sql_acl.cc 188 KB
Newer Older
1
/* Copyright (C) 2000-2003 MySQL AB
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
2

bk@work.mysql.com's avatar
bk@work.mysql.com committed
3 4
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
5
   the Free Software Foundation; version 2 of the License.
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
6

bk@work.mysql.com's avatar
bk@work.mysql.com committed
7 8 9 10
   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
11

bk@work.mysql.com's avatar
bk@work.mysql.com committed
12 13 14 15 16 17 18
   You should have received a copy of the GNU General Public License
   along with this program; if not, write to the Free Software
   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA */


/*
  The privileges are saved in the following tables:
19 20
  mysql/user	 ; super user who are allowed to do almost anything
  mysql/host	 ; host privileges. This is used if host is empty in mysql/db.
bk@work.mysql.com's avatar
bk@work.mysql.com committed
21 22 23 24 25 26 27 28 29 30
  mysql/db	 ; database privileges / user

  data in tables is sorted according to how many not-wild-cards there is
  in the relevant fields. Empty strings comes last.
*/

#include "mysql_priv.h"
#include "hash_filo.h"
#include <m_ctype.h>
#include <stdarg.h>
31 32
#include "sp_head.h"
#include "sp.h"
bk@work.mysql.com's avatar
bk@work.mysql.com committed
33

34 35 36 37
time_t mysql_db_table_last_check= 0L;

TABLE_FIELD_W_TYPE mysql_db_table_fields[MYSQL_DB_FIELD_COUNT] = {
  {
andrey@example.com's avatar
andrey@example.com committed
38 39
    { C_STRING_WITH_LEN("Host") },            
    { C_STRING_WITH_LEN("char(60)") },
40 41 42
    {NULL, 0}
  }, 
  {
andrey@example.com's avatar
andrey@example.com committed
43 44
    { C_STRING_WITH_LEN("Db") },            
    { C_STRING_WITH_LEN("char(64)") },
45 46 47
    {NULL, 0}
  }, 
  {
andrey@example.com's avatar
andrey@example.com committed
48 49
    { C_STRING_WITH_LEN("User") },
    { C_STRING_WITH_LEN("char(16)") },
50 51 52
    {NULL, 0}
  },
  {
andrey@example.com's avatar
andrey@example.com committed
53 54 55
    { C_STRING_WITH_LEN("Select_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
56 57
  },
  {
andrey@example.com's avatar
andrey@example.com committed
58 59 60
    { C_STRING_WITH_LEN("Insert_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
61 62
  },
  {
andrey@example.com's avatar
andrey@example.com committed
63 64 65
    { C_STRING_WITH_LEN("Update_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
66 67
  },
  {
andrey@example.com's avatar
andrey@example.com committed
68 69 70
    { C_STRING_WITH_LEN("Delete_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
71 72
  },
  {
andrey@example.com's avatar
andrey@example.com committed
73 74 75
    { C_STRING_WITH_LEN("Create_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
76 77
  },
  {
andrey@example.com's avatar
andrey@example.com committed
78 79 80
    { C_STRING_WITH_LEN("Drop_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
81 82
  },
  {
andrey@example.com's avatar
andrey@example.com committed
83 84 85
    { C_STRING_WITH_LEN("Grant_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
86 87
  },
  {
andrey@example.com's avatar
andrey@example.com committed
88 89 90
    { C_STRING_WITH_LEN("References_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
91 92
  },
  {
andrey@example.com's avatar
andrey@example.com committed
93 94 95
    { C_STRING_WITH_LEN("Index_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
96 97
  },
  {
andrey@example.com's avatar
andrey@example.com committed
98 99 100
    { C_STRING_WITH_LEN("Alter_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
101 102
  },
  {
andrey@example.com's avatar
andrey@example.com committed
103 104 105
    { C_STRING_WITH_LEN("Create_tmp_table_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
106 107
  },
  {
andrey@example.com's avatar
andrey@example.com committed
108 109 110
    { C_STRING_WITH_LEN("Lock_tables_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
111 112
  },
  {
andrey@example.com's avatar
andrey@example.com committed
113 114 115
    { C_STRING_WITH_LEN("Create_view_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
116 117
  },
  {
andrey@example.com's avatar
andrey@example.com committed
118 119 120
    { C_STRING_WITH_LEN("Show_view_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
121 122
  },
  {
andrey@example.com's avatar
andrey@example.com committed
123 124 125
    { C_STRING_WITH_LEN("Create_routine_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
126 127
  },
  {
andrey@example.com's avatar
andrey@example.com committed
128 129 130
    { C_STRING_WITH_LEN("Alter_routine_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
131 132
  },
  {
andrey@example.com's avatar
andrey@example.com committed
133 134 135
    { C_STRING_WITH_LEN("Execute_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
136 137
  },
  {
andrey@example.com's avatar
andrey@example.com committed
138 139 140
    { C_STRING_WITH_LEN("Event_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
141 142
  },
  {
andrey@example.com's avatar
andrey@example.com committed
143 144 145
    { C_STRING_WITH_LEN("Trigger_priv") },
    { C_STRING_WITH_LEN("enum('N','Y')") },
    { C_STRING_WITH_LEN("utf8") }
146 147 148 149
  }
};


150 151 152 153
#ifndef NO_EMBEDDED_ACCESS_CHECKS

#define FIRST_NON_YN_FIELD 26

bk@work.mysql.com's avatar
bk@work.mysql.com committed
154 155 156
class acl_entry :public hash_filo_element
{
public:
157
  ulong access;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
158 159 160 161
  uint16 length;
  char key[1];					// Key will be stored here
};

162

163 164
static uchar* acl_entry_get_key(acl_entry *entry, size_t *length,
                                my_bool not_used __attribute__((unused)))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
165 166
{
  *length=(uint) entry->length;
167
  return (uchar*) entry->key;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
168 169
}

serg@serg.mylan's avatar
serg@serg.mylan committed
170
#define IP_ADDR_STRLEN (3+1+3+1+3+1+3)
gluh@mysql.com/gluh.(none)'s avatar
gluh@mysql.com/gluh.(none) committed
171
#define ACL_KEY_LENGTH (IP_ADDR_STRLEN+1+NAME_LEN+1+USERNAME_LENGTH+1)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
172 173 174 175 176

static DYNAMIC_ARRAY acl_hosts,acl_users,acl_dbs;
static MEM_ROOT mem, memex;
static bool initialized=0;
static bool allow_all_hosts=1;
177
static HASH acl_check_hosts, column_priv_hash, proc_priv_hash, func_priv_hash;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
178 179
static DYNAMIC_ARRAY acl_wild_hosts;
static hash_filo *acl_cache;
180
static uint grant_version=0; /* Version of priv tables. incremented by acl_load */
181
static ulong get_access(TABLE *form,uint fieldnr, uint *next_field=0);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
182 183 184
static int acl_compare(ACL_ACCESS *a,ACL_ACCESS *b);
static ulong get_sort(uint count,...);
static void init_check_host(void);
185
static void rebuild_check_host(void);
186 187
static ACL_USER *find_acl_user(const char *host, const char *user,
                               my_bool exact);
188 189
static bool update_user_table(THD *thd, TABLE *table,
                              const char *host, const char *user,
190
			      const char *new_password, uint new_password_len);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
191
static void update_hostname(acl_host_and_ip *host, const char *hostname);
192
static bool compare_hostname(const acl_host_and_ip *host,const char *hostname,
bk@work.mysql.com's avatar
bk@work.mysql.com committed
193
			     const char *ip);
194 195
static my_bool acl_load(THD *thd, TABLE_LIST *tables);
static my_bool grant_load(TABLE_LIST *tables);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
196

197 198 199 200 201 202 203 204 205 206 207 208 209 210
/*
  Convert scrambled password to binary form, according to scramble type, 
  Binary form is stored in user.salt.
*/

static
void
set_user_salt(ACL_USER *acl_user, const char *password, uint password_len)
{
  if (password_len == SCRAMBLED_PASSWORD_CHAR_LENGTH)
  {
    get_salt_from_password(acl_user->salt, password);
    acl_user->salt_len= SCRAMBLE_LENGTH;
  }
211
  else if (password_len == SCRAMBLED_PASSWORD_CHAR_LENGTH_323)
212 213
  {
    get_salt_from_password_323((ulong *) acl_user->salt, password);
214
    acl_user->salt_len= SCRAMBLE_LENGTH_323;
215 216 217 218 219
  }
  else
    acl_user->salt_len= 0;
}

220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237
/*
  This after_update function is used when user.password is less than
  SCRAMBLE_LENGTH bytes.
*/

static void restrict_update_of_old_passwords_var(THD *thd,
                                                 enum_var_type var_type)
{
  if (var_type == OPT_GLOBAL)
  {
    pthread_mutex_lock(&LOCK_global_system_variables);
    global_system_variables.old_passwords= 1;
    pthread_mutex_unlock(&LOCK_global_system_variables);
  }
  else
    thd->variables.old_passwords= 1;
}

238

239
/*
240 241
  Initialize structures responsible for user/db-level privilege checking and
  load privilege information for them from tables in the 'mysql' database.
242 243 244

  SYNOPSIS
    acl_init()
245 246 247 248 249 250
      dont_read_acl_tables  TRUE if we want to skip loading data from
                            privilege tables and disable privilege checking.

  NOTES
    This function is mostly responsible for preparatory steps, main work
    on initialization and grants loading is done in acl_reload().
251 252 253 254 255 256

  RETURN VALUES
    0	ok
    1	Could not initialize grant's
*/

257
my_bool acl_init(bool dont_read_acl_tables)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
258
{
259
  THD  *thd;
260
  my_bool return_val;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
261 262
  DBUG_ENTER("acl_init");

263 264
  acl_cache= new hash_filo(ACL_CACHE_SIZE, 0, 0,
                           (hash_get_key) acl_entry_get_key,
265
                           (hash_free_key) free,
266 267
                           lower_case_file_system ?
                           system_charset_info : &my_charset_bin);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
268
  if (dont_read_acl_tables)
269
  {
bk@work.mysql.com's avatar
bk@work.mysql.com committed
270
    DBUG_RETURN(0); /* purecov: tested */
peter@mysql.com's avatar
peter@mysql.com committed
271 272
  }

273 274 275
  /*
    To be able to run this from boot, we allocate a temporary THD
  */
bk@work.mysql.com's avatar
bk@work.mysql.com committed
276 277
  if (!(thd=new THD))
    DBUG_RETURN(1); /* purecov: inspected */
278
  thd->thread_stack= (char*) &thd;
279
  thd->store_globals();
280
  lex_start(thd);
281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314
  /*
    It is safe to call acl_reload() since acl_* arrays and hashes which
    will be freed there are global static objects and thus are initialized
    by zeros at startup.
  */
  return_val= acl_reload(thd);
  delete thd;
  /* Remember that we don't have a THD */
  my_pthread_setspecific_ptr(THR_THD,  0);
  DBUG_RETURN(return_val);
}


/*
  Initialize structures responsible for user/db-level privilege checking
  and load information about grants from open privilege tables.

  SYNOPSIS
    acl_load()
      thd     Current thread
      tables  List containing open "mysql.host", "mysql.user" and
              "mysql.db" tables.

  RETURN VALUES
    FALSE  Success
    TRUE   Error
*/

static my_bool acl_load(THD *thd, TABLE_LIST *tables)
{
  TABLE *table;
  READ_RECORD read_record_info;
  my_bool return_val= 1;
  bool check_no_resolve= specialflag & SPECIAL_NO_RESOLVE;
gluh@mysql.com/gluh.(none)'s avatar
gluh@mysql.com/gluh.(none) committed
315
  char tmp_name[NAME_LEN+1];
316
  int password_length;
317 318
  DBUG_ENTER("acl_load");

319
  grant_version++; /* Privileges updated */
320

bk@work.mysql.com's avatar
bk@work.mysql.com committed
321 322
  acl_cache->clear(1);				// Clear locked hostname cache

323
  init_sql_alloc(&mem, ACL_ALLOC_BLOCK_SIZE, 0);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
324
  init_read_record(&read_record_info,thd,table= tables[0].table,NULL,1,0);
325
  table->use_all_columns();
326
  VOID(my_init_dynamic_array(&acl_hosts,sizeof(ACL_HOST),20,50));
bk@work.mysql.com's avatar
bk@work.mysql.com committed
327 328 329
  while (!(read_record_info.read_record(&read_record_info)))
  {
    ACL_HOST host;
330 331
    update_hostname(&host.host,get_field(&mem, table->field[0]));
    host.db=	 get_field(&mem, table->field[1]);
332
    if (lower_case_table_names && host.db)
333 334
    {
      /*
335 336
        convert db to lower case and give a warning if the db wasn't
        already in lower case
337
      */
338 339
      (void) strmov(tmp_name, host.db);
      my_casedn_str(files_charset_info, host.db);
340 341 342
      if (strcmp(host.db, tmp_name) != 0)
        sql_print_warning("'host' entry '%s|%s' had database in mixed "
                          "case that has been forced to lowercase because "
343 344
                          "lower_case_table_names is set. It will not be "
                          "possible to remove this privilege using REVOKE.",
345 346
                          host.host.hostname ? host.host.hostname : "",
                          host.db ? host.db : "");
347
    }
348 349
    host.access= get_access(table,2);
    host.access= fix_rights_for_db(host.access);
350
    host.sort=	 get_sort(2,host.host.hostname,host.db);
hf@deer.(none)'s avatar
SCRUM  
hf@deer.(none) committed
351 352
    if (check_no_resolve && hostname_requires_resolving(host.host.hostname))
    {
serg@serg.mylan's avatar
serg@serg.mylan committed
353
      sql_print_warning("'host' entry '%s|%s' "
hf@deer.(none)'s avatar
SCRUM  
hf@deer.(none) committed
354
		      "ignored in --skip-name-resolve mode.",
355 356
			host.host.hostname ? host.host.hostname : "",
			host.db ? host.db : "");
hf@deer.(none)'s avatar
SCRUM  
hf@deer.(none) committed
357 358
      continue;
    }
bk@work.mysql.com's avatar
bk@work.mysql.com committed
359
#ifndef TO_BE_REMOVED
360
    if (table->s->fields == 8)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
361 362
    {						// Without grant
      if (host.access & CREATE_ACL)
363
	host.access|=REFERENCES_ACL | INDEX_ACL | ALTER_ACL | CREATE_TMP_ACL;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
364 365
    }
#endif
366
    VOID(push_dynamic(&acl_hosts,(uchar*) &host));
bk@work.mysql.com's avatar
bk@work.mysql.com committed
367
  }
368 369
  my_qsort((uchar*) dynamic_element(&acl_hosts,0,ACL_HOST*),acl_hosts.elements,
	   sizeof(ACL_HOST),(qsort_cmp) acl_compare);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
370 371 372 373
  end_read_record(&read_record_info);
  freeze_size(&acl_hosts);

  init_read_record(&read_record_info,thd,table=tables[1].table,NULL,1,0);
374
  table->use_all_columns();
375
  VOID(my_init_dynamic_array(&acl_users,sizeof(ACL_USER),50,100));
376 377 378
  password_length= table->field[2]->field_length /
    table->field[2]->charset()->mbmaxlen;
  if (password_length < SCRAMBLED_PASSWORD_CHAR_LENGTH_323)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
379
  {
380 381 382
    sql_print_error("Fatal error: mysql.user table is damaged or in "
                    "unsupported 3.20 format.");
    goto end;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
383 384
  }

385
  DBUG_PRINT("info",("user table fields: %d, password length: %d",
386
		     table->s->fields, password_length));
387

388
  pthread_mutex_lock(&LOCK_global_system_variables);
389
  if (password_length < SCRAMBLED_PASSWORD_CHAR_LENGTH)
390
  {
391 392 393 394 395 396 397 398 399 400 401 402 403 404
    if (opt_secure_auth)
    {
      pthread_mutex_unlock(&LOCK_global_system_variables);
      sql_print_error("Fatal error: mysql.user table is in old format, "
                      "but server started with --secure-auth option.");
      goto end;
    }
    sys_old_passwords.after_update= restrict_update_of_old_passwords_var;
    if (global_system_variables.old_passwords)
      pthread_mutex_unlock(&LOCK_global_system_variables);
    else
    {
      global_system_variables.old_passwords= 1;
      pthread_mutex_unlock(&LOCK_global_system_variables);
405 406 407
      sql_print_warning("mysql.user table is not updated to new password format; "
                        "Disabling new password usage until "
                        "mysql_fix_privilege_tables is run");
408 409 410 411
    }
    thd->variables.old_passwords= 1;
  }
  else
412
  {
413 414
    sys_old_passwords.after_update= 0;
    pthread_mutex_unlock(&LOCK_global_system_variables);
415 416
  }

bk@work.mysql.com's avatar
bk@work.mysql.com committed
417 418 419 420
  allow_all_hosts=0;
  while (!(read_record_info.read_record(&read_record_info)))
  {
    ACL_USER user;
421 422
    update_hostname(&user.host, get_field(&mem, table->field[0]));
    user.user= get_field(&mem, table->field[1]);
hf@deer.(none)'s avatar
SCRUM  
hf@deer.(none) committed
423 424
    if (check_no_resolve && hostname_requires_resolving(user.host.hostname))
    {
serg@serg.mylan's avatar
serg@serg.mylan committed
425 426
      sql_print_warning("'user' entry '%s@%s' "
                        "ignored in --skip-name-resolve mode.",
427 428
			user.user ? user.user : "",
			user.host.hostname ? user.host.hostname : "");
hf@deer.(none)'s avatar
SCRUM  
hf@deer.(none) committed
429 430 431
      continue;
    }

432
    const char *password= get_field(thd->mem_root, table->field[2]);
433 434 435
    uint password_len= password ? strlen(password) : 0;
    set_user_salt(&user, password, password_len);
    if (user.salt_len == 0 && password_len != 0)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
436
    {
437 438
      switch (password_len) {
      case 45: /* 4.1: to be removed */
serg@serg.mylan's avatar
serg@serg.mylan committed
439 440 441 442 443
        sql_print_warning("Found 4.1 style password for user '%s@%s'. "
                          "Ignoring user. "
                          "You should change password for this user.",
                          user.user ? user.user : "",
                          user.host.hostname ? user.host.hostname : "");
444 445
        break;
      default:
serg@serg.mylan's avatar
serg@serg.mylan committed
446 447 448
        sql_print_warning("Found invalid password for user: '%s@%s'; "
                          "Ignoring user", user.user ? user.user : "",
                           user.host.hostname ? user.host.hostname : "");
449 450
        break;
      }
bk@work.mysql.com's avatar
bk@work.mysql.com committed
451
    }
452
    else                                        // password is correct
bk@work.mysql.com's avatar
bk@work.mysql.com committed
453
    {
454 455
      uint next_field;
      user.access= get_access(table,3,&next_field) & GLOBAL_ACLS;
456 457 458 459
      /*
        if it is pre 5.0.1 privilege table then map CREATE privilege on
        CREATE VIEW & SHOW VIEW privileges
      */
460
      if (table->s->fields <= 31 && (user.access & CREATE_ACL))
461
        user.access|= (CREATE_VIEW_ACL | SHOW_VIEW_ACL);
462 463 464 465 466

      /*
        if it is pre 5.0.2 privilege table then map CREATE/ALTER privilege on
        CREATE PROCEDURE & ALTER PROCEDURE privileges
      */
467
      if (table->s->fields <= 33 && (user.access & CREATE_ACL))
468
        user.access|= CREATE_PROC_ACL;
469
      if (table->s->fields <= 33 && (user.access & ALTER_ACL))
470 471
        user.access|= ALTER_PROC_ACL;

472 473 474 475 476 477
      /*
        pre 5.0.3 did not have CREATE_USER_ACL
      */
      if (table->s->fields <= 36 && (user.access & GRANT_ACL))
        user.access|= CREATE_USER_ACL;

andrey@lmy004's avatar
andrey@lmy004 committed
478 479

      /*
andrey@lmy004's avatar
andrey@lmy004 committed
480
        if it is pre 5.1.6 privilege table then map CREATE privilege on
andrey@lmy004's avatar
andrey@lmy004 committed
481 482
        CREATE|ALTER|DROP|EXECUTE EVENT
      */
andrey@lmy004's avatar
andrey@lmy004 committed
483
      if (table->s->fields <= 37 && (user.access & SUPER_ACL))
andrey@lmy004's avatar
andrey@lmy004 committed
484 485
        user.access|= EVENT_ACL;

486 487 488 489 490 491
      /*
        if it is pre 5.1.6 privilege then map TRIGGER privilege on CREATE.
      */
      if (table->s->fields <= 38 && (user.access & SUPER_ACL))
        user.access|= TRIGGER_ACL;

492 493 494
      user.sort= get_sort(2,user.host.hostname,user.user);
      user.hostname_length= (user.host.hostname ?
                             (uint) strlen(user.host.hostname) : 0);
bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
495

496 497
      /* Starting from 4.0.2 we have more fields */
      if (table->s->fields >= 31)
498
      {
499
        char *ssl_type=get_field(thd->mem_root, table->field[next_field++]);
500 501 502 503 504 505 506 507 508
        if (!ssl_type)
          user.ssl_type=SSL_TYPE_NONE;
        else if (!strcmp(ssl_type, "ANY"))
          user.ssl_type=SSL_TYPE_ANY;
        else if (!strcmp(ssl_type, "X509"))
          user.ssl_type=SSL_TYPE_X509;
        else  /* !strcmp(ssl_type, "SPECIFIED") */
          user.ssl_type=SSL_TYPE_SPECIFIED;

509 510 511
        user.ssl_cipher=   get_field(&mem, table->field[next_field++]);
        user.x509_issuer=  get_field(&mem, table->field[next_field++]);
        user.x509_subject= get_field(&mem, table->field[next_field++]);
512

513
        char *ptr = get_field(thd->mem_root, table->field[next_field++]);
514
        user.user_resource.questions=ptr ? atoi(ptr) : 0;
515
        ptr = get_field(thd->mem_root, table->field[next_field++]);
516
        user.user_resource.updates=ptr ? atoi(ptr) : 0;
517
        ptr = get_field(thd->mem_root, table->field[next_field++]);
518
        user.user_resource.conn_per_hour= ptr ? atoi(ptr) : 0;
519
        if (user.user_resource.questions || user.user_resource.updates ||
520
            user.user_resource.conn_per_hour)
521
          mqh_used=1;
522

523
        if (table->s->fields >= 36)
524 525
        {
          /* Starting from 5.0.3 we have max_user_connections field */
526
          ptr= get_field(thd->mem_root, table->field[next_field++]);
527 528 529 530
          user.user_resource.user_conn= ptr ? atoi(ptr) : 0;
        }
        else
          user.user_resource.user_conn= 0;
531
      }
532 533 534
      else
      {
        user.ssl_type=SSL_TYPE_NONE;
535
        bzero((char *)&(user.user_resource),sizeof(user.user_resource));
bk@work.mysql.com's avatar
bk@work.mysql.com committed
536
#ifndef TO_BE_REMOVED
537
        if (table->s->fields <= 13)
538 539 540 541 542 543 544 545 546 547
        {						// Without grant
          if (user.access & CREATE_ACL)
            user.access|=REFERENCES_ACL | INDEX_ACL | ALTER_ACL;
        }
        /* Convert old privileges */
        user.access|= LOCK_TABLES_ACL | CREATE_TMP_ACL | SHOW_DB_ACL;
        if (user.access & FILE_ACL)
          user.access|= REPL_CLIENT_ACL | REPL_SLAVE_ACL;
        if (user.access & PROCESS_ACL)
          user.access|= SUPER_ACL | EXECUTE_ACL;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
548
#endif
549
      }
550
      VOID(push_dynamic(&acl_users,(uchar*) &user));
551 552
      if (!user.host.hostname ||
	  (user.host.hostname[0] == wild_many && !user.host.hostname[1]))
553
        allow_all_hosts=1;			// Anyone can connect
554
    }
bk@work.mysql.com's avatar
bk@work.mysql.com committed
555
  }
556 557
  my_qsort((uchar*) dynamic_element(&acl_users,0,ACL_USER*),acl_users.elements,
	   sizeof(ACL_USER),(qsort_cmp) acl_compare);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
558 559
  end_read_record(&read_record_info);
  freeze_size(&acl_users);
peter@mysql.com's avatar
peter@mysql.com committed
560

bk@work.mysql.com's avatar
bk@work.mysql.com committed
561
  init_read_record(&read_record_info,thd,table=tables[2].table,NULL,1,0);
562
  table->use_all_columns();
563
  VOID(my_init_dynamic_array(&acl_dbs,sizeof(ACL_DB),50,100));
bk@work.mysql.com's avatar
bk@work.mysql.com committed
564 565 566
  while (!(read_record_info.read_record(&read_record_info)))
  {
    ACL_DB db;
567 568
    update_hostname(&db.host,get_field(&mem, table->field[MYSQL_DB_FIELD_HOST]));
    db.db=get_field(&mem, table->field[MYSQL_DB_FIELD_DB]);
569 570
    if (!db.db)
    {
serg@serg.mylan's avatar
serg@serg.mylan committed
571
      sql_print_warning("Found an entry in the 'db' table with empty database name; Skipped");
572
      continue;
573
    }
574
    db.user=get_field(&mem, table->field[MYSQL_DB_FIELD_USER]);
hf@deer.(none)'s avatar
SCRUM  
hf@deer.(none) committed
575 576
    if (check_no_resolve && hostname_requires_resolving(db.host.hostname))
    {
serg@serg.mylan's avatar
serg@serg.mylan committed
577 578
      sql_print_warning("'db' entry '%s %s@%s' "
		        "ignored in --skip-name-resolve mode.",
579 580 581
		        db.db,
			db.user ? db.user : "",
			db.host.hostname ? db.host.hostname : "");
hf@deer.(none)'s avatar
SCRUM  
hf@deer.(none) committed
582 583
      continue;
    }
bk@work.mysql.com's avatar
bk@work.mysql.com committed
584 585
    db.access=get_access(table,3);
    db.access=fix_rights_for_db(db.access);
586 587 588
    if (lower_case_table_names)
    {
      /*
589 590
        convert db to lower case and give a warning if the db wasn't
        already in lower case
591 592
      */
      (void)strmov(tmp_name, db.db);
593
      my_casedn_str(files_charset_info, db.db);
594 595 596 597
      if (strcmp(db.db, tmp_name) != 0)
      {
        sql_print_warning("'db' entry '%s %s@%s' had database in mixed "
                          "case that has been forced to lowercase because "
598 599
                          "lower_case_table_names is set. It will not be "
                          "possible to remove this privilege using REVOKE.",
600 601 602
		          db.db,
			  db.user ? db.user : "",
			  db.host.hostname ? db.host.hostname : "");
603 604
      }
    }
bk@work.mysql.com's avatar
bk@work.mysql.com committed
605 606
    db.sort=get_sort(3,db.host.hostname,db.db,db.user);
#ifndef TO_BE_REMOVED
607
    if (table->s->fields <=  9)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
608 609 610 611 612
    {						// Without grant
      if (db.access & CREATE_ACL)
	db.access|=REFERENCES_ACL | INDEX_ACL | ALTER_ACL;
    }
#endif
613
    VOID(push_dynamic(&acl_dbs,(uchar*) &db));
bk@work.mysql.com's avatar
bk@work.mysql.com committed
614
  }
615 616
  my_qsort((uchar*) dynamic_element(&acl_dbs,0,ACL_DB*),acl_dbs.elements,
	   sizeof(ACL_DB),(qsort_cmp) acl_compare);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
617 618 619 620
  end_read_record(&read_record_info);
  freeze_size(&acl_dbs);
  init_check_host();

621 622 623 624 625
  initialized=1;
  return_val=0;

end:
  DBUG_RETURN(return_val);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
626 627 628 629 630
}


void acl_free(bool end)
{
631
  free_root(&mem,MYF(0));
bk@work.mysql.com's avatar
bk@work.mysql.com committed
632 633 634 635 636 637 638 639 640 641 642 643 644 645
  delete_dynamic(&acl_hosts);
  delete_dynamic(&acl_users);
  delete_dynamic(&acl_dbs);
  delete_dynamic(&acl_wild_hosts);
  hash_free(&acl_check_hosts);
  if (!end)
    acl_cache->clear(1); /* purecov: inspected */
  else
  {
    delete acl_cache;
    acl_cache=0;
  }
}

646 647

/*
648 649
  Forget current user/db-level privileges and read new privileges
  from the privilege tables.
650 651 652

  SYNOPSIS
    acl_reload()
653 654 655 656 657 658 659 660 661 662 663
      thd  Current thread

  NOTE
    All tables of calling thread which were open and locked by LOCK TABLES
    statement will be unlocked and closed.
    This function is also used for initialization of structures responsible
    for user/db-level privilege checking.

  RETURN VALUE
    FALSE  Success
    TRUE   Failure
664
*/
bk@work.mysql.com's avatar
bk@work.mysql.com committed
665

666
my_bool acl_reload(THD *thd)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
667
{
668
  TABLE_LIST tables[3];
bk@work.mysql.com's avatar
bk@work.mysql.com committed
669 670 671
  DYNAMIC_ARRAY old_acl_hosts,old_acl_users,old_acl_dbs;
  MEM_ROOT old_mem;
  bool old_initialized;
672
  my_bool return_val= 1;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
673 674
  DBUG_ENTER("acl_reload");

675
  if (thd->locked_tables)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
676
  {					// Can't have locked tables here
677 678 679
    thd->lock=thd->locked_tables;
    thd->locked_tables=0;
    close_thread_tables(thd);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
680
  }
681 682 683 684 685 686

  /*
    To avoid deadlocks we should obtain table locks before
    obtaining acl_cache->lock mutex.
  */
  bzero((char*) tables, sizeof(tables));
687 688 689 690 691 692
  tables[0].alias= tables[0].table_name= (char*) "host";
  tables[1].alias= tables[1].table_name= (char*) "user";
  tables[2].alias= tables[2].table_name= (char*) "db";
  tables[0].db=tables[1].db=tables[2].db=(char*) "mysql";
  tables[0].next_local= tables[0].next_global= tables+1;
  tables[1].next_local= tables[1].next_global= tables+2;
693 694 695 696 697
  tables[0].lock_type=tables[1].lock_type=tables[2].lock_type=TL_READ;

  if (simple_open_n_lock_tables(thd, tables))
  {
    sql_print_error("Fatal error: Can't open and lock privilege tables: %s",
698
		    thd->main_da.message());
699 700 701
    goto end;
  }

bk@work.mysql.com's avatar
bk@work.mysql.com committed
702 703 704 705 706 707 708 709 710 711
  if ((old_initialized=initialized))
    VOID(pthread_mutex_lock(&acl_cache->lock));

  old_acl_hosts=acl_hosts;
  old_acl_users=acl_users;
  old_acl_dbs=acl_dbs;
  old_mem=mem;
  delete_dynamic(&acl_wild_hosts);
  hash_free(&acl_check_hosts);

712
  if ((return_val= acl_load(thd, tables)))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
713
  {					// Error. Revert to old list
714
    DBUG_PRINT("error",("Reverting to old privileges"));
715
    acl_free();				/* purecov: inspected */
bk@work.mysql.com's avatar
bk@work.mysql.com committed
716 717 718 719 720 721 722 723
    acl_hosts=old_acl_hosts;
    acl_users=old_acl_users;
    acl_dbs=old_acl_dbs;
    mem=old_mem;
    init_check_host();
  }
  else
  {
724
    free_root(&old_mem,MYF(0));
bk@work.mysql.com's avatar
bk@work.mysql.com committed
725 726 727 728 729 730
    delete_dynamic(&old_acl_hosts);
    delete_dynamic(&old_acl_users);
    delete_dynamic(&old_acl_dbs);
  }
  if (old_initialized)
    VOID(pthread_mutex_unlock(&acl_cache->lock));
731 732 733
end:
  close_thread_tables(thd);
  DBUG_RETURN(return_val);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
734 735 736
}


737 738
/*
  Get all access bits from table after fieldnr
739 740

  IMPLEMENTATION
741 742
  We know that the access privileges ends when there is no more fields
  or the field is not an enum with two elements.
743 744 745 746 747 748 749 750 751 752 753

  SYNOPSIS
    get_access()
    form        an open table to read privileges from.
                The record should be already read in table->record[0]
    fieldnr     number of the first privilege (that is ENUM('N','Y') field
    next_field  on return - number of the field next to the last ENUM
                (unless next_field == 0)

  RETURN VALUE
    privilege mask
754
*/
bk@work.mysql.com's avatar
bk@work.mysql.com committed
755

756
static ulong get_access(TABLE *form, uint fieldnr, uint *next_field)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
757
{
758
  ulong access_bits=0,bit;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
759
  char buff[2];
760
  String res(buff,sizeof(buff),&my_charset_latin1);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
761 762
  Field **pos;

763
  for (pos=form->field+fieldnr, bit=1;
764
       *pos && (*pos)->real_type() == MYSQL_TYPE_ENUM &&
765
	 ((Field_enum*) (*pos))->typelib->count == 2 ;
766
       pos++, fieldnr++, bit<<=1)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
767
  {
768
    (*pos)->val_str(&res);
769
    if (my_toupper(&my_charset_latin1, res[0]) == 'Y')
770
      access_bits|= bit;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
771
  }
772 773
  if (next_field)
    *next_field=fieldnr;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
774 775 776 777 778
  return access_bits;
}


/*
779 780 781 782 783
  Return a number which, if sorted 'desc', puts strings in this order:
    no wildcards
    wildcards
    empty string
*/
bk@work.mysql.com's avatar
bk@work.mysql.com committed
784 785 786 787 788 789 790

static ulong get_sort(uint count,...)
{
  va_list args;
  va_start(args,count);
  ulong sort=0;

791 792 793
  /* Should not use this function with more than 4 arguments for compare. */
  DBUG_ASSERT(count <= 4);

bk@work.mysql.com's avatar
bk@work.mysql.com committed
794 795
  while (count--)
  {
796 797 798
    char *start, *str= va_arg(args,char*);
    uint chars= 0;
    uint wild_pos= 0;           /* first wildcard position */
bk@work.mysql.com's avatar
bk@work.mysql.com committed
799

monty@mysql.com's avatar
monty@mysql.com committed
800
    if ((start= str))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
801 802 803 804
    {
      for (; *str ; str++)
      {
	if (*str == wild_many || *str == wild_one || *str == wild_prefix)
805
        {
monty@mysql.com's avatar
monty@mysql.com committed
806
          wild_pos= (uint) (str - start) + 1;
807 808
          break;
        }
monty@mysql.com's avatar
monty@mysql.com committed
809
        chars= 128;                             // Marker that chars existed
bk@work.mysql.com's avatar
bk@work.mysql.com committed
810 811
      }
    }
monty@mysql.com's avatar
monty@mysql.com committed
812
    sort= (sort << 8) + (wild_pos ? min(wild_pos, 127) : chars);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
813 814 815 816 817 818 819 820 821 822 823 824 825 826 827
  }
  va_end(args);
  return sort;
}


static int acl_compare(ACL_ACCESS *a,ACL_ACCESS *b)
{
  if (a->sort > b->sort)
    return -1;
  if (a->sort < b->sort)
    return 1;
  return 0;
}

828

829
/*
monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
830 831
  Seek ACL entry for a user, check password, SSL cypher, and if
  everything is OK, update THD user data and USER_RESOURCES struct.
832

monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
833 834 835 836
  IMPLEMENTATION
   This function does not check if the user has any sensible privileges:
   only user's existence and  validity is checked.
   Note, that entire operation is protected by acl_cache_lock.
peter@mysql.com's avatar
peter@mysql.com committed
837

838
  SYNOPSIS
839 840
    acl_getroot()
    thd         thread handle. If all checks are OK,
841 842
                thd->security_ctx->priv_user/master_access are updated.
                thd->security_ctx->host/ip/user are used for checks.
843 844
    mqh         user resources; on success mqh is reset, else
                unchanged
845
    passwd      scrambled & crypted password, received from client
846 847 848 849 850 851 852
                (to check): thd->scramble or thd->scramble_323 is
                used to decrypt passwd, so they must contain
                original random string,
    passwd_len  length of passwd, must be one of 0, 8,
                SCRAMBLE_LENGTH_323, SCRAMBLE_LENGTH
    'thd' and 'mqh' are updated on success; other params are IN.
  
monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
853
  RETURN VALUE
854 855
    0  success: thd->priv_user, thd->priv_host, thd->master_access, mqh are
       updated
856
    1  user not found or authentication failure
857
    2  user found, has long (4.1.1) salt, but passwd is in old (3.23) format.
858
   -1  user found, has short (3.23) salt, but passwd is in new (4.1.1) format.
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
859 860
*/

861 862
int acl_getroot(THD *thd, USER_RESOURCES  *mqh,
                const char *passwd, uint passwd_len)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
863
{
monty@narttu.mysql.fi's avatar
merge  
monty@narttu.mysql.fi committed
864 865 866
  ulong user_access= NO_ACCESS;
  int res= 1;
  ACL_USER *acl_user= 0;
867
  Security_context *sctx= thd->security_ctx;
868
  DBUG_ENTER("acl_getroot");
bk@work.mysql.com's avatar
bk@work.mysql.com committed
869 870

  if (!initialized)
871
  {
872 873 874
    /* 
      here if mysqld's been started with --skip-grant-tables option.
    */
875
    sctx->skip_grants();
monty@narttu.mysql.fi's avatar
merge  
monty@narttu.mysql.fi committed
876
    bzero((char*) mqh, sizeof(*mqh));
877
    DBUG_RETURN(0);
878
  }
879

bk@work.mysql.com's avatar
bk@work.mysql.com committed
880
  VOID(pthread_mutex_lock(&acl_cache->lock));
peter@mysql.com's avatar
peter@mysql.com committed
881

bk@work.mysql.com's avatar
bk@work.mysql.com committed
882
  /*
883 884 885
    Find acl entry in user database. Note, that find_acl_user is not the same,
    because it doesn't take into account the case when user is not empty,
    but acl_user->user is empty
bk@work.mysql.com's avatar
bk@work.mysql.com committed
886
  */
peter@mysql.com's avatar
peter@mysql.com committed
887

888
  for (uint i=0 ; i < acl_users.elements ; i++)
889
  {
monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
890
    ACL_USER *acl_user_tmp= dynamic_element(&acl_users,i,ACL_USER*);
891
    if (!acl_user_tmp->user || !strcmp(sctx->user, acl_user_tmp->user))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
892
    {
893
      if (compare_hostname(&acl_user_tmp->host, sctx->host, sctx->ip))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
894
      {
895
        /* check password: it should be empty or valid */
monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
896
        if (passwd_len == acl_user_tmp->salt_len)
peter@mysql.com's avatar
peter@mysql.com committed
897
        {
monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
898
          if (acl_user_tmp->salt_len == 0 ||
serg@serg.mylan's avatar
serg@serg.mylan committed
899 900
              (acl_user_tmp->salt_len == SCRAMBLE_LENGTH ?
              check_scramble(passwd, thd->scramble, acl_user_tmp->salt) :
901
              check_scramble_323(passwd, thd->scramble,
serg@serg.mylan's avatar
serg@serg.mylan committed
902
                                 (ulong *) acl_user_tmp->salt)) == 0)
903
          {
monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
904
            acl_user= acl_user_tmp;
905 906
            res= 0;
          }
peter@mysql.com's avatar
peter@mysql.com committed
907
        }
908
        else if (passwd_len == SCRAMBLE_LENGTH &&
monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
909
                 acl_user_tmp->salt_len == SCRAMBLE_LENGTH_323)
910
          res= -1;
911
        else if (passwd_len == SCRAMBLE_LENGTH_323 &&
monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
912
                 acl_user_tmp->salt_len == SCRAMBLE_LENGTH)
913
          res= 2;
914 915
        /* linear search complete: */
        break;
peter@mysql.com's avatar
peter@mysql.com committed
916
      }
peter@mysql.com's avatar
peter@mysql.com committed
917
    }
918
  }
919 920 921 922
  /*
    This was moved to separate tree because of heavy HAVE_OPENSSL case.
    If acl_user is not null, res is 0.
  */
peter@mysql.com's avatar
peter@mysql.com committed
923 924 925

  if (acl_user)
  {
926
    /* OK. User found and password checked continue validation */
927
#ifdef HAVE_OPENSSL
928
    Vio *vio=thd->net.vio;
monty@narttu.mysql.fi's avatar
monty@narttu.mysql.fi committed
929
    SSL *ssl= (SSL*) vio->ssl_arg;
930
#endif
monty@narttu.mysql.fi's avatar
merge  
monty@narttu.mysql.fi committed
931

932
    /*
monty@narttu.mysql.fi's avatar
monty@narttu.mysql.fi committed
933
      At this point we know that user is allowed to connect
934 935 936 937 938 939
      from given host by given username/password pair. Now
      we check if SSL is required, if user is using SSL and
      if X509 certificate attributes are OK
    */
    switch (acl_user->ssl_type) {
    case SSL_TYPE_NOT_SPECIFIED:		// Impossible
monty@narttu.mysql.fi's avatar
merge  
monty@narttu.mysql.fi committed
940 941
    case SSL_TYPE_NONE:				// SSL is not required
      user_access= acl_user->access;
942
      break;
943
#ifdef HAVE_OPENSSL
monty@narttu.mysql.fi's avatar
merge  
monty@narttu.mysql.fi committed
944
    case SSL_TYPE_ANY:				// Any kind of SSL is ok
945
      if (vio_type(vio) == VIO_TYPE_SSL)
monty@narttu.mysql.fi's avatar
merge  
monty@narttu.mysql.fi committed
946
	user_access= acl_user->access;
947 948 949 950 951
      break;
    case SSL_TYPE_X509: /* Client should have any valid certificate. */
      /*
	Connections with non-valid certificates are dropped already
	in sslaccept() anyway, so we do not check validity here.
monty@narttu.mysql.fi's avatar
merge  
monty@narttu.mysql.fi committed
952

monty@narttu.mysql.fi's avatar
monty@narttu.mysql.fi committed
953 954
	We need to check for absence of SSL because without SSL
	we should reject connection.
955
      */
monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
956
      if (vio_type(vio) == VIO_TYPE_SSL &&
monty@narttu.mysql.fi's avatar
monty@narttu.mysql.fi committed
957 958
	  SSL_get_verify_result(ssl) == X509_V_OK &&
	  SSL_get_peer_certificate(ssl))
monty@narttu.mysql.fi's avatar
merge  
monty@narttu.mysql.fi committed
959
	user_access= acl_user->access;
960 961 962 963 964 965 966 967
      break;
    case SSL_TYPE_SPECIFIED: /* Client should have specified attrib */
      /*
	We do not check for absence of SSL because without SSL it does
	not pass all checks here anyway.
	If cipher name is specified, we compare it to actual cipher in
	use.
      */
monty@mysql.com's avatar
monty@mysql.com committed
968
      X509 *cert;
monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
969
      if (vio_type(vio) != VIO_TYPE_SSL ||
monty@narttu.mysql.fi's avatar
monty@narttu.mysql.fi committed
970
	  SSL_get_verify_result(ssl) != X509_V_OK)
monty@narttu.mysql.fi's avatar
monty@narttu.mysql.fi committed
971
	break;
972
      if (acl_user->ssl_cipher)
peter@mysql.com's avatar
peter@mysql.com committed
973
      {
974
	DBUG_PRINT("info",("comparing ciphers: '%s' and '%s'",
monty@narttu.mysql.fi's avatar
monty@narttu.mysql.fi committed
975 976
			   acl_user->ssl_cipher,SSL_get_cipher(ssl)));
	if (!strcmp(acl_user->ssl_cipher,SSL_get_cipher(ssl)))
monty@narttu.mysql.fi's avatar
merge  
monty@narttu.mysql.fi committed
977
	  user_access= acl_user->access;
978 979
	else
	{
monty@narttu.mysql.fi's avatar
monty@narttu.mysql.fi committed
980
	  if (global_system_variables.log_warnings)
serg@serg.mylan's avatar
serg@serg.mylan committed
981 982 983
	    sql_print_information("X509 ciphers mismatch: should be '%s' but is '%s'",
			      acl_user->ssl_cipher,
			      SSL_get_cipher(ssl));
984 985
	  break;
	}
bk@work.mysql.com's avatar
bk@work.mysql.com committed
986
      }
987 988
      /* Prepare certificate (if exists) */
      DBUG_PRINT("info",("checkpoint 1"));
monty@mysql.com's avatar
monty@mysql.com committed
989 990 991 992 993
      if (!(cert= SSL_get_peer_certificate(ssl)))
      {
	user_access=NO_ACCESS;
	break;
      }
994
      DBUG_PRINT("info",("checkpoint 2"));
995
      /* If X509 issuer is specified, we check it... */
996
      if (acl_user->x509_issuer)
peter@mysql.com's avatar
peter@mysql.com committed
997
      {
kostja@oak.local's avatar
kostja@oak.local committed
998
        DBUG_PRINT("info",("checkpoint 3"));
999 1000
        char *ptr = X509_NAME_oneline(X509_get_issuer_name(cert), 0, 0);
        DBUG_PRINT("info",("comparing issuers: '%s' and '%s'",
1001
			   acl_user->x509_issuer, ptr));
kostja@oak.local's avatar
kostja@oak.local committed
1002
        if (strcmp(acl_user->x509_issuer, ptr))
1003
        {
kostja@oak.local's avatar
kostja@oak.local committed
1004
          if (global_system_variables.log_warnings)
serg@serg.mylan's avatar
serg@serg.mylan committed
1005 1006
            sql_print_information("X509 issuer mismatch: should be '%s' "
			      "but is '%s'", acl_user->x509_issuer, ptr);
1007
          free(ptr);
1008
          user_access=NO_ACCESS;
kostja@oak.local's avatar
kostja@oak.local committed
1009
          break;
1010
        }
monty@narttu.mysql.fi's avatar
merge  
monty@narttu.mysql.fi committed
1011
        user_access= acl_user->access;
kostja@oak.local's avatar
kostja@oak.local committed
1012
        free(ptr);
peter@mysql.com's avatar
peter@mysql.com committed
1013
      }
1014 1015 1016 1017
      DBUG_PRINT("info",("checkpoint 4"));
      /* X509 subject is specified, we check it .. */
      if (acl_user->x509_subject)
      {
kostja@oak.local's avatar
kostja@oak.local committed
1018 1019 1020 1021
        char *ptr= X509_NAME_oneline(X509_get_subject_name(cert), 0, 0);
        DBUG_PRINT("info",("comparing subjects: '%s' and '%s'",
                           acl_user->x509_subject, ptr));
        if (strcmp(acl_user->x509_subject,ptr))
1022
        {
kostja@oak.local's avatar
kostja@oak.local committed
1023
          if (global_system_variables.log_warnings)
1024
            sql_print_information("X509 subject mismatch: should be '%s' but is '%s'",
kostja@oak.local's avatar
kostja@oak.local committed
1025
                            acl_user->x509_subject, ptr);
1026 1027 1028
          free(ptr);
          user_access=NO_ACCESS;
          break;
1029
        }
1030
        user_access= acl_user->access;
kostja@oak.local's avatar
kostja@oak.local committed
1031
        free(ptr);
1032 1033
      }
      break;
peter@mysql.com's avatar
peter@mysql.com committed
1034
#else  /* HAVE_OPENSSL */
monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
1035
    default:
1036
      /*
kostja@oak.local's avatar
kostja@oak.local committed
1037 1038 1039
        If we don't have SSL but SSL is required for this user the 
        authentication should fail.
      */
1040 1041
      break;
#endif /* HAVE_OPENSSL */
peter@mysql.com's avatar
peter@mysql.com committed
1042
    }
1043 1044
    sctx->master_access= user_access;
    sctx->priv_user= acl_user->user ? sctx->user : (char *) "";
1045
    *mqh= acl_user->user_resource;
1046

1047
    if (acl_user->host.hostname)
1048
      strmake(sctx->priv_host, acl_user->host.hostname, MAX_HOSTNAME);
1049
    else
1050
      *sctx->priv_host= 0;
1051
  }
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1052
  VOID(pthread_mutex_unlock(&acl_cache->lock));
1053
  DBUG_RETURN(res);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1054 1055 1056
}


1057
/*
1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075
  This is like acl_getroot() above, but it doesn't check password,
  and we don't care about the user resources.

  SYNOPSIS
    acl_getroot_no_password()
      sctx               Context which should be initialized
      user               user name
      host               host name
      ip                 IP
      db                 current data base name

  RETURN
    FALSE  OK
    TRUE   Error
*/

bool acl_getroot_no_password(Security_context *sctx, char *user, char *host,
                             char *ip, char *db)
1076 1077
{
  int res= 1;
1078
  uint i;
1079 1080 1081
  ACL_USER *acl_user= 0;
  DBUG_ENTER("acl_getroot_no_password");

1082 1083
  DBUG_PRINT("enter", ("Host: '%s', Ip: '%s', User: '%s', db: '%s'",
                       (host ? host : "(NULL)"), (ip ? ip : "(NULL)"),
1084
                       user, (db ? db : "(NULL)")));
1085 1086 1087 1088 1089
  sctx->user= user;
  sctx->host= host;
  sctx->ip= ip;
  sctx->host_or_ip= host ? host : (ip ? ip : "");

1090 1091
  if (!initialized)
  {
1092
    /*
1093 1094
      here if mysqld's been started with --skip-grant-tables option.
    */
1095
    sctx->skip_grants();
1096
    DBUG_RETURN(FALSE);
1097 1098 1099 1100
  }

  VOID(pthread_mutex_lock(&acl_cache->lock));

1101 1102
  sctx->master_access= 0;
  sctx->db_access= 0;
1103 1104
  sctx->priv_user= (char *) "";
  *sctx->priv_host= 0;
1105

1106 1107 1108
  /*
     Find acl entry in user database.
     This is specially tailored to suit the check we do for CALL of
1109
     a stored procedure; user is set to what is actually a
1110 1111
     priv_user, which can be ''.
  */
1112
  for (i=0 ; i < acl_users.elements ; i++)
1113
  {
1114 1115 1116
    ACL_USER *acl_user_tmp= dynamic_element(&acl_users,i,ACL_USER*);
    if ((!acl_user_tmp->user && !user[0]) ||
        (acl_user_tmp->user && strcmp(user, acl_user_tmp->user) == 0))
1117
    {
1118
      if (compare_hostname(&acl_user_tmp->host, host, ip))
1119
      {
1120 1121 1122
        acl_user= acl_user_tmp;
        res= 0;
        break;
1123 1124 1125 1126 1127 1128
      }
    }
  }

  if (acl_user)
  {
1129 1130 1131 1132
    for (i=0 ; i < acl_dbs.elements ; i++)
    {
      ACL_DB *acl_db= dynamic_element(&acl_dbs, i, ACL_DB*);
      if (!acl_db->user ||
1133
	  (user && user[0] && !strcmp(user, acl_db->user)))
1134
      {
1135
	if (compare_hostname(&acl_db->host, host, ip))
1136
	{
1137
	  if (!acl_db->db || (db && !wild_compare(db, acl_db->db, 0)))
1138
	  {
1139
	    sctx->db_access= acl_db->access;
1140 1141 1142 1143 1144
	    break;
	  }
	}
      }
    }
1145 1146
    sctx->master_access= acl_user->access;
    sctx->priv_user= acl_user->user ? user : (char *) "";
1147 1148

    if (acl_user->host.hostname)
1149
      strmake(sctx->priv_host, acl_user->host.hostname, MAX_HOSTNAME);
1150
    else
1151
      *sctx->priv_host= 0;
1152 1153 1154 1155 1156
  }
  VOID(pthread_mutex_unlock(&acl_cache->lock));
  DBUG_RETURN(res);
}

1157 1158
static uchar* check_get_key(ACL_USER *buff, size_t *length,
                            my_bool not_used __attribute__((unused)))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1159 1160
{
  *length=buff->hostname_length;
1161
  return (uchar*) buff->host.hostname;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1162 1163
}

1164

bk@work.mysql.com's avatar
bk@work.mysql.com committed
1165
static void acl_update_user(const char *user, const char *host,
1166
			    const char *password, uint password_len,
1167 1168 1169 1170
			    enum SSL_type ssl_type,
			    const char *ssl_cipher,
			    const char *x509_issuer,
			    const char *x509_subject,
peter@mysql.com's avatar
peter@mysql.com committed
1171
			    USER_RESOURCES  *mqh,
1172
			    ulong privileges)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1173
{
1174 1175
  safe_mutex_assert_owner(&acl_cache->lock);

bk@work.mysql.com's avatar
bk@work.mysql.com committed
1176 1177 1178 1179
  for (uint i=0 ; i < acl_users.elements ; i++)
  {
    ACL_USER *acl_user=dynamic_element(&acl_users,i,ACL_USER*);
    if (!acl_user->user && !user[0] ||
1180
	acl_user->user && !strcmp(user,acl_user->user))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1181 1182
    {
      if (!acl_user->host.hostname && !host[0] ||
1183
	  acl_user->host.hostname &&
1184
	  !my_strcasecmp(system_charset_info, host, acl_user->host.hostname))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1185 1186
      {
	acl_user->access=privileges;
1187
	if (mqh->specified_limits & USER_RESOURCES::QUERIES_PER_HOUR)
1188
	  acl_user->user_resource.questions=mqh->questions;
1189
	if (mqh->specified_limits & USER_RESOURCES::UPDATES_PER_HOUR)
1190
	  acl_user->user_resource.updates=mqh->updates;
1191 1192 1193 1194
	if (mqh->specified_limits & USER_RESOURCES::CONNECTIONS_PER_HOUR)
	  acl_user->user_resource.conn_per_hour= mqh->conn_per_hour;
	if (mqh->specified_limits & USER_RESOURCES::USER_CONNECTIONS)
	  acl_user->user_resource.user_conn= mqh->user_conn;
1195 1196 1197 1198 1199 1200 1201 1202 1203 1204
	if (ssl_type != SSL_TYPE_NOT_SPECIFIED)
	{
	  acl_user->ssl_type= ssl_type;
	  acl_user->ssl_cipher= (ssl_cipher ? strdup_root(&mem,ssl_cipher) :
				 0);
	  acl_user->x509_issuer= (x509_issuer ? strdup_root(&mem,x509_issuer) :
				  0);
	  acl_user->x509_subject= (x509_subject ?
				   strdup_root(&mem,x509_subject) : 0);
	}
1205 1206
	if (password)
	  set_user_salt(acl_user, password, password_len);
1207
        /* search complete: */
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1208 1209 1210 1211 1212 1213 1214 1215
	break;
      }
    }
  }
}


static void acl_insert_user(const char *user, const char *host,
1216
			    const char *password, uint password_len,
1217 1218 1219 1220
			    enum SSL_type ssl_type,
			    const char *ssl_cipher,
			    const char *x509_issuer,
			    const char *x509_subject,
1221
			    USER_RESOURCES *mqh,
1222
			    ulong privileges)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1223 1224
{
  ACL_USER acl_user;
1225 1226 1227

  safe_mutex_assert_owner(&acl_cache->lock);

1228
  acl_user.user=*user ? strdup_root(&mem,user) : 0;
monty@mysql.com's avatar
monty@mysql.com committed
1229
  update_hostname(&acl_user.host, *host ? strdup_root(&mem, host): 0);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1230
  acl_user.access=privileges;
1231
  acl_user.user_resource = *mqh;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1232
  acl_user.sort=get_sort(2,acl_user.host.hostname,acl_user.user);
1233
  acl_user.hostname_length=(uint) strlen(host);
1234 1235 1236 1237 1238
  acl_user.ssl_type= (ssl_type != SSL_TYPE_NOT_SPECIFIED ?
		      ssl_type : SSL_TYPE_NONE);
  acl_user.ssl_cipher=	ssl_cipher   ? strdup_root(&mem,ssl_cipher) : 0;
  acl_user.x509_issuer= x509_issuer  ? strdup_root(&mem,x509_issuer) : 0;
  acl_user.x509_subject=x509_subject ? strdup_root(&mem,x509_subject) : 0;
1239 1240

  set_user_salt(&acl_user, password, password_len);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1241

1242
  VOID(push_dynamic(&acl_users,(uchar*) &acl_user));
1243 1244
  if (!acl_user.host.hostname ||
      (acl_user.host.hostname[0] == wild_many && !acl_user.host.hostname[1]))
monty@narttu.mysql.fi's avatar
monty@narttu.mysql.fi committed
1245
    allow_all_hosts=1;		// Anyone can connect /* purecov: tested */
1246 1247
  my_qsort((uchar*) dynamic_element(&acl_users,0,ACL_USER*),acl_users.elements,
	   sizeof(ACL_USER),(qsort_cmp) acl_compare);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1248

1249 1250
  /* Rebuild 'acl_check_hosts' since 'acl_users' has been modified */
  rebuild_check_host();
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1251 1252 1253 1254
}


static void acl_update_db(const char *user, const char *host, const char *db,
1255
			  ulong privileges)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1256
{
1257 1258
  safe_mutex_assert_owner(&acl_cache->lock);

bk@work.mysql.com's avatar
bk@work.mysql.com committed
1259 1260 1261 1262 1263 1264 1265 1266
  for (uint i=0 ; i < acl_dbs.elements ; i++)
  {
    ACL_DB *acl_db=dynamic_element(&acl_dbs,i,ACL_DB*);
    if (!acl_db->user && !user[0] ||
	acl_db->user &&
	!strcmp(user,acl_db->user))
    {
      if (!acl_db->host.hostname && !host[0] ||
1267
	  acl_db->host.hostname &&
1268
          !strcmp(host, acl_db->host.hostname))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1269 1270 1271 1272 1273 1274 1275 1276 1277 1278 1279 1280 1281 1282 1283
      {
	if (!acl_db->db && !db[0] ||
	    acl_db->db && !strcmp(db,acl_db->db))
	{
	  if (privileges)
	    acl_db->access=privileges;
	  else
	    delete_dynamic_element(&acl_dbs,i);
	}
      }
    }
  }
}


1284 1285 1286 1287 1288 1289 1290 1291 1292 1293 1294 1295 1296 1297
/*
  Insert a user/db/host combination into the global acl_cache

  SYNOPSIS
    acl_insert_db()
    user		User name
    host		Host name
    db			Database name
    privileges		Bitmap of privileges

  NOTES
    acl_cache->lock must be locked when calling this
*/

bk@work.mysql.com's avatar
bk@work.mysql.com committed
1298
static void acl_insert_db(const char *user, const char *host, const char *db,
1299
			  ulong privileges)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1300 1301
{
  ACL_DB acl_db;
1302
  safe_mutex_assert_owner(&acl_cache->lock);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1303
  acl_db.user=strdup_root(&mem,user);
1304
  update_hostname(&acl_db.host, *host ? strdup_root(&mem,host) : 0);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1305 1306 1307
  acl_db.db=strdup_root(&mem,db);
  acl_db.access=privileges;
  acl_db.sort=get_sort(3,acl_db.host.hostname,acl_db.db,acl_db.user);
1308
  VOID(push_dynamic(&acl_dbs,(uchar*) &acl_db));
1309 1310
  my_qsort((uchar*) dynamic_element(&acl_dbs,0,ACL_DB*),acl_dbs.elements,
	   sizeof(ACL_DB),(qsort_cmp) acl_compare);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1311 1312 1313
}


1314 1315 1316

/*
  Get privilege for a host, user and db combination
1317 1318 1319

  as db_is_pattern changes the semantics of comparison,
  acl_cache is not used if db_is_pattern is set.
1320
*/
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1321

1322
ulong acl_get(const char *host, const char *ip,
1323
              const char *user, const char *db, my_bool db_is_pattern)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1324
{
1325
  ulong host_access= ~(ulong)0, db_access= 0;
1326 1327
  uint i;
  size_t key_length;
1328
  char key[ACL_KEY_LENGTH],*tmp_db,*end;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1329
  acl_entry *entry;
monty@mysql.com's avatar
monty@mysql.com committed
1330
  DBUG_ENTER("acl_get");
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1331 1332

  VOID(pthread_mutex_lock(&acl_cache->lock));
1333
  end=strmov((tmp_db=strmov(strmov(key, ip ? ip : "")+1,user)+1),db);
1334 1335
  if (lower_case_table_names)
  {
1336
    my_casedn_str(files_charset_info, tmp_db);
1337 1338
    db=tmp_db;
  }
1339 1340 1341
  key_length= (size_t) (end-key);
  if (!db_is_pattern && (entry=(acl_entry*) acl_cache->search((uchar*) key,
                                                              key_length)))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1342 1343 1344
  {
    db_access=entry->access;
    VOID(pthread_mutex_unlock(&acl_cache->lock));
monty@mysql.com's avatar
monty@mysql.com committed
1345 1346
    DBUG_PRINT("exit", ("access: 0x%lx", db_access));
    DBUG_RETURN(db_access);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1347 1348 1349 1350 1351 1352 1353 1354 1355 1356 1357 1358
  }

  /*
    Check if there are some access rights for database and user
  */
  for (i=0 ; i < acl_dbs.elements ; i++)
  {
    ACL_DB *acl_db=dynamic_element(&acl_dbs,i,ACL_DB*);
    if (!acl_db->user || !strcmp(user,acl_db->user))
    {
      if (compare_hostname(&acl_db->host,host,ip))
      {
1359
	if (!acl_db->db || !wild_compare(db,acl_db->db,db_is_pattern))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1360 1361 1362 1363 1364 1365 1366 1367 1368 1369 1370 1371 1372 1373 1374 1375 1376 1377 1378 1379 1380
	{
	  db_access=acl_db->access;
	  if (acl_db->host.hostname)
	    goto exit;				// Fully specified. Take it
	  break; /* purecov: tested */
	}
      }
    }
  }
  if (!db_access)
    goto exit;					// Can't be better

  /*
    No host specified for user. Get hostdata from host table
  */
  host_access=0;				// Host must be found
  for (i=0 ; i < acl_hosts.elements ; i++)
  {
    ACL_HOST *acl_host=dynamic_element(&acl_hosts,i,ACL_HOST*);
    if (compare_hostname(&acl_host->host,host,ip))
    {
1381
      if (!acl_host->db || !wild_compare(db,acl_host->db,db_is_pattern))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1382 1383 1384 1385 1386 1387 1388 1389
      {
	host_access=acl_host->access;		// Fully specified. Take it
	break;
      }
    }
  }
exit:
  /* Save entry in cache for quick retrieval */
1390 1391
  if (!db_is_pattern &&
      (entry= (acl_entry*) malloc(sizeof(acl_entry)+key_length)))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1392 1393 1394
  {
    entry->access=(db_access & host_access);
    entry->length=key_length;
1395
    memcpy((uchar*) entry->key,key,key_length);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1396 1397 1398
    acl_cache->add(entry);
  }
  VOID(pthread_mutex_unlock(&acl_cache->lock));
monty@mysql.com's avatar
monty@mysql.com committed
1399 1400
  DBUG_PRINT("exit", ("access: 0x%lx", db_access & host_access));
  DBUG_RETURN(db_access & host_access);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1401 1402
}

1403 1404 1405 1406 1407 1408 1409
/*
  Check if there are any possible matching entries for this host

  NOTES
    All host names without wild cards are stored in a hash table,
    entries with wildcards are stored in a dynamic array
*/
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1410 1411 1412 1413

static void init_check_host(void)
{
  DBUG_ENTER("init_check_host");
1414
  VOID(my_init_dynamic_array(&acl_wild_hosts,sizeof(struct acl_host_and_ip),
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1415
			  acl_users.elements,1));
1416
  VOID(hash_init(&acl_check_hosts,system_charset_info,acl_users.elements,0,0,
1417
		 (hash_get_key) check_get_key,0,0));
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1418 1419 1420 1421 1422 1423 1424 1425 1426 1427 1428 1429 1430 1431
  if (!allow_all_hosts)
  {
    for (uint i=0 ; i < acl_users.elements ; i++)
    {
      ACL_USER *acl_user=dynamic_element(&acl_users,i,ACL_USER*);
      if (strchr(acl_user->host.hostname,wild_many) ||
	  strchr(acl_user->host.hostname,wild_one) ||
	  acl_user->host.ip_mask)
      {						// Has wildcard
	uint j;
	for (j=0 ; j < acl_wild_hosts.elements ; j++)
	{					// Check if host already exists
	  acl_host_and_ip *acl=dynamic_element(&acl_wild_hosts,j,
					       acl_host_and_ip *);
1432
	  if (!my_strcasecmp(system_charset_info,
1433
                             acl_user->host.hostname, acl->hostname))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1434 1435 1436
	    break;				// already stored
	}
	if (j == acl_wild_hosts.elements)	// If new
1437
	  (void) push_dynamic(&acl_wild_hosts,(uchar*) &acl_user->host);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1438
      }
1439 1440
      else if (!hash_search(&acl_check_hosts,(uchar*) acl_user->host.hostname,
			    strlen(acl_user->host.hostname)))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1441
      {
1442
	if (my_hash_insert(&acl_check_hosts,(uchar*) acl_user))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1443 1444 1445 1446 1447 1448 1449 1450 1451 1452 1453 1454 1455
	{					// End of memory
	  allow_all_hosts=1;			// Should never happen
	  DBUG_VOID_RETURN;
	}
      }
    }
  }
  freeze_size(&acl_wild_hosts);
  freeze_size(&acl_check_hosts.array);
  DBUG_VOID_RETURN;
}


1456 1457 1458 1459 1460 1461 1462 1463 1464 1465 1466 1467 1468 1469 1470 1471
/*
  Rebuild lists used for checking of allowed hosts

  We need to rebuild 'acl_check_hosts' and 'acl_wild_hosts' after adding,
  dropping or renaming user, since they contain pointers to elements of
  'acl_user' array, which are invalidated by drop operation, and use
  ACL_USER::host::hostname as a key, which is changed by rename.
*/
void rebuild_check_host(void)
{
  delete_dynamic(&acl_wild_hosts);
  hash_free(&acl_check_hosts);
  init_check_host();
}


bk@work.mysql.com's avatar
bk@work.mysql.com committed
1472 1473 1474 1475 1476 1477 1478 1479
/* Return true if there is no users that can match the given host */

bool acl_check_host(const char *host, const char *ip)
{
  if (allow_all_hosts)
    return 0;
  VOID(pthread_mutex_lock(&acl_cache->lock));

1480 1481
  if (host && hash_search(&acl_check_hosts,(uchar*) host,strlen(host)) ||
      ip && hash_search(&acl_check_hosts,(uchar*) ip, strlen(ip)))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1482 1483 1484 1485 1486 1487 1488 1489 1490 1491 1492 1493 1494 1495 1496 1497 1498 1499
  {
    VOID(pthread_mutex_unlock(&acl_cache->lock));
    return 0;					// Found host
  }
  for (uint i=0 ; i < acl_wild_hosts.elements ; i++)
  {
    acl_host_and_ip *acl=dynamic_element(&acl_wild_hosts,i,acl_host_and_ip*);
    if (compare_hostname(acl, host, ip))
    {
      VOID(pthread_mutex_unlock(&acl_cache->lock));
      return 0;					// Host ok
    }
  }
  VOID(pthread_mutex_unlock(&acl_cache->lock));
  return 1;					// Host is not allowed
}


1500 1501 1502 1503 1504 1505 1506 1507
/*
  Check if the user is allowed to change password

  SYNOPSIS:
    check_change_password()
    thd		THD
    host	hostname for the user
    user	user name
1508 1509 1510 1511
    new_password new password

  NOTE:
    new_password cannot be NULL
monty@hundin.mysql.fi's avatar
merge  
monty@hundin.mysql.fi committed
1512

1513
    RETURN VALUE
1514 1515
      0		OK
      1		ERROR  ; In this case the error is sent to the client.
1516 1517
*/

1518
bool check_change_password(THD *thd, const char *host, const char *user,
1519
                           char *new_password, uint new_password_len)
1520
{
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1521 1522
  if (!initialized)
  {
1523
    my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0), "--skip-grant-tables");
1524
    return(1);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1525
  }
1526
  if (!thd->slave_thread &&
1527 1528 1529
      (strcmp(thd->security_ctx->user, user) ||
       my_strcasecmp(system_charset_info, host,
                     thd->security_ctx->priv_host)))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1530
  {
1531
    if (check_access(thd, UPDATE_ACL, "mysql",0,1,0,0))
1532
      return(1);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1533
  }
1534
  if (!thd->slave_thread && !thd->security_ctx->user[0])
1535
  {
bell@sanja.is.com.ua's avatar
bell@sanja.is.com.ua committed
1536 1537
    my_message(ER_PASSWORD_ANONYMOUS_USER, ER(ER_PASSWORD_ANONYMOUS_USER),
               MYF(0));
1538
    return(1);
1539
  }
1540
  size_t len= strlen(new_password);
1541
  if (len && len != SCRAMBLED_PASSWORD_CHAR_LENGTH &&
1542 1543
      len != SCRAMBLED_PASSWORD_CHAR_LENGTH_323)
  {
1544
    my_error(ER_PASSWD_LENGTH, MYF(0), SCRAMBLED_PASSWORD_CHAR_LENGTH);
1545 1546
    return -1;
  }
1547 1548 1549 1550
  return(0);
}


1551 1552 1553 1554 1555 1556 1557 1558 1559 1560 1561 1562 1563
/*
  Change a password for a user

  SYNOPSIS
    change_password()
    thd			Thread handle
    host		Hostname
    user		User name
    new_password	New password for host@user

  RETURN VALUES
    0	ok
    1	ERROR; In this case the error is sent to the client.
peter@mysql.com's avatar
peter@mysql.com committed
1564
*/
1565

1566 1567 1568
bool change_password(THD *thd, const char *host, const char *user,
		     char *new_password)
{
1569 1570 1571 1572 1573
  TABLE_LIST tables;
  TABLE *table;
  /* Buffer should be extended when password length is extended. */
  char buff[512];
  ulong query_length;
1574
  uint new_password_len= (uint) strlen(new_password);
1575
  bool result= 1;
1576 1577 1578 1579 1580
  DBUG_ENTER("change_password");
  DBUG_PRINT("enter",("host: '%s'  user: '%s'  new_password: '%s'",
		      host,user,new_password));
  DBUG_ASSERT(host != 0);			// Ensured by parent

1581
  if (check_change_password(thd, host, user, new_password, new_password_len))
1582 1583
    DBUG_RETURN(1);

1584
  bzero((char*) &tables, sizeof(tables));
1585
  tables.alias= tables.table_name= (char*) "user";
1586 1587 1588 1589 1590 1591 1592
  tables.db= (char*) "mysql";

#ifdef HAVE_REPLICATION
  /*
    GRANT and REVOKE are applied the slave in/exclusion rules as they are
    some kind of updates to the mysql.% tables.
  */
1593
  if (thd->slave_thread && rpl_filter->is_on())
1594 1595 1596 1597 1598 1599 1600
  {
    /*
      The tables must be marked "updating" so that tables_ok() takes them into
      account in tests.  It's ok to leave 'updating' set after tables_ok.
    */
    tables.updating= 1;
    /* Thanks to bzero, tables.next==0 */
1601
    if (!(thd->spcont || rpl_filter->tables_ok(0, &tables)))
1602 1603 1604 1605
      DBUG_RETURN(0);
  }
#endif

1606
  if (!(table= open_ltable(thd, &tables, TL_WRITE, 0)))
1607 1608
    DBUG_RETURN(1);

bk@work.mysql.com's avatar
bk@work.mysql.com committed
1609 1610
  VOID(pthread_mutex_lock(&acl_cache->lock));
  ACL_USER *acl_user;
1611
  if (!(acl_user= find_acl_user(host, user, TRUE)))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1612 1613
  {
    VOID(pthread_mutex_unlock(&acl_cache->lock));
bell@sanja.is.com.ua's avatar
bell@sanja.is.com.ua committed
1614
    my_message(ER_PASSWORD_NO_MATCH, ER(ER_PASSWORD_NO_MATCH), MYF(0));
1615
    goto end;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1616
  }
1617 1618 1619
  /* update loaded acl entry: */
  set_user_salt(acl_user, new_password, new_password_len);

1620
  if (update_user_table(thd, table,
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1621
			acl_user->host.hostname ? acl_user->host.hostname : "",
1622
			acl_user->user ? acl_user->user : "",
1623
			new_password, new_password_len))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1624 1625
  {
    VOID(pthread_mutex_unlock(&acl_cache->lock)); /* purecov: deadcode */
1626
    goto end;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1627
  }
peter@mysql.com's avatar
peter@mysql.com committed
1628

bk@work.mysql.com's avatar
bk@work.mysql.com committed
1629 1630
  acl_cache->clear(1);				// Clear locked hostname cache
  VOID(pthread_mutex_unlock(&acl_cache->lock));
1631 1632 1633
  result= 0;
  if (mysql_bin_log.is_open())
  {
1634 1635
    query_length=
      my_sprintf(buff,
1636
                 (buff,"SET PASSWORD FOR '%-.120s'@'%-.120s'='%-.120s'",
1637 1638 1639
                  acl_user->user ? acl_user->user : "",
                  acl_user->host.hostname ? acl_user->host.hostname : "",
                  new_password));
1640
    thd->clear_error();
1641
    thd->binlog_query(THD::MYSQL_QUERY_TYPE, buff, query_length, FALSE, FALSE);
1642 1643 1644 1645
  }
end:
  close_thread_tables(thd);
  DBUG_RETURN(result);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1646 1647 1648
}


1649 1650 1651 1652 1653 1654 1655 1656 1657 1658 1659 1660 1661 1662 1663 1664
/*
  Find user in ACL

  SYNOPSIS
    is_acl_user()
    host                 host name
    user                 user name

  RETURN
   FALSE  user not fond
   TRUE   there are such user
*/

bool is_acl_user(const char *host, const char *user)
{
  bool res;
1665 1666 1667 1668 1669

  /* --skip-grants */
  if (!initialized)
    return TRUE;

1670
  VOID(pthread_mutex_lock(&acl_cache->lock));
1671
  res= find_acl_user(host, user, TRUE) != NULL;
1672 1673 1674 1675 1676
  VOID(pthread_mutex_unlock(&acl_cache->lock));
  return res;
}


bk@work.mysql.com's avatar
bk@work.mysql.com committed
1677 1678 1679 1680 1681
/*
  Find first entry that matches the current user
*/

static ACL_USER *
1682
find_acl_user(const char *host, const char *user, my_bool exact)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1683
{
1684
  DBUG_ENTER("find_acl_user");
1685
  DBUG_PRINT("enter",("host: '%s'  user: '%s'",host,user));
1686 1687 1688

  safe_mutex_assert_owner(&acl_cache->lock);

bk@work.mysql.com's avatar
bk@work.mysql.com committed
1689 1690 1691
  for (uint i=0 ; i < acl_users.elements ; i++)
  {
    ACL_USER *acl_user=dynamic_element(&acl_users,i,ACL_USER*);
1692
    DBUG_PRINT("info",("strcmp('%s','%s'), compare_hostname('%s','%s'),",
1693 1694 1695 1696
                       user, acl_user->user ? acl_user->user : "",
                       host,
                       acl_user->host.hostname ? acl_user->host.hostname :
                       ""));
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1697 1698 1699
    if (!acl_user->user && !user[0] ||
	acl_user->user && !strcmp(user,acl_user->user))
    {
1700
      if (exact ? !my_strcasecmp(system_charset_info, host,
1701 1702
                                 acl_user->host.hostname ?
				 acl_user->host.hostname : "") :
1703
          compare_hostname(&acl_user->host,host,host))
1704 1705 1706
      {
	DBUG_RETURN(acl_user);
      }
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1707 1708
    }
  }
1709
  DBUG_RETURN(0);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1710 1711 1712
}


1713 1714 1715 1716 1717 1718 1719 1720 1721 1722 1723
/*
  Comparing of hostnames

  NOTES
  A hostname may be of type:
  hostname   (May include wildcards);   monty.pp.sci.fi
  ip	   (May include wildcards);   192.168.0.0
  ip/netmask			      192.168.0.0/255.255.255.0

  A net mask of 0.0.0.0 is not allowed.
*/
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1724 1725 1726 1727 1728 1729 1730 1731 1732 1733 1734 1735 1736 1737 1738 1739 1740 1741 1742 1743 1744 1745

static const char *calc_ip(const char *ip, long *val, char end)
{
  long ip_val,tmp;
  if (!(ip=str2int(ip,10,0,255,&ip_val)) || *ip != '.')
    return 0;
  ip_val<<=24;
  if (!(ip=str2int(ip+1,10,0,255,&tmp)) || *ip != '.')
    return 0;
  ip_val+=tmp<<16;
  if (!(ip=str2int(ip+1,10,0,255,&tmp)) || *ip != '.')
    return 0;
  ip_val+=tmp<<8;
  if (!(ip=str2int(ip+1,10,0,255,&tmp)) || *ip != end)
    return 0;
  *val=ip_val+tmp;
  return ip;
}


static void update_hostname(acl_host_and_ip *host, const char *hostname)
{
1746
  host->hostname=(char*) hostname;             // This will not be modified!
1747
  if (!hostname ||
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1748 1749 1750
      (!(hostname=calc_ip(hostname,&host->ip,'/')) ||
       !(hostname=calc_ip(hostname+1,&host->ip_mask,'\0'))))
  {
1751
    host->ip= host->ip_mask=0;			// Not a masked ip
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1752 1753 1754 1755 1756 1757 1758 1759 1760 1761 1762 1763 1764
  }
}


static bool compare_hostname(const acl_host_and_ip *host, const char *hostname,
			     const char *ip)
{
  long tmp;
  if (host->ip_mask && ip && calc_ip(ip,&tmp,'\0'))
  {
    return (tmp & host->ip_mask) == host->ip;
  }
  return (!host->hostname ||
1765
	  (hostname && !wild_case_compare(system_charset_info,
1766 1767
                                          hostname, host->hostname)) ||
	  (ip && !wild_compare(ip, host->hostname, 0)));
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1768 1769
}

hf@deer.(none)'s avatar
SCRUM  
hf@deer.(none) committed
1770 1771 1772 1773
bool hostname_requires_resolving(const char *hostname)
{
  char cur;
  if (!hostname)
monty@mysql.com's avatar
monty@mysql.com committed
1774
    return FALSE;
1775 1776
  size_t namelen= strlen(hostname);
  size_t lhlen= strlen(my_localhost);
hf@deer.(none)'s avatar
SCRUM  
hf@deer.(none) committed
1777
  if ((namelen == lhlen) &&
1778
      !my_strnncoll(system_charset_info, (const uchar *)hostname,  namelen,
hf@deer.(none)'s avatar
SCRUM  
hf@deer.(none) committed
1779
		    (const uchar *)my_localhost, strlen(my_localhost)))
monty@mysql.com's avatar
monty@mysql.com committed
1780
    return FALSE;
hf@deer.(none)'s avatar
SCRUM  
hf@deer.(none) committed
1781 1782
  for (; (cur=*hostname); hostname++)
  {
1783
    if ((cur != '%') && (cur != '_') && (cur != '.') && (cur != '/') &&
hf@deer.(none)'s avatar
SCRUM  
hf@deer.(none) committed
1784
	((cur < '0') || (cur > '9')))
monty@mysql.com's avatar
monty@mysql.com committed
1785
      return TRUE;
hf@deer.(none)'s avatar
SCRUM  
hf@deer.(none) committed
1786
  }
monty@mysql.com's avatar
monty@mysql.com committed
1787
  return FALSE;
hf@deer.(none)'s avatar
SCRUM  
hf@deer.(none) committed
1788
}
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1789

1790

1791
/*
1792 1793 1794 1795 1796 1797 1798 1799 1800 1801
  Update record for user in mysql.user privilege table with new password.

  SYNOPSIS
    update_user_table()
      thd               Thread handle
      table             Pointer to TABLE object for open mysql.user table
      host/user         Hostname/username pair identifying user for which
                        new password should be set
      new_password      New password
      new_password_len  Length of new password
1802
*/
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1803

1804 1805
static bool update_user_table(THD *thd, TABLE *table,
                              const char *host, const char *user,
1806
			      const char *new_password, uint new_password_len)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1807
{
1808
  char user_key[MAX_KEY_LENGTH];
1809
  int error;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1810 1811 1812
  DBUG_ENTER("update_user_table");
  DBUG_PRINT("enter",("user: %s  host: %s",user,host));

1813
  table->use_all_columns();
1814 1815
  table->field[0]->store(host,(uint) strlen(host), system_charset_info);
  table->field[1]->store(user,(uint) strlen(user), system_charset_info);
1816
  key_copy((uchar *) user_key, table->record[0], table->key_info,
1817
           table->key_info->key_length);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1818

1819 1820 1821
  if (table->file->index_read_idx_map(table->record[0], 0,
                                      (uchar *) user_key, HA_WHOLE_KEY,
                                      HA_READ_KEY_EXACT))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1822
  {
bell@sanja.is.com.ua's avatar
bell@sanja.is.com.ua committed
1823 1824
    my_message(ER_PASSWORD_NO_MATCH, ER(ER_PASSWORD_NO_MATCH),
               MYF(0));	/* purecov: deadcode */
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1825 1826
    DBUG_RETURN(1);				/* purecov: deadcode */
  }
1827
  store_record(table,record[1]);
1828
  table->field[2]->store(new_password, new_password_len, system_charset_info);
1829 1830
  if ((error=table->file->ha_update_row(table->record[1],table->record[0])) &&
      error != HA_ERR_RECORD_IS_THE_SAME)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1831 1832
  {
    table->file->print_error(error,MYF(0));	/* purecov: deadcode */
1833
    DBUG_RETURN(1);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1834
  }
1835
  DBUG_RETURN(0);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1836 1837
}

monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
1838

1839 1840 1841 1842 1843 1844
/*
  Return 1 if we are allowed to create new users
  the logic here is: INSERT_ACL is sufficient.
  It's also a requirement in opt_safe_user_create,
  otherwise CREATE_USER_ACL is enough.
*/
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
1845 1846 1847

static bool test_if_create_new_users(THD *thd)
{
1848
  Security_context *sctx= thd->security_ctx;
1849
  bool create_new_users= test(sctx->master_access & INSERT_ACL) ||
1850
                         (!opt_safe_user_create &&
1851
                          test(sctx->master_access & CREATE_USER_ACL));
1852
  if (!create_new_users)
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
1853 1854
  {
    TABLE_LIST tl;
1855
    ulong db_access;
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
1856 1857
    bzero((char*) &tl,sizeof(tl));
    tl.db=	   (char*) "mysql";
1858
    tl.table_name=  (char*) "user";
1859
    create_new_users= 1;
bell@sanja.is.com.ua's avatar
bell@sanja.is.com.ua committed
1860

1861 1862
    db_access=acl_get(sctx->host, sctx->ip,
		      sctx->priv_user, tl.db, 0);
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
1863 1864
    if (!(db_access & INSERT_ACL))
    {
bell@sanja.is.com.ua's avatar
bell@sanja.is.com.ua committed
1865
      if (check_grant(thd, INSERT_ACL, &tl, 0, UINT_MAX, 1))
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
1866 1867 1868 1869 1870 1871 1872
	create_new_users=0;
    }
  }
  return create_new_users;
}


bk@work.mysql.com's avatar
bk@work.mysql.com committed
1873
/****************************************************************************
1874
  Handle GRANT commands
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1875 1876
****************************************************************************/

1877
static int replace_user_table(THD *thd, TABLE *table, const LEX_USER &combo,
1878
			      ulong rights, bool revoke_grant,
serg@serg.mylan's avatar
serg@serg.mylan committed
1879
			      bool can_create_user, bool no_auto_create)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1880 1881
{
  int error = -1;
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
1882
  bool old_row_exists=0;
1883
  const char *password= "";
1884
  uint password_len= 0;
1885
  char what= (revoke_grant) ? 'N' : 'Y';
1886
  uchar user_key[MAX_KEY_LENGTH];
1887
  LEX *lex= thd->lex;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1888
  DBUG_ENTER("replace_user_table");
1889

1890
  safe_mutex_assert_owner(&acl_cache->lock);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1891 1892

  if (combo.password.str && combo.password.str[0])
1893
  {
1894 1895
    if (combo.password.length != SCRAMBLED_PASSWORD_CHAR_LENGTH &&
        combo.password.length != SCRAMBLED_PASSWORD_CHAR_LENGTH_323)
1896
    {
1897
      my_error(ER_PASSWD_LENGTH, MYF(0), SCRAMBLED_PASSWORD_CHAR_LENGTH);
1898
      DBUG_RETURN(-1);
1899
    }
1900
    password_len= combo.password.length;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1901
    password=combo.password.str;
1902
  }
peter@mysql.com's avatar
peter@mysql.com committed
1903

1904 1905 1906 1907 1908
  table->use_all_columns();
  table->field[0]->store(combo.host.str,combo.host.length,
                         system_charset_info);
  table->field[1]->store(combo.user.str,combo.user.length,
                         system_charset_info);
1909 1910 1911
  key_copy(user_key, table->record[0], table->key_info,
           table->key_info->key_length);

1912 1913 1914
  if (table->file->index_read_idx_map(table->record[0], 0, user_key,
                                      HA_WHOLE_KEY,
                                      HA_READ_KEY_EXACT))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1915
  {
1916 1917
    /* what == 'N' means revoke */
    if (what == 'N')
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1918
    {
1919 1920 1921 1922
      my_error(ER_NONEXISTING_GRANT, MYF(0), combo.user.str, combo.host.str);
      goto end;
    }
    /*
1923 1924
      There are four options which affect the process of creation of
      a new user (mysqld option --safe-create-user, 'insert' privilege
1925 1926 1927 1928 1929 1930 1931
      on 'mysql.user' table, using 'GRANT' with 'IDENTIFIED BY' and
      SQL_MODE flag NO_AUTO_CREATE_USER). Below is the simplified rule
      how it should work.
      if (safe-user-create && ! INSERT_priv) => reject
      else if (identified_by) => create
      else if (no_auto_create_user) => reject
      else create
1932 1933

      see also test_if_create_new_users()
1934
    */
serg@serg.mylan's avatar
serg@serg.mylan committed
1935 1936 1937 1938 1939 1940
    else if (!password_len && no_auto_create)
    {
      my_error(ER_PASSWORD_NO_MATCH, MYF(0), combo.user.str, combo.host.str);
      goto end;
    }
    else if (!can_create_user)
1941
    {
1942
      my_error(ER_CANT_CREATE_USER_WITH_GRANT, MYF(0),
1943
               thd->security_ctx->user, thd->security_ctx->host_or_ip);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1944 1945
      goto end;
    }
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
1946
    old_row_exists = 0;
1947
    restore_record(table,s->default_values);
1948
    table->field[0]->store(combo.host.str,combo.host.length,
1949
                           system_charset_info);
1950
    table->field[1]->store(combo.user.str,combo.user.length,
1951
                           system_charset_info);
1952
    table->field[2]->store(password, password_len,
1953
                           system_charset_info);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1954 1955 1956
  }
  else
  {
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
1957
    old_row_exists = 1;
1958
    store_record(table,record[1]);			// Save copy for update
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1959
    if (combo.password.str)			// If password given
1960
      table->field[2]->store(password, password_len, system_charset_info);
1961
    else if (!rights && !revoke_grant &&
1962 1963
             lex->ssl_type == SSL_TYPE_NOT_SPECIFIED &&
             !lex->mqh.specified_limits)
1964 1965 1966
    {
      DBUG_RETURN(0);
    }
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1967 1968
  }

1969 1970 1971 1972
  /* Update table columns with new privileges */

  Field **tmp_field;
  ulong priv;
1973
  uint next_field;
1974
  for (tmp_field= table->field+3, priv = SELECT_ACL;
1975
       *tmp_field && (*tmp_field)->real_type() == MYSQL_TYPE_ENUM &&
1976 1977
	 ((Field_enum*) (*tmp_field))->typelib->count == 2 ;
       tmp_field++, priv <<= 1)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1978
  {
1979
    if (priv & rights)				 // set requested privileges
1980
      (*tmp_field)->store(&what, 1, &my_charset_latin1);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
1981
  }
1982
  rights= get_access(table, 3, &next_field);
1983 1984
  DBUG_PRINT("info",("table fields: %d",table->s->fields));
  if (table->s->fields >= 31)		/* From 4.0.0 we have more fields */
1985
  {
1986
    /* We write down SSL related ACL stuff */
1987
    switch (lex->ssl_type) {
1988
    case SSL_TYPE_ANY:
1989 1990
      table->field[next_field]->store(STRING_WITH_LEN("ANY"),
                                      &my_charset_latin1);
1991 1992 1993
      table->field[next_field+1]->store("", 0, &my_charset_latin1);
      table->field[next_field+2]->store("", 0, &my_charset_latin1);
      table->field[next_field+3]->store("", 0, &my_charset_latin1);
1994 1995
      break;
    case SSL_TYPE_X509:
1996 1997
      table->field[next_field]->store(STRING_WITH_LEN("X509"),
                                      &my_charset_latin1);
1998 1999 2000
      table->field[next_field+1]->store("", 0, &my_charset_latin1);
      table->field[next_field+2]->store("", 0, &my_charset_latin1);
      table->field[next_field+3]->store("", 0, &my_charset_latin1);
2001 2002
      break;
    case SSL_TYPE_SPECIFIED:
2003 2004
      table->field[next_field]->store(STRING_WITH_LEN("SPECIFIED"),
                                      &my_charset_latin1);
2005 2006 2007
      table->field[next_field+1]->store("", 0, &my_charset_latin1);
      table->field[next_field+2]->store("", 0, &my_charset_latin1);
      table->field[next_field+3]->store("", 0, &my_charset_latin1);
2008
      if (lex->ssl_cipher)
serg@sergbook.mysql.com's avatar
serg@sergbook.mysql.com committed
2009 2010
        table->field[next_field+1]->store(lex->ssl_cipher,
                                strlen(lex->ssl_cipher), system_charset_info);
2011
      if (lex->x509_issuer)
serg@sergbook.mysql.com's avatar
serg@sergbook.mysql.com committed
2012 2013
        table->field[next_field+2]->store(lex->x509_issuer,
                                strlen(lex->x509_issuer), system_charset_info);
2014
      if (lex->x509_subject)
serg@sergbook.mysql.com's avatar
serg@sergbook.mysql.com committed
2015 2016
        table->field[next_field+3]->store(lex->x509_subject,
                                strlen(lex->x509_subject), system_charset_info);
2017
      break;
monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
2018
    case SSL_TYPE_NOT_SPECIFIED:
gluh@gluh.(none)'s avatar
gluh@gluh.(none) committed
2019 2020
      break;
    case SSL_TYPE_NONE:
2021 2022 2023 2024
      table->field[next_field]->store("", 0, &my_charset_latin1);
      table->field[next_field+1]->store("", 0, &my_charset_latin1);
      table->field[next_field+2]->store("", 0, &my_charset_latin1);
      table->field[next_field+3]->store("", 0, &my_charset_latin1);
gluh@gluh.(none)'s avatar
gluh@gluh.(none) committed
2025
      break;
2026
    }
serg@sergbook.mysql.com's avatar
serg@sergbook.mysql.com committed
2027
    next_field+=4;
2028

2029
    USER_RESOURCES mqh= lex->mqh;
2030
    if (mqh.specified_limits & USER_RESOURCES::QUERIES_PER_HOUR)
2031
      table->field[next_field]->store((longlong) mqh.questions, TRUE);
2032
    if (mqh.specified_limits & USER_RESOURCES::UPDATES_PER_HOUR)
2033
      table->field[next_field+1]->store((longlong) mqh.updates, TRUE);
2034
    if (mqh.specified_limits & USER_RESOURCES::CONNECTIONS_PER_HOUR)
2035
      table->field[next_field+2]->store((longlong) mqh.conn_per_hour, TRUE);
2036
    if (table->s->fields >= 36 &&
2037
        (mqh.specified_limits & USER_RESOURCES::USER_CONNECTIONS))
2038
      table->field[next_field+3]->store((longlong) mqh.user_conn, TRUE);
2039
    mqh_used= mqh_used || mqh.questions || mqh.updates || mqh.conn_per_hour;
2040
  }
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
2041
  if (old_row_exists)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2042 2043 2044 2045 2046
  {
    /*
      We should NEVER delete from the user table, as a uses can still
      use mysqld even if he doesn't have any privileges in the user table!
    */
2047 2048 2049 2050 2051 2052 2053 2054 2055 2056 2057 2058
    if (cmp_record(table,record[1]))
    {
      if ((error=
           table->file->ha_update_row(table->record[1],table->record[0])) &&
          error != HA_ERR_RECORD_IS_THE_SAME)
      {						// This should never happen
        table->file->print_error(error,MYF(0));	/* purecov: deadcode */
        error= -1;				/* purecov: deadcode */
        goto end;				/* purecov: deadcode */
      }
      else
        error= 0;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2059 2060
    }
  }
2061
  else if ((error=table->file->ha_write_row(table->record[0]))) // insert
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2062
  {						// This should never happen
2063
    if (table->file->is_fatal_error(error, HA_CHECK_DUP))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2064 2065 2066 2067 2068 2069 2070 2071
    {
      table->file->print_error(error,MYF(0));	/* purecov: deadcode */
      error= -1;				/* purecov: deadcode */
      goto end;					/* purecov: deadcode */
    }
  }
  error=0;					// Privileges granted / revoked

2072
end:
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2073 2074 2075
  if (!error)
  {
    acl_cache->clear(1);			// Clear privilege cache
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
2076
    if (old_row_exists)
2077 2078
      acl_update_user(combo.user.str, combo.host.str,
                      combo.password.str, password_len,
2079 2080 2081 2082 2083
		      lex->ssl_type,
		      lex->ssl_cipher,
		      lex->x509_issuer,
		      lex->x509_subject,
		      &lex->mqh,
2084
		      rights);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2085
    else
2086
      acl_insert_user(combo.user.str, combo.host.str, password, password_len,
2087 2088 2089 2090 2091
		      lex->ssl_type,
		      lex->ssl_cipher,
		      lex->x509_issuer,
		      lex->x509_subject,
		      &lex->mqh,
2092
		      rights);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2093 2094 2095 2096 2097 2098
  }
  DBUG_RETURN(error);
}


/*
2099
  change grants in the mysql.db table
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2100 2101 2102 2103
*/

static int replace_db_table(TABLE *table, const char *db,
			    const LEX_USER &combo,
2104
			    ulong rights, bool revoke_grant)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2105
{
2106 2107
  uint i;
  ulong priv,store_rights;
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
2108
  bool old_row_exists=0;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2109
  int error;
2110
  char what= (revoke_grant) ? 'N' : 'Y';
2111
  uchar user_key[MAX_KEY_LENGTH];
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2112 2113
  DBUG_ENTER("replace_db_table");

2114 2115
  if (!initialized)
  {
guilhem@mysql.com's avatar
guilhem@mysql.com committed
2116
    my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0), "--skip-grant-tables");
2117 2118 2119
    DBUG_RETURN(-1);
  }

2120
  /* Check if there is such a user in user table in memory? */
2121
  if (!find_acl_user(combo.host.str,combo.user.str, FALSE))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2122
  {
bell@sanja.is.com.ua's avatar
bell@sanja.is.com.ua committed
2123
    my_message(ER_PASSWORD_NO_MATCH, ER(ER_PASSWORD_NO_MATCH), MYF(0));
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2124 2125 2126
    DBUG_RETURN(-1);
  }

2127 2128 2129
  table->use_all_columns();
  table->field[0]->store(combo.host.str,combo.host.length,
                         system_charset_info);
2130
  table->field[1]->store(db,(uint) strlen(db), system_charset_info);
2131 2132
  table->field[2]->store(combo.user.str,combo.user.length,
                         system_charset_info);
2133 2134 2135
  key_copy(user_key, table->record[0], table->key_info,
           table->key_info->key_length);

2136 2137 2138
  if (table->file->index_read_idx_map(table->record[0],0, user_key,
                                      HA_WHOLE_KEY,
                                      HA_READ_KEY_EXACT))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2139 2140 2141
  {
    if (what == 'N')
    { // no row, no revoke
guilhem@mysql.com's avatar
guilhem@mysql.com committed
2142
      my_error(ER_NONEXISTING_GRANT, MYF(0), combo.user.str, combo.host.str);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2143 2144
      goto abort;
    }
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
2145
    old_row_exists = 0;
2146
    restore_record(table, s->default_values);
2147 2148
    table->field[0]->store(combo.host.str,combo.host.length,
                           system_charset_info);
2149
    table->field[1]->store(db,(uint) strlen(db), system_charset_info);
2150 2151
    table->field[2]->store(combo.user.str,combo.user.length,
                           system_charset_info);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2152 2153 2154
  }
  else
  {
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
2155
    old_row_exists = 1;
2156
    store_record(table,record[1]);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2157 2158 2159
  }

  store_rights=get_rights_for_db(rights);
2160
  for (i= 3, priv= 1; i < table->s->fields; i++, priv <<= 1)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2161
  {
2162
    if (priv & store_rights)			// do it if priv is chosen
2163
      table->field [i]->store(&what,1, &my_charset_latin1);// set requested privileges
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2164 2165 2166 2167
  }
  rights=get_access(table,3);
  rights=fix_rights_for_db(rights);

monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
2168
  if (old_row_exists)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2169
  {
2170
    /* update old existing row */
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2171 2172
    if (rights)
    {
2173
      if ((error= table->file->ha_update_row(table->record[1],
2174 2175
                                             table->record[0])) &&
          error != HA_ERR_RECORD_IS_THE_SAME)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2176 2177 2178 2179
	goto table_error;			/* purecov: deadcode */
    }
    else	/* must have been a revoke of all privileges */
    {
2180
      if ((error= table->file->ha_delete_row(table->record[1])))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2181 2182 2183
	goto table_error;			/* purecov: deadcode */
    }
  }
2184
  else if (rights && (error= table->file->ha_write_row(table->record[0])))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2185
  {
2186
    if (table->file->is_fatal_error(error, HA_CHECK_DUP_KEY))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2187 2188 2189 2190
      goto table_error; /* purecov: deadcode */
  }

  acl_cache->clear(1);				// Clear privilege cache
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
2191
  if (old_row_exists)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2192 2193
    acl_update_db(combo.user.str,combo.host.str,db,rights);
  else
2194
  if (rights)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2195 2196 2197 2198
    acl_insert_db(combo.user.str,combo.host.str,db,rights);
  DBUG_RETURN(0);

  /* This could only happen if the grant tables got corrupted */
2199
table_error:
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2200 2201
  table->file->print_error(error,MYF(0));	/* purecov: deadcode */

2202
abort:
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2203 2204 2205 2206 2207 2208 2209 2210
  DBUG_RETURN(-1);
}


class GRANT_COLUMN :public Sql_alloc
{
public:
  char *column;
2211 2212 2213
  ulong rights;
  uint key_length;
  GRANT_COLUMN(String &c,  ulong y) :rights (y)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2214
  {
2215
    column= (char*) memdup_root(&memex,c.ptr(), key_length=c.length());
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2216 2217 2218
  }
};

2219

2220
static uchar* get_key_column(GRANT_COLUMN *buff, size_t *length,
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2221 2222 2223
			    my_bool not_used __attribute__((unused)))
{
  *length=buff->key_length;
2224
  return (uchar*) buff->column;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2225 2226
}

2227

2228
class GRANT_NAME :public Sql_alloc
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2229 2230
{
public:
2231 2232
  acl_host_and_ip host;
  char *db, *user, *tname, *hash_key;
2233
  ulong privs;
2234
  ulong sort;
2235
  size_t key_length;
2236 2237 2238 2239 2240 2241 2242 2243 2244 2245 2246 2247
  GRANT_NAME(const char *h, const char *d,const char *u,
             const char *t, ulong p);
  GRANT_NAME (TABLE *form);
  virtual ~GRANT_NAME() {};
  virtual bool ok() { return privs != 0; }
};


class GRANT_TABLE :public GRANT_NAME
{
public:
  ulong cols;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2248
  HASH hash_columns;
monty@mysql.com's avatar
monty@mysql.com committed
2249 2250 2251 2252

  GRANT_TABLE(const char *h, const char *d,const char *u,
              const char *t, ulong p, ulong c);
  GRANT_TABLE (TABLE *form, TABLE *col_privs);
2253
  ~GRANT_TABLE();
2254 2255
  bool ok() { return privs != 0 || cols != 0; }
};
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2256

2257

monty@mysql.com's avatar
monty@mysql.com committed
2258

2259 2260 2261
GRANT_NAME::GRANT_NAME(const char *h, const char *d,const char *u,
                       const char *t, ulong p)
  :privs(p)
2262 2263
{
  /* Host given by user */
2264
  update_hostname(&host, strdup_root(&memex, h));
2265 2266
  db =   strdup_root(&memex,d);
  user = strdup_root(&memex,u);
2267
  sort=  get_sort(3,host.hostname,db,user);
2268 2269
  tname= strdup_root(&memex,t);
  if (lower_case_table_names)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2270
  {
2271 2272
    my_casedn_str(files_charset_info, db);
    my_casedn_str(files_charset_info, tname);
2273
  }
2274 2275
  key_length= strlen(d) + strlen(u)+ strlen(t)+3;
  hash_key=   (char*) alloc_root(&memex,key_length);
2276
  strmov(strmov(strmov(hash_key,user)+1,db)+1,tname);
2277 2278 2279 2280 2281 2282 2283
}


GRANT_TABLE::GRANT_TABLE(const char *h, const char *d,const char *u,
                	 const char *t, ulong p, ulong c)
  :GRANT_NAME(h,d,u,t,p), cols(c)
{
2284
  (void) hash_init(&hash_columns,system_charset_info,
monty@mysql.com's avatar
monty@mysql.com committed
2285
                   0,0,0, (hash_get_key) get_key_column,0,0);
2286
}
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2287

2288

2289
GRANT_NAME::GRANT_NAME(TABLE *form)
2290
{
2291
  update_hostname(&host, get_field(&memex, form->field[0]));
monty@mysql.com's avatar
monty@mysql.com committed
2292 2293
  db=    get_field(&memex,form->field[1]);
  user=  get_field(&memex,form->field[2]);
2294 2295
  if (!user)
    user= (char*) "";
2296
  sort=  get_sort(3, host.hostname, db, user);
monty@mysql.com's avatar
monty@mysql.com committed
2297
  tname= get_field(&memex,form->field[3]);
2298 2299 2300
  if (!db || !tname)
  {
    /* Wrong table row; Ignore it */
2301
    privs= 0;
2302 2303 2304 2305
    return;					/* purecov: inspected */
  }
  if (lower_case_table_names)
  {
2306 2307
    my_casedn_str(files_charset_info, db);
    my_casedn_str(files_charset_info, tname);
2308
  }
2309 2310
  key_length= (strlen(db) + strlen(user) + strlen(tname) + 3);
  hash_key=   (char*) alloc_root(&memex, key_length);
2311 2312 2313
  strmov(strmov(strmov(hash_key,user)+1,db)+1,tname);
  privs = (ulong) form->field[6]->val_int();
  privs = fix_rights_for_table(privs);
2314 2315 2316 2317 2318 2319
}


GRANT_TABLE::GRANT_TABLE(TABLE *form, TABLE *col_privs)
  :GRANT_NAME(form)
{
2320
  uchar key[MAX_KEY_LENGTH];
2321 2322 2323 2324 2325 2326 2327 2328 2329

  if (!db || !tname)
  {
    /* Wrong table row; Ignore it */
    hash_clear(&hash_columns);                  /* allow for destruction */
    cols= 0;
    return;
  }
  cols= (ulong) form->field[7]->val_int();
2330 2331
  cols =  fix_rights_for_column(cols);

2332
  (void) hash_init(&hash_columns,system_charset_info,
monty@mysql.com's avatar
monty@mysql.com committed
2333
                   0,0,0, (hash_get_key) get_key_column,0,0);
2334 2335
  if (cols)
  {
2336 2337
    uint key_prefix_len;
    KEY_PART_INFO *key_part= col_privs->key_info->key_part;
2338
    col_privs->field[0]->store(host.hostname,
2339 2340
                               host.hostname ? (uint) strlen(host.hostname) :
                               0,
2341 2342 2343 2344
                               system_charset_info);
    col_privs->field[1]->store(db,(uint) strlen(db), system_charset_info);
    col_privs->field[2]->store(user,(uint) strlen(user), system_charset_info);
    col_privs->field[3]->store(tname,(uint) strlen(tname), system_charset_info);
2345 2346 2347 2348 2349 2350

    key_prefix_len= (key_part[0].store_length +
                     key_part[1].store_length +
                     key_part[2].store_length +
                     key_part[3].store_length);
    key_copy(key, col_privs->record[0], col_privs->key_info, key_prefix_len);
monty@mysql.com's avatar
monty@mysql.com committed
2351
    col_privs->field[4]->store("",0, &my_charset_latin1);
2352

2353
    col_privs->file->ha_index_init(0, 1);
2354 2355
    if (col_privs->file->index_read_map(col_privs->record[0], (uchar*) key,
                                        (key_part_map)15, HA_READ_KEY_EXACT))
2356
    {
2357
      cols = 0; /* purecov: deadcode */
2358
      col_privs->file->ha_index_end();
2359
      return;
2360
    }
2361
    do
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2362
    {
2363 2364 2365
      String *res,column_name;
      GRANT_COLUMN *mem_check;
      /* As column name is a string, we don't have to supply a buffer */
monty@mysql.com's avatar
monty@mysql.com committed
2366
      res=col_privs->field[4]->val_str(&column_name);
2367 2368 2369
      ulong priv= (ulong) col_privs->field[6]->val_int();
      if (!(mem_check = new GRANT_COLUMN(*res,
                                         fix_rights_for_column(priv))))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2370
      {
2371 2372 2373
        /* Don't use this entry */
        privs = cols = 0;			/* purecov: deadcode */
        return;				/* purecov: deadcode */
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2374
      }
2375
      my_hash_insert(&hash_columns, (uchar *) mem_check);
2376
    } while (!col_privs->file->index_next(col_privs->record[0]) &&
2377
             !key_cmp_if_same(col_privs,key,0,key_prefix_len));
2378
    col_privs->file->ha_index_end();
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2379
  }
2380
}
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2381

2382

2383 2384 2385 2386 2387 2388
GRANT_TABLE::~GRANT_TABLE()
{
  hash_free(&hash_columns);
}


2389
static uchar* get_grant_table(GRANT_NAME *buff, size_t *length,
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2390 2391 2392
			     my_bool not_used __attribute__((unused)))
{
  *length=buff->key_length;
2393
  return (uchar*) buff->hash_key;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2394 2395
}

2396

bk@work.mysql.com's avatar
bk@work.mysql.com committed
2397 2398 2399 2400 2401
void free_grant_table(GRANT_TABLE *grant_table)
{
  hash_free(&grant_table->hash_columns);
}

2402

bk@work.mysql.com's avatar
bk@work.mysql.com committed
2403 2404
/* Search after a matching grant. Prefer exact grants before not exact ones */

2405
static GRANT_NAME *name_hash_search(HASH *name_hash,
2406 2407 2408 2409
                                    const char *host,const char* ip,
                                    const char *db,
                                    const char *user, const char *tname,
                                    bool exact)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2410
{
gluh@mysql.com/gluh.(none)'s avatar
gluh@mysql.com/gluh.(none) committed
2411
  char helping [NAME_LEN*2+USERNAME_LENGTH+3];
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2412
  uint len;
2413
  GRANT_NAME *grant_name,*found=0;
2414
  HASH_SEARCH_STATE state;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2415 2416

  len  = (uint) (strmov(strmov(strmov(helping,user)+1,db)+1,tname)-helping)+ 1;
2417
  for (grant_name= (GRANT_NAME*) hash_first(name_hash, (uchar*) helping,
2418
                                            len, &state);
2419
       grant_name ;
2420
       grant_name= (GRANT_NAME*) hash_next(name_hash,(uchar*) helping,
2421
                                           len, &state))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2422 2423 2424
  {
    if (exact)
    {
2425 2426
      if (!grant_name->host.hostname ||
          (host &&
2427
	   !my_strcasecmp(system_charset_info, host,
gluh@mysql.com's avatar
gluh@mysql.com committed
2428 2429
                          grant_name->host.hostname)) ||
	  (ip && !strcmp(ip, grant_name->host.hostname)))
2430
	return grant_name;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2431 2432 2433
    }
    else
    {
2434
      if (compare_hostname(&grant_name->host, host, ip) &&
2435 2436
          (!found || found->sort < grant_name->sort))
	found=grant_name;					// Host ok
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2437 2438 2439 2440 2441 2442
    }
  }
  return found;
}


2443
inline GRANT_NAME *
2444 2445
routine_hash_search(const char *host, const char *ip, const char *db,
                 const char *user, const char *tname, bool proc, bool exact)
2446
{
2447 2448 2449
  return (GRANT_TABLE*)
    name_hash_search(proc ? &proc_priv_hash : &func_priv_hash,
		     host, ip, db, user, tname, exact);
2450 2451 2452 2453 2454 2455 2456 2457 2458 2459 2460
}


inline GRANT_TABLE *
table_hash_search(const char *host, const char *ip, const char *db,
		  const char *user, const char *tname, bool exact)
{
  return (GRANT_TABLE*) name_hash_search(&column_priv_hash, host, ip, db,
					 user, tname, exact);
}

bk@work.mysql.com's avatar
bk@work.mysql.com committed
2461

2462
inline GRANT_COLUMN *
2463
column_hash_search(GRANT_TABLE *t, const char *cname, uint length)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2464
{
2465
  return (GRANT_COLUMN*) hash_search(&t->hash_columns, (uchar*) cname,length);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2466 2467 2468 2469 2470 2471 2472
}


static int replace_column_table(GRANT_TABLE *g_t,
				TABLE *table, const LEX_USER &combo,
				List <LEX_COLUMN> &columns,
				const char *db, const char *table_name,
2473
				ulong rights, bool revoke_grant)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2474 2475
{
  int error=0,result=0;
2476
  uchar key[MAX_KEY_LENGTH];
2477 2478
  uint key_prefix_length;
  KEY_PART_INFO *key_part= table->key_info->key_part;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2479 2480
  DBUG_ENTER("replace_column_table");

2481
  table->use_all_columns();
2482 2483 2484 2485 2486 2487 2488 2489
  table->field[0]->store(combo.host.str,combo.host.length,
                         system_charset_info);
  table->field[1]->store(db,(uint) strlen(db),
                         system_charset_info);
  table->field[2]->store(combo.user.str,combo.user.length,
                         system_charset_info);
  table->field[3]->store(table_name,(uint) strlen(table_name),
                         system_charset_info);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2490

2491
  /* Get length of 4 first key parts */
2492 2493 2494
  key_prefix_length= (key_part[0].store_length + key_part[1].store_length +
                      key_part[2].store_length + key_part[3].store_length);
  key_copy(key, table->record[0], table->key_info, key_prefix_length);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2495

2496
  rights&= COL_ACLS;				// Only ACL for columns
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2497 2498 2499 2500

  /* first fix privileges for all columns in column list */

  List_iterator <LEX_COLUMN> iter(columns);
2501
  class LEX_COLUMN *column;
2502
  table->file->ha_index_init(0, 1);
2503
  while ((column= iter++))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2504
  {
2505
    ulong privileges= column->rights;
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
2506
    bool old_row_exists=0;
2507
    uchar user_key[MAX_KEY_LENGTH];
2508 2509 2510

    key_restore(table->record[0],key,table->key_info,
                key_prefix_length);
2511
    table->field[4]->store(column->column.ptr(), column->column.length(),
2512
                           system_charset_info);
2513 2514 2515
    /* Get key for the first 4 columns */
    key_copy(user_key, table->record[0], table->key_info,
             table->key_info->key_length);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2516

2517 2518
    if (table->file->index_read_map(table->record[0], user_key, HA_WHOLE_KEY,
                                    HA_READ_KEY_EXACT))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2519 2520 2521
    {
      if (revoke_grant)
      {
guilhem@mysql.com's avatar
guilhem@mysql.com committed
2522
	my_error(ER_NONEXISTING_TABLE_GRANT, MYF(0),
2523
                 combo.user.str, combo.host.str,
2524 2525 2526
                 table_name);                   /* purecov: inspected */
	result= -1;                             /* purecov: inspected */
	continue;                               /* purecov: inspected */
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2527
      }
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
2528
      old_row_exists = 0;
2529
      restore_record(table, s->default_values);		// Get empty record
2530 2531
      key_restore(table->record[0],key,table->key_info,
                  key_prefix_length);
2532
      table->field[4]->store(column->column.ptr(),column->column.length(),
2533
                             system_charset_info);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2534 2535 2536
    }
    else
    {
2537
      ulong tmp= (ulong) table->field[6]->val_int();
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2538 2539 2540 2541 2542 2543
      tmp=fix_rights_for_column(tmp);

      if (revoke_grant)
	privileges = tmp & ~(privileges | rights);
      else
	privileges |= tmp;
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
2544
      old_row_exists = 1;
2545
      store_record(table,record[1]);			// copy original row
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2546 2547
    }

2548
    table->field[6]->store((longlong) get_rights_for_column(privileges), TRUE);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2549

monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
2550
    if (old_row_exists)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2551
    {
2552
      GRANT_COLUMN *grant_column;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2553
      if (privileges)
2554
	error=table->file->ha_update_row(table->record[1],table->record[0]);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2555
      else
2556
	error=table->file->ha_delete_row(table->record[1]);
2557
      if (error && error != HA_ERR_RECORD_IS_THE_SAME)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2558 2559 2560 2561 2562
      {
	table->file->print_error(error,MYF(0)); /* purecov: inspected */
	result= -1;				/* purecov: inspected */
	goto end;				/* purecov: inspected */
      }
2563 2564
      else
        error= 0;
2565 2566
      grant_column= column_hash_search(g_t, column->column.ptr(),
                                       column->column.length());
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2567
      if (grant_column)				// Should always be true
2568
	grant_column->rights= privileges;	// Update hash
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2569 2570 2571
    }
    else					// new grant
    {
2572
      GRANT_COLUMN *grant_column;
2573
      if ((error=table->file->ha_write_row(table->record[0])))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2574 2575 2576 2577 2578
      {
	table->file->print_error(error,MYF(0)); /* purecov: inspected */
	result= -1;				/* purecov: inspected */
	goto end;				/* purecov: inspected */
      }
2579
      grant_column= new GRANT_COLUMN(column->column,privileges);
2580
      my_hash_insert(&g_t->hash_columns,(uchar*) grant_column);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2581 2582 2583 2584 2585 2586 2587 2588 2589 2590
    }
  }

  /*
    If revoke of privileges on the table level, remove all such privileges
    for all columns
  */

  if (revoke_grant)
  {
2591
    uchar user_key[MAX_KEY_LENGTH];
2592
    key_copy(user_key, table->record[0], table->key_info,
2593 2594
             key_prefix_length);

2595 2596 2597
    if (table->file->index_read_map(table->record[0], user_key,
                                    (key_part_map)15,
                                    HA_READ_KEY_EXACT))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2598 2599
      goto end;

2600
    /* Scan through all rows with the same host,db,user and table */
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2601 2602
    do
    {
2603
      ulong privileges = (ulong) table->field[6]->val_int();
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2604
      privileges=fix_rights_for_column(privileges);
2605
      store_record(table,record[1]);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2606 2607 2608 2609 2610

      if (privileges & rights)	// is in this record the priv to be revoked ??
      {
	GRANT_COLUMN *grant_column = NULL;
	char  colum_name_buf[HOSTNAME_LENGTH+1];
2611
	String column_name(colum_name_buf,sizeof(colum_name_buf),
2612
                           system_charset_info);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2613 2614 2615

	privileges&= ~rights;
	table->field[6]->store((longlong)
2616
			       get_rights_for_column(privileges), TRUE);
2617
	table->field[4]->val_str(&column_name);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2618 2619 2620 2621 2622 2623
	grant_column = column_hash_search(g_t,
					  column_name.ptr(),
					  column_name.length());
	if (privileges)
	{
	  int tmp_error;
2624
	  if ((tmp_error=table->file->ha_update_row(table->record[1],
2625 2626
						    table->record[0])) &&
              tmp_error != HA_ERR_RECORD_IS_THE_SAME)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2627 2628 2629 2630 2631 2632 2633 2634 2635 2636 2637
	  {					/* purecov: deadcode */
	    table->file->print_error(tmp_error,MYF(0)); /* purecov: deadcode */
	    result= -1;				/* purecov: deadcode */
	    goto end;				/* purecov: deadcode */
	  }
	  if (grant_column)
	    grant_column->rights  = privileges; // Update hash
	}
	else
	{
	  int tmp_error;
2638
	  if ((tmp_error = table->file->ha_delete_row(table->record[1])))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2639 2640 2641 2642 2643 2644
	  {					/* purecov: deadcode */
	    table->file->print_error(tmp_error,MYF(0)); /* purecov: deadcode */
	    result= -1;				/* purecov: deadcode */
	    goto end;				/* purecov: deadcode */
	  }
	  if (grant_column)
2645
	    hash_delete(&g_t->hash_columns,(uchar*) grant_column);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2646 2647 2648
	}
      }
    } while (!table->file->index_next(table->record[0]) &&
2649
	     !key_cmp_if_same(table, key, 0, key_prefix_length));
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2650 2651
  }

2652
end:
2653
  table->file->ha_index_end();
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2654 2655 2656 2657 2658 2659 2660
  DBUG_RETURN(result);
}


static int replace_table_table(THD *thd, GRANT_TABLE *grant_table,
			       TABLE *table, const LEX_USER &combo,
			       const char *db, const char *table_name,
2661 2662
			       ulong rights, ulong col_rights,
			       bool revoke_grant)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2663
{
2664
  char grantor[USER_HOST_BUFF_SIZE];
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
2665
  int old_row_exists = 1;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2666
  int error=0;
2667
  ulong store_table_rights, store_col_rights;
2668
  uchar user_key[MAX_KEY_LENGTH];
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2669 2670
  DBUG_ENTER("replace_table_table");

2671 2672
  strxmov(grantor, thd->security_ctx->user, "@",
          thd->security_ctx->host_or_ip, NullS);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2673

2674 2675 2676 2677
  /*
    The following should always succeed as new users are created before
    this function is called!
  */
2678
  if (!find_acl_user(combo.host.str,combo.user.str, FALSE))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2679
  {
bell@sanja.is.com.ua's avatar
bell@sanja.is.com.ua committed
2680 2681
    my_message(ER_PASSWORD_NO_MATCH, ER(ER_PASSWORD_NO_MATCH),
               MYF(0));	/* purecov: deadcode */
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2682 2683 2684
    DBUG_RETURN(-1);				/* purecov: deadcode */
  }

2685
  table->use_all_columns();
2686
  restore_record(table, s->default_values);     // Get empty record
2687 2688
  table->field[0]->store(combo.host.str,combo.host.length,
                         system_charset_info);
2689
  table->field[1]->store(db,(uint) strlen(db), system_charset_info);
2690 2691 2692 2693
  table->field[2]->store(combo.user.str,combo.user.length,
                         system_charset_info);
  table->field[3]->store(table_name,(uint) strlen(table_name),
                         system_charset_info);
2694
  store_record(table,record[1]);			// store at pos 1
2695 2696
  key_copy(user_key, table->record[0], table->key_info,
           table->key_info->key_length);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2697

2698 2699 2700
  if (table->file->index_read_idx_map(table->record[0], 0, user_key,
                                      HA_WHOLE_KEY,
                                      HA_READ_KEY_EXACT))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2701 2702 2703 2704 2705 2706 2707 2708
  {
    /*
      The following should never happen as we first check the in memory
      grant tables for the user.  There is however always a small change that
      the user has modified the grant tables directly.
    */
    if (revoke_grant)
    { // no row, no revoke
guilhem@mysql.com's avatar
guilhem@mysql.com committed
2709 2710
      my_error(ER_NONEXISTING_TABLE_GRANT, MYF(0),
               combo.user.str, combo.host.str,
2711
               table_name);		        /* purecov: deadcode */
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2712 2713
      DBUG_RETURN(-1);				/* purecov: deadcode */
    }
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
2714
    old_row_exists = 0;
2715
    restore_record(table,record[1]);			// Get saved record
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2716 2717
  }

2718 2719
  store_table_rights= get_rights_for_table(rights);
  store_col_rights=   get_rights_for_column(col_rights);
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
2720
  if (old_row_exists)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2721
  {
2722
    ulong j,k;
2723
    store_record(table,record[1]);
2724 2725
    j = (ulong) table->field[6]->val_int();
    k = (ulong) table->field[7]->val_int();
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2726 2727 2728

    if (revoke_grant)
    {
2729
      /* column rights are already fixed in mysql_table_grant */
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2730 2731 2732 2733
      store_table_rights=j & ~store_table_rights;
    }
    else
    {
2734 2735
      store_table_rights|= j;
      store_col_rights|=   k;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2736 2737 2738
    }
  }

2739
  table->field[4]->store(grantor,(uint) strlen(grantor), system_charset_info);
2740 2741
  table->field[6]->store((longlong) store_table_rights, TRUE);
  table->field[7]->store((longlong) store_col_rights, TRUE);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2742
  rights=fix_rights_for_table(store_table_rights);
2743
  col_rights=fix_rights_for_column(store_col_rights);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2744

monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
2745
  if (old_row_exists)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2746 2747 2748
  {
    if (store_table_rights || store_col_rights)
    {
2749 2750 2751
      if ((error=table->file->ha_update_row(table->record[1],
                                            table->record[0])) &&
          error != HA_ERR_RECORD_IS_THE_SAME)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2752 2753
	goto table_error;			/* purecov: deadcode */
    }
2754
    else if ((error = table->file->ha_delete_row(table->record[1])))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2755 2756 2757 2758
      goto table_error;				/* purecov: deadcode */
  }
  else
  {
2759
    error=table->file->ha_write_row(table->record[0]);
2760
    if (table->file->is_fatal_error(error, HA_CHECK_DUP_KEY))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2761 2762 2763
      goto table_error;				/* purecov: deadcode */
  }

2764
  if (rights | col_rights)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2765
  {
2766
    grant_table->privs= rights;
2767
    grant_table->cols=	col_rights;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2768 2769 2770
  }
  else
  {
2771
    hash_delete(&column_priv_hash,(uchar*) grant_table);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2772 2773 2774
  }
  DBUG_RETURN(0);

2775 2776
  /* This should never happen */
table_error:
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2777 2778 2779 2780 2781
  table->file->print_error(error,MYF(0)); /* purecov: deadcode */
  DBUG_RETURN(-1); /* purecov: deadcode */
}


2782
static int replace_routine_table(THD *thd, GRANT_NAME *grant_name,
2783
			      TABLE *table, const LEX_USER &combo,
2784 2785
			      const char *db, const char *routine_name,
			      bool is_proc, ulong rights, bool revoke_grant)
2786
{
2787
  char grantor[USER_HOST_BUFF_SIZE];
2788 2789 2790
  int old_row_exists= 1;
  int error=0;
  ulong store_proc_rights;
2791
  DBUG_ENTER("replace_routine_table");
2792 2793 2794 2795 2796 2797 2798

  if (!initialized)
  {
    my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0), "--skip-grant-tables");
    DBUG_RETURN(-1);
  }

2799 2800
  strxmov(grantor, thd->security_ctx->user, "@",
          thd->security_ctx->host_or_ip, NullS);
2801 2802 2803 2804 2805

  /*
    The following should always succeed as new users are created before
    this function is called!
  */
monty@mishka.local's avatar
monty@mishka.local committed
2806
  if (!find_acl_user(combo.host.str, combo.user.str, FALSE))
2807 2808 2809 2810 2811
  {
    my_error(ER_PASSWORD_NO_MATCH,MYF(0));
    DBUG_RETURN(-1);
  }

2812
  table->use_all_columns();
2813
  restore_record(table, s->default_values);		// Get empty record
2814 2815 2816
  table->field[0]->store(combo.host.str,combo.host.length, &my_charset_latin1);
  table->field[1]->store(db,(uint) strlen(db), &my_charset_latin1);
  table->field[2]->store(combo.user.str,combo.user.length, &my_charset_latin1);
2817 2818
  table->field[3]->store(routine_name,(uint) strlen(routine_name),
                         &my_charset_latin1);
2819
  table->field[4]->store((longlong)(is_proc ?
2820 2821
                                    TYPE_ENUM_PROCEDURE : TYPE_ENUM_FUNCTION),
                         TRUE);
2822 2823
  store_record(table,record[1]);			// store at pos 1

2824 2825 2826 2827
  if (table->file->index_read_idx_map(table->record[0], 0,
                                      (uchar*) table->field[0]->ptr,
                                      HA_WHOLE_KEY,
                                      HA_READ_KEY_EXACT))
2828 2829 2830 2831 2832 2833 2834 2835 2836
  {
    /*
      The following should never happen as we first check the in memory
      grant tables for the user.  There is however always a small change that
      the user has modified the grant tables directly.
    */
    if (revoke_grant)
    { // no row, no revoke
      my_error(ER_NONEXISTING_PROC_GRANT, MYF(0),
2837
               combo.user.str, combo.host.str, routine_name);
2838 2839 2840 2841 2842 2843 2844 2845 2846 2847 2848 2849 2850 2851 2852 2853 2854 2855 2856 2857 2858 2859 2860 2861
      DBUG_RETURN(-1);
    }
    old_row_exists= 0;
    restore_record(table,record[1]);			// Get saved record
  }

  store_proc_rights= get_rights_for_procedure(rights);
  if (old_row_exists)
  {
    ulong j;
    store_record(table,record[1]);
    j= (ulong) table->field[6]->val_int();

    if (revoke_grant)
    {
      /* column rights are already fixed in mysql_table_grant */
      store_proc_rights=j & ~store_proc_rights;
    }
    else
    {
      store_proc_rights|= j;
    }
  }

2862
  table->field[5]->store(grantor,(uint) strlen(grantor), &my_charset_latin1);
2863
  table->field[6]->store((longlong) store_proc_rights, TRUE);
2864 2865 2866 2867 2868 2869
  rights=fix_rights_for_procedure(store_proc_rights);

  if (old_row_exists)
  {
    if (store_proc_rights)
    {
2870 2871 2872
      if ((error=table->file->ha_update_row(table->record[1],
                                            table->record[0])) &&
          error != HA_ERR_RECORD_IS_THE_SAME)
2873 2874
	goto table_error;
    }
2875
    else if ((error= table->file->ha_delete_row(table->record[1])))
2876 2877 2878 2879
      goto table_error;
  }
  else
  {
2880
    error=table->file->ha_write_row(table->record[0]);
2881
    if (table->file->is_fatal_error(error, HA_CHECK_DUP_KEY))
2882 2883 2884 2885 2886 2887 2888 2889 2890
      goto table_error;
  }

  if (rights)
  {
    grant_name->privs= rights;
  }
  else
  {
2891
    hash_delete(is_proc ? &proc_priv_hash : &func_priv_hash,(uchar*) grant_name);
2892 2893 2894 2895 2896 2897 2898 2899 2900 2901
  }
  DBUG_RETURN(0);

  /* This should never happen */
table_error:
  table->file->print_error(error,MYF(0));
  DBUG_RETURN(-1);
}


2902 2903 2904 2905 2906 2907 2908 2909 2910 2911 2912 2913 2914
/*
  Store table level and column level grants in the privilege tables

  SYNOPSIS
    mysql_table_grant()
    thd			Thread handle
    table_list		List of tables to give grant
    user_list		List of users to give grant
    columns		List of columns to give grant
    rights		Table level grant
    revoke_grant	Set to 1 if this is a REVOKE command

  RETURN
2915 2916
    FALSE ok
    TRUE  error
2917 2918
*/

2919
bool mysql_table_grant(THD *thd, TABLE_LIST *table_list,
2920 2921 2922
		      List <LEX_USER> &user_list,
		      List <LEX_COLUMN> &columns, ulong rights,
		      bool revoke_grant)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2923
{
2924
  ulong column_priv= 0;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2925
  List_iterator <LEX_USER> str_list (user_list);
2926
  LEX_USER *Str, *tmp_Str;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2927
  TABLE_LIST tables[3];
2928
  bool create_new_users=0;
2929
  char *db_name, *table_name;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2930 2931 2932 2933
  DBUG_ENTER("mysql_table_grant");

  if (!initialized)
  {
guilhem@mysql.com's avatar
guilhem@mysql.com committed
2934 2935
    my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0),
             "--skip-grant-tables");	/* purecov: inspected */
2936
    DBUG_RETURN(TRUE);				/* purecov: inspected */
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2937 2938 2939
  }
  if (rights & ~TABLE_ACLS)
  {
bell@sanja.is.com.ua's avatar
bell@sanja.is.com.ua committed
2940 2941
    my_message(ER_ILLEGAL_GRANT_FOR_TABLE, ER(ER_ILLEGAL_GRANT_FOR_TABLE),
               MYF(0));
2942
    DBUG_RETURN(TRUE);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2943 2944
  }

2945
  if (!revoke_grant)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2946
  {
serg@sergbook.mysql.com's avatar
serg@sergbook.mysql.com committed
2947
    if (columns.elements)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2948
    {
2949 2950
      class LEX_COLUMN *column;
      List_iterator <LEX_COLUMN> column_iter(columns);
serg@sergbook.mysql.com's avatar
serg@sergbook.mysql.com committed
2951 2952 2953

      if (open_and_lock_tables(thd, table_list))
        DBUG_RETURN(TRUE);
2954 2955

      while ((column = column_iter++))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2956
      {
serg@sergbook.mysql.com's avatar
serg@sergbook.mysql.com committed
2957
        uint unused_field_idx= NO_CACHED_FIELD_INDEX;
2958 2959
        TABLE_LIST *dummy;
        Field *f=find_field_in_table_ref(thd, table_list, column->column.ptr(),
2960
                                         column->column.length(),
2961
                                         column->column.ptr(), NULL, NULL,
2962
                                         NULL, TRUE, FALSE,
2963
                                         &unused_field_idx, FALSE, &dummy);
serg@sergbook.mysql.com's avatar
serg@sergbook.mysql.com committed
2964
        if (f == (Field*)0)
2965
        {
serg@sergbook.mysql.com's avatar
serg@sergbook.mysql.com committed
2966 2967
          my_error(ER_BAD_FIELD_ERROR, MYF(0),
                   column->column.c_ptr(), table_list->alias);
serg@sergbook.mysql.com's avatar
serg@sergbook.mysql.com committed
2968
          DBUG_RETURN(TRUE);
2969
        }
serg@sergbook.mysql.com's avatar
serg@sergbook.mysql.com committed
2970 2971
        if (f == (Field *)-1)
          DBUG_RETURN(TRUE);
2972
        column_priv|= column->rights;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2973
      }
2974
      close_thread_tables(thd);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2975
    }
2976
    else
bk@work.mysql.com's avatar
bk@work.mysql.com committed
2977
    {
2978 2979 2980
      if (!(rights & CREATE_ACL))
      {
        char buf[FN_REFLEN];
2981
        build_table_filename(buf, sizeof(buf), table_list->db,
2982
                             table_list->table_name, reg_ext, 0);
2983 2984
        fn_format(buf, buf, "", "", MY_UNPACK_FILENAME  | MY_RESOLVE_SYMLINKS |
                                    MY_RETURN_REAL_PATH | MY_APPEND_EXT);
2985 2986
        if (access(buf,F_OK))
        {
serg@sergbook.mysql.com's avatar
serg@sergbook.mysql.com committed
2987
          my_error(ER_NO_SUCH_TABLE, MYF(0), table_list->db, table_list->alias);
serg@sergbook.mysql.com's avatar
serg@sergbook.mysql.com committed
2988
          DBUG_RETURN(TRUE);
2989 2990 2991 2992 2993 2994 2995 2996
        }
      }
      if (table_list->grant.want_privilege)
      {
        char command[128];
        get_privilege_desc(command, sizeof(command),
                           table_list->grant.want_privilege);
        my_error(ER_TABLEACCESS_DENIED_ERROR, MYF(0),
2997 2998
                 command, thd->security_ctx->priv_user,
                 thd->security_ctx->host_or_ip, table_list->alias);
2999 3000
        DBUG_RETURN(-1);
      }
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3001 3002 3003 3004 3005 3006
    }
  }

  /* open the mysql.tables_priv and mysql.columns_priv tables */

  bzero((char*) &tables,sizeof(tables));
3007 3008 3009
  tables[0].alias=tables[0].table_name= (char*) "user";
  tables[1].alias=tables[1].table_name= (char*) "tables_priv";
  tables[2].alias=tables[2].table_name= (char*) "columns_priv";
bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
3010
  tables[0].next_local= tables[0].next_global= tables+1;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3011
  /* Don't open column table if we don't need it ! */
bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
3012 3013 3014 3015 3016
  tables[1].next_local=
    tables[1].next_global= ((column_priv ||
			     (revoke_grant &&
			      ((rights & COL_ACLS) || columns.elements)))
			    ? tables+2 : 0);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3017 3018 3019
  tables[0].lock_type=tables[1].lock_type=tables[2].lock_type=TL_WRITE;
  tables[0].db=tables[1].db=tables[2].db=(char*) "mysql";

3020 3021 3022 3023 3024 3025 3026
  /*
    This statement will be replicated as a statement, even when using
    row-based replication.  The flag will be reset at the end of the
    statement.
  */
  thd->clear_current_stmt_binlog_row_based();

3027 3028 3029 3030 3031
#ifdef HAVE_REPLICATION
  /*
    GRANT and REVOKE are applied the slave in/exclusion rules as they are
    some kind of updates to the mysql.% tables.
  */
3032
  if (thd->slave_thread && rpl_filter->is_on())
3033
  {
monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
3034 3035 3036
    /*
      The tables must be marked "updating" so that tables_ok() takes them into
      account in tests.
3037
    */
3038
    tables[0].updating= tables[1].updating= tables[2].updating= 1;
lars@mysql.com's avatar
lars@mysql.com committed
3039
    if (!(thd->spcont || rpl_filter->tables_ok(0, tables)))
3040
      DBUG_RETURN(FALSE);
3041
  }
3042 3043
#endif

3044
  if (simple_open_n_lock_tables(thd,tables))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3045 3046
  {						// Should never happen
    close_thread_tables(thd);			/* purecov: deadcode */
3047
    DBUG_RETURN(TRUE);				/* purecov: deadcode */
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3048 3049
  }

3050 3051
  if (!revoke_grant)
    create_new_users= test_if_create_new_users(thd);
3052
  bool result= FALSE;
3053
  rw_wrlock(&LOCK_grant);
3054
  pthread_mutex_lock(&acl_cache->lock);
3055 3056
  MEM_ROOT *old_root= thd->mem_root;
  thd->mem_root= &memex;
3057
  grant_version++;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3058

3059
  while ((tmp_Str = str_list++))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3060
  {
3061
    int error;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3062
    GRANT_TABLE *grant_table;
3063 3064 3065 3066 3067
    if (!(Str= get_current_user(thd, tmp_Str)))
    {
      result= TRUE;
      continue;
    }  
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3068
    /* Create user if needed */
monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
3069
    error=replace_user_table(thd, tables[0].table, *Str,
serg@serg.mylan's avatar
serg@serg.mylan committed
3070
			     0, revoke_grant, create_new_users,
monty@mysql.com's avatar
monty@mysql.com committed
3071 3072
                             test(thd->variables.sql_mode &
                                  MODE_NO_AUTO_CREATE_USER));
3073
    if (error)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3074
    {
3075
      result= TRUE;				// Remember error
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3076 3077 3078
      continue;					// Add next user
    }

bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
3079 3080 3081
    db_name= (table_list->view_db.length ?
	      table_list->view_db.str :
	      table_list->db);
3082
    table_name= (table_list->view_name.length ?
bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
3083
		table_list->view_name.str :
3084
		table_list->table_name);
bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
3085

bk@work.mysql.com's avatar
bk@work.mysql.com committed
3086
    /* Find/create cached table grant */
bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
3087
    grant_table= table_hash_search(Str->host.str, NullS, db_name,
3088
				   Str->user.str, table_name, 1);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3089 3090 3091 3092
    if (!grant_table)
    {
      if (revoke_grant)
      {
guilhem@mysql.com's avatar
guilhem@mysql.com committed
3093
	my_error(ER_NONEXISTING_TABLE_GRANT, MYF(0),
3094
                 Str->user.str, Str->host.str, table_list->table_name);
3095
	result= TRUE;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3096 3097
	continue;
      }
bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
3098
      grant_table = new GRANT_TABLE (Str->host.str, db_name,
3099
				     Str->user.str, table_name,
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3100 3101 3102 3103
				     rights,
				     column_priv);
      if (!grant_table)				// end of memory
      {
3104
	result= TRUE;				/* purecov: deadcode */
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3105 3106
	continue;				/* purecov: deadcode */
      }
3107
      my_hash_insert(&column_priv_hash,(uchar*) grant_table);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3108 3109 3110 3111 3112
    }

    /* If revoke_grant, calculate the new column privilege for tables_priv */
    if (revoke_grant)
    {
3113 3114
      class LEX_COLUMN *column;
      List_iterator <LEX_COLUMN> column_iter(columns);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3115 3116 3117
      GRANT_COLUMN *grant_column;

      /* Fix old grants */
3118
      while ((column = column_iter++))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3119 3120
      {
	grant_column = column_hash_search(grant_table,
3121 3122
					  column->column.ptr(),
					  column->column.length());
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3123
	if (grant_column)
3124
	  grant_column->rights&= ~(column->rights | rights);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3125 3126
      }
      /* scan trough all columns to get new column grant */
3127
      column_priv= 0;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3128 3129 3130 3131 3132 3133 3134 3135 3136 3137 3138 3139 3140 3141 3142 3143
      for (uint idx=0 ; idx < grant_table->hash_columns.records ; idx++)
      {
	grant_column= (GRANT_COLUMN*) hash_element(&grant_table->hash_columns,
						   idx);
	grant_column->rights&= ~rights;		// Fix other columns
	column_priv|= grant_column->rights;
      }
    }
    else
    {
      column_priv|= grant_table->cols;
    }


    /* update table and columns */

bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
3144
    if (replace_table_table(thd, grant_table, tables[1].table, *Str,
3145
			    db_name, table_name,
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3146
			    rights, column_priv, revoke_grant))
3147 3148
    {
      /* Should only happen if table is crashed */
3149
      result= TRUE;			       /* purecov: deadcode */
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3150 3151 3152
    }
    else if (tables[2].table)
    {
bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
3153
      if ((replace_column_table(grant_table, tables[2].table, *Str,
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3154
				columns,
3155
				db_name, table_name,
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3156 3157
				rights, revoke_grant)))
      {
3158
	result= TRUE;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3159 3160 3161
      }
    }
  }
3162
  thd->mem_root= old_root;
3163
  pthread_mutex_unlock(&acl_cache->lock);
3164 3165 3166

  if (!result) /* success */
  {
3167
    write_bin_log(thd, TRUE, thd->query, thd->query_length);
3168 3169
  }

3170
  rw_unlock(&LOCK_grant);
3171 3172

  if (!result) /* success */
3173
    send_ok(thd);
3174

3175
  /* Tables are automatically closed */
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3176 3177 3178 3179
  DBUG_RETURN(result);
}


3180
/*
3181
  Store routine level grants in the privilege tables
3182 3183

  SYNOPSIS
3184
    mysql_routine_grant()
3185
    thd			Thread handle
3186 3187
    table_list		List of routines to give grant
    is_proc             true indicates routine list are procedures
3188 3189 3190 3191 3192 3193 3194 3195 3196
    user_list		List of users to give grant
    rights		Table level grant
    revoke_grant	Set to 1 if this is a REVOKE command

  RETURN
    0	ok
    1	error
*/

3197 3198 3199
bool mysql_routine_grant(THD *thd, TABLE_LIST *table_list, bool is_proc,
			 List <LEX_USER> &user_list, ulong rights,
			 bool revoke_grant, bool no_error)
3200 3201
{
  List_iterator <LEX_USER> str_list (user_list);
3202
  LEX_USER *Str, *tmp_Str;
3203 3204
  TABLE_LIST tables[2];
  bool create_new_users=0, result=0;
3205
  char *db_name, *table_name;
3206
  DBUG_ENTER("mysql_routine_grant");
3207 3208 3209 3210 3211 3212 3213 3214 3215 3216 3217 3218 3219 3220 3221 3222 3223 3224

  if (!initialized)
  {
    if (!no_error)
      my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0),
               "--skip-grant-tables");
    DBUG_RETURN(TRUE);
  }
  if (rights & ~PROC_ACLS)
  {
    if (!no_error)
      my_message(ER_ILLEGAL_GRANT_FOR_TABLE, ER(ER_ILLEGAL_GRANT_FOR_TABLE),
        	 MYF(0));
    DBUG_RETURN(TRUE);
  }

  if (!revoke_grant)
  {
3225
    if (sp_exist_routines(thd, table_list, is_proc, no_error)<0)
3226 3227 3228 3229 3230 3231
      DBUG_RETURN(TRUE);
  }

  /* open the mysql.user and mysql.procs_priv tables */

  bzero((char*) &tables,sizeof(tables));
3232 3233
  tables[0].alias=tables[0].table_name= (char*) "user";
  tables[1].alias=tables[1].table_name= (char*) "procs_priv";
3234 3235 3236 3237
  tables[0].next_local= tables[0].next_global= tables+1;
  tables[0].lock_type=tables[1].lock_type=TL_WRITE;
  tables[0].db=tables[1].db=(char*) "mysql";

3238 3239 3240 3241 3242 3243 3244
  /*
    This statement will be replicated as a statement, even when using
    row-based replication.  The flag will be reset at the end of the
    statement.
  */
  thd->clear_current_stmt_binlog_row_based();

3245 3246 3247 3248 3249
#ifdef HAVE_REPLICATION
  /*
    GRANT and REVOKE are applied the slave in/exclusion rules as they are
    some kind of updates to the mysql.% tables.
  */
3250
  if (thd->slave_thread && rpl_filter->is_on())
3251 3252 3253 3254 3255 3256
  {
    /*
      The tables must be marked "updating" so that tables_ok() takes them into
      account in tests.
    */
    tables[0].updating= tables[1].updating= 1;
lars@mysql.com's avatar
lars@mysql.com committed
3257
    if (!(thd->spcont || rpl_filter->tables_ok(0, tables)))
3258 3259 3260 3261 3262 3263 3264 3265 3266 3267 3268 3269 3270
      DBUG_RETURN(FALSE);
  }
#endif

  if (simple_open_n_lock_tables(thd,tables))
  {						// Should never happen
    close_thread_tables(thd);
    DBUG_RETURN(TRUE);
  }

  if (!revoke_grant)
    create_new_users= test_if_create_new_users(thd);
  rw_wrlock(&LOCK_grant);
3271
  pthread_mutex_lock(&acl_cache->lock);
3272 3273 3274 3275 3276
  MEM_ROOT *old_root= thd->mem_root;
  thd->mem_root= &memex;

  DBUG_PRINT("info",("now time to iterate and add users"));

3277
  while ((tmp_Str= str_list++))
3278 3279 3280
  {
    int error;
    GRANT_NAME *grant_name;
3281 3282 3283 3284 3285
    if (!(Str= get_current_user(thd, tmp_Str)))
    {
      result= TRUE;
      continue;
    }  
3286 3287
    /* Create user if needed */
    error=replace_user_table(thd, tables[0].table, *Str,
serg@serg.mylan's avatar
serg@serg.mylan committed
3288
			     0, revoke_grant, create_new_users,
monty@mysql.com's avatar
monty@mysql.com committed
3289 3290
                             test(thd->variables.sql_mode &
                                  MODE_NO_AUTO_CREATE_USER));
3291 3292 3293 3294 3295 3296 3297
    if (error)
    {
      result= TRUE;				// Remember error
      continue;					// Add next user
    }

    db_name= table_list->db;
3298
    table_name= table_list->table_name;
3299

3300 3301
    grant_name= routine_hash_search(Str->host.str, NullS, db_name,
                                    Str->user.str, table_name, is_proc, 1);
3302 3303 3304 3305 3306 3307
    if (!grant_name)
    {
      if (revoke_grant)
      {
        if (!no_error)
          my_error(ER_NONEXISTING_PROC_GRANT, MYF(0),
3308
		   Str->user.str, Str->host.str, table_name);
3309 3310 3311 3312
	result= TRUE;
	continue;
      }
      grant_name= new GRANT_NAME(Str->host.str, db_name,
3313
				 Str->user.str, table_name,
3314 3315 3316 3317 3318 3319
				 rights);
      if (!grant_name)
      {
        result= TRUE;
	continue;
      }
3320
      my_hash_insert(is_proc ? &proc_priv_hash : &func_priv_hash,(uchar*) grant_name);
3321
    }
3322

3323 3324
    if (replace_routine_table(thd, grant_name, tables[1].table, *Str,
			   db_name, table_name, is_proc, rights, revoke_grant))
3325 3326 3327 3328 3329 3330
    {
      result= TRUE;
      continue;
    }
  }
  thd->mem_root= old_root;
3331
  pthread_mutex_unlock(&acl_cache->lock);
3332 3333
  if (!result && !no_error)
  {
3334
    write_bin_log(thd, TRUE, thd->query, thd->query_length);
3335 3336
  }

3337
  rw_unlock(&LOCK_grant);
3338

3339 3340
  if (!result && !no_error)
    send_ok(thd);
3341

3342 3343 3344 3345 3346
  /* Tables are automatically closed */
  DBUG_RETURN(result);
}


3347 3348
bool mysql_grant(THD *thd, const char *db, List <LEX_USER> &list,
                 ulong rights, bool revoke_grant)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3349 3350
{
  List_iterator <LEX_USER> str_list (list);
3351
  LEX_USER *Str, *tmp_Str;
gluh@mysql.com/gluh.(none)'s avatar
gluh@mysql.com/gluh.(none) committed
3352
  char tmp_db[NAME_LEN+1];
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
3353
  bool create_new_users=0;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3354 3355 3356 3357
  TABLE_LIST tables[2];
  DBUG_ENTER("mysql_grant");
  if (!initialized)
  {
guilhem@mysql.com's avatar
guilhem@mysql.com committed
3358 3359
    my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0),
             "--skip-grant-tables");	/* purecov: tested */
3360
    DBUG_RETURN(TRUE);				/* purecov: tested */
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3361 3362
  }

3363 3364 3365
  if (lower_case_table_names && db)
  {
    strmov(tmp_db,db);
3366
    my_casedn_str(files_charset_info, tmp_db);
3367 3368
    db=tmp_db;
  }
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3369 3370

  /* open the mysql.user and mysql.db tables */
3371
  bzero((char*) &tables,sizeof(tables));
3372 3373
  tables[0].alias=tables[0].table_name=(char*) "user";
  tables[1].alias=tables[1].table_name=(char*) "db";
bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
3374
  tables[0].next_local= tables[0].next_global= tables+1;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3375 3376
  tables[0].lock_type=tables[1].lock_type=TL_WRITE;
  tables[0].db=tables[1].db=(char*) "mysql";
3377

3378 3379 3380 3381 3382 3383 3384
  /*
    This statement will be replicated as a statement, even when using
    row-based replication.  The flag will be reset at the end of the
    statement.
  */
  thd->clear_current_stmt_binlog_row_based();

3385 3386 3387 3388 3389
#ifdef HAVE_REPLICATION
  /*
    GRANT and REVOKE are applied the slave in/exclusion rules as they are
    some kind of updates to the mysql.% tables.
  */
3390
  if (thd->slave_thread && rpl_filter->is_on())
3391
  {
monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
3392 3393 3394
    /*
      The tables must be marked "updating" so that tables_ok() takes them into
      account in tests.
3395
    */
3396
    tables[0].updating= tables[1].updating= 1;
lars@mysql.com's avatar
lars@mysql.com committed
3397
    if (!(thd->spcont || rpl_filter->tables_ok(0, tables)))
3398
      DBUG_RETURN(FALSE);
3399
  }
3400 3401
#endif

3402
  if (simple_open_n_lock_tables(thd,tables))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3403 3404
  {						// This should never happen
    close_thread_tables(thd);			/* purecov: deadcode */
3405
    DBUG_RETURN(TRUE);				/* purecov: deadcode */
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3406 3407
  }

monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
3408 3409
  if (!revoke_grant)
    create_new_users= test_if_create_new_users(thd);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3410

3411
  /* go through users in user_list */
3412
  rw_wrlock(&LOCK_grant);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3413 3414 3415 3416
  VOID(pthread_mutex_lock(&acl_cache->lock));
  grant_version++;

  int result=0;
3417
  while ((tmp_Str = str_list++))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3418
  {
3419 3420 3421 3422
    if (!(Str= get_current_user(thd, tmp_Str)))
    {
      result= TRUE;
      continue;
gluh@mysql.com/gluh.(none)'s avatar
gluh@mysql.com/gluh.(none) committed
3423
    }
serg@serg.mylan's avatar
serg@serg.mylan committed
3424 3425
    if (replace_user_table(thd, tables[0].table, *Str,
                           (!db ? rights : 0), revoke_grant, create_new_users,
monty@mysql.com's avatar
monty@mysql.com committed
3426 3427
                           test(thd->variables.sql_mode &
                                MODE_NO_AUTO_CREATE_USER)))
3428
      result= -1;
3429
    else if (db)
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
3430
    {
3431 3432 3433 3434 3435 3436 3437 3438 3439
      ulong db_rights= rights & DB_ACLS;
      if (db_rights  == rights)
      {
	if (replace_db_table(tables[1].table, db, *Str, db_rights,
			     revoke_grant))
	  result= -1;
      }
      else
      {
guilhem@mysql.com's avatar
guilhem@mysql.com committed
3440
	my_error(ER_WRONG_USAGE, MYF(0), "DB GRANT", "GLOBAL PRIVILEGES");
monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
3441
	result= -1;
3442
      }
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
3443
    }
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3444 3445
  }
  VOID(pthread_mutex_unlock(&acl_cache->lock));
3446 3447 3448

  if (!result)
  {
3449
    write_bin_log(thd, TRUE, thd->query, thd->query_length);
3450 3451
  }

3452
  rw_unlock(&LOCK_grant);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3453 3454 3455
  close_thread_tables(thd);

  if (!result)
3456
    send_ok(thd);
3457

bk@work.mysql.com's avatar
bk@work.mysql.com committed
3458 3459 3460
  DBUG_RETURN(result);
}

3461 3462

/* Free grant array if possible */
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3463 3464 3465 3466

void  grant_free(void)
{
  DBUG_ENTER("grant_free");
3467
  hash_free(&column_priv_hash);
3468
  hash_free(&proc_priv_hash);
monty@mysql.com's avatar
monty@mysql.com committed
3469
  hash_free(&func_priv_hash);
3470
  free_root(&memex,MYF(0));
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3471 3472 3473 3474
  DBUG_VOID_RETURN;
}


3475 3476 3477
/**
  @brief Initialize structures responsible for table/column-level privilege
   checking and load information for them from tables in the 'mysql' database.
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3478

3479 3480 3481
  @return Error status
    @retval 0 OK
    @retval 1 Could not initialize grant subsystem.
3482
*/
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3483

3484
my_bool grant_init()
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3485
{
3486
  THD  *thd;
3487 3488 3489 3490 3491
  my_bool return_val;
  DBUG_ENTER("grant_init");

  if (!(thd= new THD))
    DBUG_RETURN(1);				/* purecov: deadcode */
3492
  thd->thread_stack= (char*) &thd;
3493
  thd->store_globals();
3494
  lex_start(thd);
3495 3496 3497 3498 3499 3500 3501 3502
  return_val=  grant_reload(thd);
  delete thd;
  /* Remember that we don't have a THD */
  my_pthread_setspecific_ptr(THR_THD,  0);
  DBUG_RETURN(return_val);
}


3503 3504
/**
  @brief Helper function to grant_reload_procs_priv
3505

3506
  Reads the procs_priv table into memory hash.
3507

3508 3509 3510 3511 3512 3513 3514 3515
  @param table A pointer to the procs_priv table structure.

  @see grant_reload
  @see grant_reload_procs_priv

  @return Error state
    @retval TRUE An error occurred
    @retval FALSE Success
3516 3517
*/

3518
static my_bool grant_load_procs_priv(TABLE *p_table)
3519
{
3520
  MEM_ROOT *memex_ptr;
3521
  my_bool return_val= 1;
hf@deer.(none)'s avatar
SCRUM  
hf@deer.(none) committed
3522
  bool check_no_resolve= specialflag & SPECIAL_NO_RESOLVE;
3523 3524 3525
  MEM_ROOT **save_mem_root_ptr= my_pthread_getspecific_ptr(MEM_ROOT**,
                                                           THR_MALLOC);
  DBUG_ENTER("grant_load");
3526
  (void) hash_init(&proc_priv_hash,system_charset_info,
3527 3528
                   0,0,0, (hash_get_key) get_grant_table,
                   0,0);
3529
  (void) hash_init(&func_priv_hash,system_charset_info,
3530 3531
                   0,0,0, (hash_get_key) get_grant_table,
                   0,0);
3532
  p_table->file->ha_index_init(0, 1);
3533
  p_table->use_all_columns();
3534 3535

  if (!p_table->file->index_first(p_table->record[0]))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3536
  {
3537 3538 3539 3540
    memex_ptr= &memex;
    my_pthread_setspecific_ptr(THR_MALLOC, &memex_ptr);
    do
    {
3541 3542 3543
      GRANT_NAME *mem_check;
      HASH *hash;
      if (!(mem_check=new (memex_ptr) GRANT_NAME(p_table)))
3544
      {
3545 3546
        /* This could only happen if we are out memory */
        goto end_unlock;
3547
      }
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3548

3549 3550
      if (check_no_resolve)
      {
3551
	if (hostname_requires_resolving(mem_check->host.hostname))
3552
	{
3553
          sql_print_warning("'procs_priv' entry '%s %s@%s' "
3554
                            "ignored in --skip-name-resolve mode.",
3555
                            mem_check->tname, mem_check->user,
3556 3557
                            mem_check->host.hostname ?
                            mem_check->host.hostname : "");
3558 3559 3560 3561 3562 3563 3564 3565 3566 3567 3568 3569 3570 3571 3572 3573 3574 3575
          continue;
        }
      }
      if (p_table->field[4]->val_int() == TYPE_ENUM_PROCEDURE)
      {
        hash= &proc_priv_hash;
      }
      else
      if (p_table->field[4]->val_int() == TYPE_ENUM_FUNCTION)
      {
        hash= &func_priv_hash;
      }
      else
      {
        sql_print_warning("'procs_priv' entry '%s' "
                          "ignored, bad routine type",
                          mem_check->tname);
        continue;
3576 3577
      }

3578
      mem_check->privs= fix_rights_for_procedure(mem_check->privs);
3579
      if (! mem_check->ok())
3580 3581
        delete mem_check;
      else if (my_hash_insert(hash, (uchar*) mem_check))
3582
      {
3583 3584
        delete mem_check;
        goto end_unlock;
3585 3586
      }
    }
3587
    while (!p_table->file->index_next(p_table->record[0]));
3588
  }
3589 3590 3591 3592 3593 3594 3595 3596 3597 3598 3599 3600 3601 3602 3603 3604 3605 3606 3607 3608 3609 3610 3611 3612 3613 3614 3615 3616 3617 3618 3619 3620 3621 3622 3623 3624 3625 3626 3627 3628 3629 3630 3631 3632 3633
  /* Return ok */
  return_val= 0;

end_unlock:
  p_table->file->ha_index_end();
  my_pthread_setspecific_ptr(THR_MALLOC, save_mem_root_ptr);
  DBUG_RETURN(return_val);
}


/**
  @brief Initialize structures responsible for table/column-level privilege
    checking and load information about grants from open privilege tables.

  @param thd Current thread
  @param tables List containing open "mysql.tables_priv" and
    "mysql.columns_priv" tables.

  @see grant_reload

  @return Error state
    @retval FALSE Success
    @retval TRUE Error
*/

static my_bool grant_load(TABLE_LIST *tables)
{
  MEM_ROOT *memex_ptr;
  my_bool return_val= 1;
  TABLE *t_table= 0, *c_table= 0;
  bool check_no_resolve= specialflag & SPECIAL_NO_RESOLVE;
  MEM_ROOT **save_mem_root_ptr= my_pthread_getspecific_ptr(MEM_ROOT**,
                                                           THR_MALLOC);
  DBUG_ENTER("grant_load");
  (void) hash_init(&column_priv_hash,system_charset_info,
                   0,0,0, (hash_get_key) get_grant_table,
                   (hash_free_key) free_grant_table,0);

  t_table = tables[0].table;
  c_table = tables[1].table;
  t_table->file->ha_index_init(0, 1);
  t_table->use_all_columns();
  c_table->use_all_columns();

  if (!t_table->file->index_first(t_table->record[0]))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3634
  {
3635 3636 3637
    memex_ptr= &memex;
    my_pthread_setspecific_ptr(THR_MALLOC, &memex_ptr);
    do
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3638
    {
3639 3640
      GRANT_TABLE *mem_check;
      if (!(mem_check=new (memex_ptr) GRANT_TABLE(t_table,c_table)))
3641 3642 3643 3644
      {
	/* This could only happen if we are out memory */
	goto end_unlock;
      }
hf@deer.(none)'s avatar
SCRUM  
hf@deer.(none) committed
3645

3646
      if (check_no_resolve)
hf@deer.(none)'s avatar
SCRUM  
hf@deer.(none) committed
3647
      {
jimw@mysql.com's avatar
jimw@mysql.com committed
3648
	if (hostname_requires_resolving(mem_check->host.hostname))
3649
	{
3650
          sql_print_warning("'tables_priv' entry '%s %s@%s' "
3651
                            "ignored in --skip-name-resolve mode.",
3652 3653
                            mem_check->tname,
                            mem_check->user ? mem_check->user : "",
3654 3655
                            mem_check->host.hostname ?
                            mem_check->host.hostname : "");
3656 3657
	  continue;
	}
hf@deer.(none)'s avatar
SCRUM  
hf@deer.(none) committed
3658 3659
      }

3660 3661
      if (! mem_check->ok())
	delete mem_check;
3662
      else if (my_hash_insert(&column_priv_hash,(uchar*) mem_check))
3663 3664 3665 3666
      {
	delete mem_check;
	goto end_unlock;
      }
hf@deer.(none)'s avatar
SCRUM  
hf@deer.(none) committed
3667
    }
3668
    while (!t_table->file->index_next(t_table->record[0]));
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3669
  }
3670

3671 3672 3673
  return_val=0;					// Return ok

end_unlock:
3674
  t_table->file->ha_index_end();
3675
  my_pthread_setspecific_ptr(THR_MALLOC, save_mem_root_ptr);
3676
  DBUG_RETURN(return_val);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3677 3678 3679
}


3680 3681 3682
/**
  @brief Helper function to grant_reload. Reloads procs_priv table is it
    exists.
3683

3684
  @param thd A pointer to the thread handler object.
3685

3686
  @see grant_reload
3687

3688 3689 3690 3691 3692 3693 3694 3695 3696 3697 3698 3699 3700 3701 3702 3703 3704 3705 3706 3707 3708 3709 3710 3711 3712 3713 3714 3715 3716 3717 3718 3719 3720 3721 3722 3723 3724 3725 3726 3727 3728 3729 3730 3731 3732 3733 3734 3735 3736 3737 3738 3739 3740 3741 3742 3743 3744 3745 3746 3747 3748
  @return Error state
    @retval FALSE Success
    @retval TRUE An error has occurred.
*/

static my_bool grant_reload_procs_priv(THD *thd)
{
  HASH old_proc_priv_hash, old_func_priv_hash;
  TABLE_LIST table;
  my_bool return_val= FALSE;
  DBUG_ENTER("grant_reload_procs_priv");

  bzero((char*) &table, sizeof(table));
  table.alias= table.table_name= (char*) "procs_priv";
  table.db= (char *) "mysql";
  table.lock_type= TL_READ;

  if (simple_open_n_lock_tables(thd, &table))
  {
    close_thread_tables(thd);
    DBUG_RETURN(TRUE);
  }

  /* Save a copy of the current hash if we need to undo the grant load */
  old_proc_priv_hash= proc_priv_hash;
  old_func_priv_hash= func_priv_hash;

  rw_wrlock(&LOCK_grant);
  if ((return_val= grant_load_procs_priv(table.table)))
  {
    /* Error; Reverting to old hash */
    DBUG_PRINT("error",("Reverting to old privileges"));
    grant_free();
    proc_priv_hash= old_proc_priv_hash;
    func_priv_hash= old_func_priv_hash;
  }
  else
  {
    hash_free(&old_proc_priv_hash);
    hash_free(&old_func_priv_hash);
  }
  rw_unlock(&LOCK_grant);

  close_thread_tables(thd);
  DBUG_RETURN(return_val);
}


/**
  @brief Reload information about table and column level privileges if possible

  @param thd Current thread

  Locked tables are checked by acl_reload() and doesn't have to be checked
  in this call.
  This function is also used for initialization of structures responsible
  for table/column-level privilege checking.

  @return Error state
    @retval FALSE Success
    @retval TRUE  Error
3749
*/
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3750

3751
my_bool grant_reload(THD *thd)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3752
{
3753 3754
  TABLE_LIST tables[2];
  HASH old_column_priv_hash;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3755
  MEM_ROOT old_mem;
3756
  my_bool return_val= 1;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3757 3758
  DBUG_ENTER("grant_reload");

3759 3760 3761 3762 3763
  /* Don't do anything if running with --skip-grant-tables */
  if (!initialized)
    DBUG_RETURN(0);

  bzero((char*) tables, sizeof(tables));
3764 3765
  tables[0].alias= tables[0].table_name= (char*) "tables_priv";
  tables[1].alias= tables[1].table_name= (char*) "columns_priv";
3766
  tables[0].db= tables[1].db= (char *) "mysql";
3767
  tables[0].next_local= tables[0].next_global= tables+1;
3768
  tables[0].lock_type= tables[1].lock_type= TL_READ;
3769 3770 3771 3772 3773 3774 3775 3776

  /*
    To avoid deadlocks we should obtain table locks before
    obtaining LOCK_grant rwlock.
  */
  if (simple_open_n_lock_tables(thd, tables))
    goto end;

3777
  rw_wrlock(&LOCK_grant);
3778
  old_column_priv_hash= column_priv_hash;
3779 3780 3781 3782 3783

  /*
    Create a new memory pool but save the current memory pool to make an undo
    opertion possible in case of failure.
  */
monty@narttu.mysql.fi's avatar
monty@narttu.mysql.fi committed
3784
  old_mem= memex;
3785
  init_sql_alloc(&memex, ACL_ALLOC_BLOCK_SIZE, 0);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3786

3787
  if ((return_val= grant_load(tables)))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3788
  {						// Error. Revert to old hash
3789
    DBUG_PRINT("error",("Reverting to old privileges"));
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3790
    grant_free();				/* purecov: deadcode */
3791
    column_priv_hash= old_column_priv_hash;	/* purecov: deadcode */
monty@narttu.mysql.fi's avatar
monty@narttu.mysql.fi committed
3792
    memex= old_mem;				/* purecov: deadcode */
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3793 3794 3795
  }
  else
  {
3796
    hash_free(&old_column_priv_hash);
3797
    free_root(&old_mem,MYF(0));
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3798
  }
3799
  rw_unlock(&LOCK_grant);
3800
  close_thread_tables(thd);
3801 3802

  /*
3803
    It is OK failing to load procs_priv table because we may be
3804 3805 3806
    working with 4.1 privilege tables.
  */
  if (grant_reload_procs_priv(thd))
3807
    return_val= 1;
3808 3809 3810 3811 3812 3813

  rw_wrlock(&LOCK_grant);
  grant_version++;
  rw_unlock(&LOCK_grant);

end:
3814
  DBUG_RETURN(return_val);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3815 3816 3817
}

/****************************************************************************
3818
  Check table level grants
3819

3820
  SYNOPSIS
3821 3822 3823 3824 3825 3826 3827 3828 3829 3830 3831 3832 3833
   bool check_grant()
   thd		Thread handler
   want_access  Bits of privileges user needs to have
   tables	List of tables to check. The user should have 'want_access'
		to all tables in list.
   show_table	<> 0 if we are in show table. In this case it's enough to have
	        any privilege for the table
   number	Check at most this number of tables.
   no_errors	If 0 then we write an error. The error is sent directly to
		the client

   RETURN
     0  ok
3834
     1  Error: User did not have the requested privileges
3835 3836 3837 3838 3839 3840 3841

   NOTE
     This functions assumes that either number of tables to be inspected
     by it is limited explicitly (i.e. is is not UINT_MAX) or table list
     used and thd->lex->query_tables_own_last value correspond to each
     other (the latter should be either 0 or point to next_global member
     of one of elements of this table list).
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3842 3843
****************************************************************************/

3844
bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables,
bell@sanja.is.com.ua's avatar
bell@sanja.is.com.ua committed
3845
		 uint show_table, uint number, bool no_errors)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3846
{
3847
  TABLE_LIST *table, *first_not_own_table= thd->lex->first_not_own_table();
3848
  Security_context *sctx= thd->security_ctx;
3849
  uint i;
3850
  ulong orig_want_access= want_access;
3851 3852
  DBUG_ENTER("check_grant");
  DBUG_ASSERT(number > 0);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3853

3854
  /*
3855 3856 3857 3858 3859 3860 3861 3862
    Walk through the list of tables that belong to the query and save the
    requested access (orig_want_privilege) to be able to use it when
    checking access rights to the underlying tables of a view. Our grant
    system gradually eliminates checked bits from want_privilege and thus
    after all checks are done we can no longer use it.
    The check that first_not_own_table is not reached is for the case when
    the given table list refers to the list for prelocking (contains tables
    of other queries). For simple queries first_not_own_table is 0.
3863 3864
  */
  for (i= 0, table= tables;
3865
       table != first_not_own_table && i < number;
3866 3867 3868 3869 3870 3871
       table= table->next_global, i++)
  {
    /* Remove SHOW_VIEW_ACL, because it will be checked during making view */
    table->grant.orig_want_privilege= (want_access & ~SHOW_VIEW_ACL);
  }

3872
  rw_rdlock(&LOCK_grant);
3873 3874 3875
  for (table= tables;
       table && number-- && table != first_not_own_table;
       table= table->next_global)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3876
  {
3877
    GRANT_TABLE *grant_table;
3878 3879 3880 3881 3882 3883 3884 3885
    sctx = test(table->security_ctx) ?
      table->security_ctx : thd->security_ctx;

    want_access= orig_want_access;
    want_access&= ~sctx->master_access;
    if (!want_access)
      continue;                                 // ok

3886
    if (!(~table->grant.privilege & want_access) || 
3887
        table->derived || table->schema_table)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3888
    {
bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
3889 3890 3891 3892
      /*
        It is subquery in the FROM clause. VIEW set table->derived after
        table opening, but this function always called before table opening.
      */
3893 3894 3895 3896 3897 3898 3899 3900 3901 3902
      if (!table->referencing_view)
      {
        /*
          If it's a temporary table created for a subquery in the FROM
          clause, or an INFORMATION_SCHEMA table, drop the request for
          a privilege.
        */
        table->grant.want_privilege= 0;
      }
      continue;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3903
    }
3904 3905 3906
    if (!(grant_table= table_hash_search(sctx->host, sctx->ip,
                                         table->db, sctx->priv_user,
                                         table->table_name,0)))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3907 3908 3909 3910
    {
      want_access &= ~table->grant.privilege;
      goto err;					// No grants
    }
monty@tramp.mysql.fi's avatar
monty@tramp.mysql.fi committed
3911 3912
    if (show_table)
      continue;					// We have some priv on this
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3913 3914 3915 3916 3917 3918 3919 3920 3921 3922 3923 3924 3925 3926 3927 3928

    table->grant.grant_table=grant_table;	// Remember for column test
    table->grant.version=grant_version;
    table->grant.privilege|= grant_table->privs;
    table->grant.want_privilege= ((want_access & COL_ACLS)
				  & ~table->grant.privilege);

    if (!(~table->grant.privilege & want_access))
      continue;

    if (want_access & ~(grant_table->cols | table->grant.privilege))
    {
      want_access &= ~(grant_table->cols | table->grant.privilege);
      goto err;					// impossible
    }
  }
3929
  rw_unlock(&LOCK_grant);
3930
  DBUG_RETURN(0);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3931

3932
err:
3933
  rw_unlock(&LOCK_grant);
monty@hundin.mysql.fi's avatar
monty@hundin.mysql.fi committed
3934
  if (!no_errors)				// Not a silent skip of table
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3935
  {
3936 3937
    char command[128];
    get_privilege_desc(command, sizeof(command), want_access);
3938 3939
    my_error(ER_TABLEACCESS_DENIED_ERROR, MYF(0),
             command,
3940 3941
             sctx->priv_user,
             sctx->host_or_ip,
3942
             table ? table->table_name : "unknown");
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3943
  }
3944
  DBUG_RETURN(1);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3945 3946 3947
}


3948 3949 3950 3951 3952 3953 3954 3955 3956 3957 3958 3959 3960 3961 3962 3963 3964 3965
/*
  Check column rights in given security context

  SYNOPSIS
    check_grant_column()
    thd                  thread handler
    grant                grant information structure
    db_name              db name
    table_name           table  name
    name                 column name
    length               column name length
    sctx                 security context

  RETURN
    FALSE OK
    TRUE  access denied
*/

bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
3966
bool check_grant_column(THD *thd, GRANT_INFO *grant,
3967
			const char *db_name, const char *table_name,
3968
			const char *name, uint length,  Security_context *sctx)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3969 3970 3971
{
  GRANT_TABLE *grant_table;
  GRANT_COLUMN *grant_column;
bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
3972
  ulong want_access= grant->want_privilege & ~grant->privilege;
monty@mysql.com's avatar
monty@mysql.com committed
3973
  DBUG_ENTER("check_grant_column");
3974
  DBUG_PRINT("enter", ("table: %s  want_access: %lu", table_name, want_access));
monty@mysql.com's avatar
monty@mysql.com committed
3975

bk@work.mysql.com's avatar
bk@work.mysql.com committed
3976
  if (!want_access)
monty@mysql.com's avatar
monty@mysql.com committed
3977
    DBUG_RETURN(0);				// Already checked
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3978

3979
  rw_rdlock(&LOCK_grant);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3980

3981
  /* reload table if someone has modified any grants */
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3982

bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
3983
  if (grant->version != grant_version)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3984
  {
bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
3985
    grant->grant_table=
3986 3987
      table_hash_search(sctx->host, sctx->ip, db_name,
			sctx->priv_user,
monty@mysql.com's avatar
monty@mysql.com committed
3988
			table_name, 0);         /* purecov: inspected */
bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
3989
    grant->version= grant_version;		/* purecov: inspected */
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3990
  }
bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
3991
  if (!(grant_table= grant->grant_table))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3992 3993 3994 3995 3996
    goto err;					/* purecov: deadcode */

  grant_column=column_hash_search(grant_table, name, length);
  if (grant_column && !(~grant_column->rights & want_access))
  {
3997
    rw_unlock(&LOCK_grant);
monty@mysql.com's avatar
monty@mysql.com committed
3998
    DBUG_RETURN(0);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
3999 4000
  }

4001
err:
4002
  rw_unlock(&LOCK_grant);
4003 4004 4005 4006 4007 4008 4009 4010 4011 4012 4013 4014 4015 4016 4017 4018 4019 4020 4021 4022 4023 4024 4025 4026 4027 4028 4029 4030 4031 4032 4033 4034 4035 4036 4037 4038 4039 4040 4041 4042 4043 4044 4045 4046
  char command[128];
  get_privilege_desc(command, sizeof(command), want_access);
  my_error(ER_COLUMNACCESS_DENIED_ERROR, MYF(0),
           command,
           sctx->priv_user,
           sctx->host_or_ip,
           name,
           table_name);
  DBUG_RETURN(1);
}


/*
  Check the access right to a column depending on the type of table.

