Commit e3d7877f authored by unknown's avatar unknown

Fix for bug #13546 "Build errors with --with-embedded-server

--with-embedded-privilege-control options". One more (hopefully last) build
failure which was introduced during work on WL#2787 "Add view definer/owner
to the view definition..."


libmysqld/lib_sql.cc:
  create_embedded_thd()/check_embedded_connection():
    Several security related THD members (user, host, ip, priv_user, ...) have
    moved to the Security_context class. New THD::security_ctx member points to
    active security context.
sql/sql_acl.cc:
  acl_getroot():
    Updated function description to refelect the fact that THD::user/host/ip/...
    members were moved to separate Security_context class.
sql/sql_parse.cc:
  check_user():
    Updated function description to refelect the fact that THD::user/host/ip/...
    members were moved to separate Security_context class.
parent 59922574
...@@ -514,8 +514,8 @@ void *create_embedded_thd(int client_flag, char *db) ...@@ -514,8 +514,8 @@ void *create_embedded_thd(int client_flag, char *db)
thd->db= db; thd->db= db;
thd->db_length= db ? strip_sp(db) : 0; thd->db_length= db ? strip_sp(db) : 0;
#ifndef NO_EMBEDDED_ACCESS_CHECKS #ifndef NO_EMBEDDED_ACCESS_CHECKS
thd->db_access= DB_ACLS; thd->security_ctx->db_access= DB_ACLS;
thd->master_access= ~NO_ACCESS; thd->security_ctx->master_access= ~NO_ACCESS;
#endif #endif
thd->net.query_cache_query= 0; thd->net.query_cache_query= 0;
...@@ -542,26 +542,27 @@ int check_embedded_connection(MYSQL *mysql) ...@@ -542,26 +542,27 @@ int check_embedded_connection(MYSQL *mysql)
int check_embedded_connection(MYSQL *mysql) int check_embedded_connection(MYSQL *mysql)
{ {
THD *thd= (THD*)mysql->thd; THD *thd= (THD*)mysql->thd;
Security_context *sctx= thd->security_ctx;
int result; int result;
char scramble_buff[SCRAMBLE_LENGTH]; char scramble_buff[SCRAMBLE_LENGTH];
int passwd_len; int passwd_len;
if (mysql->options.client_ip) if (mysql->options.client_ip)
{ {
thd->host= my_strdup(mysql->options.client_ip, MYF(0)); sctx->host= my_strdup(mysql->options.client_ip, MYF(0));
thd->ip= my_strdup(thd->host, MYF(0)); sctx->ip= my_strdup(sctx->host, MYF(0));
} }
else else
thd->host= (char*)my_localhost; sctx->host= (char*)my_localhost;
thd->host_or_ip= thd->host; sctx->host_or_ip= sctx->host;
if (acl_check_host(thd->host,thd->ip)) if (acl_check_host(sctx->host, sctx->ip))
{ {
result= ER_HOST_NOT_PRIVILEGED; result= ER_HOST_NOT_PRIVILEGED;
goto err; goto err;
} }
thd->user= my_strdup(mysql->user, MYF(0)); sctx->user= my_strdup(mysql->user, MYF(0));
if (mysql->passwd && mysql->passwd[0]) if (mysql->passwd && mysql->passwd[0])
{ {
memset(thd->scramble, 55, SCRAMBLE_LENGTH); // dummy scramble memset(thd->scramble, 55, SCRAMBLE_LENGTH); // dummy scramble
......
...@@ -693,8 +693,8 @@ static int acl_compare(ACL_ACCESS *a,ACL_ACCESS *b) ...@@ -693,8 +693,8 @@ static int acl_compare(ACL_ACCESS *a,ACL_ACCESS *b)
SYNOPSIS SYNOPSIS
acl_getroot() acl_getroot()
thd thread handle. If all checks are OK, thd thread handle. If all checks are OK,
thd->priv_user, thd->master_access are updated. thd->security_ctx->priv_user/master_access are updated.
thd->host, thd->ip, thd->user are used for checks. thd->security_ctx->host/ip/user are used for checks.
mqh user resources; on success mqh is reset, else mqh user resources; on success mqh is reset, else
unchanged unchanged
passwd scrambled & crypted password, received from client passwd scrambled & crypted password, received from client
......
...@@ -246,7 +246,7 @@ end: ...@@ -246,7 +246,7 @@ end:
SYNOPSIS SYNOPSIS
check_user() check_user()
thd thread handle, thd->{host,user,ip} are used thd thread handle, thd->security_ctx->{host,user,ip} are used
command originator of the check: now check_user is called command originator of the check: now check_user is called
during connect and change user procedures; used for during connect and change user procedures; used for
logging. logging.
...@@ -261,8 +261,8 @@ end: ...@@ -261,8 +261,8 @@ end:
are 'IN'. are 'IN'.
RETURN VALUE RETURN VALUE
0 OK; thd->user, thd->master_access, thd->priv_user, thd->db and 0 OK; thd->security_ctx->user/master_access/priv_user/db_access and
thd->db_access are updated; OK is sent to client; thd->db are updated; OK is sent to client;
-1 access denied or handshake error; error is sent to client; -1 access denied or handshake error; error is sent to client;
>0 error, not sent to client >0 error, not sent to client
*/ */
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment