Merge adventure.(none):/home/thek/Development/cpp/bug24988/my51-bug24988

into  adventure.(none):/home/thek/Development/cpp/mysql-5.1-runtime


sql/mysql_priv.h:
  Auto merged
sql/mysqld.cc:
  Auto merged
sql/sql_insert.cc:
  Auto merged
sql/sql_parse.cc:
  Auto merged
sql/sql_show.cc:
  Auto merged

sql/mysql_priv.h

@@ -1667,7 +1667,7 @@ extern ulong log_output_options;
 extern my_bool opt_log_queries_not_using_indexes;
 extern bool opt_disable_networking, opt_skip_show_db;
 extern my_bool opt_character_set_client_handshake;
-extern bool volatile abort_loop, shutdown_in_progress, grant_option;
+extern bool volatile abort_loop, shutdown_in_progress;
 extern uint volatile thread_count, thread_running, global_read_lock;
 extern my_bool opt_sql_bin_update, opt_safe_user_create, opt_no_mix_types;
 extern my_bool opt_safe_show_db, opt_local_infile, opt_myisam_use_mmap;

sql/mysqld.cc

@@ -347,7 +347,15 @@ bool opt_endinfo, using_udf_functions;
 my_bool locked_in_memory;
 bool opt_using_transactions, using_update_log;
 bool volatile abort_loop;
-bool volatile shutdown_in_progress, grant_option;
+bool volatile shutdown_in_progress;
+/**
+   @brief 'grant_option' is used to indicate if privileges needs
+   to be checked, in which case the lock, LOCK_grant, is used
+   to protect access to the grant table.
+   @note This flag is dropped in 5.1 
+   @see grant_init()
+ */
+bool volatile grant_option;
 
 my_bool opt_skip_slave_start = 0; // If set, slave is not autostarted
 my_bool opt_reckless_slave = 0;

sql/sql_acl.cc

@@ -3136,7 +3136,6 @@ bool mysql_table_grant(THD *thd, TABLE_LIST *table_list,
       }
     }
   }
-  grant_option=TRUE;
   thd->mem_root= old_root;
   pthread_mutex_unlock(&acl_cache->lock);
 
@@ -3310,7 +3309,6 @@ bool mysql_routine_grant(THD *thd, TABLE_LIST *table_list, bool is_proc,
       continue;
     }
   }
-  grant_option=TRUE;
   thd->mem_root= old_root;
   pthread_mutex_unlock(&acl_cache->lock);
   if (!result && !no_error)
@@ -3458,7 +3456,6 @@ bool mysql_grant(THD *thd, const char *db, List <LEX_USER> &list,
 void  grant_free(void)
 {
   DBUG_ENTER("grant_free");
-  grant_option = FALSE;
   hash_free(&column_priv_hash);
   hash_free(&proc_priv_hash);
   hash_free(&func_priv_hash);
@@ -3522,7 +3519,6 @@ static my_bool grant_load(TABLE_LIST *tables)
                                                            THR_MALLOC);
   DBUG_ENTER("grant_load");
 
-  grant_option = FALSE;
   (void) hash_init(&column_priv_hash,system_charset_info,
 		   0,0,0, (hash_get_key) get_grant_table,
 		   (hash_free_key) free_grant_table,0);
@@ -3552,7 +3548,6 @@ static my_bool grant_load(TABLE_LIST *tables)
       if (!(mem_check=new (memex_ptr) GRANT_TABLE(t_table,c_table)))
       {
 	/* This could only happen if we are out memory */
-	grant_option= FALSE;
 	goto end_unlock;
       }
 
@@ -3575,7 +3570,6 @@ static my_bool grant_load(TABLE_LIST *tables)
       else if (my_hash_insert(&column_priv_hash,(byte*) mem_check))
       {
 	delete mem_check;
-	grant_option= FALSE;
 	goto end_unlock;
       }
     }
@@ -3592,7 +3586,6 @@ static my_bool grant_load(TABLE_LIST *tables)
       if (!(mem_check=new (&memex) GRANT_NAME(p_table)))
       {
 	/* This could only happen if we are out memory */
-	grant_option= FALSE;
 	goto end_unlock;
       }
 
@@ -3631,13 +3624,11 @@ static my_bool grant_load(TABLE_LIST *tables)
       else if (my_hash_insert(hash, (byte*) mem_check))
       {
 	delete mem_check;
-	grant_option= FALSE;
 	goto end_unlock;
       }
     }
     while (!p_table->file->index_next(p_table->record[0]));
   }
-  grant_option= TRUE;
   return_val=0;					// Return ok
 
 end_unlock:
@@ -3670,7 +3661,6 @@ my_bool grant_reload(THD *thd)
 {
   TABLE_LIST tables[3];
   HASH old_column_priv_hash, old_proc_priv_hash, old_func_priv_hash;
-  bool old_grant_option;
   MEM_ROOT old_mem;
   my_bool return_val= 1;
   DBUG_ENTER("grant_reload");
@@ -3700,7 +3690,6 @@ my_bool grant_reload(THD *thd)
   old_column_priv_hash= column_priv_hash;
   old_proc_priv_hash= proc_priv_hash;
   old_func_priv_hash= func_priv_hash;
-  old_grant_option= grant_option;
   old_mem= memex;
 
   if ((return_val= grant_load(tables)))
@@ -3710,7 +3699,6 @@ my_bool grant_reload(THD *thd)
     column_priv_hash= old_column_priv_hash;	/* purecov: deadcode */
     proc_priv_hash= old_proc_priv_hash;
     func_priv_hash= old_func_priv_hash;
-    grant_option= old_grant_option;		/* purecov: deadcode */
     memex= old_mem;				/* purecov: deadcode */
   }
   else
@@ -4007,8 +3995,6 @@ bool check_grant_all_columns(THD *thd, ulong want_access, GRANT_INFO *grant,
   want_access &= ~grant->privilege;
   if (!want_access)
     return 0;				// Already checked
-  if (!grant_option)
-    goto err2;
 
   rw_rdlock(&LOCK_grant);
 
@@ -4198,18 +4184,15 @@ bool check_routine_level_acl(THD *thd, const char *db, const char *name,
                              bool is_proc)
 {
   bool no_routine_acl= 1;
-  if (grant_option)
-  {
-    GRANT_NAME *grant_proc;
-    Security_context *sctx= thd->security_ctx;
-    rw_rdlock(&LOCK_grant);
-    if ((grant_proc= routine_hash_search(sctx->priv_host,
-                                         sctx->ip, db,
-                                         sctx->priv_user,
-                                         name, is_proc, 0)))
-      no_routine_acl= !(grant_proc->privs & SHOW_PROC_ACLS);
-    rw_unlock(&LOCK_grant);
-  }
+  GRANT_NAME *grant_proc;
+  Security_context *sctx= thd->security_ctx;
+  rw_rdlock(&LOCK_grant);
+  if ((grant_proc= routine_hash_search(sctx->priv_host,
+                                       sctx->ip, db,
+                                       sctx->priv_user,
+                                       name, is_proc, 0)))
+    no_routine_acl= !(grant_proc->privs & SHOW_PROC_ACLS);
+  rw_unlock(&LOCK_grant);
   return no_routine_acl;
 }
 
@@ -6403,12 +6386,6 @@ void fill_effective_table_privileges(THD *thd, GRANT_INFO *grant,
   /* db privileges */
   grant->privilege|= acl_get(sctx->host, sctx->ip, sctx->priv_user, db, 0);
 
-  if (!grant_option)
-  {
-    DBUG_PRINT("info", ("privilege 0x%lx", grant->privilege));
-    DBUG_VOID_RETURN;
-  }
-
   /* table privileges */
   rw_rdlock(&LOCK_grant);
   if (grant->version != grant_version)

sql/sql_db.cc

@@ -1448,7 +1448,7 @@ bool mysql_change_db(THD *thd, const LEX_STRING *new_db_name, bool force_switch)
 
   if (!force_switch &&
       !(db_access & DB_ACLS) &&
-      (!grant_option || check_grant_db(thd, new_db_file_name.str)))
+      check_grant_db(thd, new_db_file_name.str))
   {
     my_error(ER_DBACCESS_DENIED_ERROR, MYF(0),
              sctx->priv_user,

sql/sql_insert.cc

@@ -189,15 +189,12 @@ static int check_insert_fields(THD *thd, TABLE_LIST *table_list,
       return -1;
     }
 #ifndef NO_EMBEDDED_ACCESS_CHECKS
-    if (grant_option)
-    {
-      Field_iterator_table field_it;
-      field_it.set_table(table);
-      if (check_grant_all_columns(thd, INSERT_ACL, &table->grant,
-                                  table->s->db.str, table->s->table_name.str,
-                                  &field_it))
-        return -1;
-    }
+    Field_iterator_table field_it;
+    field_it.set_table(table);
+    if (check_grant_all_columns(thd, INSERT_ACL, &table->grant,
+                                table->s->db.str, table->s->table_name.str,
+                                &field_it))
+      return -1;
 #endif
     clear_timestamp_auto_bits(table->timestamp_field_type,
                               TIMESTAMP_AUTO_SET_ON_INSERT);

sql/sql_show.cc

@@ -706,7 +706,7 @@ bool mysqld_show_create_db(THD *thd, char *dbname,
   else
     db_access= (acl_get(sctx->host, sctx->ip, sctx->priv_user, dbname, 0) |
 		sctx->master_access);
-  if (!(db_access & DB_ACLS) && (!grant_option || check_grant_db(thd,dbname)))
+  if (!(db_access & DB_ACLS) && check_grant_db(thd,dbname))
   {
     my_error(ER_DBACCESS_DENIED_ERROR, MYF(0),
              sctx->priv_user, sctx->host_or_ip, dbname);
@@ -2649,7 +2649,7 @@ int get_all_tables(THD *thd, TABLE_LIST *tables, COND *cond)
                       &thd->col_access, 0, 1, with_i_schema) ||
         sctx->master_access & (DB_ACLS | SHOW_DB_ACL) ||
 	acl_get(sctx->host, sctx->ip, sctx->priv_user, base_name,0) ||
-	(grant_option && !check_grant_db(thd, base_name)))
+	!check_grant_db(thd, base_name))
 #endif
     {
       List<char> files;
@@ -2849,7 +2849,7 @@ int fill_schema_shemata(THD *thd, TABLE_LIST *tables, COND *cond)
 #ifndef NO_EMBEDDED_ACCESS_CHECKS
     if (sctx->master_access & (DB_ACLS | SHOW_DB_ACL) ||
 	acl_get(sctx->host, sctx->ip, sctx->priv_user, file_name,0) ||
-	(grant_option && !check_grant_db(thd, file_name)))
+	!check_grant_db(thd, file_name))
 #endif
     {
       load_db_opt_by_name(thd, file_name, &create);

sql/sql_update.cc

@@ -936,7 +936,7 @@ bool mysql_multi_update_prepare(THD *thd)
       if (check_access(thd, want_privilege,
                        tl->db, &tl->grant.privilege, 0, 0, 
                        test(tl->schema_table)) ||
-          (grant_option && check_grant(thd, want_privilege, tl, 0, 1, 0)))
+          check_grant(thd, want_privilege, tl, 0, 1, 0))
         DBUG_RETURN(TRUE);
     }
   }

sql/sql_view.cc

@@ -322,11 +322,11 @@ bool mysql_create_view(THD *thd, TABLE_LIST *views,
   */
   if ((check_access(thd, CREATE_VIEW_ACL, view->db, &view->grant.privilege,
                     0, 0, is_schema_db(view->db)) ||
-       grant_option && check_grant(thd, CREATE_VIEW_ACL, view, 0, 1, 0)) ||
+       check_grant(thd, CREATE_VIEW_ACL, view, 0, 1, 0)) ||
       (mode != VIEW_CREATE_NEW &&
        (check_access(thd, DROP_ACL, view->db, &view->grant.privilege,
                      0, 0, is_schema_db(view->db)) ||
-        grant_option && check_grant(thd, DROP_ACL, view, 0, 1, 0))))
+        check_grant(thd, DROP_ACL, view, 0, 1, 0))))
   {
     res= TRUE;
     goto err;
@@ -379,7 +379,7 @@ bool mysql_create_view(THD *thd, TABLE_LIST *views,
       {
         if (check_access(thd, SELECT_ACL, tbl->db,
                          &tbl->grant.privilege, 0, 0, test(tbl->schema_table)) ||
-            grant_option && check_grant(thd, SELECT_ACL, tbl, 0, 1, 0))
+            check_grant(thd, SELECT_ACL, tbl, 0, 1, 0))
         {
           res= TRUE;
           goto err;