Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
M
mariadb
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
mariadb
Commits
a2425837
Commit
a2425837
authored
Nov 30, 2002
by
peter@mysql.com
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
SCRUM: Montymise code
fix mysql_change_user() for old clients
parent
54ff0efe
Changes
9
Show whitespace changes
Inline
Side-by-side
Showing
9 changed files
with
388 additions
and
377 deletions
+388
-377
include/mysql_com.h
include/mysql_com.h
+6
-0
libmysql/libmysql.c
libmysql/libmysql.c
+130
-127
scripts/mysql_fix_privilege_tables.sh
scripts/mysql_fix_privilege_tables.sh
+9
-1
sql/mini_client.cc
sql/mini_client.cc
+11
-10
sql/mysqld.cc
sql/mysqld.cc
+3
-0
sql/password.c
sql/password.c
+23
-29
sql/sql_acl.cc
sql/sql_acl.cc
+85
-85
sql/sql_class.h
sql/sql_class.h
+4
-1
sql/sql_parse.cc
sql/sql_parse.cc
+117
-124
No files found.
include/mysql_com.h
View file @
a2425837
...
...
@@ -29,6 +29,7 @@
#define LOCAL_HOST "localhost"
#define LOCAL_HOST_NAMEDPIPE "."
#if defined(__WIN__) && !defined( _CUSTOMCONFIG_)
#define MYSQL_NAMEDPIPE "MySQL"
#define MYSQL_SERVICENAME "MySql"
...
...
@@ -44,6 +45,11 @@ enum enum_server_command
COM_PREPARE
,
COM_EXECUTE
,
COM_LONG_DATA
,
COM_CLOSE_STMT
};
#define SCRAMBLE_LENGTH 8
#define SCRAMBLE41_LENGTH 20
#define NOT_NULL_FLAG 1
/* Field can't be NULL */
#define PRI_KEY_FLAG 2
/* Field is part of a primary key */
#define UNIQUE_KEY_FLAG 4
/* Field is part of a unique key */
...
...
libmysql/libmysql.c
View file @
a2425837
...
...
@@ -1795,7 +1795,7 @@ mysql_real_connect(MYSQL *mysql,const char *host, const char *user,
{
char
buff
[
NAME_LEN
+
USERNAME_LENGTH
+
100
],
charset_name_buff
[
16
];
char
*
end
,
*
host_info
,
*
charset_name
;
char
password_hash
[
20
];
/* Used for tmp storage of
stage1 hash */
char
password_hash
[
SCRAMBLE41_LENGTH
];
/* tmp storage
stage1 hash */
my_socket
sock
;
uint32
ip_addr
;
struct
sockaddr_in
sock_addr
;
...
...
@@ -2274,28 +2274,29 @@ Try also with PIPE or TCP/IP
/* Build full password hash as it is required to decode scramble */
password_hash_stage1
(
buff
,
passwd
);
/* Store copy as we'll need it later */
memcpy
(
password_hash
,
buff
,
20
);
memcpy
(
password_hash
,
buff
,
SCRAMBLE41_LENGTH
);
/* Finally hash complete password using hash we got from server */
password_hash_stage2
(
password_hash
,
net
->
read_pos
);
/* Decypt and store scramble 4 = hash for stage2 */
password_crypt
(
net
->
read_pos
+
4
,
mysql
->
scramble_buff
,
password_hash
,
20
);
mysql
->
scramble_buff
[
20
]
=
0
;
password_crypt
(
net
->
read_pos
+
4
,
mysql
->
scramble_buff
,
password_hash
,
SCRAMBLE41_LENGTH
);
mysql
->
scramble_buff
[
SCRAMBLE41_LENGTH
]
=
0
;
/* Encode scramble with password. Recycle buffer */
password_crypt
(
mysql
->
scramble_buff
,
buff
,
buff
,
20
);
password_crypt
(
mysql
->
scramble_buff
,
buff
,
buff
,
SCRAMBLE41_LENGTH
);
}
else
{
/* Create password to decode scramble */
create_key_from_old_password
(
passwd
,
password_hash
);