  SYNOPSIS
    check_column_grant_in_table_ref()
    thd              thread handler
    table_ref        table reference where to check the field
    name             name of field to check
    length           length of name

  DESCRIPTION
    Check the access rights to a column depending on the type of table
    reference where the column is checked. The function provides a
    generic interface to check column access rights that hides the
    heterogeneity of the column representation - whether it is a view
    or a stored table colum.

  RETURN
    FALSE OK
    TRUE  access denied
*/

bool check_column_grant_in_table_ref(THD *thd, TABLE_LIST * table_ref,
                                     const char *name, uint length)
{
  GRANT_INFO *grant;
  const char *db_name;
  const char *table_name;
  Security_context *sctx= test(table_ref->security_ctx) ?
                          table_ref->security_ctx : thd->security_ctx;

  if (table_ref->view || table_ref->field_translation)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4047
  {
4048
    /* View or derived information schema table. */
4049
    ulong view_privs;
4050 4051 4052
    grant= &(table_ref->grant);
    db_name= table_ref->view_db.str;
    table_name= table_ref->view_name.str;
4053 4054 4055 4056 4057 4058 4059 4060 4061 4062 4063 4064 4065 4066
    if (table_ref->belong_to_view && 
        (thd->lex->sql_command == SQLCOM_SHOW_FIELDS ||
         thd->lex->sql_command == SQLCOM_SHOW_CREATE))
    {
      view_privs= get_column_grant(thd, grant, db_name, table_name, name);
      if (view_privs & VIEW_ANY_ACL)
      {
        table_ref->belong_to_view->allowed_show= TRUE;
        return FALSE;
      }
      table_ref->belong_to_view->allowed_show= FALSE;
      my_message(ER_VIEW_NO_EXPLAIN, ER(ER_VIEW_NO_EXPLAIN), MYF(0));
      return TRUE;
    }
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4067
  }
4068 4069 4070 4071 4072
  else
  {
    /* Normal or temporary table. */
    TABLE *table= table_ref->table;
    grant= &(table->grant);
4073 4074
    db_name= table->s->db.str;
    table_name= table->s->table_name.str;
4075 4076 4077 4078 4079 4080 4081 4082
  }

  if (grant->want_privilege)
    return check_grant_column(thd, grant, db_name, table_name, name,
                              length, sctx);
  else
    return FALSE;

bk@work.mysql.com's avatar
bk@work.mysql.com committed
4083 4084 4085
}


4086 4087 4088 4089 4090 4091 4092 4093 4094 4095 4096 4097 4098 4099 4100 4101 4102
/** 
  @brief check if a query can access a set of columns

  @param  thd  the current thread
  @param  want_access_arg  the privileges requested
  @param  fields an iterator over the fields of a table reference.
  @return Operation status
    @retval 0 Success
    @retval 1 Falure
  @details This function walks over the columns of a table reference 
   The columns may originate from different tables, depending on the kind of
   table reference, e.g. join.
   For each table it will retrieve the grant information and will use it
   to check the required access privileges for the fields requested from it.
*/    
bool check_grant_all_columns(THD *thd, ulong want_access_arg, 
                             Field_iterator_table_ref *fields)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4103
{
4104
  Security_context *sctx= thd->security_ctx;
4105 4106
  ulong want_access= want_access_arg;
  const char *table_name= NULL;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4107

4108 4109
  const char* db_name; 
  GRANT_INFO *grant;
4110 4111
  /* Initialized only to make gcc happy */
  GRANT_TABLE *grant_table= NULL;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4112

4113
  rw_rdlock(&LOCK_grant);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4114

4115
  for (; !fields->end_of_fields(); fields->next())
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4116
  {
bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
4117
    const char *field_name= fields->name();
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4118

4119 4120 4121 4122 4123 4124 4125 4126
    if (table_name != fields->table_name())
    {
      table_name= fields->table_name();
      db_name= fields->db_name();
      grant= fields->grant();
      /* get a fresh one for each table */
      want_access= want_access_arg & ~grant->privilege;
      if (want_access)
4127
      {
4128 4129
        /* reload table if someone has modified any grants */
        if (grant->version != grant_version)
4130
        {
4131 4132 4133 4134 4135
          grant->grant_table=
            table_hash_search(sctx->host, sctx->ip, db_name,
                              sctx->priv_user,
                              table_name, 0);	/* purecov: inspected */
          grant->version= grant_version;	/* purecov: inspected */
4136 4137
        }

4138 4139
        grant_table= grant->grant_table;
        DBUG_ASSERT (grant_table);
4140 4141
      }
    }
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4142

4143 4144 4145 4146 4147 4148 4149 4150
    if (want_access)
    {
      GRANT_COLUMN *grant_column= 
        column_hash_search(grant_table, field_name,
                           (uint) strlen(field_name));
      if (!grant_column || (~grant_column->rights & want_access))
        goto err;
    }
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4151
  }
4152
  rw_unlock(&LOCK_grant);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4153 4154
  return 0;

monty@narttu.mysql.fi's avatar
monty@narttu.mysql.fi committed
4155
err:
4156
  rw_unlock(&LOCK_grant);
4157

4158 4159
  char command[128];
  get_privilege_desc(command, sizeof(command), want_access);
4160 4161
  my_error(ER_COLUMNACCESS_DENIED_ERROR, MYF(0),
           command,
4162 4163
           sctx->priv_user,
           sctx->host_or_ip,
4164 4165
           fields->name(),
           table_name);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4166 4167 4168 4169
  return 1;
}


4170 4171 4172 4173 4174 4175 4176 4177 4178 4179 4180 4181 4182 4183 4184 4185 4186 4187 4188 4189
static bool check_grant_db_routine(THD *thd, const char *db, HASH *hash)
{
  Security_context *sctx= thd->security_ctx;

  for (uint idx= 0; idx < hash->records; ++idx)
  {
    GRANT_NAME *item= (GRANT_NAME*) hash_element(hash, idx);

    if (strcmp(item->user, sctx->priv_user) == 0 &&
        strcmp(item->db, db) == 0 &&
        compare_hostname(&item->host, sctx->host, sctx->ip))
    {
      return FALSE;
    }
  }

  return TRUE;
}


4190
/*
4191
  Check if a user has the right to access a database
4192
  Access is accepted if he has a grant for any table/routine in the database
4193
  Return 1 if access is denied
4194
*/
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4195 4196 4197

bool check_grant_db(THD *thd,const char *db)
{
4198
  Security_context *sctx= thd->security_ctx;
gluh@mysql.com/gluh.(none)'s avatar
gluh@mysql.com/gluh.(none) committed
4199
  char helping [NAME_LEN+USERNAME_LENGTH+2];
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4200
  uint len;
4201
  bool error= TRUE;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4202

4203
  len= (uint) (strmov(strmov(helping, sctx->priv_user) + 1, db) - helping) + 1;
4204

4205
  rw_rdlock(&LOCK_grant);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4206

4207
  for (uint idx=0 ; idx < column_priv_hash.records ; idx++)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4208
  {
4209 4210
    GRANT_TABLE *grant_table= (GRANT_TABLE*) hash_element(&column_priv_hash,
							  idx);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4211 4212
    if (len < grant_table->key_length &&
	!memcmp(grant_table->hash_key,helping,len) &&
4213
        compare_hostname(&grant_table->host, sctx->host, sctx->ip))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4214
    {
4215
      error= FALSE; /* Found match. */
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4216 4217 4218
      break;
    }
  }
4219 4220 4221 4222 4223

  if (error)
    error= check_grant_db_routine(thd, db, &proc_priv_hash) &&
           check_grant_db_routine(thd, db, &func_priv_hash);

4224
  rw_unlock(&LOCK_grant);
4225

bk@work.mysql.com's avatar
bk@work.mysql.com committed
4226 4227 4228
  return error;
}

4229 4230

/****************************************************************************
4231
  Check routine level grants
4232 4233

  SYNPOSIS
4234
   bool check_grant_routine()
4235 4236
   thd		Thread handler
   want_access  Bits of privileges user needs to have
4237 4238
   procs	List of routines to check. The user should have 'want_access'
   is_proc	True if the list is all procedures, else functions
4239 4240 4241 4242 4243 4244 4245 4246
   no_errors	If 0 then we write an error. The error is sent directly to
		the client

   RETURN
     0  ok
     1  Error: User did not have the requested privielges
****************************************************************************/

4247
bool check_grant_routine(THD *thd, ulong want_access,
4248
			 TABLE_LIST *procs, bool is_proc, bool no_errors)
4249 4250
{
  TABLE_LIST *table;
4251
  Security_context *sctx= thd->security_ctx;
4252 4253
  char *user= sctx->priv_user;
  char *host= sctx->priv_host;
4254
  DBUG_ENTER("check_grant_routine");
4255

4256
  want_access&= ~sctx->master_access;
4257 4258 4259 4260 4261 4262 4263
  if (!want_access)
    DBUG_RETURN(0);                             // ok

  rw_rdlock(&LOCK_grant);
  for (table= procs; table; table= table->next_global)
  {
    GRANT_NAME *grant_proc;
4264
    if ((grant_proc= routine_hash_search(host, sctx->ip, table->db, user,
4265
					 table->table_name, is_proc, 0)))
4266 4267 4268 4269 4270 4271 4272 4273 4274 4275 4276 4277 4278 4279 4280 4281 4282
      table->grant.privilege|= grant_proc->privs;

    if (want_access & ~table->grant.privilege)
    {
      want_access &= ~table->grant.privilege;
      goto err;
    }
  }
  rw_unlock(&LOCK_grant);
  DBUG_RETURN(0);
err:
  rw_unlock(&LOCK_grant);
  if (!no_errors)
  {
    char buff[1024];
    const char *command="";
    if (table)
4283
      strxmov(buff, table->db, ".", table->table_name, NullS);
4284 4285 4286
    if (want_access & EXECUTE_ACL)
      command= "execute";
    else if (want_access & ALTER_PROC_ACL)
4287
      command= "alter routine";
4288 4289 4290 4291 4292 4293 4294 4295 4296
    else if (want_access & GRANT_ACL)
      command= "grant";
    my_error(ER_PROCACCESS_DENIED_ERROR, MYF(0),
             command, user, host, table ? buff : "unknown");
  }
  DBUG_RETURN(1);
}


4297 4298
/*
  Check if routine has any of the 
4299
  routine level grants
4300 4301 4302 4303 4304 4305 4306 4307 4308
  
  SYNPOSIS
   bool    check_routine_level_acl()
   thd	        Thread handler
   db           Database name
   name         Routine name

  RETURN
   0            Ok 
4309
   1            error
4310 4311
*/

acurtis@xiphis.org's avatar
acurtis@xiphis.org committed
4312 4313
bool check_routine_level_acl(THD *thd, const char *db, const char *name, 
                             bool is_proc)
4314 4315
{
  bool no_routine_acl= 1;
4316 4317 4318 4319 4320 4321 4322 4323 4324
  GRANT_NAME *grant_proc;
  Security_context *sctx= thd->security_ctx;
  rw_rdlock(&LOCK_grant);
  if ((grant_proc= routine_hash_search(sctx->priv_host,
                                       sctx->ip, db,
                                       sctx->priv_user,
                                       name, is_proc, 0)))
    no_routine_acl= !(grant_proc->privs & SHOW_PROC_ACLS);
  rw_unlock(&LOCK_grant);
4325 4326 4327 4328
  return no_routine_acl;
}


bk@work.mysql.com's avatar
bk@work.mysql.com committed
4329
/*****************************************************************************
4330
  Functions to retrieve the grant for a table/column  (for SHOW functions)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4331 4332
*****************************************************************************/

4333
ulong get_table_grant(THD *thd, TABLE_LIST *table)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4334
{
monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
4335
  ulong privilege;
4336
  Security_context *sctx= thd->security_ctx;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4337 4338 4339
  const char *db = table->db ? table->db : thd->db;
  GRANT_TABLE *grant_table;

4340
  rw_rdlock(&LOCK_grant);
4341 4342 4343
#ifdef EMBEDDED_LIBRARY
  grant_table= NULL;
#else
4344
  grant_table= table_hash_search(sctx->host, sctx->ip, db, sctx->priv_user,
4345
				 table->table_name, 0);
4346
#endif
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4347 4348 4349 4350
  table->grant.grant_table=grant_table; // Remember for column test
  table->grant.version=grant_version;
  if (grant_table)
    table->grant.privilege|= grant_table->privs;
4351
  privilege= table->grant.privilege;
4352
  rw_unlock(&LOCK_grant);
4353
  return privilege;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4354 4355 4356
}


4357 4358 4359 4360 4361 4362 4363 4364 4365 4366 4367 4368 4369 4370 4371 4372 4373 4374
/*
  Determine the access priviliges for a field.

  SYNOPSIS
    get_column_grant()
    thd         thread handler
    grant       grants table descriptor
    db_name     name of database that the field belongs to
    table_name  name of table that the field belongs to
    field_name  name of field

  DESCRIPTION
    The procedure may also modify: grant->grant_table and grant->version.

  RETURN
    The access priviliges for the field db_name.table_name.field_name
*/

bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
4375 4376 4377
ulong get_column_grant(THD *thd, GRANT_INFO *grant,
                       const char *db_name, const char *table_name,
                       const char *field_name)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4378 4379 4380
{
  GRANT_TABLE *grant_table;
  GRANT_COLUMN *grant_column;
4381
  ulong priv;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4382

4383
  rw_rdlock(&LOCK_grant);
4384
  /* reload table if someone has modified any grants */
bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
4385
  if (grant->version != grant_version)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4386
  {
4387
    Security_context *sctx= thd->security_ctx;
bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
4388
    grant->grant_table=
4389 4390
      table_hash_search(sctx->host, sctx->ip,
                        db_name, sctx->priv_user,
bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
4391 4392
			table_name, 0);	        /* purecov: inspected */
    grant->version= grant_version;              /* purecov: inspected */
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4393 4394
  }

bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
4395 4396
  if (!(grant_table= grant->grant_table))
    priv= grant->privilege;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4397 4398
  else
  {
bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
4399 4400
    grant_column= column_hash_search(grant_table, field_name,
                                     (uint) strlen(field_name));
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4401
    if (!grant_column)
4402
      priv= (grant->privilege | grant_table->privs);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4403
    else
4404
      priv= (grant->privilege | grant_table->privs | grant_column->rights);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4405
  }
4406
  rw_unlock(&LOCK_grant);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4407 4408 4409
  return priv;
}

bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
4410

4411
/* Help function for mysql_show_grants */
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4412

4413 4414 4415 4416 4417 4418 4419 4420 4421 4422 4423 4424
static void add_user_option(String *grant, ulong value, const char *name)
{
  if (value)
  {
    char buff[22], *p; // just as in int2str
    grant->append(' ');
    grant->append(name, strlen(name));
    grant->append(' ');
    p=int10_to_str(value, buff, 10);
    grant->append(buff,p-buff);
  }
}
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4425 4426

static const char *command_array[]=
4427
{
bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
4428 4429 4430 4431
  "SELECT", "INSERT", "UPDATE", "DELETE", "CREATE", "DROP", "RELOAD",
  "SHUTDOWN", "PROCESS","FILE", "GRANT", "REFERENCES", "INDEX",
  "ALTER", "SHOW DATABASES", "SUPER", "CREATE TEMPORARY TABLES",
  "LOCK TABLES", "EXECUTE", "REPLICATION SLAVE", "REPLICATION CLIENT",
4432
  "CREATE VIEW", "SHOW VIEW", "CREATE ROUTINE", "ALTER ROUTINE",
4433
  "CREATE USER", "EVENT", "TRIGGER"
4434
};
4435

4436 4437
static uint command_lengths[]=
{
4438
  6, 6, 6, 6, 6, 4, 6, 8, 7, 4, 5, 10, 5, 5, 14, 5, 23, 11, 7, 17, 18, 11, 9,
4439
  14, 13, 11, 5, 7
4440 4441
};

bk@work.mysql.com's avatar
bk@work.mysql.com committed
4442

4443 4444 4445 4446 4447
static int show_routine_grants(THD *thd, LEX_USER *lex_user, HASH *hash,
                               const char *type, int typelen,
                               char *buff, int buffsize);


4448 4449 4450 4451 4452 4453 4454
/*
  SHOW GRANTS;  Send grants for a user to the client

  IMPLEMENTATION
   Send to client grant-like strings depicting user@host privileges
*/

4455
bool mysql_show_grants(THD *thd,LEX_USER *lex_user)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4456
{
4457 4458
  ulong want_access;
  uint counter,index;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4459
  int  error = 0;
monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
4460 4461
  ACL_USER *acl_user;
  ACL_DB *acl_db;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4462
  char buff[1024];
4463
  Protocol *protocol= thd->protocol;
tonu@x153.internalnet's avatar
tonu@x153.internalnet committed
4464
  DBUG_ENTER("mysql_show_grants");
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4465 4466 4467 4468

  LINT_INIT(acl_user);
  if (!initialized)
  {
guilhem@mysql.com's avatar
guilhem@mysql.com committed
4469
    my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0), "--skip-grant-tables");
4470
    DBUG_RETURN(TRUE);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4471
  }
monty@mysql.com's avatar
monty@mysql.com committed
4472

4473 4474 4475 4476 4477
  rw_rdlock(&LOCK_grant);
  VOID(pthread_mutex_lock(&acl_cache->lock));

  acl_user= find_acl_user(lex_user->host.str, lex_user->user.str, TRUE);
  if (!acl_user)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4478
  {
4479 4480 4481
    VOID(pthread_mutex_unlock(&acl_cache->lock));
    rw_unlock(&LOCK_grant);

guilhem@mysql.com's avatar
guilhem@mysql.com committed
4482 4483
    my_error(ER_NONEXISTING_GRANT, MYF(0),
             lex_user->user.str, lex_user->host.str);
4484
    DBUG_RETURN(TRUE);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4485 4486
  }

4487
  Item_string *field=new Item_string("",0,&my_charset_latin1);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4488 4489 4490 4491 4492 4493
  List<Item> field_list;
  field->name=buff;
  field->max_length=1024;
  strxmov(buff,"Grants for ",lex_user->user.str,"@",
	  lex_user->host.str,NullS);
  field_list.push_back(field);
4494 4495
  if (protocol->send_fields(&field_list,
                            Protocol::SEND_NUM_ROWS | Protocol::SEND_EOF))
4496 4497 4498
  {
    VOID(pthread_mutex_unlock(&acl_cache->lock));
    rw_unlock(&LOCK_grant);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4499

4500 4501
    DBUG_RETURN(TRUE);
  }
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4502 4503 4504

  /* Add first global access grants */
  {
4505
    String global(buff,sizeof(buff),system_charset_info);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4506
    global.length(0);
4507
    global.append(STRING_WITH_LEN("GRANT "));
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4508

monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
4509
    want_access= acl_user->access;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4510
    if (test_all_bits(want_access, (GLOBAL_ACLS & ~ GRANT_ACL)))
4511
      global.append(STRING_WITH_LEN("ALL PRIVILEGES"));
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4512
    else if (!(want_access & ~GRANT_ACL))
4513
      global.append(STRING_WITH_LEN("USAGE"));
peter@mysql.com's avatar
peter@mysql.com committed
4514
    else
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4515 4516
    {
      bool found=0;
4517
      ulong j,test_access= want_access & ~GRANT_ACL;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4518 4519
      for (counter=0, j = SELECT_ACL;j <= GLOBAL_ACLS;counter++,j <<= 1)
      {
peter@mysql.com's avatar
peter@mysql.com committed
4520
	if (test_access & j)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4521 4522
	{
	  if (found)
4523
	    global.append(STRING_WITH_LEN(", "));
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4524 4525 4526 4527 4528
	  found=1;
	  global.append(command_array[counter],command_lengths[counter]);
	}
      }
    }
4529
    global.append (STRING_WITH_LEN(" ON *.* TO '"));
4530 4531
    global.append(lex_user->user.str, lex_user->user.length,
		  system_charset_info);
4532
    global.append (STRING_WITH_LEN("'@'"));
4533 4534
    global.append(lex_user->host.str,lex_user->host.length,
		  system_charset_info);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4535
    global.append ('\'');
4536
    if (acl_user->salt_len)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4537
    {
4538 4539 4540 4541 4542
      char passwd_buff[SCRAMBLED_PASSWORD_CHAR_LENGTH+1];
      if (acl_user->salt_len == SCRAMBLE_LENGTH)
        make_password_from_salt(passwd_buff, acl_user->salt);
      else
        make_password_from_salt_323(passwd_buff, (ulong *) acl_user->salt);
4543
      global.append(STRING_WITH_LEN(" IDENTIFIED BY PASSWORD '"));
4544
      global.append(passwd_buff);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4545 4546
      global.append('\'');
    }
4547 4548
    /* "show grants" SSL related stuff */
    if (acl_user->ssl_type == SSL_TYPE_ANY)
4549
      global.append(STRING_WITH_LEN(" REQUIRE SSL"));
4550
    else if (acl_user->ssl_type == SSL_TYPE_X509)
4551
      global.append(STRING_WITH_LEN(" REQUIRE X509"));
4552
    else if (acl_user->ssl_type == SSL_TYPE_SPECIFIED)
4553
    {
4554
      int ssl_options = 0;
4555
      global.append(STRING_WITH_LEN(" REQUIRE "));
4556 4557
      if (acl_user->x509_issuer)
      {
4558
	ssl_options++;
4559
	global.append(STRING_WITH_LEN("ISSUER \'"));
4560
	global.append(acl_user->x509_issuer,strlen(acl_user->x509_issuer));
4561
	global.append('\'');
4562
      }
4563 4564
      if (acl_user->x509_subject)
      {
4565 4566
	if (ssl_options++)
	  global.append(' ');
4567
	global.append(STRING_WITH_LEN("SUBJECT \'"));
4568 4569
	global.append(acl_user->x509_subject,strlen(acl_user->x509_subject),
                      system_charset_info);
4570
	global.append('\'');
tonu@x153.internalnet's avatar
tonu@x153.internalnet committed
4571
      }
4572 4573
      if (acl_user->ssl_cipher)
      {
4574 4575
	if (ssl_options++)
	  global.append(' ');
4576
	global.append(STRING_WITH_LEN("CIPHER '"));
4577 4578
	global.append(acl_user->ssl_cipher,strlen(acl_user->ssl_cipher),
                      system_charset_info);
4579
	global.append('\'');
4580 4581
      }
    }
4582
    if ((want_access & GRANT_ACL) ||
4583 4584 4585 4586
	(acl_user->user_resource.questions ||
         acl_user->user_resource.updates ||
         acl_user->user_resource.conn_per_hour ||
         acl_user->user_resource.user_conn))
4587
    {
4588
      global.append(STRING_WITH_LEN(" WITH"));
4589
      if (want_access & GRANT_ACL)
4590
	global.append(STRING_WITH_LEN(" GRANT OPTION"));
4591 4592 4593 4594
      add_user_option(&global, acl_user->user_resource.questions,
		      "MAX_QUERIES_PER_HOUR");
      add_user_option(&global, acl_user->user_resource.updates,
		      "MAX_UPDATES_PER_HOUR");
4595
      add_user_option(&global, acl_user->user_resource.conn_per_hour,
4596
		      "MAX_CONNECTIONS_PER_HOUR");
4597 4598
      add_user_option(&global, acl_user->user_resource.user_conn,
		      "MAX_USER_CONNECTIONS");
4599
    }
4600
    protocol->prepare_for_resend();
4601
    protocol->store(global.ptr(),global.length(),global.charset());
4602
    if (protocol->write())
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4603
    {
monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
4604
      error= -1;
4605
      goto end;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4606 4607 4608 4609 4610 4611
    }
  }

  /* Add database access */
  for (counter=0 ; counter < acl_dbs.elements ; counter++)
  {
monty@mysql.com's avatar
monty@mysql.com committed
4612
    const char *user, *host;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4613 4614 4615

    acl_db=dynamic_element(&acl_dbs,counter,ACL_DB*);
    if (!(user=acl_db->user))
monty@mysql.com's avatar
monty@mysql.com committed
4616
      user= "";
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4617
    if (!(host=acl_db->host.hostname))
monty@mysql.com's avatar
monty@mysql.com committed
4618
      host= "";
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4619

4620 4621 4622 4623 4624 4625 4626
    /*
      We do not make SHOW GRANTS case-sensitive here (like REVOKE),
      but make it case-insensitive because that's the way they are
      actually applied, and showing fewer privileges than are applied
      would be wrong from a security point of view.
    */

bk@work.mysql.com's avatar
bk@work.mysql.com committed
4627
    if (!strcmp(lex_user->user.str,user) &&
4628
	!my_strcasecmp(system_charset_info, lex_user->host.str, host))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4629 4630
    {
      want_access=acl_db->access;
peter@mysql.com's avatar
peter@mysql.com committed
4631
      if (want_access)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4632
      {
4633
	String db(buff,sizeof(buff),system_charset_info);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4634
	db.length(0);
4635
	db.append(STRING_WITH_LEN("GRANT "));
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4636 4637

	if (test_all_bits(want_access,(DB_ACLS & ~GRANT_ACL)))
4638
	  db.append(STRING_WITH_LEN("ALL PRIVILEGES"));
4639
	else if (!(want_access & ~GRANT_ACL))
4640
	  db.append(STRING_WITH_LEN("USAGE"));
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4641 4642 4643
	else
	{
	  int found=0, cnt;
4644
	  ulong j,test_access= want_access & ~GRANT_ACL;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4645 4646 4647 4648 4649
	  for (cnt=0, j = SELECT_ACL; j <= DB_ACLS; cnt++,j <<= 1)
	  {
	    if (test_access & j)
	    {
	      if (found)
4650
		db.append(STRING_WITH_LEN(", "));
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4651 4652 4653 4654 4655
	      found = 1;
	      db.append(command_array[cnt],command_lengths[cnt]);
	    }
	  }
	}
4656
	db.append (STRING_WITH_LEN(" ON "));
4657
	append_identifier(thd, &db, acl_db->db, strlen(acl_db->db));
4658
	db.append (STRING_WITH_LEN(".* TO '"));
4659 4660
	db.append(lex_user->user.str, lex_user->user.length,
		  system_charset_info);
4661
	db.append (STRING_WITH_LEN("'@'"));
4662 4663
	// host and lex_user->host are equal except for case
	db.append(host, strlen(host), system_charset_info);
peter@mysql.com's avatar
peter@mysql.com committed
4664
	db.append ('\'');
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4665
	if (want_access & GRANT_ACL)
4666
	  db.append(STRING_WITH_LEN(" WITH GRANT OPTION"));
4667
	protocol->prepare_for_resend();
4668
	protocol->store(db.ptr(),db.length(),db.charset());
4669
	if (protocol->write())
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4670
	{
monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
4671
	  error= -1;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4672 4673 4674 4675 4676 4677
	  goto end;
	}
      }
    }
  }

4678
  /* Add table & column access */
4679
  for (index=0 ; index < column_priv_hash.records ; index++)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4680
  {
4681
    const char *user, *host;
4682 4683
    GRANT_TABLE *grant_table= (GRANT_TABLE*) hash_element(&column_priv_hash,
							  index);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4684 4685

    if (!(user=grant_table->user))
4686
      user= "";
4687 4688
    if (!(host= grant_table->host.hostname))
      host= "";
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4689

4690 4691 4692 4693 4694 4695 4696
    /*
      We do not make SHOW GRANTS case-sensitive here (like REVOKE),
      but make it case-insensitive because that's the way they are
      actually applied, and showing fewer privileges than are applied
      would be wrong from a security point of view.
    */

bk@work.mysql.com's avatar
bk@work.mysql.com committed
4697
    if (!strcmp(lex_user->user.str,user) &&
4698
	!my_strcasecmp(system_charset_info, lex_user->host.str, host))
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4699
    {
4700 4701
      ulong table_access= grant_table->privs;
      if ((table_access | grant_table->cols) != 0)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4702
      {
4703
	String global(buff, sizeof(buff), system_charset_info);
4704 4705
	ulong test_access= (table_access | grant_table->cols) & ~GRANT_ACL;

bk@work.mysql.com's avatar
bk@work.mysql.com committed
4706
	global.length(0);
4707
	global.append(STRING_WITH_LEN("GRANT "));
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4708

4709
	if (test_all_bits(table_access, (TABLE_ACLS & ~GRANT_ACL)))
4710
	  global.append(STRING_WITH_LEN("ALL PRIVILEGES"));
monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
4711
	else if (!test_access)
4712
	  global.append(STRING_WITH_LEN("USAGE"));
peter@mysql.com's avatar
peter@mysql.com committed
4713
	else
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4714
	{
4715
          /* Add specific column access */
4716
	  int found= 0;
4717
	  ulong j;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4718

4719
	  for (counter= 0, j= SELECT_ACL; j <= TABLE_ACLS; counter++, j<<= 1)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4720
	  {
peter@mysql.com's avatar
peter@mysql.com committed
4721
	    if (test_access & j)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4722 4723
	    {
	      if (found)
4724
		global.append(STRING_WITH_LEN(", "));
4725
	      found= 1;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4726 4727
	      global.append(command_array[counter],command_lengths[counter]);

peter@mysql.com's avatar
peter@mysql.com committed
4728
	      if (grant_table->cols)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4729
	      {
4730
		uint found_col= 0;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4731 4732 4733 4734 4735 4736
		for (uint col_index=0 ;
		     col_index < grant_table->hash_columns.records ;
		     col_index++)
		{
		  GRANT_COLUMN *grant_column = (GRANT_COLUMN*)
		    hash_element(&grant_table->hash_columns,col_index);
peter@mysql.com's avatar
peter@mysql.com committed
4737
		  if (grant_column->rights & j)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4738
		  {
peter@mysql.com's avatar
peter@mysql.com committed
4739
		    if (!found_col)
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4740
		    {
4741 4742 4743 4744 4745 4746 4747
		      found_col= 1;
		      /*
			If we have a duplicated table level privilege, we
			must write the access privilege name again.
		      */
		      if (table_access & j)
		      {
4748
			global.append(STRING_WITH_LEN(", "));
4749 4750 4751
			global.append(command_array[counter],
				      command_lengths[counter]);
		      }
4752
		      global.append(STRING_WITH_LEN(" ("));
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4753 4754
		    }
		    else
4755
		      global.append(STRING_WITH_LEN(", "));
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4756
		    global.append(grant_column->column,
4757 4758
				  grant_column->key_length,
				  system_charset_info);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4759 4760 4761 4762 4763 4764 4765 4766
		  }
		}
		if (found_col)
		  global.append(')');
	      }
	    }
	  }
	}
4767
	global.append(STRING_WITH_LEN(" ON "));
4768 4769 4770 4771 4772
	append_identifier(thd, &global, grant_table->db,
			  strlen(grant_table->db));
	global.append('.');
	append_identifier(thd, &global, grant_table->tname,
			  strlen(grant_table->tname));
4773
	global.append(STRING_WITH_LEN(" TO '"));
4774 4775
	global.append(lex_user->user.str, lex_user->user.length,
		      system_charset_info);
4776
	global.append(STRING_WITH_LEN("'@'"));
4777 4778
	// host and lex_user->host are equal except for case
	global.append(host, strlen(host), system_charset_info);
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4779
	global.append('\'');
4780
	if (table_access & GRANT_ACL)
4781
	  global.append(STRING_WITH_LEN(" WITH GRANT OPTION"));
4782
	protocol->prepare_for_resend();
4783
	protocol->store(global.ptr(),global.length(),global.charset());
4784
	if (protocol->write())
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4785
	{
monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
4786
	  error= -1;
4787
	  break;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4788 4789 4790 4791
	}
      }
    }
  }
4792

4793
  if (show_routine_grants(thd, lex_user, &proc_priv_hash, 
4794
                          STRING_WITH_LEN("PROCEDURE"), buff, sizeof(buff)))
4795 4796 4797 4798 4799 4800
  {
    error= -1;
    goto end;
  }

  if (show_routine_grants(thd, lex_user, &func_priv_hash,
4801
                          STRING_WITH_LEN("FUNCTION"), buff, sizeof(buff)))
4802 4803 4804 4805 4806 4807 4808 4809 4810 4811 4812 4813 4814 4815 4816 4817 4818 4819 4820 4821 4822 4823
  {
    error= -1;
    goto end;
  }

end:
  VOID(pthread_mutex_unlock(&acl_cache->lock));
  rw_unlock(&LOCK_grant);

  send_eof(thd);
  DBUG_RETURN(error);
}

static int show_routine_grants(THD* thd, LEX_USER *lex_user, HASH *hash,
                               const char *type, int typelen,
                               char *buff, int buffsize)
{
  uint counter, index;
  int error= 0;
  Protocol *protocol= thd->protocol;
  /* Add routine access */
  for (index=0 ; index < hash->records ; index++)
4824
  {
4825
    const char *user, *host;
4826
    GRANT_NAME *grant_proc= (GRANT_NAME*) hash_element(hash, index);
4827 4828 4829

    if (!(user=grant_proc->user))
      user= "";
4830 4831
    if (!(host= grant_proc->host.hostname))
      host= "";
4832

4833 4834 4835 4836 4837 4838 4839
    /*
      We do not make SHOW GRANTS case-sensitive here (like REVOKE),
      but make it case-insensitive because that's the way they are
      actually applied, and showing fewer privileges than are applied
      would be wrong from a security point of view.
    */

4840
    if (!strcmp(lex_user->user.str,user) &&
4841
	!my_strcasecmp(system_charset_info, lex_user->host.str, host))
4842 4843 4844 4845
    {
      ulong proc_access= grant_proc->privs;
      if (proc_access != 0)
      {
4846
	String global(buff, buffsize, system_charset_info);
4847 4848 4849
	ulong test_access= proc_access & ~GRANT_ACL;

	global.length(0);
4850
	global.append(STRING_WITH_LEN("GRANT "));
4851 4852

	if (!test_access)
4853
 	  global.append(STRING_WITH_LEN("USAGE"));
4854 4855 4856 4857 4858 4859 4860 4861 4862 4863 4864
	else
	{
          /* Add specific procedure access */
	  int found= 0;
	  ulong j;

	  for (counter= 0, j= SELECT_ACL; j <= PROC_ACLS; counter++, j<<= 1)
	  {
	    if (test_access & j)
	    {
	      if (found)
4865
		global.append(STRING_WITH_LEN(", "));
4866 4867 4868 4869 4870
	      found= 1;
	      global.append(command_array[counter],command_lengths[counter]);
	    }
	  }
	}
4871
	global.append(STRING_WITH_LEN(" ON "));
4872 4873
        global.append(type,typelen);
        global.append(' ');
4874 4875 4876 4877 4878
	append_identifier(thd, &global, grant_proc->db,
			  strlen(grant_proc->db));
	global.append('.');
	append_identifier(thd, &global, grant_proc->tname,
			  strlen(grant_proc->tname));
4879
	global.append(STRING_WITH_LEN(" TO '"));
4880 4881
	global.append(lex_user->user.str, lex_user->user.length,
		      system_charset_info);
4882
	global.append(STRING_WITH_LEN("'@'"));
4883 4884
	// host and lex_user->host are equal except for case
	global.append(host, strlen(host), system_charset_info);
4885 4886
	global.append('\'');
	if (proc_access & GRANT_ACL)
4887
	  global.append(STRING_WITH_LEN(" WITH GRANT OPTION"));
4888 4889 4890 4891 4892 4893 4894 4895 4896 4897
	protocol->prepare_for_resend();
	protocol->store(global.ptr(),global.length(),global.charset());
	if (protocol->write())
	{
	  error= -1;
	  break;
	}
      }
    }
  }
4898
  return error;
bk@work.mysql.com's avatar
bk@work.mysql.com committed
4899 4900
}

4901 4902 4903 4904 4905 4906 4907 4908 4909 4910 4911 4912 4913 4914 4915 4916 4917 4918 4919 4920 4921 4922 4923 4924 4925 4926 4927 4928
/*
  Make a clear-text version of the requested privilege.
*/

void get_privilege_desc(char *to, uint max_length, ulong access)
{
  uint pos;
  char *start=to;
  DBUG_ASSERT(max_length >= 30);		// For end ',' removal

  if (access)
  {
    max_length--;				// Reserve place for end-zero
    for (pos=0 ; access ; pos++, access>>=1)
    {
      if ((access & 1) &&
	  command_lengths[pos] + (uint) (to-start) < max_length)
      {
	to= strmov(to, command_array[pos]);
	*to++=',';
      }
    }
    to--;					// Remove end ','
  }
  *to=0;
}


4929
void get_mqh(const char *user, const char *host, USER_CONN *uc)
4930 4931
{
  ACL_USER *acl_user;
4932 4933 4934

  pthread_mutex_lock(&acl_cache->lock);

4935
  if (initialized && (acl_user= find_acl_user(host,user, FALSE)))
4936 4937 4938
    uc->user_resources= acl_user->user_resource;
  else
    bzero((char*) &uc->user_resources, sizeof(uc->user_resources));
4939 4940

  pthread_mutex_unlock(&acl_cache->lock);
4941 4942
}

4943 4944 4945 4946 4947 4948 4949 4950 4951 4952 4953 4954 4955 4956 4957 4958 4959 4960 4961 4962 4963
/*
  Open the grant tables.

  SYNOPSIS
    open_grant_tables()
    thd                         The current thread.
    tables (out)                The 4 elements array for the opened tables.

  DESCRIPTION
    Tables are numbered as follows:
    0 user
    1 db
    2 tables_priv
    3 columns_priv

  RETURN
    1           Skip GRANT handling during replication.
    0           OK.
    < 0         Error.
*/

4964
#define GRANT_TABLES 5
4965 4966 4967 4968 4969 4970
int open_grant_tables(THD *thd, TABLE_LIST *tables)
{
  DBUG_ENTER("open_grant_tables");

  if (!initialized)
  {
4971
    my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0), "--skip-grant-tables");
4972 4973 4974
    DBUG_RETURN(-1);
  }

4975
  bzero((char*) tables, GRANT_TABLES*sizeof(*tables));
4976 4977 4978 4979 4980
  tables->alias= tables->table_name= (char*) "user";
  (tables+1)->alias= (tables+1)->table_name= (char*) "db";
  (tables+2)->alias= (tables+2)->table_name= (char*) "tables_priv";
  (tables+3)->alias= (tables+3)->table_name= (char*) "columns_priv";
  (tables+4)->alias= (tables+4)->table_name= (char*) "procs_priv";
bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
4981 4982 4983
  tables->next_local= tables->next_global= tables+1;
  (tables+1)->next_local= (tables+1)->next_global= tables+2;
  (tables+2)->next_local= (tables+2)->next_global= tables+3;
4984
  (tables+3)->next_local= (tables+3)->next_global= tables+4;
4985
  tables->lock_type= (tables+1)->lock_type=
4986 4987 4988 4989
    (tables+2)->lock_type= (tables+3)->lock_type= 
    (tables+4)->lock_type= TL_WRITE;
  tables->db= (tables+1)->db= (tables+2)->db= 
    (tables+3)->db= (tables+4)->db= (char*) "mysql";
4990 4991 4992 4993 4994 4995

#ifdef HAVE_REPLICATION
  /*
    GRANT and REVOKE are applied the slave in/exclusion rules as they are
    some kind of updates to the mysql.% tables.
  */
4996
  if (thd->slave_thread && rpl_filter->is_on())
4997
  {
monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
4998 4999 5000
    /*
      The tables must be marked "updating" so that tables_ok() takes them into
      account in tests.
5001
    */
5002 5003
    tables[0].updating=tables[1].updating=tables[2].updating=
      tables[3].updating=tables[4].updating=1;
lars@mysql.com's avatar
lars@mysql.com committed
5004
    if (!(thd->spcont || rpl_filter->tables_ok(0, tables)))
5005
      DBUG_RETURN(1);
5006 5007
    tables[0].updating=tables[1].updating=tables[2].updating=
      tables[3].updating=tables[4].updating=0;;
5008
  }
5009 5010
#endif

5011
  if (simple_open_n_lock_tables(thd, tables))
5012 5013 5014 5015 5016 5017 5018 5019 5020
  {						// This should never happen
    close_thread_tables(thd);
    DBUG_RETURN(-1);
  }

  DBUG_RETURN(0);
}

ACL_USER *check_acl_user(LEX_USER *user_name,
monty@narttu.mysql.fi's avatar
merge  
monty@narttu.mysql.fi committed
5021
			 uint *acl_acl_userdx)
5022 5023 5024 5025
{
  ACL_USER *acl_user= 0;
  uint counter;

5026 5027
  safe_mutex_assert_owner(&acl_cache->lock);

5028 5029 5030 5031 5032
  for (counter= 0 ; counter < acl_users.elements ; counter++)
  {
    const char *user,*host;
    acl_user= dynamic_element(&acl_users, counter, ACL_USER*);
    if (!(user=acl_user->user))
monty@mysql.com's avatar
monty@mysql.com committed
5033
      user= "";
5034
    if (!(host=acl_user->host.hostname))
5035
      host= "";
5036 5037 5038 5039 5040 5041 5042
    if (!strcmp(user_name->user.str,user) &&
	!my_strcasecmp(system_charset_info, user_name->host.str, host))
      break;
  }
  if (counter == acl_users.elements)
    return 0;

monty@narttu.mysql.fi's avatar
merge  
monty@narttu.mysql.fi committed
5043
  *acl_acl_userdx= counter;
monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
5044
  return acl_user;
5045
}
monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
5046

5047 5048 5049 5050 5051 5052 5053 5054 5055 5056 5057 5058 5059 5060 5061 5062 5063 5064 5065 5066 5067 5068
/*
  Modify a privilege table.

  SYNOPSIS
    modify_grant_table()
    table                       The table to modify.
    host_field                  The host name field.
    user_field                  The user name field.
    user_to                     The new name for the user if to be renamed,
                                NULL otherwise.

  DESCRIPTION
  Update user/host in the current record if user_to is not NULL.
  Delete the current record if user_to is NULL.

  RETURN
    0           OK.
    != 0        Error.
*/

static int modify_grant_table(TABLE *table, Field *host_field,
                              Field *user_field, LEX_USER *user_to)
5069
{
5070 5071
  int error;
  DBUG_ENTER("modify_grant_table");
5072

5073 5074 5075 5076 5077 5078 5079 5080
  if (user_to)
  {
    /* rename */
    store_record(table, record[1]);
    host_field->store(user_to->host.str, user_to->host.length,
                      system_charset_info);
    user_field->store(user_to->user.str, user_to->user.length,
                      system_charset_info);
5081 5082 5083
    if ((error= table->file->ha_update_row(table->record[1], 
                                           table->record[0])) &&
        error != HA_ERR_RECORD_IS_THE_SAME)
5084
      table->file->print_error(error, MYF(0));
5085 5086
    else
      error= 0;
5087 5088 5089 5090
  }
  else
  {
    /* delete */
5091
    if ((error=table->file->ha_delete_row(table->record[0])))
5092 5093
      table->file->print_error(error, MYF(0));
  }
5094

5095 5096
  DBUG_RETURN(error);
}
5097

5098 5099 5100 5101 5102 5103
/*
  Handle a privilege table.

  SYNOPSIS
    handle_grant_table()
    tables                      The array with the four open tables.
5104
    table_no                    The number of the table to handle (0..4).
5105 5106 5107 5108 5109 5110 5111 5112 5113 5114 5115 5116 5117 5118 5119 5120 5121
    drop                        If user_from is to be dropped.
    user_from                   The the user to be searched/dropped/renamed.
    user_to                     The new name for the user if to be renamed,
                                NULL otherwise.

  DESCRIPTION
    Scan through all records in a grant table and apply the requested
    operation. For the "user" table, a single index access is sufficient,
    since there is an unique index on (host, user).
    Delete from grant table if drop is true.
    Update in grant table if drop is false and user_to is not NULL.
    Search in grant table if drop is false and user_to is NULL.
    Tables are numbered as follows:
    0 user
    1 db
    2 tables_priv
    3 columns_priv
5122
    4 procs_priv
5123 5124 5125 5126 5127 5128 5129 5130 5131 5132 5133 5134 5135 5136 5137 5138 5139 5140 5141

  RETURN
    > 0         At least one record matched.
    0           OK, but no record matched.
    < 0         Error.
*/

static int handle_grant_table(TABLE_LIST *tables, uint table_no, bool drop,
                              LEX_USER *user_from, LEX_USER *user_to)
{
  int result= 0;
  int error;
  TABLE *table= tables[table_no].table;
  Field *host_field= table->field[0];
  Field *user_field= table->field[table_no ? 2 : 1];
  char *host_str= user_from->host.str;
  char *user_str= user_from->user.str;
  const char *host;
  const char *user;
5142
  uchar user_key[MAX_KEY_LENGTH];
5143
  uint key_prefix_length;
5144
  DBUG_ENTER("handle_grant_table");
5145
  THD *thd= current_thd;
5146

5147
  table->use_all_columns();
5148
  if (! table_no) // mysql.user table
5149
  {
5150 5151 5152 5153 5154 5155 5156 5157 5158 5159
    /*
      The 'user' table has an unique index on (host, user).
      Thus, we can handle everything with a single index access.
      The host- and user fields are consecutive in the user table records.
      So we set host- and user fields of table->record[0] and use the
      pointer to the host field as key.
      index_read_idx() will replace table->record[0] (its first argument)
      by the searched record, if it exists.
    */
    DBUG_PRINT("info",("read table: '%s'  search: '%s'@'%s'",
5160
                       table->s->table_name.str, user_str, host_str));
5161 5162
    host_field->store(host_str, user_from->host.length, system_charset_info);
    user_field->store(user_str, user_from->user.length, system_charset_info);
5163 5164 5165 5166 5167

    key_prefix_length= (table->key_info->key_part[0].store_length +
                        table->key_info->key_part[1].store_length);
    key_copy(user_key, table->record[0], table->key_info, key_prefix_length);

5168 5169 5170
    if ((error= table->file->index_read_idx_map(table->record[0], 0,
                                                user_key, (key_part_map)3,
                                                HA_READ_KEY_EXACT)))
5171
    {
5172
      if (error != HA_ERR_KEY_NOT_FOUND && error != HA_ERR_END_OF_FILE)
5173 5174 5175 5176
      {
        table->file->print_error(error, MYF(0));
        result= -1;
      }
5177
    }
5178 5179 5180 5181 5182 5183 5184 5185 5186 5187 5188 5189 5190 5191 5192 5193 5194
    else
    {
      /* If requested, delete or update the record. */
      result= ((drop || user_to) &&
               modify_grant_table(table, host_field, user_field, user_to)) ?
        -1 : 1; /* Error or found. */
    }
    DBUG_PRINT("info",("read result: %d", result));
  }
  else
  {
    /*
      The non-'user' table do not have indexes on (host, user).
      And their host- and user fields are not consecutive.
      Thus, we need to do a table scan to find all matching records.
    */
    if ((error= table->file->ha_rnd_init(1)))
5195
    {
5196
      table->file->print_error(error, MYF(0));
5197
      result= -1;
5198 5199 5200 5201 5202
    }
    else
    {
#ifdef EXTRA_DEBUG
      DBUG_PRINT("info",("scan table: '%s'  search: '%s'@'%s'",
5203
                         table->s->table_name.str, user_str, host_str));
5204 5205 5206 5207 5208 5209 5210 5211 5212 5213
#endif
      while ((error= table->file->rnd_next(table->record[0])) != 
             HA_ERR_END_OF_FILE)
      {
        if (error)
        {
          /* Most probable 'deleted record'. */
          DBUG_PRINT("info",("scan error: %d", error));
          continue;
        }
5214
        if (! (host= get_field(thd->mem_root, host_field)))
5215
          host= "";
5216
        if (! (user= get_field(thd->mem_root, user_field)))
5217 5218 5219 5220 5221
          user= "";

#ifdef EXTRA_DEBUG
        DBUG_PRINT("loop",("scan fields: '%s'@'%s' '%s' '%s' '%s'",
                           user, host,
5222 5223 5224 5225
                           get_field(thd->mem_root, table->field[1]) /*db*/,
                           get_field(thd->mem_root, table->field[3]) /*table*/,
                           get_field(thd->mem_root,
                                     table->field[4]) /*column*/));
5226 5227 5228 5229 5230 5231 5232 5233 5234 5235 5236 5237 5238 5239 5240 5241 5242 5243 5244 5245 5246 5247 5248 5249 5250 5251 5252
#endif
        if (strcmp(user_str, user) ||
            my_strcasecmp(system_charset_info, host_str, host))
          continue;

        /* If requested, delete or update the record. */
        result= ((drop || user_to) &&
                 modify_grant_table(table, host_field, user_field, user_to)) ?
          -1 : result ? result : 1; /* Error or keep result or found. */
        /* If search is requested, we do not need to search further. */
        if (! drop && ! user_to)
          break ;
      }
      (void) table->file->ha_rnd_end();
      DBUG_PRINT("info",("scan result: %d", result));
    }
  }

  DBUG_RETURN(result);
}


/*
  Handle an in-memory privilege structure.

  SYNOPSIS
    handle_grant_struct()
5253
    struct_no                   The number of the structure to handle (0..3).
5254 5255 5256 5257 5258 5259 5260 5261 5262 5263 5264 5265 5266 5267 5268
    drop                        If user_from is to be dropped.
    user_from                   The the user to be searched/dropped/renamed.
    user_to                     The new name for the user if to be renamed,
                                NULL otherwise.

  DESCRIPTION
    Scan through all elements in an in-memory grant structure and apply
    the requested operation.
    Delete from grant structure if drop is true.
    Update in grant structure if drop is false and user_to is not NULL.
    Search in grant structure if drop is false and user_to is NULL.
    Structures are numbered as follows:
    0 acl_users
    1 acl_dbs
    2 column_priv_hash
5269
    3 procs_priv_hash
5270 5271 5272 5273

  RETURN
    > 0         At least one element matched.
    0           OK, but no element matched.
5274
    -1		Wrong arguments to function
5275 5276 5277 5278 5279 5280 5281 5282 5283 5284 5285 5286
*/

static int handle_grant_struct(uint struct_no, bool drop,
                               LEX_USER *user_from, LEX_USER *user_to)
{
  int result= 0;
  uint idx;
  uint elements;
  const char *user;
  const char *host;
  ACL_USER *acl_user;
  ACL_DB *acl_db;
5287
  GRANT_NAME *grant_name;
5288
  DBUG_ENTER("handle_grant_struct");
monty@mishka.local's avatar
monty@mishka.local committed
5289 5290 5291
  DBUG_PRINT("info",("scan struct: %u  search: '%s'@'%s'",
                     struct_no, user_from->user.str, user_from->host.str));

5292 5293
  LINT_INIT(acl_user);
  LINT_INIT(acl_db);
5294
  LINT_INIT(grant_name);
5295 5296
  LINT_INIT(user);
  LINT_INIT(host);
5297

5298 5299
  safe_mutex_assert_owner(&acl_cache->lock);

5300
  /* Get the number of elements in the in-memory structure. */
5301
  switch (struct_no) {
5302 5303 5304 5305 5306 5307
  case 0:
    elements= acl_users.elements;
    break;
  case 1:
    elements= acl_dbs.elements;
    break;
5308
  case 2:
5309
    elements= column_priv_hash.records;
5310 5311 5312 5313 5314 5315
    break;
  case 3:
    elements= proc_priv_hash.records;
    break;
  default:
    return -1;
5316 5317 5318 5319 5320 5321 5322 5323 5324 5325 5326 5327
  }

#ifdef EXTRA_DEBUG
    DBUG_PRINT("loop",("scan struct: %u  search    user: '%s'  host: '%s'",
                       struct_no, user_from->user.str, user_from->host.str));
#endif
  /* Loop over all elements. */
  for (idx= 0; idx < elements; idx++)
  {
    /*
      Get a pointer to the element.
    */
5328
    switch (struct_no) {
5329 5330 5331
    case 0:
      acl_user= dynamic_element(&acl_users, idx, ACL_USER*);
      user= acl_user->user;
5332 5333
      host= acl_user->host.hostname;
    break;
5334 5335 5336 5337

    case 1:
      acl_db= dynamic_element(&acl_dbs, idx, ACL_DB*);
      user= acl_db->user;
5338
      host= acl_db->host.hostname;
5339 5340
      break;

5341 5342 5343
    case 2:
      grant_name= (GRANT_NAME*) hash_element(&column_priv_hash, idx);
      user= grant_name->user;
5344
      host= grant_name->host.hostname;
5345 5346 5347 5348 5349
      break;

    case 3:
      grant_name= (GRANT_NAME*) hash_element(&proc_priv_hash, idx);
      user= grant_name->user;
5350
      host= grant_name->host.hostname;
5351
      break;
5352 5353
    default:
      assert(0);
5354 5355
    }
    if (! user)
5356
      user= "";
5357 5358 5359
    if (! host)
      host= "";

5360 5361 5362 5363 5364 5365
#ifdef EXTRA_DEBUG
    DBUG_PRINT("loop",("scan struct: %u  index: %u  user: '%s'  host: '%s'",
                       struct_no, idx, user, host));
#endif
    if (strcmp(user_from->user.str, user) ||
        my_strcasecmp(system_charset_info, user_from->host.str, host))
5366
      continue;
5367 5368 5369 5370

    result= 1; /* At least one element found. */
    if ( drop )
    {
5371
      switch ( struct_no ) {
5372 5373 5374 5375 5376 5377 5378 5379
      case 0:
        delete_dynamic_element(&acl_users, idx);
        break;

      case 1:
        delete_dynamic_element(&acl_dbs, idx);
        break;

5380
      case 2:
5381
        hash_delete(&column_priv_hash, (uchar*) grant_name);
5382 5383 5384
	break;

      case 3:
5385
        hash_delete(&proc_priv_hash, (uchar*) grant_name);
5386
	break;
5387 5388 5389
      }
      elements--;
      idx--;
5390
    }
5391 5392
    else if ( user_to )
    {
5393
      switch ( struct_no ) {
5394 5395 5396 5397
      case 0:
        acl_user->user= strdup_root(&mem, user_to->user.str);
        acl_user->host.hostname= strdup_root(&mem, user_to->host.str);
        break;
5398

5399 5400 5401 5402 5403
      case 1:
        acl_db->user= strdup_root(&mem, user_to->user.str);
        acl_db->host.hostname= strdup_root(&mem, user_to->host.str);
        break;

5404 5405 5406
      case 2:
      case 3:
        grant_name->user= strdup_root(&mem, user_to->user.str);
5407 5408
        update_hostname(&grant_name->host,
                        strdup_root(&mem, user_to->host.str));
5409
	break;
5410 5411 5412
      }
    }
    else
5413
    {
5414 5415 5416 5417 5418 5419 5420
      /* If search is requested, we do not need to search further. */
      break;
    }
  }
#ifdef EXTRA_DEBUG
  DBUG_PRINT("loop",("scan struct: %u  result %d", struct_no, result));
#endif
5421

5422 5423 5424 5425 5426 5427 5428 5429 5430 5431 5432 5433 5434 5435 5436 5437 5438 5439 5440 5441 5442 5443 5444 5445 5446 5447 5448 5449 5450 5451 5452 5453 5454 5455 5456 5457 5458 5459 5460 5461 5462 5463 5464 5465
  DBUG_RETURN(result);
}


/*
  Handle all privilege tables and in-memory privilege structures.

  SYNOPSIS
    handle_grant_data()
    tables                      The array with the four open tables.
    drop                        If user_from is to be dropped.
    user_from                   The the user to be searched/dropped/renamed.
    user_to                     The new name for the user if to be renamed,
                                NULL otherwise.

  DESCRIPTION
    Go through all grant tables and in-memory grant structures and apply
    the requested operation.
    Delete from grant data if drop is true.
    Update in grant data if drop is false and user_to is not NULL.
    Search in grant data if drop is false and user_to is NULL.

  RETURN
    > 0         At least one element matched.
    0           OK, but no element matched.
    < 0         Error.
*/

static int handle_grant_data(TABLE_LIST *tables, bool drop,
                             LEX_USER *user_from, LEX_USER *user_to)
{
  int result= 0;
  int found;
  DBUG_ENTER("handle_grant_data");

  /* Handle user table. */
  if ((found= handle_grant_table(tables, 0, drop, user_from, user_to)) < 0)
  {
    /* Handle of table failed, don't touch the in-memory array. */
    result= -1;
  }
  else
  {
    /* Handle user array. */
5466 5467
    if ((handle_grant_struct(0, drop, user_from, user_to) && ! result) ||
        found)
5468 5469 5470 5471 5472 5473 5474 5475 5476 5477 5478 5479 5480 5481 5482 5483 5484 5485 5486 5487 5488 5489 5490 5491 5492 5493 5494
    {
      result= 1; /* At least one record/element found. */
      /* If search is requested, we do not need to search further. */
      if (! drop && ! user_to)
        goto end;
    }
  }

  /* Handle db table. */
  if ((found= handle_grant_table(tables, 1, drop, user_from, user_to)) < 0)
  {
    /* Handle of table failed, don't touch the in-memory array. */
    result= -1;
  }
  else
  {
    /* Handle db array. */
    if (((handle_grant_struct(1, drop, user_from, user_to) && ! result) ||
         found) && ! result)
    {
      result= 1; /* At least one record/element found. */
      /* If search is requested, we do not need to search further. */
      if (! drop && ! user_to)
        goto end;
    }
  }

5495 5496 5497 5498 5499 5500 5501 5502 5503 5504 5505 5506 5507 5508 5509 5510 5511 5512 5513
  /* Handle procedures table. */
  if ((found= handle_grant_table(tables, 4, drop, user_from, user_to)) < 0)
  {
    /* Handle of table failed, don't touch in-memory array. */
    result= -1;
  }
  else
  {
    /* Handle procs array. */
    if (((handle_grant_struct(3, drop, user_from, user_to) && ! result) ||
         found) && ! result)
    {
      result= 1; /* At least one record/element found. */
      /* If search is requested, we do not need to search further. */
      if (! drop && ! user_to)
        goto end;
    }
  }

5514 5515 5516 5517 5518 5519 5520 5521 5522 5523 5524 5525 5526 5527
  /* Handle tables table. */
  if ((found= handle_grant_table(tables, 2, drop, user_from, user_to)) < 0)
  {
    /* Handle of table failed, don't touch columns and in-memory array. */
    result= -1;
  }
  else
  {
    if (found && ! result)
    {
      result= 1; /* At least one record found. */
      /* If search is requested, we do not need to search further. */
      if (! drop && ! user_to)
        goto end;
5528
    }
5529 5530 5531

    /* Handle columns table. */
    if ((found= handle_grant_table(tables, 3, drop, user_from, user_to)) < 0)
5532
    {
5533
      /* Handle of table failed, don't touch the in-memory array. */
5534 5535
      result= -1;
    }
5536 5537 5538 5539 5540 5541 5542 5543 5544 5545 5546 5547
    else
    {
      /* Handle columns hash. */
      if (((handle_grant_struct(2, drop, user_from, user_to) && ! result) ||
           found) && ! result)
        result= 1; /* At least one record/element found. */
    }
  }
 end:
  DBUG_RETURN(result);
}

5548

5549 5550 5551 5552 5553 5554
static void append_user(String *str, LEX_USER *user)
{
  if (str->length())
    str->append(',');
  str->append('\'');
  str->append(user->user.str);
5555
  str->append(STRING_WITH_LEN("'@'"));
5556 5557 5558
  str->append(user->host.str);
  str->append('\'');
}
5559

5560

5561 5562 5563 5564 5565 5566 5567
/*
  Create a list of users.

  SYNOPSIS
    mysql_create_user()
    thd                         The current thread.
    list                        The users to create.
5568

5569 5570 5571 5572 5573 5574 5575 5576
  RETURN
    FALSE       OK.
    TRUE        Error.
*/

bool mysql_create_user(THD *thd, List <LEX_USER> &list)
{
  int result;
5577
  String wrong_users;
5578
  ulong sql_mode;
5579
  LEX_USER *user_name, *tmp_user_name;
5580
  List_iterator <LEX_USER> user_list(list);
5581
  TABLE_LIST tables[GRANT_TABLES];
5582
  bool some_users_created= FALSE;
5583 5584
  DBUG_ENTER("mysql_create_user");

5585 5586 5587 5588 5589 5590 5591
  /*
    This statement will be replicated as a statement, even when using
    row-based replication.  The flag will be reset at the end of the
    statement.
  */
  thd->clear_current_stmt_binlog_row_based();

5592 5593 5594 5595 5596 5597 5598
  /* CREATE USER may be skipped on replication client. */
  if ((result= open_grant_tables(thd, tables)))
    DBUG_RETURN(result != 1);

  rw_wrlock(&LOCK_grant);
  VOID(pthread_mutex_lock(&acl_cache->lock));

5599
  while ((tmp_user_name= user_list++))
5600
  {
5601 5602 5603 5604
    if (!(user_name= get_current_user(thd, tmp_user_name)))
    {
      result= TRUE;
      continue;
5605 5606
    }

5607 5608 5609 5610
    /*
      Search all in-memory structures and grant tables
      for a mention of the new user name.
    */
5611
    if (handle_grant_data(tables, 0, user_name, NULL))
5612
    {
5613
      append_user(&wrong_users, user_name);
5614
      result= TRUE;
5615
      continue;
5616
    }
5617

5618
    some_users_created= TRUE;
5619
    sql_mode= thd->variables.sql_mode;
serg@serg.mylan's avatar
serg@serg.mylan committed
5620
    if (replace_user_table(thd, tables[0].table, *user_name, 0, 0, 1, 0))
5621
    {
5622
      append_user(&wrong_users, user_name);
5623 5624 5625 5626 5627
      result= TRUE;
    }
  }

  VOID(pthread_mutex_unlock(&acl_cache->lock));
5628

5629 5630 5631
  if (result)
    my_error(ER_CANNOT_USER, MYF(0), "CREATE USER", wrong_users.c_ptr_safe());

5632 5633
  if (some_users_created)
    write_bin_log(thd, FALSE, thd->query, thd->query_length);
5634

5635 5636 5637 5638 5639 5640 5641 5642 5643 5644 5645 5646 5647 5648 5649 5650 5651 5652 5653 5654 5655 5656
  rw_unlock(&LOCK_grant);
  close_thread_tables(thd);
  DBUG_RETURN(result);
}


/*
  Drop a list of users and all their privileges.

  SYNOPSIS
    mysql_drop_user()
    thd                         The current thread.
    list                        The users to drop.

  RETURN
    FALSE       OK.
    TRUE        Error.
*/

bool mysql_drop_user(THD *thd, List <LEX_USER> &list)
{
  int result;
5657
  String wrong_users;
5658
  LEX_USER *user_name, *tmp_user_name;
5659
  List_iterator <LEX_USER> user_list(list);
5660
  TABLE_LIST tables[GRANT_TABLES];
5661
  bool some_users_deleted= FALSE;
5662 5663
  DBUG_ENTER("mysql_drop_user");

5664 5665 5666 5667 5668 5669 5670
  /*
    This statement will be replicated as a statement, even when using
    row-based replication.  The flag will be reset at the end of the
    statement.
  */
  thd->clear_current_stmt_binlog_row_based();

5671
  /* DROP USER may be skipped on replication client. */
5672 5673 5674 5675 5676 5677
  if ((result= open_grant_tables(thd, tables)))
    DBUG_RETURN(result != 1);

  rw_wrlock(&LOCK_grant);
  VOID(pthread_mutex_lock(&acl_cache->lock));

5678
  while ((tmp_user_name= user_list++))
5679
  {
5680 5681 5682 5683 5684 5685
    user_name= get_current_user(thd, tmp_user_name);
    if (!(user_name= get_current_user(thd, tmp_user_name)))
    {
      result= TRUE;
      continue;
    }  
5686
    if (handle_grant_data(tables, 1, user_name, NULL) <= 0)
5687
    {
5688
      append_user(&wrong_users, user_name);
5689
      result= TRUE;
5690
      continue;
5691
    }
5692
    some_users_deleted= TRUE;
5693
  }
5694

5695 5696 5697
  /* Rebuild 'acl_check_hosts' since 'acl_users' has been modified */
  rebuild_check_host();

5698
  VOID(pthread_mutex_unlock(&acl_cache->lock));
5699

5700 5701 5702
  if (result)
    my_error(ER_CANNOT_USER, MYF(0), "DROP USER", wrong_users.c_ptr_safe());

5703 5704
  if (some_users_deleted)
    write_bin_log(thd, FALSE, thd->query, thd->query_length);
5705

5706 5707 5708 5709 5710 5711 5712 5713 5714 5715 5716 5717 5718 5719 5720 5721 5722 5723 5724 5725 5726
  rw_unlock(&LOCK_grant);
  close_thread_tables(thd);
  DBUG_RETURN(result);
}


/*
  Rename a user.

  SYNOPSIS
    mysql_rename_user()
    thd                         The current thread.
    list                        The user name pairs: (from, to).

  RETURN
    FALSE       OK.
    TRUE        Error.
*/

bool mysql_rename_user(THD *thd, List <LEX_USER> &list)
{
5727
  int result;
5728
  String wrong_users;
5729 5730
  LEX_USER *user_from, *tmp_user_from;
  LEX_USER *user_to, *tmp_user_to;
5731
  List_iterator <LEX_USER> user_list(list);
5732
  TABLE_LIST tables[GRANT_TABLES];
5733
  bool some_users_renamed= FALSE;
5734 5735
  DBUG_ENTER("mysql_rename_user");

5736 5737 5738 5739 5740 5741 5742
  /*
    This statement will be replicated as a statement, even when using
    row-based replication.  The flag will be reset at the end of the
    statement.
  */
  thd->clear_current_stmt_binlog_row_based();

5743
  /* RENAME USER may be skipped on replication client. */
5744 5745 5746 5747 5748 5749
  if ((result= open_grant_tables(thd, tables)))
    DBUG_RETURN(result != 1);

  rw_wrlock(&LOCK_grant);
  VOID(pthread_mutex_lock(&acl_cache->lock));

5750
  while ((tmp_user_from= user_list++))
5751
  {
5752 5753 5754 5755 5756 5757 5758 5759 5760 5761 5762
    if (!(user_from= get_current_user(thd, tmp_user_from)))
    {
      result= TRUE;
      continue;
    }  
    tmp_user_to= user_list++;
    if (!(user_to= get_current_user(thd, tmp_user_to)))
    {
      result= TRUE;
      continue;
    }  
5763
    DBUG_ASSERT(user_to != 0); /* Syntax enforces pairs of users. */
5764 5765 5766 5767 5768

    /*
      Search all in-memory structures and grant tables
      for a mention of the new user name.
    */
5769 5770
    if (handle_grant_data(tables, 0, user_to, NULL) ||
        handle_grant_data(tables, 0, user_from, user_to) <= 0)
5771
    {
5772
      append_user(&wrong_users, user_from);
5773
      result= TRUE;
5774
      continue;
5775
    }
5776
    some_users_renamed= TRUE;
5777
  }
5778
  
5779 5780 5781
  /* Rebuild 'acl_check_hosts' since 'acl_users' has been modified */
  rebuild_check_host();

5782
  VOID(pthread_mutex_unlock(&acl_cache->lock));
5783

5784 5785 5786 5787
  if (result)
    my_error(ER_CANNOT_USER, MYF(0), "RENAME USER", wrong_users.c_ptr_safe());
  
  if (some_users_renamed && mysql_bin_log.is_open())
5788
    write_bin_log(thd, FALSE, thd->query, thd->query_length);
5789

5790 5791 5792 5793 5794
  rw_unlock(&LOCK_grant);
  close_thread_tables(thd);
  DBUG_RETURN(result);
}

5795

5796 5797 5798 5799 5800 5801 5802 5803 5804 5805 5806 5807 5808 5809
/*
  Revoke all privileges from a list of users.

  SYNOPSIS
    mysql_revoke_all()
    thd                         The current thread.
    list                        The users to revoke all privileges from.

  RETURN
    > 0         Error. Error message already sent.
    0           OK.
    < 0         Error. Error message not yet sent.
*/

5810
bool mysql_revoke_all(THD *thd,  List <LEX_USER> &list)
5811
{
5812
  uint counter, revoked, is_proc;
5813
  int result;
5814
  ACL_DB *acl_db;
5815
  TABLE_LIST tables[GRANT_TABLES];
5816 5817
  DBUG_ENTER("mysql_revoke_all");

5818 5819 5820 5821 5822 5823 5824
  /*
    This statement will be replicated as a statement, even when using
    row-based replication.  The flag will be reset at the end of the
    statement.
  */
  thd->clear_current_stmt_binlog_row_based();

5825
  if ((result= open_grant_tables(thd, tables)))
5826
    DBUG_RETURN(result != 1);
5827 5828 5829 5830

  rw_wrlock(&LOCK_grant);
  VOID(pthread_mutex_lock(&acl_cache->lock));

5831
  LEX_USER *lex_user, *tmp_lex_user;
5832
  List_iterator <LEX_USER> user_list(list);
5833
  while ((tmp_lex_user= user_list++))
5834
  {
5835 5836 5837 5838 5839
    if (!(lex_user= get_current_user(thd, tmp_lex_user)))
    {
      result= -1;
      continue;
    }  
5840
    if (!find_acl_user(lex_user->host.str, lex_user->user.str, TRUE))
5841 5842 5843 5844
    {
      result= -1;
      continue;
    }
monty@mashka.mysql.fi's avatar
monty@mashka.mysql.fi committed
5845

5846
    if (replace_user_table(thd, tables[0].table,
5847
			   *lex_user, ~(ulong)0, 1, 0, 0))
5848 5849 5850 5851 5852 5853
    {
      result= -1;
      continue;
    }

    /* Remove db access privileges */
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5854 5855 5856 5857 5858
    /*
      Because acl_dbs and column_priv_hash shrink and may re-order
      as privileges are removed, removal occurs in a repeated loop
      until no more privileges are revoked.
     */
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5859
    do
5860
    {
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5861
      for (counter= 0, revoked= 0 ; counter < acl_dbs.elements ; )
5862
      {
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5863
	const char *user,*host;
5864

dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5865 5866 5867 5868 5869
	acl_db=dynamic_element(&acl_dbs,counter,ACL_DB*);
	if (!(user=acl_db->user))
	  user= "";
	if (!(host=acl_db->host.hostname))
	  host= "";
5870

dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5871
	if (!strcmp(lex_user->user.str,user) &&
5872
            !strcmp(lex_user->host.str, host))
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5873
	{
5874 5875
	  if (!replace_db_table(tables[1].table, acl_db->db, *lex_user,
                                ~(ulong)0, 1))
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5876
	  {
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5877 5878 5879 5880 5881
	    /*
	      Don't increment counter as replace_db_table deleted the
	      current element in acl_dbs.
	     */
	    revoked= 1;
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5882 5883
	    continue;
	  }
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5884
	  result= -1; // Something went wrong
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5885
	}
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5886
	counter++;
5887
      }
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5888
    } while (revoked);
5889 5890

    /* Remove column access */
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5891
    do
5892
    {
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5893
      for (counter= 0, revoked= 0 ; counter < column_priv_hash.records ; )
5894
      {
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5895 5896 5897 5898 5899
	const char *user,*host;
	GRANT_TABLE *grant_table= (GRANT_TABLE*)hash_element(&column_priv_hash,
							     counter);
	if (!(user=grant_table->user))
	  user= "";
5900
	if (!(host=grant_table->host.hostname))
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5901
	  host= "";
5902

dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5903
	if (!strcmp(lex_user->user.str,user) &&
5904
            !strcmp(lex_user->host.str, host))
5905
	{
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5906 5907 5908
	  if (replace_table_table(thd,grant_table,tables[2].table,*lex_user,
				  grant_table->db,
				  grant_table->tname,
5909
				  ~(ulong)0, 0, 1))
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5910
	  {
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5911
	    result= -1;
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5912
	  }
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5913
	  else
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5914
	  {
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5915
	    if (!grant_table->cols)
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5916
	    {
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5917 5918
	      revoked= 1;
	      continue;
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5919
	    }
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5920 5921
	    List<LEX_COLUMN> columns;
	    if (!replace_column_table(grant_table,tables[3].table, *lex_user,
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5922 5923 5924
				      columns,
				      grant_table->db,
				      grant_table->tname,
5925
				      ~(ulong)0, 1))
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5926
	    {
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5927
	      revoked= 1;
5928
	      continue;
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5929
	    }
5930
	    result= -1;
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5931
	  }
5932
	}
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5933
	counter++;
5934
      }
dellis@goetia.(none)'s avatar
dellis@goetia.(none) committed
5935
    } while (revoked);
5936 5937

    /* Remove procedure access */
5938 5939 5940
    for (is_proc=0; is_proc<2; is_proc++) do {
      HASH *hash= is_proc ? &proc_priv_hash : &func_priv_hash;
      for (counter= 0, revoked= 0 ; counter < hash->records ; )
5941 5942
      {
	const char *user,*host;
5943
	GRANT_NAME *grant_proc= (GRANT_NAME*) hash_element(hash, counter);
5944 5945
	if (!(user=grant_proc->user))
	  user= "";
5946
	if (!(host=grant_proc->host.hostname))
5947 5948 5949
	  host= "";

	if (!strcmp(lex_user->user.str,user) &&
5950
            !strcmp(lex_user->host.str, host))
5951
	{
5952
	  if (!replace_routine_table(thd,grant_proc,tables[4].table,*lex_user,
5953 5954
				  grant_proc->db,
				  grant_proc->tname,
5955
                                  is_proc,
5956
				  ~(ulong)0, 1))
5957 5958 5959 5960 5961 5962 5963 5964 5965
	  {
	    revoked= 1;
	    continue;
	  }
	  result= -1;	// Something went wrong
	}
	counter++;
      }
    } while (revoked);
5966
  }
5967

5968
  VOID(pthread_mutex_unlock(&acl_cache->lock));
5969

5970
  write_bin_log(thd, FALSE, thd->query, thd->query_length);
5971

5972 5973
  rw_unlock(&LOCK_grant);
  close_thread_tables(thd);
5974

5975
  if (result)
bell@sanja.is.com.ua's avatar
bell@sanja.is.com.ua committed
5976
    my_message(ER_REVOKE_GRANTS, ER(ER_REVOKE_GRANTS), MYF(0));
5977

5978 5979
  DBUG_RETURN(result);
}
5980

5981

5982 5983 5984 5985 5986 5987 5988 5989 5990 5991 5992 5993 5994 5995
/*
  Revoke privileges for all users on a stored procedure

  SYNOPSIS
    sp_revoke_privileges()
    thd                         The current thread.
    db				DB of the stored procedure
    name			Name of the stored procedure

  RETURN
    0           OK.
    < 0         Error. Error message not yet sent.
*/

5996 5997
bool sp_revoke_privileges(THD *thd, const char *sp_db, const char *sp_name,
                          bool is_proc)
5998 5999 6000 6001
{
  uint counter, revoked;
  int result;
  TABLE_LIST tables[GRANT_TABLES];
6002
  HASH *hash= is_proc ? &proc_priv_hash : &func_priv_hash;
6003 6004 6005 6006 6007 6008 6009 6010
  DBUG_ENTER("sp_revoke_privileges");

  if ((result= open_grant_tables(thd, tables)))
    DBUG_RETURN(result != 1);

  rw_wrlock(&LOCK_grant);
  VOID(pthread_mutex_lock(&acl_cache->lock));

6011 6012 6013 6014 6015 6016 6017
  /*
    This statement will be replicated as a statement, even when using
    row-based replication.  The flag will be reset at the end of the
    statement.
  */
  thd->clear_current_stmt_binlog_row_based();

6018
  /* Remove procedure access */
6019 6020
  do
  {
6021
    for (counter= 0, revoked= 0 ; counter < hash->records ; )
6022
    {
6023
      GRANT_NAME *grant_proc= (GRANT_NAME*) hash_element(hash, counter);
6024 6025 6026 6027 6028 6029
      if (!my_strcasecmp(system_charset_info, grant_proc->db, sp_db) &&
	  !my_strcasecmp(system_charset_info, grant_proc->tname, sp_name))
      {
        LEX_USER lex_user;
	lex_user.user.str= grant_proc->user;
	lex_user.user.length= strlen(grant_proc->user);
6030 6031 6032 6033
	lex_user.host.str= grant_proc->host.hostname ?
	  grant_proc->host.hostname : (char*)"";
	lex_user.host.length= grant_proc->host.hostname ?
	  strlen(grant_proc->host.hostname) : 0;
6034 6035
	if (!replace_routine_table(thd,grant_proc,tables[4].table,lex_user,
				   grant_proc->db, grant_proc->tname,
6036
                                   is_proc, ~(ulong)0, 1))
6037 6038 6039 6040 6041 6042 6043 6044 6045 6046 6047 6048 6049 6050 6051 6052 6053 6054 6055 6056 6057 6058 6059 6060 6061 6062 6063 6064 6065 6066 6067 6068 6069 6070 6071
	{
	  revoked= 1;
	  continue;
	}
	result= -1;	// Something went wrong
      }
      counter++;
    }
  } while (revoked);

  VOID(pthread_mutex_unlock(&acl_cache->lock));
  rw_unlock(&LOCK_grant);
  close_thread_tables(thd);

  if (result)
    my_message(ER_REVOKE_GRANTS, ER(ER_REVOKE_GRANTS), MYF(0));

  DBUG_RETURN(result);
}


/*
  Grant EXECUTE,ALTER privilege for a stored procedure

  SYNOPSIS
    sp_grant_privileges()
    thd                         The current thread.
    db				DB of the stored procedure
    name			Name of the stored procedure

  RETURN
    0           OK.
    < 0         Error. Error message not yet sent.
*/

6072 6073
bool sp_grant_privileges(THD *thd, const char *sp_db, const char *sp_name,
                         bool is_proc)
6074
{
6075
  Security_context *sctx= thd->security_ctx;
6076 6077 6078 6079
  LEX_USER *combo;
  TABLE_LIST tables[1];
  List<LEX_USER> user_list;
  bool result;
6080 6081
  ACL_USER *au;
  char passwd_buff[SCRAMBLED_PASSWORD_CHAR_LENGTH+1];
6082
  DBUG_ENTER("sp_grant_privileges");
6083 6084 6085 6086

  if (!(combo=(LEX_USER*) thd->alloc(sizeof(st_lex_user))))
    DBUG_RETURN(TRUE);

6087
  combo->user.str= sctx->user;
6088

6089
  VOID(pthread_mutex_lock(&acl_cache->lock));
6090 6091 6092 6093 6094 6095 6096 6097 6098 6099 6100 6101 6102 6103

  if ((au= find_acl_user(combo->host.str=(char*)sctx->host_or_ip,combo->user.str,FALSE)))
    goto found_acl;
  if ((au= find_acl_user(combo->host.str=(char*)sctx->host, combo->user.str,FALSE)))
    goto found_acl;
  if ((au= find_acl_user(combo->host.str=(char*)sctx->ip, combo->user.str,FALSE)))
    goto found_acl;
  if((au= find_acl_user(combo->host.str=(char*)"%", combo->user.str, FALSE)))
    goto found_acl;

  VOID(pthread_mutex_unlock(&acl_cache->lock));
  DBUG_RETURN(TRUE);

 found_acl:
6104
  VOID(pthread_mutex_unlock(&acl_cache->lock));
6105 6106 6107 6108 6109

  bzero((char*)tables, sizeof(TABLE_LIST));
  user_list.empty();

  tables->db= (char*)sp_db;
6110
  tables->table_name= tables->alias= (char*)sp_name;
6111

6112 6113 6114 6115
  combo->host.length= strlen(combo->host.str);
  combo->user.length= strlen(combo->user.str);
  combo->host.str= thd->strmake(combo->host.str,combo->host.length);
  combo->user.str= thd->strmake(combo->user.str,combo->user.length);
6116 6117 6118 6119 6120 6121 6122 6123 6124 6125 6126 6127 6128 6129 6130 6131 6132 6133 6134 6135 6136 6137 6138 6139 6140 6141


  if(au && au->salt_len)
  {
    if (au->salt_len == SCRAMBLE_LENGTH)
    {
      make_password_from_salt(passwd_buff, au->salt);
      combo->password.length= SCRAMBLED_PASSWORD_CHAR_LENGTH;
    }
    else if (au->salt_len == SCRAMBLE_LENGTH_323)
    {
      make_password_from_salt_323(passwd_buff, (ulong *) au->salt);
      combo->password.length= SCRAMBLED_PASSWORD_CHAR_LENGTH_323;
    }
    else
    {
      my_error(ER_PASSWD_LENGTH, MYF(0), SCRAMBLED_PASSWORD_CHAR_LENGTH);
      return -1;
    }
    combo->password.str= passwd_buff;
  }
  else
  {
    combo->password.str= (char*)"";
    combo->password.length= 0;
  }
6142 6143 6144 6145 6146

  if (user_list.push_back(combo))
    DBUG_RETURN(TRUE);

  thd->lex->ssl_type= SSL_TYPE_NOT_SPECIFIED;
6147
  bzero((char*) &thd->lex->mqh, sizeof(thd->lex->mqh));
6148

6149
  result= mysql_routine_grant(thd, tables, is_proc, user_list,
6150 6151 6152 6153 6154
  				DEFAULT_CREATE_PROC_ACLS, 0, 1);
  DBUG_RETURN(result);
}


bk@work.mysql.com's avatar
bk@work.mysql.com committed
6155
/*****************************************************************************
6156
  Instantiate used templates
bk@work.mysql.com's avatar
bk@work.mysql.com committed
6157 6158
*****************************************************************************/

6159
#ifdef HAVE_EXPLICIT_TEMPLATE_INSTANTIATION
bk@work.mysql.com's avatar
bk@work.mysql.com committed
6160 6161 6162 6163 6164
template class List_iterator<LEX_COLUMN>;
template class List_iterator<LEX_USER>;
template class List<LEX_COLUMN>;
template class List<LEX_USER>;
#endif
hf@deer.(none)'s avatar
hf@deer.(none) committed
6165 6166 6167 6168 6169 6170 6171 6172 6173 6174 6175 6176 6177 6178 6179 6180 6181 6182 6183 6184 6185 6186 6187 6188 6189 6190 6191 6192 6193 6194 6195 6196 6197 6198 6199 6200 6201 6202 6203 6204 6205 6206 6207 6208 6209 6210 6211

#endif /*NO_EMBEDDED_ACCESS_CHECKS */


int wild_case_compare(CHARSET_INFO *cs, const char *str,const char *wildstr)
{
  reg3 int flag;
  DBUG_ENTER("wild_case_compare");
  DBUG_PRINT("enter",("str: '%s'  wildstr: '%s'",str,wildstr));
  while (*wildstr)
  {
    while (*wildstr && *wildstr != wild_many && *wildstr != wild_one)
    {
      if (*wildstr == wild_prefix && wildstr[1])
	wildstr++;
      if (my_toupper(cs, *wildstr++) !=
          my_toupper(cs, *str++)) DBUG_RETURN(1);
    }
    if (! *wildstr ) DBUG_RETURN (*str != 0);
    if (*wildstr++ == wild_one)
    {
      if (! *str++) DBUG_RETURN (1);	/* One char; skip */
    }
    else
    {						/* Found '*' */
      if (!*wildstr) DBUG_RETURN(0);		/* '*' as last char: OK */
      flag=(*wildstr != wild_many && *wildstr != wild_one);
      do
      {
	if (flag)
	{
	  char cmp;
	  if ((cmp= *wildstr) == wild_prefix && wildstr[1])
	    cmp=wildstr[1];
	  cmp=my_toupper(cs, cmp);
	  while (*str && my_toupper(cs, *str) != cmp)
	    str++;
	  if (!*str) DBUG_RETURN (1);
	}
	if (wild_case_compare(cs, str,wildstr) == 0) DBUG_RETURN (0);
      } while (*str++);
      DBUG_RETURN(1);
    }
  }
  DBUG_RETURN (*str != '\0');
}

6212 6213 6214 6215 6216 6217 6218 6219

void update_schema_privilege(TABLE *table, char *buff, const char* db,
                             const char* t_name, const char* column,
                             uint col_length, const char *priv, 
                             uint priv_length, const char* is_grantable)
{
  int i= 2;
  CHARSET_INFO *cs= system_charset_info;
6220
  restore_record(table, s->default_values);
6221
  table->field[0]->store(buff, (uint) strlen(buff), cs);
6222
  if (db)
6223
    table->field[i++]->store(db, (uint) strlen(db), cs);
6224
  if (t_name)
6225
    table->field[i++]->store(t_name, (uint) strlen(t_name), cs);
6226 6227 6228
  if (column)
    table->field[i++]->store(column, col_length, cs);
  table->field[i++]->store(priv, priv_length, cs);
6229
  table->field[i]->store(is_grantable, (uint) strlen(is_grantable), cs);
6230
  table->file->ha_write_row(table->record[0]);
6231 6232 6233 6234 6235 6236 6237 6238 6239 6240 6241
}


int fill_schema_user_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
{
#ifndef NO_EMBEDDED_ACCESS_CHECKS
  uint counter;
  ACL_USER *acl_user;
  ulong want_access;
  char buff[100];
  TABLE *table= tables->table;
6242
  bool no_global_access= check_access(thd, SELECT_ACL, "mysql",0,1,1,0);
6243
  char *curr_host= thd->security_ctx->priv_host_name();
6244
  DBUG_ENTER("fill_schema_user_privileges");
6245

6246 6247
  if (!initialized)
    DBUG_RETURN(0);
6248 6249
  pthread_mutex_lock(&acl_cache->lock);

6250 6251 6252 6253 6254 6255 6256 6257
  for (counter=0 ; counter < acl_users.elements ; counter++)
  {
    const char *user,*host, *is_grantable="YES";
    acl_user=dynamic_element(&acl_users,counter,ACL_USER*);
    if (!(user=acl_user->user))
      user= "";
    if (!(host=acl_user->host.hostname))
      host= "";
6258 6259

    if (no_global_access &&
6260
        (strcmp(thd->security_ctx->priv_user, user) ||
6261 6262 6263
         my_strcasecmp(system_charset_info, curr_host, host)))
      continue;
      
6264 6265 6266 6267 6268 6269
    want_access= acl_user->access;
    if (!(want_access & GRANT_ACL))
      is_grantable= "NO";

    strxmov(buff,"'",user,"'@'",host,"'",NullS);
    if (!(want_access & ~GRANT_ACL))
6270 6271
      update_schema_privilege(table, buff, 0, 0, 0, 0,
                              STRING_WITH_LEN("USAGE"), is_grantable);
6272 6273 6274 6275 6276 6277 6278 6279 6280 6281 6282 6283 6284
    else
    {
      uint priv_id;
      ulong j,test_access= want_access & ~GRANT_ACL;
      for (priv_id=0, j = SELECT_ACL;j <= GLOBAL_ACLS; priv_id++,j <<= 1)
      {
	if (test_access & j)
          update_schema_privilege(table, buff, 0, 0, 0, 0, 
                                  command_array[priv_id],
                                  command_lengths[priv_id], is_grantable);
      }
    }
  }
6285 6286 6287

  pthread_mutex_unlock(&acl_cache->lock);

6288
  DBUG_RETURN(0);
6289 6290 6291
#else
  return(0);
#endif
6292 6293 6294 6295 6296 6297 6298 6299 6300 6301 6302
}


int fill_schema_schema_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
{
#ifndef NO_EMBEDDED_ACCESS_CHECKS
  uint counter;
  ACL_DB *acl_db;
  ulong want_access;
  char buff[100];
  TABLE *table= tables->table;
6303
  bool no_global_access= check_access(thd, SELECT_ACL, "mysql",0,1,1,0);
6304
  char *curr_host= thd->security_ctx->priv_host_name();
6305 6306
  DBUG_ENTER("fill_schema_schema_privileges");

6307 6308
  if (!initialized)
    DBUG_RETURN(0);
6309 6310
  pthread_mutex_lock(&acl_cache->lock);

6311 6312 6313 6314 6315 6316 6317 6318 6319 6320
  for (counter=0 ; counter < acl_dbs.elements ; counter++)
  {
    const char *user, *host, *is_grantable="YES";

    acl_db=dynamic_element(&acl_dbs,counter,ACL_DB*);
    if (!(user=acl_db->user))
      user= "";
    if (!(host=acl_db->host.hostname))
      host= "";

6321
    if (no_global_access &&
6322
        (strcmp(thd->security_ctx->priv_user, user) ||
6323 6324 6325
         my_strcasecmp(system_charset_info, curr_host, host)))
      continue;

6326 6327 6328 6329 6330 6331 6332 6333 6334 6335
    want_access=acl_db->access;
    if (want_access)
    {
      if (!(want_access & GRANT_ACL))
      {
        is_grantable= "NO";
      }
      strxmov(buff,"'",user,"'@'",host,"'",NullS);
      if (!(want_access & ~GRANT_ACL))
        update_schema_privilege(table, buff, acl_db->db, 0, 0,
6336
                                0, STRING_WITH_LEN("USAGE"), is_grantable);
6337 6338 6339 6340 6341 6342 6343 6344 6345 6346 6347 6348
      else
      {
        int cnt;
        ulong j,test_access= want_access & ~GRANT_ACL;
        for (cnt=0, j = SELECT_ACL; j <= DB_ACLS; cnt++,j <<= 1)
          if (test_access & j)
            update_schema_privilege(table, buff, acl_db->db, 0, 0, 0,
                                    command_array[cnt], command_lengths[cnt],
                                    is_grantable);
      }
    }
  }
6349 6350 6351

  pthread_mutex_unlock(&acl_cache->lock);

6352
  DBUG_RETURN(0);
6353 6354 6355
#else
  return (0);
#endif
6356 6357 6358 6359 6360 6361 6362 6363 6364
}


int fill_schema_table_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
{
#ifndef NO_EMBEDDED_ACCESS_CHECKS
  uint index;
  char buff[100];
  TABLE *table= tables->table;
6365
  bool no_global_access= check_access(thd, SELECT_ACL, "mysql",0,1,1,0);
6366
  char *curr_host= thd->security_ctx->priv_host_name();
6367 6368
  DBUG_ENTER("fill_schema_table_privileges");

6369 6370
  rw_rdlock(&LOCK_grant);

6371 6372
  for (index=0 ; index < column_priv_hash.records ; index++)
  {
6373
    const char *user, *host, *is_grantable= "YES";
6374 6375 6376 6377
    GRANT_TABLE *grant_table= (GRANT_TABLE*) hash_element(&column_priv_hash,
							  index);
    if (!(user=grant_table->user))
      user= "";
6378 6379
    if (!(host= grant_table->host.hostname))
      host= "";
6380 6381

    if (no_global_access &&
6382
        (strcmp(thd->security_ctx->priv_user, user) ||
6383
         my_strcasecmp(system_charset_info, curr_host, host)))
6384 6385
      continue;

6386
    ulong table_access= grant_table->privs;
6387
    if (table_access)
6388 6389
    {
      ulong test_access= table_access & ~GRANT_ACL;
6390 6391 6392 6393
      /*
        We should skip 'usage' privilege on table if
        we have any privileges on column(s) of this table
      */
6394 6395
      if (!test_access && grant_table->cols)
        continue;
6396 6397 6398
      if (!(table_access & GRANT_ACL))
        is_grantable= "NO";

6399
      strxmov(buff, "'", user, "'@'", host, "'", NullS);
6400 6401
      if (!test_access)
        update_schema_privilege(table, buff, grant_table->db, grant_table->tname,
6402
                                0, 0, STRING_WITH_LEN("USAGE"), is_grantable);
6403 6404 6405 6406 6407 6408 6409 6410 6411 6412 6413 6414 6415 6416
      else
      {
        ulong j;
        int cnt;
        for (cnt= 0, j= SELECT_ACL; j <= TABLE_ACLS; cnt++, j<<= 1)
        {
          if (test_access & j)
            update_schema_privilege(table, buff, grant_table->db, 
                                    grant_table->tname, 0, 0, command_array[cnt],
                                    command_lengths[cnt], is_grantable);
        }
      }
    }
  }
6417 6418 6419

  rw_unlock(&LOCK_grant);

6420
  DBUG_RETURN(0);
6421 6422 6423
#else
  return (0);
#endif
6424 6425 6426 6427 6428 6429 6430 6431 6432
}


int fill_schema_column_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
{
#ifndef NO_EMBEDDED_ACCESS_CHECKS
  uint index;
  char buff[100];
  TABLE *table= tables->table;
6433
  bool no_global_access= check_access(thd, SELECT_ACL, "mysql",0,1,1,0);
6434
  char *curr_host= thd->security_ctx->priv_host_name();
6435 6436
  DBUG_ENTER("fill_schema_table_privileges");

6437 6438
  rw_rdlock(&LOCK_grant);

6439 6440
  for (index=0 ; index < column_priv_hash.records ; index++)
  {
6441
    const char *user, *host, *is_grantable= "YES";
6442 6443 6444 6445
    GRANT_TABLE *grant_table= (GRANT_TABLE*) hash_element(&column_priv_hash,
							  index);
    if (!(user=grant_table->user))
      user= "";
6446 6447
    if (!(host= grant_table->host.hostname))
      host= "";
6448 6449

    if (no_global_access &&
6450
        (strcmp(thd->security_ctx->priv_user, user) ||
6451
         my_strcasecmp(system_charset_info, curr_host, host)))
6452 6453
      continue;

6454 6455 6456
    ulong table_access= grant_table->cols;
    if (table_access != 0)
    {
6457
      if (!(grant_table->privs & GRANT_ACL))
6458 6459
        is_grantable= "NO";

6460
      ulong test_access= table_access & ~GRANT_ACL;
6461
      strxmov(buff, "'", user, "'@'", host, "'", NullS);
6462 6463 6464 6465 6466 6467 6468 6469 6470 6471 6472 6473 6474 6475 6476 6477 6478 6479 6480 6481 6482 6483 6484 6485 6486 6487 6488 6489 6490
      if (!test_access)
        continue;
      else
      {
        ulong j;
        int cnt;
        for (cnt= 0, j= SELECT_ACL; j <= TABLE_ACLS; cnt++, j<<= 1)
        {
          if (test_access & j)
          {
            for (uint col_index=0 ;
                 col_index < grant_table->hash_columns.records ;
                 col_index++)
            {
              GRANT_COLUMN *grant_column = (GRANT_COLUMN*)
                hash_element(&grant_table->hash_columns,col_index);
              if ((grant_column->rights & j) && (table_access & j))
                  update_schema_privilege(table, buff, grant_table->db,
                                          grant_table->tname,
                                          grant_column->column,
                                          grant_column->key_length,
                                          command_array[cnt],
                                          command_lengths[cnt], is_grantable);
            }
          }
        }
      }
    }
  }
6491 6492 6493

  rw_unlock(&LOCK_grant);

6494
  DBUG_RETURN(0);
6495 6496 6497
#else
  return (0);
#endif
6498 6499 6500
}


bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
6501 6502 6503 6504 6505
#ifndef NO_EMBEDDED_ACCESS_CHECKS
/*
  fill effective privileges for table

  SYNOPSIS
6506 6507
    fill_effective_table_privileges()
    thd     thread handler
bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
6508 6509 6510 6511 6512 6513 6514 6515
    grant   grants table descriptor
    db      db name
    table   table name
*/

void fill_effective_table_privileges(THD *thd, GRANT_INFO *grant,
                                     const char *db, const char *table)
{
6516
  Security_context *sctx= thd->security_ctx;
6517 6518 6519 6520 6521
  DBUG_ENTER("fill_effective_table_privileges");
  DBUG_PRINT("enter", ("Host: '%s', Ip: '%s', User: '%s', table: `%s`.`%s`",
                       sctx->priv_host, (sctx->ip ? sctx->ip : "(NULL)"),
                       (sctx->priv_user ? sctx->priv_user : "(NULL)"),
                       db, table));
6522 6523 6524
  /* --skip-grants */
  if (!initialized)
  {
6525
    DBUG_PRINT("info", ("skip grants"));
6526
    grant->privilege= ~NO_ACCESS;             // everything is allowed
6527 6528
    DBUG_PRINT("info", ("privilege 0x%lx", grant->privilege));
    DBUG_VOID_RETURN;
6529 6530
  }

bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
6531
  /* global privileges */
6532
  grant->privilege= sctx->master_access;
6533

6534
  if (!sctx->priv_user)
6535 6536 6537 6538
  {
    DBUG_PRINT("info", ("privilege 0x%lx", grant->privilege));
    DBUG_VOID_RETURN;                         // it is slave
  }
6539

6540
  /* db privileges */
6541
  grant->privilege|= acl_get(sctx->host, sctx->ip, sctx->priv_user, db, 0);
6542

bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
6543
  /* table privileges */
6544
  rw_rdlock(&LOCK_grant);
bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
6545 6546 6547
  if (grant->version != grant_version)
  {
    grant->grant_table=
6548 6549
      table_hash_search(sctx->host, sctx->ip, db,
			sctx->priv_user,
bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
6550 6551 6552 6553 6554 6555 6556
			table, 0);              /* purecov: inspected */
    grant->version= grant_version;              /* purecov: inspected */
  }
  if (grant->grant_table != 0)
  {
    grant->privilege|= grant->grant_table->privs;
  }
6557 6558
  rw_unlock(&LOCK_grant);

6559 6560
  DBUG_PRINT("info", ("privilege 0x%lx", grant->privilege));
  DBUG_VOID_RETURN;
bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
6561
}
6562 6563 6564 6565 6566 6567 6568

#else /* NO_EMBEDDED_ACCESS_CHECKS */

/****************************************************************************
 Dummy wrappers when we don't have any access checks
****************************************************************************/

acurtis@xiphis.org's avatar
acurtis@xiphis.org committed
6569 6570
bool check_routine_level_acl(THD *thd, const char *db, const char *name,
                             bool is_proc)
6571 6572 6573 6574
{
  return FALSE;
}

bell@sanja.is.com.ua's avatar
VIEW  
bell@sanja.is.com.ua committed
6575
#endif