str, user_from->host.length, system_charset_info);
    user_field->store(user_str, user_from->user.length, system_charset_info);
unknown's avatar
unknown committed
4948 4949 4950 4951 4952

    key_prefix_length= (table->key_info->key_part[0].store_length +
                        table->key_info->key_part[1].store_length);
    key_copy(user_key, table->record[0], table->key_info, key_prefix_length);

4953
    if ((error= table->file->index_read_idx(table->record[0], 0,
unknown's avatar
unknown committed
4954
                                            user_key, key_prefix_length,
4955
                                            HA_READ_KEY_EXACT)))
4956
    {
4957
      if (error != HA_ERR_KEY_NOT_FOUND && error != HA_ERR_END_OF_FILE)
4958 4959 4960 4961
      {
        table->file->print_error(error, MYF(0));
        result= -1;
      }
4962
    }
4963 4964 4965 4966 4967 4968 4969 4970 4971 4972 4973 4974 4975 4976 4977 4978 4979
    else
    {
      /* If requested, delete or update the record. */
      result= ((drop || user_to) &&
               modify_grant_table(table, host_field, user_field, user_to)) ?
        -1 : 1; /* Error or found. */
    }
    DBUG_PRINT("info",("read result: %d", result));
  }
  else
  {
    /*
      The non-'user' table do not have indexes on (host, user).
      And their host- and user fields are not consecutive.
      Thus, we need to do a table scan to find all matching records.
    */
    if ((error= table->file->ha_rnd_init(1)))
4980
    {
4981
      table->file->print_error(error, MYF(0));
4982
      result= -1;
4983 4984 4985 4986 4987
    }
    else
    {
#ifdef EXTRA_DEBUG
      DBUG_PRINT("info",("scan table: '%s'  search: '%s'@'%s'",
unknown's avatar
unknown committed
4988
                         table->s->table_name.str, user_str, host_str));
4989 4990 4991 4992 4993 4994 4995 4996 4997 4998 4999 5000 5001 5002 5003 5004 5005 5006 5007 5008 5009 5010 5011 5012 5013 5014 5015 5016 5017 5018 5019 5020 5021 5022 5023 5024 5025 5026 5027 5028 5029 5030 5031 5032 5033 5034 5035 5036
#endif
      while ((error= table->file->rnd_next(table->record[0])) != 
             HA_ERR_END_OF_FILE)
      {
        if (error)
        {
          /* Most probable 'deleted record'. */
          DBUG_PRINT("info",("scan error: %d", error));
          continue;
        }
        if (! (host= get_field(&mem, host_field)))
          host= "";
        if (! (user= get_field(&mem, user_field)))
          user= "";

#ifdef EXTRA_DEBUG
        DBUG_PRINT("loop",("scan fields: '%s'@'%s' '%s' '%s' '%s'",
                           user, host,
                           get_field(&mem, table->field[1]) /*db*/,
                           get_field(&mem, table->field[3]) /*table*/,
                           get_field(&mem, table->field[4]) /*column*/));
#endif
        if (strcmp(user_str, user) ||
            my_strcasecmp(system_charset_info, host_str, host))
          continue;

        /* If requested, delete or update the record. */
        result= ((drop || user_to) &&
                 modify_grant_table(table, host_field, user_field, user_to)) ?
          -1 : result ? result : 1; /* Error or keep result or found. */
        /* If search is requested, we do not need to search further. */
        if (! drop && ! user_to)
          break ;
      }
      (void) table->file->ha_rnd_end();
      DBUG_PRINT("info",("scan result: %d", result));
    }
  }

  DBUG_RETURN(result);
}


/*
  Handle an in-memory privilege structure.

  SYNOPSIS
    handle_grant_struct()
5037
    struct_no                   The number of the structure to handle (0..3).
5038 5039 5040 5041 5042 5043 5044 5045 5046 5047 5048 5049 5050 5051 5052
    drop                        If user_from is to be dropped.
    user_from                   The the user to be searched/dropped/renamed.
    user_to                     The new name for the user if to be renamed,
                                NULL otherwise.

  DESCRIPTION
    Scan through all elements in an in-memory grant structure and apply
    the requested operation.
    Delete from grant structure if drop is true.
    Update in grant structure if drop is false and user_to is not NULL.
    Search in grant structure if drop is false and user_to is NULL.
    Structures are numbered as follows:
    0 acl_users
    1 acl_dbs
    2 column_priv_hash
5053
    3 procs_priv_hash
5054 5055 5056 5057

  RETURN
    > 0         At least one element matched.
    0           OK, but no element matched.
5058
    -1		Wrong arguments to function
5059 5060 5061 5062 5063 5064 5065 5066 5067 5068 5069 5070
*/

static int handle_grant_struct(uint struct_no, bool drop,
                               LEX_USER *user_from, LEX_USER *user_to)
{
  int result= 0;
  uint idx;
  uint elements;
  const char *user;
  const char *host;
  ACL_USER *acl_user;
  ACL_DB *acl_db;
5071
  GRANT_NAME *grant_name;
5072
  DBUG_ENTER("handle_grant_struct");
unknown's avatar
unknown committed
5073 5074 5075
  DBUG_PRINT("info",("scan struct: %u  search: '%s'@'%s'",
                     struct_no, user_from->user.str, user_from->host.str));

5076 5077
  LINT_INIT(acl_user);
  LINT_INIT(acl_db);
5078
  LINT_INIT(grant_name);
5079 5080
  LINT_INIT(user);
  LINT_INIT(host);
5081

5082 5083
  safe_mutex_assert_owner(&acl_cache->lock);

5084
  /* Get the number of elements in the in-memory structure. */
5085
  switch (struct_no) {
5086 5087 5088 5089 5090 5091
  case 0:
    elements= acl_users.elements;
    break;
  case 1:
    elements= acl_dbs.elements;
    break;
5092
  case 2:
5093
    elements= column_priv_hash.records;
5094 5095 5096 5097 5098 5099
    break;
  case 3:
    elements= proc_priv_hash.records;
    break;
  default:
    return -1;
5100 5101 5102 5103 5104 5105 5106 5107 5108 5109 5110 5111
  }

#ifdef EXTRA_DEBUG
    DBUG_PRINT("loop",("scan struct: %u  search    user: '%s'  host: '%s'",
                       struct_no, user_from->user.str, user_from->host.str));
#endif
  /* Loop over all elements. */
  for (idx= 0; idx < elements; idx++)
  {
    /*
      Get a pointer to the element.
    */
5112
    switch (struct_no) {
5113 5114 5115
    case 0:
      acl_user= dynamic_element(&acl_users, idx, ACL_USER*);
      user= acl_user->user;
5116 5117
      host= acl_user->host.hostname;
    break;
5118 5119 5120 5121

    case 1:
      acl_db= dynamic_element(&acl_dbs, idx, ACL_DB*);
      user= acl_db->user;
5122
      host= acl_db->host.hostname;
5123 5124
      break;

5125 5126 5127
    case 2:
      grant_name= (GRANT_NAME*) hash_element(&column_priv_hash, idx);
      user= grant_name->user;
5128
      host= grant_name->host.hostname;
5129 5130 5131 5132 5133
      break;

    case 3:
      grant_name= (GRANT_NAME*) hash_element(&proc_priv_hash, idx);
      user= grant_name->user;
5134
      host= grant_name->host.hostname;
5135
      break;
5136 5137
    }
    if (! user)
5138
      user= "";
5139 5140 5141
    if (! host)
      host= "";

5142 5143 5144 5145 5146 5147
#ifdef EXTRA_DEBUG
    DBUG_PRINT("loop",("scan struct: %u  index: %u  user: '%s'  host: '%s'",
                       struct_no, idx, user, host));
#endif
    if (strcmp(user_from->user.str, user) ||
        my_strcasecmp(system_charset_info, user_from->host.str, host))
5148
      continue;
5149 5150 5151 5152

    result= 1; /* At least one element found. */
    if ( drop )
    {
5153
      switch ( struct_no ) {
5154 5155 5156 5157 5158 5159 5160 5161
      case 0:
        delete_dynamic_element(&acl_users, idx);
        break;

      case 1:
        delete_dynamic_element(&acl_dbs, idx);
        break;

5162 5163 5164 5165 5166 5167 5168
      case 2:
        hash_delete(&column_priv_hash, (byte*) grant_name);
	break;

      case 3:
        hash_delete(&proc_priv_hash, (byte*) grant_name);
	break;
5169 5170 5171
      }
      elements--;
      idx--;
5172
    }
5173 5174
    else if ( user_to )
    {
5175
      switch ( struct_no ) {
5176 5177 5178 5179
      case 0:
        acl_user->user= strdup_root(&mem, user_to->user.str);
        acl_user->host.hostname= strdup_root(&mem, user_to->host.str);
        break;
5180

5181 5182 5183 5184 5185
      case 1:
        acl_db->user= strdup_root(&mem, user_to->user.str);
        acl_db->host.hostname= strdup_root(&mem, user_to->host.str);
        break;

5186 5187 5188
      case 2:
      case 3:
        grant_name->user= strdup_root(&mem, user_to->user.str);
5189 5190
        update_hostname(&grant_name->host,
                        strdup_root(&mem, user_to->host.str));
5191
	break;
5192 5193 5194
      }
    }
    else
5195
    {
5196 5197 5198 5199 5200 5201 5202
      /* If search is requested, we do not need to search further. */
      break;
    }
  }
#ifdef EXTRA_DEBUG
  DBUG_PRINT("loop",("scan struct: %u  result %d", struct_no, result));
#endif
5203

5204 5205 5206 5207 5208 5209 5210 5211 5212 5213 5214 5215 5216 5217 5218 5219 5220 5221 5222 5223 5224 5225 5226 5227 5228 5229 5230 5231 5232 5233 5234 5235 5236 5237 5238 5239 5240 5241 5242 5243 5244 5245 5246 5247
  DBUG_RETURN(result);
}


/*
  Handle all privilege tables and in-memory privilege structures.

  SYNOPSIS
    handle_grant_data()
    tables                      The array with the four open tables.
    drop                        If user_from is to be dropped.
    user_from                   The the user to be searched/dropped/renamed.
    user_to                     The new name for the user if to be renamed,
                                NULL otherwise.

  DESCRIPTION
    Go through all grant tables and in-memory grant structures and apply
    the requested operation.
    Delete from grant data if drop is true.
    Update in grant data if drop is false and user_to is not NULL.
    Search in grant data if drop is false and user_to is NULL.

  RETURN
    > 0         At least one element matched.
    0           OK, but no element matched.
    < 0         Error.
*/

static int handle_grant_data(TABLE_LIST *tables, bool drop,
                             LEX_USER *user_from, LEX_USER *user_to)
{
  int result= 0;
  int found;
  DBUG_ENTER("handle_grant_data");

  /* Handle user table. */
  if ((found= handle_grant_table(tables, 0, drop, user_from, user_to)) < 0)
  {
    /* Handle of table failed, don't touch the in-memory array. */
    result= -1;
  }
  else
  {
    /* Handle user array. */
unknown's avatar
unknown committed
5248 5249
    if ((handle_grant_struct(0, drop, user_from, user_to) && ! result) ||
        found)
5250 5251 5252 5253 5254 5255 5256 5257 5258 5259 5260 5261 5262 5263 5264 5265 5266 5267 5268 5269 5270 5271 5272 5273 5274 5275 5276
    {
      result= 1; /* At least one record/element found. */
      /* If search is requested, we do not need to search further. */
      if (! drop && ! user_to)
        goto end;
    }
  }

  /* Handle db table. */
  if ((found= handle_grant_table(tables, 1, drop, user_from, user_to)) < 0)
  {
    /* Handle of table failed, don't touch the in-memory array. */
    result= -1;
  }
  else
  {
    /* Handle db array. */
    if (((handle_grant_struct(1, drop, user_from, user_to) && ! result) ||
         found) && ! result)
    {
      result= 1; /* At least one record/element found. */
      /* If search is requested, we do not need to search further. */
      if (! drop && ! user_to)
        goto end;
    }
  }

5277 5278 5279 5280 5281 5282 5283 5284 5285 5286 5287 5288 5289 5290 5291 5292 5293 5294 5295
  /* Handle procedures table. */
  if ((found= handle_grant_table(tables, 4, drop, user_from, user_to)) < 0)
  {
    /* Handle of table failed, don't touch in-memory array. */
    result= -1;
  }
  else
  {
    /* Handle procs array. */
    if (((handle_grant_struct(3, drop, user_from, user_to) && ! result) ||
         found) && ! result)
    {
      result= 1; /* At least one record/element found. */
      /* If search is requested, we do not need to search further. */
      if (! drop && ! user_to)
        goto end;
    }
  }

5296 5297 5298 5299 5300 5301 5302 5303 5304 5305 5306 5307 5308 5309
  /* Handle tables table. */
  if ((found= handle_grant_table(tables, 2, drop, user_from, user_to)) < 0)
  {
    /* Handle of table failed, don't touch columns and in-memory array. */
    result= -1;
  }
  else
  {
    if (found && ! result)
    {
      result= 1; /* At least one record found. */
      /* If search is requested, we do not need to search further. */
      if (! drop && ! user_to)
        goto end;
5310
    }
5311 5312 5313

    /* Handle columns table. */
    if ((found= handle_grant_table(tables, 3, drop, user_from, user_to)) < 0)
5314
    {
5315
      /* Handle of table failed, don't touch the in-memory array. */
5316 5317
      result= -1;
    }
5318 5319 5320 5321 5322 5323 5324 5325 5326 5327 5328 5329
    else
    {
      /* Handle columns hash. */
      if (((handle_grant_struct(2, drop, user_from, user_to) && ! result) ||
           found) && ! result)
        result= 1; /* At least one record/element found. */
    }
  }
 end:
  DBUG_RETURN(result);
}

unknown's avatar
unknown committed
5330

unknown's avatar
unknown committed
5331 5332 5333 5334 5335 5336
static void append_user(String *str, LEX_USER *user)
{
  if (str->length())
    str->append(',');
  str->append('\'');
  str->append(user->user.str);
5337
  str->append(STRING_WITH_LEN("'@'"));
unknown's avatar
unknown committed
5338 5339 5340
  str->append(user->host.str);
  str->append('\'');
}
5341

unknown's avatar
unknown committed
5342

5343 5344 5345 5346 5347 5348 5349
/*
  Create a list of users.

  SYNOPSIS
    mysql_create_user()
    thd                         The current thread.
    list                        The users to create.
5350

5351 5352 5353 5354 5355 5356 5357 5358
  RETURN
    FALSE       OK.
    TRUE        Error.
*/

bool mysql_create_user(THD *thd, List <LEX_USER> &list)
{
  int result;
unknown's avatar
unknown committed
5359
  String wrong_users;
5360
  ulong sql_mode;
5361
  LEX_USER *user_name, *tmp_user_name;
5362
  List_iterator <LEX_USER> user_list(list);
5363
  TABLE_LIST tables[GRANT_TABLES];
5364 5365 5366 5367 5368 5369 5370 5371 5372
  DBUG_ENTER("mysql_create_user");

  /* CREATE USER may be skipped on replication client. */
  if ((result= open_grant_tables(thd, tables)))
    DBUG_RETURN(result != 1);

  rw_wrlock(&LOCK_grant);
  VOID(pthread_mutex_lock(&acl_cache->lock));

5373
  while ((tmp_user_name= user_list++))
5374
  {
5375 5376 5377 5378
    if (!(user_name= get_current_user(thd, tmp_user_name)))
    {
      result= TRUE;
      continue;
5379 5380
    }

5381 5382 5383 5384
    /*
      Search all in-memory structures and grant tables
      for a mention of the new user name.
    */
5385
    if (handle_grant_data(tables, 0, user_name, NULL))
5386
    {
unknown's avatar
unknown committed
5387
      append_user(&wrong_users, user_name);
5388
      result= TRUE;
unknown's avatar
unknown committed
5389
      continue;
5390
    }
5391

5392
    sql_mode= thd->variables.sql_mode;
unknown's avatar
unknown committed
5393
    if (replace_user_table(thd, tables[0].table, *user_name, 0, 0, 1, 0))
5394
    {
unknown's avatar
unknown committed
5395
      append_user(&wrong_users, user_name);
5396 5397 5398 5399 5400 5401 5402 5403
      result= TRUE;
    }
  }

  VOID(pthread_mutex_unlock(&acl_cache->lock));
  rw_unlock(&LOCK_grant);
  close_thread_tables(thd);
  if (result)
5404
    my_error(ER_CANNOT_USER, MYF(0), "CREATE USER", wrong_users.c_ptr_safe());
5405 5406 5407 5408 5409 5410 5411 5412 5413 5414 5415 5416 5417 5418 5419 5420 5421 5422 5423 5424
  DBUG_RETURN(result);
}


/*
  Drop a list of users and all their privileges.

  SYNOPSIS
    mysql_drop_user()
    thd                         The current thread.
    list                        The users to drop.

  RETURN
    FALSE       OK.
    TRUE        Error.
*/

bool mysql_drop_user(THD *thd, List <LEX_USER> &list)
{
  int result;
unknown's avatar
unknown committed
5425
  String wrong_users;
5426
  LEX_USER *user_name, *tmp_user_name;
5427
  List_iterator <LEX_USER> user_list(list);
5428
  TABLE_LIST tables[GRANT_TABLES];
5429 5430
  DBUG_ENTER("mysql_drop_user");

unknown's avatar
unknown committed
5431
  /* DROP USER may be skipped on replication client. */
5432 5433 5434 5435 5436 5437
  if ((result= open_grant_tables(thd, tables)))
    DBUG_RETURN(result != 1);

  rw_wrlock(&LOCK_grant);
  VOID(pthread_mutex_lock(&acl_cache->lock));

5438
  while ((tmp_user_name= user_list++))
5439
  {
5440 5441 5442 5443 5444 5445
    user_name= get_current_user(thd, tmp_user_name);
    if (!(user_name= get_current_user(thd, tmp_user_name)))
    {
      result= TRUE;
      continue;
    }  
5446
    if (handle_grant_data(tables, 1, user_name, NULL) <= 0)
5447
    {
unknown's avatar
unknown committed
5448
      append_user(&wrong_users, user_name);
5449
      result= TRUE;
5450
    }
5451
  }
5452

5453 5454 5455
  /* Rebuild 'acl_check_hosts' since 'acl_users' has been modified */
  rebuild_check_host();

5456 5457 5458 5459
  VOID(pthread_mutex_unlock(&acl_cache->lock));
  rw_unlock(&LOCK_grant);
  close_thread_tables(thd);
  if (result)
unknown's avatar
unknown committed
5460
    my_error(ER_CANNOT_USER, MYF(0), "DROP USER", wrong_users.c_ptr_safe());
5461 5462 5463 5464 5465 5466 5467 5468 5469 5470 5471 5472 5473 5474 5475 5476 5477 5478 5479
  DBUG_RETURN(result);
}


/*
  Rename a user.

  SYNOPSIS
    mysql_rename_user()
    thd                         The current thread.
    list                        The user name pairs: (from, to).

  RETURN
    FALSE       OK.
    TRUE        Error.
*/

bool mysql_rename_user(THD *thd, List <LEX_USER> &list)
{
5480
  int result;
unknown's avatar
unknown committed
5481
  String wrong_users;
5482 5483
  LEX_USER *user_from, *tmp_user_from;
  LEX_USER *user_to, *tmp_user_to;
5484
  List_iterator <LEX_USER> user_list(list);
5485
  TABLE_LIST tables[GRANT_TABLES];
5486 5487
  DBUG_ENTER("mysql_rename_user");

unknown's avatar
unknown committed
5488
  /* RENAME USER may be skipped on replication client. */
5489 5490 5491 5492 5493 5494
  if ((result= open_grant_tables(thd, tables)))
    DBUG_RETURN(result != 1);

  rw_wrlock(&LOCK_grant);
  VOID(pthread_mutex_lock(&acl_cache->lock));

5495
  while ((tmp_user_from= user_list++))
5496
  {
5497 5498 5499 5500 5501 5502 5503 5504 5505 5506 5507
    if (!(user_from= get_current_user(thd, tmp_user_from)))
    {
      result= TRUE;
      continue;
    }  
    tmp_user_to= user_list++;
    if (!(user_to= get_current_user(thd, tmp_user_to)))
    {
      result= TRUE;
      continue;
    }  
5508
    DBUG_ASSERT(user_to != 0); /* Syntax enforces pairs of users. */
5509 5510 5511 5512 5513

    /*
      Search all in-memory structures and grant tables
      for a mention of the new user name.
    */
unknown's avatar
unknown committed
5514 5515
    if (handle_grant_data(tables, 0, user_to, NULL) ||
        handle_grant_data(tables, 0, user_from, user_to) <= 0)
5516
    {
unknown's avatar
unknown committed
5517
      append_user(&wrong_users, user_from);
5518 5519
      result= TRUE;
    }
5520
  }
unknown's avatar
unknown committed
5521
  
5522 5523 5524
  /* Rebuild 'acl_check_hosts' since 'acl_users' has been modified */
  rebuild_check_host();

5525 5526 5527 5528
  VOID(pthread_mutex_unlock(&acl_cache->lock));
  rw_unlock(&LOCK_grant);
  close_thread_tables(thd);
  if (result)
5529
    my_error(ER_CANNOT_USER, MYF(0), "RENAME USER", wrong_users.c_ptr_safe());
5530 5531 5532
  DBUG_RETURN(result);
}

5533

5534 5535 5536 5537 5538 5539 5540 5541 5542 5543 5544 5545 5546 5547
/*
  Revoke all privileges from a list of users.

  SYNOPSIS
    mysql_revoke_all()
    thd                         The current thread.
    list                        The users to revoke all privileges from.

  RETURN
    > 0         Error. Error message already sent.
    0           OK.
    < 0         Error. Error message not yet sent.
*/

unknown's avatar
unknown committed
5548
bool mysql_revoke_all(THD *thd,  List <LEX_USER> &list)
5549
{
5550
  uint counter, revoked, is_proc;
5551
  int result;
unknown's avatar
unknown committed
5552
  ACL_DB *acl_db;
5553
  TABLE_LIST tables[GRANT_TABLES];
5554 5555 5556
  DBUG_ENTER("mysql_revoke_all");

  if ((result= open_grant_tables(thd, tables)))
unknown's avatar
unknown committed
5557
    DBUG_RETURN(result != 1);
5558 5559 5560 5561

  rw_wrlock(&LOCK_grant);
  VOID(pthread_mutex_lock(&acl_cache->lock));

5562
  LEX_USER *lex_user, *tmp_lex_user;
5563
  List_iterator <LEX_USER> user_list(list);
5564
  while ((tmp_lex_user= user_list++))
5565
  {
5566 5567 5568 5569 5570
    if (!(lex_user= get_current_user(thd, tmp_lex_user)))
    {
      result= -1;
      continue;
    }  
5571
    if (!find_acl_user(lex_user->host.str, lex_user->user.str, TRUE))
5572 5573 5574 5575
    {
      result= -1;
      continue;
    }
unknown's avatar
unknown committed
5576

5577
    if (replace_user_table(thd, tables[0].table,
5578
			   *lex_user, ~(ulong)0, 1, 0, 0))
5579 5580 5581 5582 5583 5584
    {
      result= -1;
      continue;
    }

    /* Remove db access privileges */
unknown's avatar
unknown committed
5585 5586 5587 5588 5589
    /*
      Because acl_dbs and column_priv_hash shrink and may re-order
      as privileges are removed, removal occurs in a repeated loop
      until no more privileges are revoked.
     */
unknown's avatar
unknown committed
5590
    do
5591
    {
unknown's avatar
unknown committed
5592
      for (counter= 0, revoked= 0 ; counter < acl_dbs.elements ; )
5593
      {
unknown's avatar
unknown committed
5594
	const char *user,*host;
unknown's avatar
unknown committed
5595

unknown's avatar
unknown committed
5596 5597 5598 5599 5600
	acl_db=dynamic_element(&acl_dbs,counter,ACL_DB*);
	if (!(user=acl_db->user))
	  user= "";
	if (!(host=acl_db->host.hostname))
	  host= "";
unknown's avatar
unknown committed
5601

unknown's avatar
unknown committed
5602 5603 5604
	if (!strcmp(lex_user->user.str,user) &&
	    !my_strcasecmp(system_charset_info, lex_user->host.str, host))
	{
5605 5606
	  if (!replace_db_table(tables[1].table, acl_db->db, *lex_user,
                                ~(ulong)0, 1))
unknown's avatar
unknown committed
5607
	  {
unknown's avatar
unknown committed
5608 5609 5610 5611 5612
	    /*
	      Don't increment counter as replace_db_table deleted the
	      current element in acl_dbs.
	     */
	    revoked= 1;
unknown's avatar
unknown committed
5613 5614
	    continue;
	  }
unknown's avatar
unknown committed
5615
	  result= -1; // Something went wrong
unknown's avatar
unknown committed
5616
	}
unknown's avatar
unknown committed
5617
	counter++;
5618
      }
unknown's avatar
unknown committed
5619
    } while (revoked);
5620 5621

    /* Remove column access */
unknown's avatar
unknown committed
5622
    do
5623
    {
unknown's avatar
unknown committed
5624
      for (counter= 0, revoked= 0 ; counter < column_priv_hash.records ; )
5625
      {
unknown's avatar
unknown committed
5626 5627 5628 5629 5630
	const char *user,*host;
	GRANT_TABLE *grant_table= (GRANT_TABLE*)hash_element(&column_priv_hash,
							     counter);
	if (!(user=grant_table->user))
	  user= "";
5631
	if (!(host=grant_table->host.hostname))
unknown's avatar
unknown committed
5632
	  host= "";
unknown's avatar
unknown committed
5633

unknown's avatar
unknown committed
5634 5635
	if (!strcmp(lex_user->user.str,user) &&
	    !my_strcasecmp(system_charset_info, lex_user->host.str, host))
5636
	{
unknown's avatar
unknown committed
5637 5638 5639
	  if (replace_table_table(thd,grant_table,tables[2].table,*lex_user,
				  grant_table->db,
				  grant_table->tname,
5640
				  ~(ulong)0, 0, 1))
unknown's avatar
unknown committed
5641
	  {
unknown's avatar
unknown committed
5642
	    result= -1;
unknown's avatar
unknown committed
5643
	  }
unknown's avatar
unknown committed
5644
	  else
unknown's avatar
unknown committed
5645
	  {
unknown's avatar
unknown committed
5646
	    if (!grant_table->cols)
unknown's avatar
unknown committed
5647
	    {
unknown's avatar
unknown committed
5648 5649
	      revoked= 1;
	      continue;
unknown's avatar
unknown committed
5650
	    }
unknown's avatar
unknown committed
5651 5652
	    List<LEX_COLUMN> columns;
	    if (!replace_column_table(grant_table,tables[3].table, *lex_user,
unknown's avatar
unknown committed
5653 5654 5655
				      columns,
				      grant_table->db,
				      grant_table->tname,
5656
				      ~(ulong)0, 1))
unknown's avatar
unknown committed
5657
	    {
unknown's avatar
unknown committed
5658
	      revoked= 1;
5659
	      continue;
unknown's avatar
unknown committed
5660
	    }
5661
	    result= -1;
unknown's avatar
unknown committed
5662
	  }
5663
	}
unknown's avatar
unknown committed
5664
	counter++;
5665
      }
unknown's avatar
unknown committed
5666
    } while (revoked);
5667 5668

    /* Remove procedure access */
5669 5670 5671
    for (is_proc=0; is_proc<2; is_proc++) do {
      HASH *hash= is_proc ? &proc_priv_hash : &func_priv_hash;
      for (counter= 0, revoked= 0 ; counter < hash->records ; )
5672 5673
      {
	const char *user,*host;
5674
	GRANT_NAME *grant_proc= (GRANT_NAME*) hash_element(hash, counter);
5675 5676
	if (!(user=grant_proc->user))
	  user= "";
5677
	if (!(host=grant_proc->host.hostname))
5678 5679 5680 5681 5682
	  host= "";

	if (!strcmp(lex_user->user.str,user) &&
	    !my_strcasecmp(system_charset_info, lex_user->host.str, host))
	{
5683
	  if (!replace_routine_table(thd,grant_proc,tables[4].table,*lex_user,
5684 5685
				  grant_proc->db,
				  grant_proc->tname,
5686
                                  is_proc,
unknown's avatar
unknown committed
5687
				  ~(ulong)0, 1))
5688 5689 5690 5691 5692 5693 5694 5695 5696
	  {
	    revoked= 1;
	    continue;
	  }
	  result= -1;	// Something went wrong
	}
	counter++;
      }
    } while (revoked);
5697
  }
unknown's avatar
unknown committed
5698

5699 5700 5701
  VOID(pthread_mutex_unlock(&acl_cache->lock));
  rw_unlock(&LOCK_grant);
  close_thread_tables(thd);
unknown's avatar
unknown committed
5702

5703
  if (result)
unknown's avatar
unknown committed
5704
    my_message(ER_REVOKE_GRANTS, ER(ER_REVOKE_GRANTS), MYF(0));
unknown's avatar
unknown committed
5705

5706 5707
  DBUG_RETURN(result);
}
unknown's avatar
unknown committed
5708

5709

5710 5711 5712 5713 5714 5715 5716 5717 5718 5719 5720 5721 5722 5723
/*
  Revoke privileges for all users on a stored procedure

  SYNOPSIS
    sp_revoke_privileges()
    thd                         The current thread.
    db				DB of the stored procedure
    name			Name of the stored procedure

  RETURN
    0           OK.
    < 0         Error. Error message not yet sent.
*/

5724 5725
bool sp_revoke_privileges(THD *thd, const char *sp_db, const char *sp_name,
                          bool is_proc)
5726 5727 5728 5729
{
  uint counter, revoked;
  int result;
  TABLE_LIST tables[GRANT_TABLES];
5730
  HASH *hash= is_proc ? &proc_priv_hash : &func_priv_hash;
5731 5732 5733 5734 5735 5736 5737 5738 5739
  DBUG_ENTER("sp_revoke_privileges");

  if ((result= open_grant_tables(thd, tables)))
    DBUG_RETURN(result != 1);

  rw_wrlock(&LOCK_grant);
  VOID(pthread_mutex_lock(&acl_cache->lock));

  /* Remove procedure access */
5740 5741
  do
  {
5742
    for (counter= 0, revoked= 0 ; counter < hash->records ; )
5743
    {
5744
      GRANT_NAME *grant_proc= (GRANT_NAME*) hash_element(hash, counter);
5745 5746 5747 5748 5749 5750
      if (!my_strcasecmp(system_charset_info, grant_proc->db, sp_db) &&
	  !my_strcasecmp(system_charset_info, grant_proc->tname, sp_name))
      {
        LEX_USER lex_user;
	lex_user.user.str= grant_proc->user;
	lex_user.user.length= strlen(grant_proc->user);
5751 5752 5753 5754
	lex_user.host.str= grant_proc->host.hostname ?
	  grant_proc->host.hostname : (char*)"";
	lex_user.host.length= grant_proc->host.hostname ?
	  strlen(grant_proc->host.hostname) : 0;
5755 5756
	if (!replace_routine_table(thd,grant_proc,tables[4].table,lex_user,
				   grant_proc->db, grant_proc->tname,
unknown's avatar
unknown committed
5757
                                   is_proc, ~(ulong)0, 1))
5758 5759 5760 5761 5762 5763 5764 5765 5766 5767 5768 5769 5770 5771 5772 5773 5774 5775 5776 5777 5778 5779 5780 5781 5782 5783 5784 5785 5786 5787 5788 5789 5790 5791 5792
	{
	  revoked= 1;
	  continue;
	}
	result= -1;	// Something went wrong
      }
      counter++;
    }
  } while (revoked);

  VOID(pthread_mutex_unlock(&acl_cache->lock));
  rw_unlock(&LOCK_grant);
  close_thread_tables(thd);

  if (result)
    my_message(ER_REVOKE_GRANTS, ER(ER_REVOKE_GRANTS), MYF(0));

  DBUG_RETURN(result);
}


/*
  Grant EXECUTE,ALTER privilege for a stored procedure

  SYNOPSIS
    sp_grant_privileges()
    thd                         The current thread.
    db				DB of the stored procedure
    name			Name of the stored procedure

  RETURN
    0           OK.
    < 0         Error. Error message not yet sent.
*/

5793 5794
bool sp_grant_privileges(THD *thd, const char *sp_db, const char *sp_name,
                         bool is_proc)
5795
{
5796
  Security_context *sctx= thd->security_ctx;
5797 5798 5799 5800
  LEX_USER *combo;
  TABLE_LIST tables[1];
  List<LEX_USER> user_list;
  bool result;
5801 5802
  ACL_USER *au;
  char passwd_buff[SCRAMBLED_PASSWORD_CHAR_LENGTH+1];
5803
  DBUG_ENTER("sp_grant_privileges");
5804 5805 5806 5807

  if (!(combo=(LEX_USER*) thd->alloc(sizeof(st_lex_user))))
    DBUG_RETURN(TRUE);

5808
  combo->user.str= sctx->user;
5809

5810
  VOID(pthread_mutex_lock(&acl_cache->lock));
5811 5812 5813 5814 5815 5816 5817 5818 5819 5820 5821 5822 5823 5824

  if ((au= find_acl_user(combo->host.str=(char*)sctx->host_or_ip,combo->user.str,FALSE)))
    goto found_acl;
  if ((au= find_acl_user(combo->host.str=(char*)sctx->host, combo->user.str,FALSE)))
    goto found_acl;
  if ((au= find_acl_user(combo->host.str=(char*)sctx->ip, combo->user.str,FALSE)))
    goto found_acl;
  if((au= find_acl_user(combo->host.str=(char*)"%", combo->user.str, FALSE)))
    goto found_acl;

  VOID(pthread_mutex_unlock(&acl_cache->lock));
  DBUG_RETURN(TRUE);

 found_acl:
5825
  VOID(pthread_mutex_unlock(&acl_cache->lock));
5826 5827 5828 5829 5830

  bzero((char*)tables, sizeof(TABLE_LIST));
  user_list.empty();

  tables->db= (char*)sp_db;
5831
  tables->table_name= tables->alias= (char*)sp_name;
5832

5833 5834 5835 5836
  combo->host.length= strlen(combo->host.str);
  combo->user.length= strlen(combo->user.str);
  combo->host.str= thd->strmake(combo->host.str,combo->host.length);
  combo->user.str= thd->strmake(combo->user.str,combo->user.length);
5837 5838 5839 5840 5841 5842 5843 5844 5845 5846 5847 5848 5849 5850 5851 5852 5853 5854 5855 5856 5857 5858 5859 5860 5861 5862


  if(au && au->salt_len)
  {
    if (au->salt_len == SCRAMBLE_LENGTH)
    {
      make_password_from_salt(passwd_buff, au->salt);
      combo->password.length= SCRAMBLED_PASSWORD_CHAR_LENGTH;
    }
    else if (au->salt_len == SCRAMBLE_LENGTH_323)
    {
      make_password_from_salt_323(passwd_buff, (ulong *) au->salt);
      combo->password.length= SCRAMBLED_PASSWORD_CHAR_LENGTH_323;
    }
    else
    {
      my_error(ER_PASSWD_LENGTH, MYF(0), SCRAMBLED_PASSWORD_CHAR_LENGTH);
      return -1;
    }
    combo->password.str= passwd_buff;
  }
  else
  {
    combo->password.str= (char*)"";
    combo->password.length= 0;
  }
5863 5864 5865 5866 5867

  if (user_list.push_back(combo))
    DBUG_RETURN(TRUE);

  thd->lex->ssl_type= SSL_TYPE_NOT_SPECIFIED;
5868
  bzero((char*) &thd->lex->mqh, sizeof(thd->lex->mqh));
5869

5870
  result= mysql_routine_grant(thd, tables, is_proc, user_list,
5871 5872 5873 5874 5875
  				DEFAULT_CREATE_PROC_ACLS, 0, 1);
  DBUG_RETURN(result);
}


unknown's avatar
unknown committed
5876
/*****************************************************************************
unknown's avatar
unknown committed
5877
  Instantiate used templates
unknown's avatar
unknown committed
5878 5879
*****************************************************************************/

5880
#ifdef HAVE_EXPLICIT_TEMPLATE_INSTANTIATION
unknown's avatar
unknown committed
5881 5882 5883 5884 5885
template class List_iterator<LEX_COLUMN>;
template class List_iterator<LEX_USER>;
template class List<LEX_COLUMN>;
template class List<LEX_USER>;
#endif
unknown's avatar
unknown committed
5886 5887 5888 5889 5890 5891 5892 5893 5894 5895 5896 5897 5898 5899 5900 5901 5902 5903 5904 5905 5906 5907 5908 5909 5910 5911 5912 5913 5914 5915 5916 5917 5918 5919 5920 5921 5922 5923 5924 5925 5926 5927 5928 5929 5930 5931 5932

#endif /*NO_EMBEDDED_ACCESS_CHECKS */


int wild_case_compare(CHARSET_INFO *cs, const char *str,const char *wildstr)
{
  reg3 int flag;
  DBUG_ENTER("wild_case_compare");
  DBUG_PRINT("enter",("str: '%s'  wildstr: '%s'",str,wildstr));
  while (*wildstr)
  {
    while (*wildstr && *wildstr != wild_many && *wildstr != wild_one)
    {
      if (*wildstr == wild_prefix && wildstr[1])
	wildstr++;
      if (my_toupper(cs, *wildstr++) !=
          my_toupper(cs, *str++)) DBUG_RETURN(1);
    }
    if (! *wildstr ) DBUG_RETURN (*str != 0);
    if (*wildstr++ == wild_one)
    {
      if (! *str++) DBUG_RETURN (1);	/* One char; skip */
    }
    else
    {						/* Found '*' */
      if (!*wildstr) DBUG_RETURN(0);		/* '*' as last char: OK */
      flag=(*wildstr != wild_many && *wildstr != wild_one);
      do
      {
	if (flag)
	{
	  char cmp;
	  if ((cmp= *wildstr) == wild_prefix && wildstr[1])
	    cmp=wildstr[1];
	  cmp=my_toupper(cs, cmp);
	  while (*str && my_toupper(cs, *str) != cmp)
	    str++;
	  if (!*str) DBUG_RETURN (1);
	}
	if (wild_case_compare(cs, str,wildstr) == 0) DBUG_RETURN (0);
      } while (*str++);
      DBUG_RETURN(1);
    }
  }
  DBUG_RETURN (*str != '\0');
}

5933 5934 5935 5936 5937 5938 5939 5940

void update_schema_privilege(TABLE *table, char *buff, const char* db,
                             const char* t_name, const char* column,
                             uint col_length, const char *priv, 
                             uint priv_length, const char* is_grantable)
{
  int i= 2;
  CHARSET_INFO *cs= system_charset_info;
5941
  restore_record(table, s->default_values);
5942 5943 5944 5945 5946 5947 5948 5949 5950
  table->field[0]->store(buff, strlen(buff), cs);
  if (db)
    table->field[i++]->store(db, strlen(db), cs);
  if (t_name)
    table->field[i++]->store(t_name, strlen(t_name), cs);
  if (column)
    table->field[i++]->store(column, col_length, cs);
  table->field[i++]->store(priv, priv_length, cs);
  table->field[i]->store(is_grantable, strlen(is_grantable), cs);
5951
  table->file->ha_write_row(table->record[0]);
5952 5953 5954 5955 5956 5957 5958 5959 5960 5961 5962
}


int fill_schema_user_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
{
#ifndef NO_EMBEDDED_ACCESS_CHECKS
  uint counter;
  ACL_USER *acl_user;
  ulong want_access;
  char buff[100];
  TABLE *table= tables->table;
5963
  bool no_global_access= check_access(thd, SELECT_ACL, "mysql",0,1,1,0);
5964
  char *curr_host= thd->security_ctx->priv_host_name();
5965
  DBUG_ENTER("fill_schema_user_privileges");
5966

5967 5968
  pthread_mutex_lock(&acl_cache->lock);

5969 5970 5971 5972 5973 5974 5975 5976
  for (counter=0 ; counter < acl_users.elements ; counter++)
  {
    const char *user,*host, *is_grantable="YES";
    acl_user=dynamic_element(&acl_users,counter,ACL_USER*);
    if (!(user=acl_user->user))
      user= "";
    if (!(host=acl_user->host.hostname))
      host= "";
5977 5978

    if (no_global_access &&
5979
        (strcmp(thd->security_ctx->priv_user, user) ||
5980 5981 5982
         my_strcasecmp(system_charset_info, curr_host, host)))
      continue;
      
5983 5984 5985 5986 5987 5988
    want_access= acl_user->access;
    if (!(want_access & GRANT_ACL))
      is_grantable= "NO";

    strxmov(buff,"'",user,"'@'",host,"'",NullS);
    if (!(want_access & ~GRANT_ACL))
5989 5990
      update_schema_privilege(table, buff, 0, 0, 0, 0,
                              STRING_WITH_LEN("USAGE"), is_grantable);
5991 5992 5993 5994 5995 5996 5997 5998 5999 6000 6001 6002 6003
    else
    {
      uint priv_id;
      ulong j,test_access= want_access & ~GRANT_ACL;
      for (priv_id=0, j = SELECT_ACL;j <= GLOBAL_ACLS; priv_id++,j <<= 1)
      {
	if (test_access & j)
          update_schema_privilege(table, buff, 0, 0, 0, 0, 
                                  command_array[priv_id],
                                  command_lengths[priv_id], is_grantable);
      }
    }
  }
6004 6005 6006

  pthread_mutex_unlock(&acl_cache->lock);

6007
  DBUG_RETURN(0);
6008 6009 6010
#else
  return(0);
#endif
6011 6012 6013 6014 6015 6016 6017 6018 6019 6020 6021
}


int fill_schema_schema_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
{
#ifndef NO_EMBEDDED_ACCESS_CHECKS
  uint counter;
  ACL_DB *acl_db;
  ulong want_access;
  char buff[100];
  TABLE *table= tables->table;
6022
  bool no_global_access= check_access(thd, SELECT_ACL, "mysql",0,1,1,0);
6023
  char *curr_host= thd->security_ctx->priv_host_name();
6024 6025
  DBUG_ENTER("fill_schema_schema_privileges");

6026 6027
  pthread_mutex_lock(&acl_cache->lock);

6028 6029 6030 6031 6032 6033 6034 6035 6036 6037
  for (counter=0 ; counter < acl_dbs.elements ; counter++)
  {
    const char *user, *host, *is_grantable="YES";

    acl_db=dynamic_element(&acl_dbs,counter,ACL_DB*);
    if (!(user=acl_db->user))
      user= "";
    if (!(host=acl_db->host.hostname))
      host= "";

6038
    if (no_global_access &&
6039
        (strcmp(thd->security_ctx->priv_user, user) ||
6040 6041 6042
         my_strcasecmp(system_charset_info, curr_host, host)))
      continue;

6043 6044 6045 6046 6047 6048 6049 6050 6051 6052
    want_access=acl_db->access;
    if (want_access)
    {
      if (!(want_access & GRANT_ACL))
      {
        is_grantable= "NO";
      }
      strxmov(buff,"'",user,"'@'",host,"'",NullS);
      if (!(want_access & ~GRANT_ACL))
        update_schema_privilege(table, buff, acl_db->db, 0, 0,
6053
                                0, STRING_WITH_LEN("USAGE"), is_grantable);
6054 6055 6056 6057 6058 6059 6060 6061 6062 6063 6064 6065
      else
      {
        int cnt;
        ulong j,test_access= want_access & ~GRANT_ACL;
        for (cnt=0, j = SELECT_ACL; j <= DB_ACLS; cnt++,j <<= 1)
          if (test_access & j)
            update_schema_privilege(table, buff, acl_db->db, 0, 0, 0,
                                    command_array[cnt], command_lengths[cnt],
                                    is_grantable);
      }
    }
  }
6066 6067 6068

  pthread_mutex_unlock(&acl_cache->lock);

6069
  DBUG_RETURN(0);
6070 6071 6072
#else
  return (0);
#endif
6073 6074 6075 6076 6077 6078 6079 6080 6081
}


int fill_schema_table_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
{
#ifndef NO_EMBEDDED_ACCESS_CHECKS
  uint index;
  char buff[100];
  TABLE *table= tables->table;
6082
  bool no_global_access= check_access(thd, SELECT_ACL, "mysql",0,1,1,0);
6083
  char *curr_host= thd->security_ctx->priv_host_name();
6084 6085
  DBUG_ENTER("fill_schema_table_privileges");

6086 6087
  rw_rdlock(&LOCK_grant);

6088 6089
  for (index=0 ; index < column_priv_hash.records ; index++)
  {
6090
    const char *user, *host, *is_grantable= "YES";
6091 6092 6093 6094
    GRANT_TABLE *grant_table= (GRANT_TABLE*) hash_element(&column_priv_hash,
							  index);
    if (!(user=grant_table->user))
      user= "";
6095 6096
    if (!(host= grant_table->host.hostname))
      host= "";
6097 6098

    if (no_global_access &&
6099
        (strcmp(thd->security_ctx->priv_user, user) ||
6100
         my_strcasecmp(system_charset_info, curr_host, host)))
6101 6102
      continue;

6103
    ulong table_access= grant_table->privs;
6104
    if (table_access)
6105 6106
    {
      ulong test_access= table_access & ~GRANT_ACL;
unknown's avatar
unknown committed
6107 6108 6109 6110
      /*
        We should skip 'usage' privilege on table if
        we have any privileges on column(s) of this table
      */
6111 6112
      if (!test_access && grant_table->cols)
        continue;
6113 6114 6115
      if (!(table_access & GRANT_ACL))
        is_grantable= "NO";

6116
      strxmov(buff, "'", user, "'@'", host, "'", NullS);
6117 6118
      if (!test_access)
        update_schema_privilege(table, buff, grant_table->db, grant_table->tname,
6119
                                0, 0, STRING_WITH_LEN("USAGE"), is_grantable);
6120 6121 6122 6123 6124 6125 6126 6127 6128 6129 6130 6131 6132 6133
      else
      {
        ulong j;
        int cnt;
        for (cnt= 0, j= SELECT_ACL; j <= TABLE_ACLS; cnt++, j<<= 1)
        {
          if (test_access & j)
            update_schema_privilege(table, buff, grant_table->db, 
                                    grant_table->tname, 0, 0, command_array[cnt],
                                    command_lengths[cnt], is_grantable);
        }
      }
    }
  }
6134 6135 6136

  rw_unlock(&LOCK_grant);

6137
  DBUG_RETURN(0);
6138 6139 6140
#else
  return (0);
#endif
6141 6142 6143 6144 6145 6146 6147 6148 6149
}


int fill_schema_column_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
{
#ifndef NO_EMBEDDED_ACCESS_CHECKS
  uint index;
  char buff[100];
  TABLE *table= tables->table;
6150
  bool no_global_access= check_access(thd, SELECT_ACL, "mysql",0,1,1,0);
6151
  char *curr_host= thd->security_ctx->priv_host_name();
6152 6153
  DBUG_ENTER("fill_schema_table_privileges");

6154 6155
  rw_rdlock(&LOCK_grant);

6156 6157
  for (index=0 ; index < column_priv_hash.records ; index++)
  {
6158
    const char *user, *host, *is_grantable= "YES";
6159 6160 6161 6162
    GRANT_TABLE *grant_table= (GRANT_TABLE*) hash_element(&column_priv_hash,
							  index);
    if (!(user=grant_table->user))
      user= "";
6163 6164
    if (!(host= grant_table->host.hostname))
      host= "";
6165 6166

    if (no_global_access &&
6167
        (strcmp(thd->security_ctx->priv_user, user) ||
6168
         my_strcasecmp(system_charset_info, curr_host, host)))
6169 6170
      continue;

6171 6172 6173
    ulong table_access= grant_table->cols;
    if (table_access != 0)
    {
unknown's avatar
unknown committed
6174
      if (!(grant_table->privs & GRANT_ACL))
6175 6176
        is_grantable= "NO";

unknown's avatar
unknown committed
6177
      ulong test_access= table_access & ~GRANT_ACL;
6178
      strxmov(buff, "'", user, "'@'", host, "'", NullS);
6179 6180 6181 6182 6183 6184 6185 6186 6187 6188 6189 6190 6191 6192 6193 6194 6195 6196 6197 6198 6199 6200 6201 6202 6203 6204 6205 6206 6207
      if (!test_access)
        continue;
      else
      {
        ulong j;
        int cnt;
        for (cnt= 0, j= SELECT_ACL; j <= TABLE_ACLS; cnt++, j<<= 1)
        {
          if (test_access & j)
          {
            for (uint col_index=0 ;
                 col_index < grant_table->hash_columns.records ;
                 col_index++)
            {
              GRANT_COLUMN *grant_column = (GRANT_COLUMN*)
                hash_element(&grant_table->hash_columns,col_index);
              if ((grant_column->rights & j) && (table_access & j))
                  update_schema_privilege(table, buff, grant_table->db,
                                          grant_table->tname,
                                          grant_column->column,
                                          grant_column->key_length,
                                          command_array[cnt],
                                          command_lengths[cnt], is_grantable);
            }
          }
        }
      }
    }
  }
6208 6209 6210

  rw_unlock(&LOCK_grant);

6211
  DBUG_RETURN(0);
6212 6213 6214
#else
  return (0);
#endif
6215 6216 6217
}


unknown's avatar
VIEW  
unknown committed
6218 6219 6220 6221 6222
#ifndef NO_EMBEDDED_ACCESS_CHECKS
/*
  fill effective privileges for table

  SYNOPSIS
6223 6224
    fill_effective_table_privileges()
    thd     thread handler
unknown's avatar
VIEW  
unknown committed
6225 6226 6227 6228 6229 6230 6231 6232
    grant   grants table descriptor
    db      db name
    table   table name
*/

void fill_effective_table_privileges(THD *thd, GRANT_INFO *grant,
                                     const char *db, const char *table)
{
6233
  Security_context *sctx= thd->security_ctx;
6234 6235 6236 6237 6238
  DBUG_ENTER("fill_effective_table_privileges");
  DBUG_PRINT("enter", ("Host: '%s', Ip: '%s', User: '%s', table: `%s`.`%s`",
                       sctx->priv_host, (sctx->ip ? sctx->ip : "(NULL)"),
                       (sctx->priv_user ? sctx->priv_user : "(NULL)"),
                       db, table));
6239 6240 6241
  /* --skip-grants */
  if (!initialized)
  {
6242
    DBUG_PRINT("info", ("skip grants"));
6243
    grant->privilege= ~NO_ACCESS;             // everything is allowed
6244 6245
    DBUG_PRINT("info", ("privilege 0x%lx", grant->privilege));
    DBUG_VOID_RETURN;
6246 6247
  }

unknown's avatar
VIEW  
unknown committed
6248
  /* global privileges */
6249
  grant->privilege= sctx->master_access;
6250

6251
  if (!sctx->priv_user)
6252 6253 6254 6255
  {
    DBUG_PRINT("info", ("privilege 0x%lx", grant->privilege));
    DBUG_VOID_RETURN;                         // it is slave
  }
6256

6257
  /* db privileges */
6258
  grant->privilege|= acl_get(sctx->host, sctx->ip, sctx->priv_user, db, 0);
6259

6260
  if (!grant_option)
6261 6262 6263 6264
  {
    DBUG_PRINT("info", ("privilege 0x%lx", grant->privilege));
    DBUG_VOID_RETURN;
  }
6265

unknown's avatar
VIEW  
unknown committed
6266
  /* table privileges */
6267
  rw_rdlock(&LOCK_grant);
unknown's avatar
VIEW  
unknown committed
6268 6269 6270
  if (grant->version != grant_version)
  {
    grant->grant_table=
6271 6272
      table_hash_search(sctx->host, sctx->ip, db,
			sctx->priv_user,
unknown's avatar
VIEW  
unknown committed
6273 6274 6275 6276 6277 6278 6279
			table, 0);              /* purecov: inspected */
    grant->version= grant_version;              /* purecov: inspected */
  }
  if (grant->grant_table != 0)
  {
    grant->privilege|= grant->grant_table->privs;
  }
6280 6281
  rw_unlock(&LOCK_grant);

6282 6283
  DBUG_PRINT("info", ("privilege 0x%lx", grant->privilege));
  DBUG_VOID_RETURN;
unknown's avatar
VIEW  
unknown committed
6284
}
6285 6286 6287 6288 6289 6290 6291

#else /* NO_EMBEDDED_ACCESS_CHECKS */

/****************************************************************************
 Dummy wrappers when we don't have any access checks
****************************************************************************/

unknown's avatar
unknown committed
6292 6293
bool check_routine_level_acl(THD *thd, const char *db, const char *name,
                             bool is_proc)
6294 6295 6296 6297
{
  return FALSE;
}

unknown's avatar
VIEW  
unknown committed
6298
#endif