/* Decypt and store scramble 4 = hash for stage2 */
password_crypt
(
net
->
read_pos
+
4
,
mysql
->
scramble_buff
,
password_hash
,
20
);
mysql
->
scramble_buff
[
20
]
=
0
;
password_crypt
(
net
->
read_pos
+
4
,
mysql
->
scramble_buff
,
password_hash
,
SCRAMBLE41_LENGTH
);
mysql
->
scramble_buff
[
SCRAMBLE41_LENGTH
]
=
0
;
/* Finally scramble decoded scramble with password */
scramble
(
buff
,
mysql
->
scramble_buff
,
passwd
,
(
my_bool
)
(
mysql
->
protocol_version
==
9
));
scramble
(
buff
,
mysql
->
scramble_buff
,
passwd
,
0
);
}
/* Write second package of authentication */
if
(
my_net_write
(
net
,
buff
,
20
)
||
net_flush
(
net
))
if
(
my_net_write
(
net
,
buff
,
SCRAMBLE41_LENGTH
)
||
net_flush
(
net
))
{
net
->
last_errno
=
CR_SERVER_LOST
;
strmov
(
net
->
last_error
,
ER
(
net
->
last_errno
));
...
...
@@ -2411,7 +2412,7 @@ my_bool STDCALL mysql_change_user(MYSQL *mysql, const char *user,
{
char
buff
[
512
],
*
end
=
buff
;
ulong
pkt_length
;
char
password_hash
[
20
];
/* Used for tmp storage of stage1 hash */
char
password_hash
[
SCRAMBLE41_LENGTH
];
/* Used for tmp storage of stage1 hash */
NET
*
net
=
&
mysql
->
net
;
DBUG_ENTER
(
"mysql_change_user"
);
...
...
@@ -2466,28 +2467,30 @@ my_bool STDCALL mysql_change_user(MYSQL *mysql, const char *user,
/* Build full password hash as it is required to decode scramble */
password_hash_stage1
(
buff
,
passwd
);
/* Store copy as we'll need it later */
memcpy
(
password_hash
,
buff
,
20
);
memcpy
(
password_hash
,
buff
,
SCRAMBLE41_LENGTH
);
/* Finally hash complete password using hash we got from server */
password_hash_stage2
(
password_hash
,
net
->
read_pos
);
/* Decypt and store scramble 4 = hash for stage2 */
password_crypt
(
net
->
read_pos
+
4
,
mysql
->
scramble_buff
,
password_hash
,
20
);
mysql
->
scramble_buff
[
20
]
=
0
;
password_crypt
(
net
->
read_pos
+
4
,
mysql
->
scramble_buff
,
password_hash
,
SCRAMBLE41_LENGTH
);
mysql
->
scramble_buff
[
SCRAMBLE41_LENGTH
]
=
0
;
/* Encode scramble with password. Recycle buffer */
password_crypt
(
mysql
->
scramble_buff
,
buff
,
buff
,
20
);
password_crypt
(
mysql
->
scramble_buff
,
buff
,
buff
,
SCRAMBLE41_LENGTH
);
}
else
{
/* Create password to decode scramble */
create_key_from_old_password
(
passwd
,
password_hash
);
/* Decypt and store scramble 4 = hash for stage2 */
password_crypt
(
net
->
read_pos
+
4
,
mysql
->
scramble_buff
,
password_hash
,
20
);
mysql
->
scramble_buff
[
20
]
=
0
;
password_crypt
(
net
->
read_pos
+
4
,
mysql
->
scramble_buff
,
password_hash
,
SCRAMBLE41_LENGTH
);
mysql
->
scramble_buff
[
SCRAMBLE41_LENGTH
]
=
0
;
/* Finally scramble decoded scramble with password */
scramble
(
buff
,
mysql
->
scramble_buff
,
passwd
,
(
my_bool
)
(
mysql
->
protocol_version
==
9
));
}
/* Write second package of authentication */
if
(
my_net_write
(
net
,
buff
,
20
)
||
net_flush
(
net
))
if
(
my_net_write
(
net
,
buff
,
SCRAMBLE41_LENGTH
)
||
net_flush
(
net
))
{
net
->
last_errno
=
CR_SERVER_LOST
;
strmov
(
net
->
last_error
,
ER
(
net
->
last_errno
));
...
