Commit 2e49219a authored by unknown's avatar unknown

removed one more hack that - as usual - almost always worked

(but broke permission handling for *some* IP's after we started to compare in utf8)
Bug #1636
parent 8a1b6e16
...@@ -52,7 +52,8 @@ static byte* acl_entry_get_key(acl_entry *entry,uint *length, ...@@ -52,7 +52,8 @@ static byte* acl_entry_get_key(acl_entry *entry,uint *length,
return (byte*) entry->key; return (byte*) entry->key;
} }
#define ACL_KEY_LENGTH (sizeof(long)+NAME_LEN+USERNAME_LENGTH+1) #define IP_ADDR_STRLEN
#define ACL_KEY_LENGTH (IP_ADDR_STRLEN+1+NAME_LEN+1+USERNAME_LENGTH+1)
static DYNAMIC_ARRAY acl_hosts,acl_users,acl_dbs; static DYNAMIC_ARRAY acl_hosts,acl_users,acl_dbs;
static MEM_ROOT mem, memex; static MEM_ROOT mem, memex;
...@@ -909,7 +910,7 @@ static void acl_insert_db(const char *user, const char *host, const char *db, ...@@ -909,7 +910,7 @@ static void acl_insert_db(const char *user, const char *host, const char *db,
Get privilege for a host, user and db combination Get privilege for a host, user and db combination
*/ */
ulong acl_get(const char *host, const char *ip, const char *bin_ip, ulong acl_get(const char *host, const char *ip,
const char *user, const char *db, my_bool db_is_pattern) const char *user, const char *db, my_bool db_is_pattern)
{ {
ulong host_access,db_access; ulong host_access,db_access;
...@@ -919,8 +920,7 @@ ulong acl_get(const char *host, const char *ip, const char *bin_ip, ...@@ -919,8 +920,7 @@ ulong acl_get(const char *host, const char *ip, const char *bin_ip,
acl_entry *entry; acl_entry *entry;
VOID(pthread_mutex_lock(&acl_cache->lock)); VOID(pthread_mutex_lock(&acl_cache->lock));
memcpy_fixed(&key,bin_ip,sizeof(struct in_addr)); end=strmov((tmp_db=strmov(strmov(key, ip ? ip : "")+1,user)+1),db);
end=strmov((tmp_db=strmov(key+sizeof(struct in_addr),user)+1),db);
if (lower_case_table_names) if (lower_case_table_names)
{ {
my_casedn_str(&my_charset_latin1, tmp_db); my_casedn_str(&my_charset_latin1, tmp_db);
...@@ -1331,7 +1331,7 @@ static bool test_if_create_new_users(THD *thd) ...@@ -1331,7 +1331,7 @@ static bool test_if_create_new_users(THD *thd)
bzero((char*) &tl,sizeof(tl)); bzero((char*) &tl,sizeof(tl));
tl.db= (char*) "mysql"; tl.db= (char*) "mysql";
tl.real_name= (char*) "user"; tl.real_name= (char*) "user";
db_access=acl_get(thd->host, thd->ip, (char*) &thd->remote.sin_addr, db_access=acl_get(thd->host, thd->ip,
thd->priv_user, tl.db, 0); thd->priv_user, tl.db, 0);
if (!(db_access & INSERT_ACL)) if (!(db_access & INSERT_ACL))
{ {
......
...@@ -134,7 +134,7 @@ class ACL_DB :public ACL_ACCESS ...@@ -134,7 +134,7 @@ class ACL_DB :public ACL_ACCESS
my_bool acl_init(THD *thd, bool dont_read_acl_tables); my_bool acl_init(THD *thd, bool dont_read_acl_tables);
void acl_reload(THD *thd); void acl_reload(THD *thd);
void acl_free(bool end=0); void acl_free(bool end=0);
ulong acl_get(const char *host, const char *ip, const char *bin_ip, ulong acl_get(const char *host, const char *ip,
const char *user, const char *db, my_bool db_is_pattern); const char *user, const char *db, my_bool db_is_pattern);
int acl_getroot(THD *thd, USER_RESOURCES *mqh, const char *passwd, int acl_getroot(THD *thd, USER_RESOURCES *mqh, const char *passwd,
uint passwd_len); uint passwd_len);
......
...@@ -618,8 +618,7 @@ bool mysql_change_db(THD *thd, const char *name) ...@@ -618,8 +618,7 @@ bool mysql_change_db(THD *thd, const char *name)
if (test_all_bits(thd->master_access,DB_ACLS)) if (test_all_bits(thd->master_access,DB_ACLS))
db_access=DB_ACLS; db_access=DB_ACLS;
else else
db_access= (acl_get(thd->host,thd->ip,(char*) &thd->remote.sin_addr, db_access= (acl_get(thd->host,thd->ip, thd->priv_user,dbname,0) |
thd->priv_user,dbname,0) |
thd->master_access); thd->master_access);
if (!(db_access & DB_ACLS) && (!grant_option || check_grant_db(thd,dbname))) if (!(db_access & DB_ACLS) && (!grant_option || check_grant_db(thd,dbname)))
{ {
...@@ -684,8 +683,7 @@ int mysqld_show_create_db(THD *thd, char *dbname, ...@@ -684,8 +683,7 @@ int mysqld_show_create_db(THD *thd, char *dbname,
if (test_all_bits(thd->master_access,DB_ACLS)) if (test_all_bits(thd->master_access,DB_ACLS))
db_access=DB_ACLS; db_access=DB_ACLS;
else else
db_access= (acl_get(thd->host,thd->ip,(char*) &thd->remote.sin_addr, db_access= (acl_get(thd->host,thd->ip, thd->priv_user,dbname,0) |
thd->priv_user,dbname,0) |
thd->master_access); thd->master_access);
if (!(db_access & DB_ACLS) && (!grant_option || check_grant_db(thd,dbname))) if (!(db_access & DB_ACLS) && (!grant_option || check_grant_db(thd,dbname)))
{ {
......
...@@ -3376,7 +3376,7 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv, ...@@ -3376,7 +3376,7 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv,
db_access= thd->db_access; db_access= thd->db_access;
if (!(thd->master_access & SELECT_ACL) && if (!(thd->master_access & SELECT_ACL) &&
(db && (!thd->db || strcmp(db,thd->db)))) (db && (!thd->db || strcmp(db,thd->db))))
db_access=acl_get(thd->host, thd->ip, (char*) &thd->remote.sin_addr, db_access=acl_get(thd->host, thd->ip,
thd->priv_user, db, test(want_access & GRANT_ACL)); thd->priv_user, db, test(want_access & GRANT_ACL));
*save_priv=thd->master_access | db_access; *save_priv=thd->master_access | db_access;
DBUG_RETURN(FALSE); DBUG_RETURN(FALSE);
...@@ -3396,7 +3396,7 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv, ...@@ -3396,7 +3396,7 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv,
DBUG_RETURN(FALSE); // Allow select on anything DBUG_RETURN(FALSE); // Allow select on anything
if (db && (!thd->db || strcmp(db,thd->db))) if (db && (!thd->db || strcmp(db,thd->db)))
db_access=acl_get(thd->host, thd->ip, (char*) &thd->remote.sin_addr, db_access=acl_get(thd->host, thd->ip,
thd->priv_user, db, test(want_access & GRANT_ACL)); thd->priv_user, db, test(want_access & GRANT_ACL));
else else
db_access=thd->db_access; db_access=thd->db_access;
......
...@@ -75,8 +75,7 @@ mysqld_show_dbs(THD *thd,const char *wild) ...@@ -75,8 +75,7 @@ mysqld_show_dbs(THD *thd,const char *wild)
{ {
#ifndef NO_EMBEDDED_ACCESS_CHECKS #ifndef NO_EMBEDDED_ACCESS_CHECKS
if (thd->master_access & (DB_ACLS | SHOW_DB_ACL) || if (thd->master_access & (DB_ACLS | SHOW_DB_ACL) ||
acl_get(thd->host, thd->ip, (char*) &thd->remote.sin_addr, acl_get(thd->host, thd->ip, thd->priv_user, file_name,0) ||
thd->priv_user, file_name,0) ||
(grant_option && !check_grant_db(thd, file_name))) (grant_option && !check_grant_db(thd, file_name)))
#endif #endif
{ {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment