CURRENT_USER() and "access denied" error messages now report hostname exactly...

CURRENT_USER() and "access denied" error messages now report hostname exactly as it was specified in the GRANT command (with wildcards, that is)

CURRENT_USER() and "access denied" error messages now report hostname exactly...
CURRENT_USER() and "access denied" error messages now report hostname exactly as it was specified in the GRANT command (with wildcards, that is)
d13e4fc5 · serg@serg.mylan · da3e2d29 · d13e4fc5 · d13e4fc5 · d13e4fc5
Commit d13e4fc5 authored Apr 29, 2003 by serg@serg.mylan
7 changed files
--- a/BitKeeper/etc/logging_ok
+++ b/BitKeeper/etc/logging_ok
@@ -79,6 +79,7 @@ salle@geopard.(none)
 salle@geopard.online.bg
 sasha@mysql.sashanet.com
 serg@build.mysql2.com
+serg@serg.mylan
 serg@serg.mysql.com
 serg@sergbook.mysql.com
 sinisa@rhols221.adsl.netsonic.fi

--- a/sql/item_create.cc
+++ b/sql/item_create.cc
@@ -297,7 +297,7 @@ Item *create_func_current_user()
  char buff[HOSTNAME_LENGTH+USERNAME_LENGTH+2];
  uint length;

-  length= (uint) (strxmov(buff, thd->priv_user, "@", thd->host_or_ip, NullS) -
+  length= (uint) (strxmov(buff, thd->priv_user, "@", thd->priv_host, NullS) -
 		  buff);
  return new Item_string(NullS, thd->memdup(buff, length), length);
 }

--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -114,7 +114,7 @@ static ACL_USER *find_acl_user(const char *host, const char *user);
 static bool update_user_table(THD *thd, const char *host, const char *user,
 			      const char *new_password);
 static void update_hostname(acl_host_and_ip *host, const char *hostname);
-static bool compare_hostname(const acl_host_and_ip *host, const char *hostname,
+static bool compare_hostname(const acl_host_and_ip *host,const char *hostname,
 			     const char *ip);

 /*
@@ -492,7 +492,8 @@ static int acl_compare(ACL_ACCESS *a,ACL_ACCESS *b)
 */

 ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user,
-		  const char *password,const char *message,char **priv_user,
+		  const char *password,const char *message,
+                  char **priv_user, char **priv_host,
 		  bool old_ver, USER_RESOURCES  *mqh)
 {
  ulong user_access=NO_ACCESS;
@@ -526,10 +527,10 @@ ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user,
 #ifdef HAVE_OPENSSL
 	  Vio *vio=thd->net.vio;
          /*
-	    In this point we know that user is allowed to connect 
-	    from given host by given username/password pair. Now 
-	    we check if SSL is required, if user is using SSL and 
-	    if X509 certificate attributes are OK 
+	    In this point we know that user is allowed to connect
+	    from given host by given username/password pair. Now
+	    we check if SSL is required, if user is using SSL and
+	    if X509 certificate attributes are OK
 	  */
          switch (acl_user->ssl_type) {
 	  case SSL_TYPE_NOT_SPECIFIED:		// Impossible
@@ -577,7 +578,7 @@ ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user,
 	      X509* cert=SSL_get_peer_certificate(vio->ssl_);
 	      DBUG_PRINT("info",("checkpoint 2"));
 	      /* If X509 issuer is speified, we check it... */
-	      if (acl_user->x509_issuer) 
+	      if (acl_user->x509_issuer)
 	      {
 		DBUG_PRINT("info",("checkpoint 3"));
 		char *ptr = X509_NAME_oneline(X509_get_issuer_name(cert), 0, 0);
@@ -605,7 +606,7 @@ ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user,
 		if (strcmp(acl_user->x509_subject,ptr))
 		{
 		  if (global_system_variables.log_warnings)
-		    sql_print_error("X509 subject mismatch: '%s' vs '%s'", 
+		    sql_print_error("X509 subject mismatch: '%s' vs '%s'",
 				    acl_user->x509_subject, ptr);
 		  user_access=NO_ACCESS;
 		}
@@ -622,6 +623,7 @@ ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user,
 	  *mqh=acl_user->user_resource;
 	  if (!acl_user->user)
 	    *priv_user=(char*) "";	// Change to anonymous user /* purecov: inspected */
+          *priv_host=acl_user->host.hostname;
 	  break;
 	}
 #ifndef ALLOW_DOWNGRADE_OF_USERS

--- a/sql/sql_acl.h
+++ b/sql/sql_acl.h
@@ -87,7 +87,8 @@ void acl_free(bool end=0);
 ulong acl_get(const char *host, const char *ip, const char *bin_ip,
 	      const char *user, const char *db);
 ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user,
-		  const char *password,const char *scramble,char **priv_user,
+		  const char *password,const char *scramble,
+                  char **priv_user, char **priv_host,
 		  bool old_ver, USER_RESOURCES *max);
 bool acl_check_host(const char *host, const char *ip);
 bool check_change_password(THD *thd, const char *host, const char *user);

--- a/sql/sql_class.h
+++ b/sql/sql_class.h
@@ -351,14 +351,14 @@ class THD :public ilink
    db - currently selected database
    ip - client IP
   */
-  char	  *host,*user,*priv_user,*db,*ip;
+  char	  *host,*user,*priv_user,*priv_host,*db,*ip;
  /* remote (peer) port */
  uint16 peer_port;
  /* Points to info-string that will show in SHOW PROCESSLIST */
  const char *proc_info;
  /* points to host if host is available, otherwise points to ip */
  const char *host_or_ip;
- 
+
  uint client_capabilities;		/* What the client supports */
  /* Determines if which non-standard SQL behaviour should be enabled */
  uint sql_mode;
@@ -366,7 +366,6 @@ class THD :public ilink
  ulong master_access;			/* Global privileges from mysql.user */
  ulong db_access;			/* Privileges for current db */

-  
  /*
    open_tables - list of regular tables in use by this thread
    temporary_tables - list of temp tables in use by this thread

--- a/sql/sql_db.cc
+++ b/sql/sql_db.cc
@@ -362,11 +362,11 @@ bool mysql_change_db(THD *thd,const char *name)
  {
    net_printf(&thd->net,ER_DBACCESS_DENIED_ERROR,
 	       thd->priv_user,
-	       thd->host_or_ip,
+	       thd->priv_host,
 	       dbname);
    mysql_log.write(thd,COM_INIT_DB,ER(ER_DBACCESS_DENIED_ERROR),
 		    thd->priv_user,
-		    thd->host_or_ip,
+		    thd->priv_host,
 		    dbname);
    my_free(dbname,MYF(0));
    DBUG_RETURN(1);

--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@@ -186,7 +186,7 @@ static int get_or_create_user_conn(THD *thd, const char *user,
 /*
  Check if user is ok
  Updates:
-  thd->user, thd->master_access, thd->priv_user, thd->db, thd->db_access
+  thd->{user,master_access,priv_user,priv_host,db,db_access}
 */

 static bool check_user(THD *thd,enum_server_command command, const char *user,
@@ -205,7 +205,8 @@ static bool check_user(THD *thd,enum_server_command command, const char *user,
    return 1;
  }
  thd->master_access=acl_getroot(thd, thd->host, thd->ip, thd->user,
-				 passwd, thd->scramble, &thd->priv_user,
+				 passwd, thd->scramble,
+                                 &thd->priv_user, &thd->priv_host,
 				 protocol_version == 9 ||
 				 !(thd->client_capabilities &
 				   CLIENT_LONG_PASSWORD),&ur);
@@ -2566,7 +2567,7 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv,
    if (!no_errors)
      net_printf(&thd->net,ER_ACCESS_DENIED_ERROR,
 		 thd->priv_user,
-		 thd->host_or_ip,
+		 thd->priv_host,
 		 thd->password ? ER(ER_YES) : ER(ER_NO));/* purecov: tested */
    DBUG_RETURN(TRUE);				/* purecov: tested */
  }
@@ -2591,7 +2592,7 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv,
  if (!no_errors)
    net_printf(&thd->net,ER_DBACCESS_DENIED_ERROR,
 	       thd->priv_user,
-	       thd->host_or_ip,
+	       thd->priv_host,
 	       db ? db : thd->db ? thd->db : "unknown"); /* purecov: tested */
  DBUG_RETURN(TRUE);				/* purecov: tested */
 }