...
scripts/mysql_fix_privilege_tables.sh
View file @
a2425837
...
...
@@ -170,12 +170,20 @@ fi
@bindir@/mysql
-f
--user
=
root
--password
=
"
$root_password
"
--host
=
"
$host
"
mysql
<<
END_OF_DATA
alter table user
change password password char(45) not null,
add max_questions int(11) NOT NULL AFTER x509_subject,
add max_updates int(11) unsigned NOT NULL AFTER max_questions,
add max_connections int(11) unsigned NOT NULL AFTER max_updates;
END_OF_DATA
# Increase password length to handle new passwords
@bindir@/mysql
-f
--user
=
root
--password
=
"
$root_password
"
--host
=
"
$host
"
mysql
<<
END_OF_DATA
alter table user
change password password char(45) not null;
END_OF_DATA
#
# Add Create_tmp_table_priv and Lock_tables_priv to db and host
#
...
...
sql/mini_client.cc
View file @
a2425837
...
...
@@ -490,7 +490,7 @@ mc_mysql_connect(MYSQL *mysql,const char *host, const char *user,
uint
net_read_timeout
)
{
char
buff
[
NAME_LEN
+
USERNAME_LENGTH
+
100
],
*
end
,
*
host_info
;
char
password_hash
[
20
];
char
password_hash
[
SCRAMBLE41_LENGTH
];
my_socket
sock
;
ulong
ip_addr
;
struct
sockaddr_in
sock_addr
;
...
...
@@ -856,28 +856,29 @@ mc_mysql_connect(MYSQL *mysql,const char *host, const char *user,
/* Build full password hash as it is required to decode scramble */
password_hash_stage1
(
buff
,
passwd
);
/* Store copy as we'll need it later */
memcpy
(
password_hash
,
buff
,
20
);
memcpy
(
password_hash
,
buff
,
SCRAMBLE41_LENGTH
);
/* Finally hash complete password using hash we got from server */
password_hash_stage2
(
password_hash
,(
char
*
)
net
->
read_pos
);
/* Decypt and store scramble 4 = hash for stage2 */
password_crypt
((
char
*
)
net
->
read_pos
+
4
,
mysql
->
scramble_buff
,
password_hash
,
20
);
mysql
->
scramble_buff
[
20
]
=
0
;
password_crypt
((
char
*
)
net
->
read_pos
+
4
,
mysql
->
scramble_buff
,
password_hash
,
SCRAMBLE41_LENGTH
);
mysql
->
scramble_buff
[
SCRAMBLE41_LENGTH
]
=
0
;
/* Encode scramble with password. Recycle buffer */
password_crypt
(
mysql
->
scramble_buff
,
buff
,
buff
,
20
);
password_crypt
(
mysql
->
scramble_buff
,
buff
,
buff
,
SCRAMBLE41_LENGTH
);
}
else
{
/* Create password to decode scramble */
create_key_from_old_password
(
passwd
,
password_hash
);
/* Decypt and store scramble 4 = hash for stage2 */
password_crypt
((
char
*
)
net
->
read_pos
+
4
,
mysql
->
scramble_buff
,
password_hash
,
20
);
mysql
->
scramble_buff
[
20
]
=
0
;
password_crypt
((
char
*
)
net
->
read_pos
+
4
,
mysql
->
scramble_buff
,
password_hash
,
SCRAMBLE41_LENGTH
);
mysql
->
scramble_buff
[
SCRAMBLE41_LENGTH
]
=
0
;
/* Finally scramble decoded scramble with password */
scramble
(
buff
,
mysql
->
scramble_buff
,
passwd
,
(
my_bool
)
(
mysql
->
protocol_version
==
9
));
scramble
(
buff
,
mysql
->
scramble_buff
,
passwd
,
0
);
}
/* Write second package of authentication */
if
(
my_net_write
(
net
,
buff
,
20
)
||
net_flush
(
net
))
if
(
my_net_write
(
net
,
buff
,
SCRAMBLE41_LENGTH
)
||
net_flush
(
net
))
{
net
->
last_errno
=
CR_SERVER_LOST
;
strmov
(
net
->
last_error
,
ER
(
net
->
last_errno
));
...
...
sql/mysqld.cc
View file @
a2425837
...
...
@@ -2496,6 +2496,9 @@ static void create_new_thread(THD *thd)
for
(
uint
i
=
0
;
i
<
8
;
i
++
)
// Generate password teststring
thd
->
scramble
[
i
]
=
(
char
)
(
rnd
(
&
sql_rand
)
*
94
+
33
);
thd
->
scramble
[
8
]
=
0
;
// Back it up as old clients may need it
memcpy
(
thd
->
old_scramble
,
thd
->
scramble
,
9
);
thd
->
real_id
=
pthread_self
();
// Keep purify happy
...
...
sql/password.c
View file @
a2425837
...
...
@@ -66,7 +66,6 @@
#define PVERSION41_CHAR '*'
/* Scramble length for new password version */
#define SCRAMBLE41_LENGTH 20
/*
...
...
@@ -175,17 +174,12 @@ void create_random_string(int length,struct rand_struct *rand_st,char* target)
none
*/
inline
void
password_crypt
(
const
char
*
from
,
char
*
to
,
const
char
*
password
,
int
length
)
void
password_crypt
(
const
char
*
from
,
char
*
to
,
const
char
*
password
,
int
length
)
{
const
char
*
from_end
=
from
+
length
;
while
(
from
<
from_end
)
{
*
to
=*
from
^*
password
;
from
++
;
to
++
;
password
++
;
}
while
(
from
<
from_end
)
*
to
++=
*
(
from
++
)
^*
(
password
++
);
}
...
...
@@ -286,7 +280,9 @@ void password_hash_stage2(char *to,const char *salt)
none
*/
void
make_scrambled_password
(
char
*
to
,
const
char
*
password
,
my_bool
force_old_scramble
,
struct
rand_struct
*
rand_st
)
void
make_scrambled_password
(
char
*
to
,
const
char
*
password
,
my_bool
force_old_scramble
,
struct
rand_struct
*
rand_st
)
{
ulong
hash_res
[
2
];
/* Used for pre 4.1 password hashing */
unsigned
short
salt
;
/* Salt for 4.1 version password */
...
...
@@ -336,7 +332,6 @@ void get_salt_from_bin_password(ulong *res,unsigned char *password,ulong salt)
unsigned
char
*
password_end
=
password
+
SCRAMBLE41_LENGTH
;
*
res
=
salt
;
res
++
;
bzero
(
res
,
5
*
sizeof
(
res
[
0
]));
/* Process password of known length*/
while
(
password
<
password_end
)
...
...
@@ -364,12 +359,14 @@ void get_salt_from_bin_password(ulong *res,unsigned char *password,ulong salt)
!0 for invalid password
*/
my_bool
validate_password
(
const
char
*
password
,
const
char
*
message
,
ulong
*
salt
)
my_bool
validate_password
(
const
char
*
password
,
const
char
*
message
,
ulong
*
salt
)
{
char
buffer
[
SCRAMBLE41_LENGTH
];
/* Used for password validation */
char
tmpsalt
[
8
];
/* Temporary value to convert salt to string form */
int
i
;
ulong
salt_candidate
[
6
];
/* Computed candidate salt */
ulong
*
sc
=
salt_candidate
;
/* we need to be able to increment */
ulong
*
salt_end
;
/* Now we shall get stage1 encrypted password in buffer*/
password_crypt
(
password
,
buffer
,
message
,
SCRAMBLE41_LENGTH
);
...
...
@@ -382,8 +379,10 @@ my_bool validate_password(const char* password, const char* message, ulong* salt
get_salt_from_bin_password
(
salt_candidate
,
buffer
,
salt
[
0
]);
/* Now we shall get exactly the same password as we have stored for user */
for
(
i
=
1
;
i
<
6
;
i
++
)
if
(
salt
[
i
]
!=
salt_candidate
[
i
])
return
1
;
for
(
salt_end
=
salt
+
5
;
salt
<
salt_end
;
)
if
(
*++
salt
!=
*++
sc
)
return
1
;
/* Or password correct*/
return
0
;
}
...
...
@@ -400,11 +399,9 @@ my_bool validate_password(const char* password, const char* message, ulong* salt
password length >0
*/
in
line
in
t
get_password_length
(
my_bool
force_old_scramble
)
int
get_password_length
(
my_bool
force_old_scramble
)
{
if
(
force_old_scramble
)
return
16
;
else
return
SHA1_HASH_SIZE
*
2
+
4
+
1
;
return
(
force_old_scramble
)
?
16
:
SHA1_HASH_SIZE
*
2
+
4
+
1
;
}
...
...
@@ -420,7 +417,7 @@ inline int get_password_length(my_bool force_old_scramble)
!0 password version char for newer passwords
*/
inline
char
get_password_version
(
const
char
*
password
)
char
get_password_version
(
const
char
*
password
)
{
if
(
password
==
NULL
)
return
0
;
if
(
password
[
0
]
==
PVERSION41_CHAR
)
return
PVERSION41_CHAR
;
...
...
@@ -467,7 +464,6 @@ inline uint char_val(char X)
void
get_salt_from_password
(
ulong
*
res
,
const
char
*
password
)
{
bzero
(
res
,
6
*
sizeof
(
res
[
0
]));
if
(
password
)
/* zero salt corresponds to empty password */
{
if
(
password
[
0
]
==
PVERSION41_CHAR
)
/* if new password */
...
...
@@ -553,19 +549,17 @@ void get_hash_and_password(ulong* salt, uint8 pversion, char* hash, unsigned cha
if
(
pversion
)
/* New password version assumed */
{
salt_end
=
salt
+
6
;
salt_end
=
salt
+
5
;
sprintf
(
hash
,
"%04x"
,(
unsigned
short
)
salt
[
0
]);
salt
++
;
/* position to the second element */
while
(
salt
<
salt_end
)
/* Iterate over these elements*/
{
val
=*
salt
;
for
(
t
=
3
;
t
>=
0
;
t
--
)
val
=*
(
++
salt
)
;
for
(
t
=
3
;
t
>=
0
;
t
--
)
{
bin_password
[
t
]
=
val
%
256
;
val
>>=
8
;
/* Scroll 8 bits to get next part*/
}
bin_password
+=
4
;
/* Get to next 4 chars*/
salt
++
;
}
}
else
...
...
@@ -611,7 +605,7 @@ void get_hash_and_password(ulong* salt, uint8 pversion, char* hash, unsigned cha
void
create_key_from_old_password
(
const
char
*
passwd
,
char
*
key
)
{
char
buffer
[
20
];
/* Buffer for various needs */
char
buffer
[
SCRAMBLE41_LENGTH
];
/* Buffer for various needs */
ulong
salt
[
6
];
/* Salt (large for safety) */
/* At first hash password to the string stored in password */
make_scrambled_password
(
buffer
,
passwd
,
1
,(
struct
rand_struct
*
)
NULL
);
...
...
sql/sql_acl.cc
View file @
a2425837
...
...
@@ -452,17 +452,17 @@ static int acl_compare(ACL_ACCESS *a,ACL_ACCESS *b)
Prepare crypted scramble to be sent to the client
*/
void
prepare_scramble
(
THD
*
thd
,
ACL_USER
*
acl_user
,
char
*
prepared_scramble
)
void
prepare_scramble
(
THD
*
thd
,
ACL_USER
*
acl_user
,
char
*
prepared_scramble
)
{
/* Binary password format to be used for generation*/
char
bin_password
[
20
];
char
bin_password
[
SCRAMBLE41_LENGTH
];
/* Generate new long scramble for the thread */
create_random_string
(
20
,
&
thd
->
rand
,
thd
->
scramble
);
thd
->
scramble
[
20
]
=
0
;
create_random_string
(
SCRAMBLE41_LENGTH
,
&
thd
->
rand
,
thd
->
scramble
);
thd
->
scramble
[
SCRAMBLE41_LENGTH
]
=
0
;
/* Get binary form, First 4 bytes of prepared scramble is salt */
get_hash_and_password
(
acl_user
->
salt
,
acl_user
->
pversion
,
prepared_scramble
,(
unsigned
char
*
)
bin_password
);
/* Finally encrypt password to get prepared scramble */
password_crypt
(
thd
->
scramble
,
prepared_scramble
+
4
,
bin_password
,
20
);
password_crypt
(
thd
->
scramble
,
prepared_scramble
+
4
,
bin_password
,
SCRAMBLE41_LENGTH
);
}
...
...
sql/sql_class.h
View file @
a2425837
...
...
@@ -499,7 +499,10 @@ public:
uint
check_loops_counter
;
//last id used to check loops
/* variables.transaction_isolation is reset to this after each commit */
enum_tx_isolation
session_tx_isolation
;
char
scramble
[
21
];
// extend scramble to handle new auth
// extend scramble to handle new auth
char
scramble
[
SCRAMBLE41_LENGTH
+
1
];
// old scramble is needed to handle old clients
char
old_scramble
[
SCRAMBLE_LENGTH
+
1
];
uint8
query_cache_type
;
// type of query cache processing
bool
slave_thread
;
bool
set_query_id
,
locked
,
count_cuted_fields
,
some_tables_deleted
;
...
...
sql/sql_parse.cc
View file @
a2425837
...
...
@@ -44,8 +44,6 @@
#else
#define MIN_HANDSHAKE_SIZE 6
#endif
/* HAVE_OPENSSL */
#define SCRAMBLE_LENGTH 8
#define SCRAMBLE41_LENGTH 20
#define MEM_ROOT_BLOCK_SIZE 8192
#define MEM_ROOT_PREALLOC 8192
...
...
@@ -653,21 +651,13 @@ check_connections(THD *thd)
char
tmp_user
[
USERNAME_LENGTH
+
1
];
char
tmp_db
[
NAME_LEN
+
1
];
if
(
user
)
{
strncpy
(
tmp_user
,
user
,
USERNAME_LENGTH
+
1
);
/* Extra safety if we have too long data */
tmp_user
[
USERNAME_LENGTH
]
=
0
;
}
else
tmp_user
[
0
]
=
0
;
if
(
db
)
{
strncpy
(
tmp_db
,
db
,
NAME_LEN
+
1
);
tmp_db
[
NAME_LEN
]
=
0
;
}
else
if
(
user
)
strmake
(
tmp_user
,
user
,
USERNAME_LENGTH
);
tmp_db
[
0
]
=
0
;
if
(
db
)
strmake
(
tmp_db
,
db
,
NAME_LEN
);
/* Write hash and encrypted scramble to client */
if
(
my_net_write
(
net
,
prepared_scramble
,
SCRAMBLE41_LENGTH
+
4
)
...
...
@@ -1079,6 +1069,9 @@ bool dispatch_command(enum enum_server_command command, THD *thd,
/* Store information if we used password. passwd will be dammaged */
using_password
=
test
(
passwd
[
0
]);
if
(
simple_connect
)
/* Restore scramble for old clients */
memcpy
(
thd
->
scramble
,
thd
->
old_scramble
,
9
);
/*
Check user permissions. If password failure we'll get scramble back
Do not retry if we already have sent error (result>0)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment