Commit e5d39f69 authored by unknown's avatar unknown

Bug#16297 In memory grant tables not flushed when users's hostname is ""

 - In function 'handle_grant_struct' when searching the memory structures for an 
   entry to modify, convert all entries here host.hostname is NULL to "" and compare that 
   with the host passed in argument "user_from".
 - A user created with hostname "" is stored in "mysql.user" table as host="" but when loaded into 
   memory it'll be stored as host.hostname NULL. Specifiying "" as hostname means
   that "any host" can connect. Thus is's correct to turn on allow_all_hosts
   when such a user is found. 
 - Review and fix other places where host.hostname may be NULL.


mysql-test/init_db.sql:
  Rename: BitKeeper/deleted/.del-init_db.sql~af2dfeabaa348dd7 -> mysql-test/init_db.sql
mysql-test/r/grant.result:
  Add test cases for users with hostname ""
mysql-test/t/grant.test:
  Add test cases for users with hostname ""
   - Test create, grant and drop as well as connecting as the user with hostname "".
sql/sql_acl.cc:
  Convert places where host.hostname is NULL to "" before using it.
parent 11f1cba7
...@@ -591,6 +591,7 @@ insert into tables_priv values ('','test_db','mysqltest_1','test_table','test_gr ...@@ -591,6 +591,7 @@ insert into tables_priv values ('','test_db','mysqltest_1','test_table','test_gr
flush privileges; flush privileges;
delete from tables_priv where host = '' and user = 'mysqltest_1'; delete from tables_priv where host = '' and user = 'mysqltest_1';
flush privileges; flush privileges;
use test;
set @user123="non-existent"; set @user123="non-existent";
select * from mysql.db where user=@user123; select * from mysql.db where user=@user123;
Host Db User Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Grant_priv References_priv Index_priv Alter_priv Create_tmp_table_priv Lock_tables_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Execute_priv Host Db User Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Grant_priv References_priv Index_priv Alter_priv Create_tmp_table_priv Lock_tables_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Execute_priv
...@@ -621,6 +622,215 @@ show grants for mysqltest_7@; ...@@ -621,6 +622,215 @@ show grants for mysqltest_7@;
Grants for mysqltest_7@ Grants for mysqltest_7@
GRANT USAGE ON *.* TO 'mysqltest_7'@'' IDENTIFIED BY PASSWORD '*2FB071A056F9BB745219D9C876814231DAF46517' GRANT USAGE ON *.* TO 'mysqltest_7'@'' IDENTIFIED BY PASSWORD '*2FB071A056F9BB745219D9C876814231DAF46517'
drop user mysqltest_7@; drop user mysqltest_7@;
flush privileges;
show grants for mysqltest_7@; show grants for mysqltest_7@;
ERROR 42000: There is no such grant defined for user 'mysqltest_7' on host '' ERROR 42000: There is no such grant defined for user 'mysqltest_7' on host ''
create table t1 (a int);
create table t2 as select * from mysql.user where user='';
delete from mysql.user where user='';
flush privileges;
create user mysqltest_8@'';
create user mysqltest_8;
create user mysqltest_8@host8;
create user mysqltest_8@'';
ERROR HY000: Operation CREATE USER failed for 'mysqltest_8'@''
create user mysqltest_8;
ERROR HY000: Operation CREATE USER failed for 'mysqltest_8'@'%'
create user mysqltest_8@host8;
ERROR HY000: Operation CREATE USER failed for 'mysqltest_8'@'host8'
select user, QUOTE(host) from mysql.user where user="mysqltest_8";
user QUOTE(host)
mysqltest_8 ''
mysqltest_8 '%'
mysqltest_8 'host8'
Schema privileges
grant select on mysqltest.* to mysqltest_8@'';
show grants for mysqltest_8@'';
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
GRANT SELECT ON `mysqltest`.* TO 'mysqltest_8'@''
grant select on mysqltest.* to mysqltest_8@;
show grants for mysqltest_8@;
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
GRANT SELECT ON `mysqltest`.* TO 'mysqltest_8'@''
grant select on mysqltest.* to mysqltest_8;
show grants for mysqltest_8;
Grants for mysqltest_8@%
GRANT USAGE ON *.* TO 'mysqltest_8'@'%'
GRANT SELECT ON `mysqltest`.* TO 'mysqltest_8'@'%'
select * from information_schema.schema_privileges
where grantee like "'mysqltest_8'%";
GRANTEE TABLE_CATALOG TABLE_SCHEMA PRIVILEGE_TYPE IS_GRANTABLE
'mysqltest_8'@'%' NULL mysqltest SELECT NO
'mysqltest_8'@'' NULL mysqltest SELECT NO
select * from t1;
a
revoke select on mysqltest.* from mysqltest_8@'';
revoke select on mysqltest.* from mysqltest_8;
show grants for mysqltest_8@'';
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
show grants for mysqltest_8;
Grants for mysqltest_8@%
GRANT USAGE ON *.* TO 'mysqltest_8'@'%'
select * from information_schema.schema_privileges
where grantee like "'mysqltest_8'%";
GRANTEE TABLE_CATALOG TABLE_SCHEMA PRIVILEGE_TYPE IS_GRANTABLE
flush privileges;
show grants for mysqltest_8@'';
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
show grants for mysqltest_8@;
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
grant select on mysqltest.* to mysqltest_8@'';
flush privileges;
show grants for mysqltest_8@;
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
GRANT SELECT ON `mysqltest`.* TO 'mysqltest_8'@''
revoke select on mysqltest.* from mysqltest_8@'';
flush privileges;
Column privileges
grant update (a) on t1 to mysqltest_8@'';
grant update (a) on t1 to mysqltest_8;
show grants for mysqltest_8@'';
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
GRANT UPDATE (a) ON `test`.`t1` TO 'mysqltest_8'@''
show grants for mysqltest_8;
Grants for mysqltest_8@%
GRANT USAGE ON *.* TO 'mysqltest_8'@'%'
GRANT UPDATE (a) ON `test`.`t1` TO 'mysqltest_8'@'%'
flush privileges;
show grants for mysqltest_8@'';
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
GRANT UPDATE (a) ON `test`.`t1` TO 'mysqltest_8'@''
show grants for mysqltest_8;
Grants for mysqltest_8@%
GRANT USAGE ON *.* TO 'mysqltest_8'@'%'
GRANT UPDATE (a) ON `test`.`t1` TO 'mysqltest_8'@'%'
select * from information_schema.column_privileges;
GRANTEE TABLE_CATALOG TABLE_SCHEMA TABLE_NAME COLUMN_NAME PRIVILEGE_TYPE IS_GRANTABLE
'mysqltest_8'@'%' NULL test t1 a UPDATE NO
'mysqltest_8'@'' NULL test t1 a UPDATE NO
select * from t1;
a
revoke update (a) on t1 from mysqltest_8@'';
revoke update (a) on t1 from mysqltest_8;
show grants for mysqltest_8@'';
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
show grants for mysqltest_8;
Grants for mysqltest_8@%
GRANT USAGE ON *.* TO 'mysqltest_8'@'%'
select * from information_schema.column_privileges;
GRANTEE TABLE_CATALOG TABLE_SCHEMA TABLE_NAME COLUMN_NAME PRIVILEGE_TYPE IS_GRANTABLE
flush privileges;
show grants for mysqltest_8@'';
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
show grants for mysqltest_8;
Grants for mysqltest_8@%
GRANT USAGE ON *.* TO 'mysqltest_8'@'%'
Table privileges
grant update on t1 to mysqltest_8@'';
grant update on t1 to mysqltest_8;
show grants for mysqltest_8@'';
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
GRANT UPDATE ON `test`.`t1` TO 'mysqltest_8'@''
show grants for mysqltest_8;
Grants for mysqltest_8@%
GRANT USAGE ON *.* TO 'mysqltest_8'@'%'
GRANT UPDATE ON `test`.`t1` TO 'mysqltest_8'@'%'
flush privileges;
show grants for mysqltest_8@'';
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
GRANT UPDATE ON `test`.`t1` TO 'mysqltest_8'@''
show grants for mysqltest_8;
Grants for mysqltest_8@%
GRANT USAGE ON *.* TO 'mysqltest_8'@'%'
GRANT UPDATE ON `test`.`t1` TO 'mysqltest_8'@'%'
select * from information_schema.table_privileges;
GRANTEE TABLE_CATALOG TABLE_SCHEMA TABLE_NAME PRIVILEGE_TYPE IS_GRANTABLE
'mysqltest_8'@'%' NULL test t1 UPDATE NO
'mysqltest_8'@'' NULL test t1 UPDATE NO
select * from t1;
a
revoke update on t1 from mysqltest_8@'';
revoke update on t1 from mysqltest_8;
show grants for mysqltest_8@'';
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
show grants for mysqltest_8;
Grants for mysqltest_8@%
GRANT USAGE ON *.* TO 'mysqltest_8'@'%'
select * from information_schema.table_privileges;
GRANTEE TABLE_CATALOG TABLE_SCHEMA TABLE_NAME PRIVILEGE_TYPE IS_GRANTABLE
flush privileges;
show grants for mysqltest_8@'';
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
show grants for mysqltest_8;
Grants for mysqltest_8@%
GRANT USAGE ON *.* TO 'mysqltest_8'@'%'
"DROP USER" should clear privileges
grant all privileges on mysqltest.* to mysqltest_8@'';
grant select on mysqltest.* to mysqltest_8@'';
grant update on t1 to mysqltest_8@'';
grant update (a) on t1 to mysqltest_8@'';
grant all privileges on mysqltest.* to mysqltest_8;
show grants for mysqltest_8@'';
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
GRANT ALL PRIVILEGES ON `mysqltest`.* TO 'mysqltest_8'@''
GRANT UPDATE, UPDATE (a) ON `test`.`t1` TO 'mysqltest_8'@''
show grants for mysqltest_8;
Grants for mysqltest_8@%
GRANT USAGE ON *.* TO 'mysqltest_8'@'%'
GRANT ALL PRIVILEGES ON `mysqltest`.* TO 'mysqltest_8'@'%'
select * from information_schema.user_privileges
where grantee like "'mysqltest_8'%";
GRANTEE TABLE_CATALOG PRIVILEGE_TYPE IS_GRANTABLE
'mysqltest_8'@'host8' NULL USAGE NO
'mysqltest_8'@'%' NULL USAGE NO
'mysqltest_8'@'' NULL USAGE NO
select * from t1;
a
flush privileges;
show grants for mysqltest_8@'';
Grants for mysqltest_8@
GRANT USAGE ON *.* TO 'mysqltest_8'@''
GRANT ALL PRIVILEGES ON `mysqltest`.* TO 'mysqltest_8'@''
GRANT UPDATE, UPDATE (a) ON `test`.`t1` TO 'mysqltest_8'@''
show grants for mysqltest_8;
Grants for mysqltest_8@%
GRANT USAGE ON *.* TO 'mysqltest_8'@'%'
GRANT ALL PRIVILEGES ON `mysqltest`.* TO 'mysqltest_8'@'%'
drop user mysqltest_8@'';
show grants for mysqltest_8@'';
ERROR 42000: There is no such grant defined for user 'mysqltest_8' on host ''
show grants for mysqltest_8;
Grants for mysqltest_8@%
GRANT USAGE ON *.* TO 'mysqltest_8'@'%'
GRANT ALL PRIVILEGES ON `mysqltest`.* TO 'mysqltest_8'@'%'
select * from information_schema.user_privileges
where grantee like "'mysqltest_8'%";
GRANTEE TABLE_CATALOG PRIVILEGE_TYPE IS_GRANTABLE
'mysqltest_8'@'host8' NULL USAGE NO
'mysqltest_8'@'%' NULL USAGE NO
drop user mysqltest_8;
connect(localhost,mysqltest_8,,test,MASTER_PORT,MASTER_SOCKET);
ERROR 28000: Access denied for user 'mysqltest_8'@'localhost' (using password: NO)
show grants for mysqltest_8;
ERROR 42000: There is no such grant defined for user 'mysqltest_8' on host '%'
drop user mysqltest_8@host8;
show grants for mysqltest_8@host8;
ERROR 42000: There is no such grant defined for user 'mysqltest_8' on host 'host8'
insert into mysql.user select * from t2;
flush privileges;
drop table t2;
drop table t1;
...@@ -479,6 +479,7 @@ insert into tables_priv values ('','test_db','mysqltest_1','test_table','test_gr ...@@ -479,6 +479,7 @@ insert into tables_priv values ('','test_db','mysqltest_1','test_table','test_gr
flush privileges; flush privileges;
delete from tables_priv where host = '' and user = 'mysqltest_1'; delete from tables_priv where host = '' and user = 'mysqltest_1';
flush privileges; flush privileges;
use test;
# #
# Bug #10892 user variables not auto cast for comparisons # Bug #10892 user variables not auto cast for comparisons
...@@ -507,8 +508,149 @@ create user mysqltest_7@; ...@@ -507,8 +508,149 @@ create user mysqltest_7@;
set password for mysqltest_7@ = password('systpass'); set password for mysqltest_7@ = password('systpass');
show grants for mysqltest_7@; show grants for mysqltest_7@;
drop user mysqltest_7@; drop user mysqltest_7@;
flush privileges; # BUG#16297(flush should be removed when that bug is fixed)
--error 1141 --error 1141
show grants for mysqltest_7@; show grants for mysqltest_7@;
# End of 4.1 tests # End of 4.1 tests
#
# Bug #16297 In memory grant tables not flushed when users's hostname is ""
#
create table t1 (a int);
# Backup anonymous users and remove them. (They get in the way of
# the one we test with here otherwise.)
create table t2 as select * from mysql.user where user='';
delete from mysql.user where user='';
flush privileges;
# Create some users with different hostnames
create user mysqltest_8@'';
create user mysqltest_8;
create user mysqltest_8@host8;
# Try to create them again
--error 1396
create user mysqltest_8@'';
--error 1396
create user mysqltest_8;
--error 1396
create user mysqltest_8@host8;
select user, QUOTE(host) from mysql.user where user="mysqltest_8";
--echo Schema privileges
grant select on mysqltest.* to mysqltest_8@'';
show grants for mysqltest_8@'';
grant select on mysqltest.* to mysqltest_8@;
show grants for mysqltest_8@;
grant select on mysqltest.* to mysqltest_8;
show grants for mysqltest_8;
select * from information_schema.schema_privileges
where grantee like "'mysqltest_8'%";
connect (conn3,localhost,mysqltest_8,,);
select * from t1;
disconnect conn3;
connection master;
revoke select on mysqltest.* from mysqltest_8@'';
revoke select on mysqltest.* from mysqltest_8;
show grants for mysqltest_8@'';
show grants for mysqltest_8;
select * from information_schema.schema_privileges
where grantee like "'mysqltest_8'%";
flush privileges;
show grants for mysqltest_8@'';
show grants for mysqltest_8@;
grant select on mysqltest.* to mysqltest_8@'';
flush privileges;
show grants for mysqltest_8@;
revoke select on mysqltest.* from mysqltest_8@'';
flush privileges;
--echo Column privileges
grant update (a) on t1 to mysqltest_8@'';
grant update (a) on t1 to mysqltest_8;
show grants for mysqltest_8@'';
show grants for mysqltest_8;
flush privileges;
show grants for mysqltest_8@'';
show grants for mysqltest_8;
select * from information_schema.column_privileges;
connect (conn4,localhost,mysqltest_8,,);
select * from t1;
disconnect conn4;
connection master;
revoke update (a) on t1 from mysqltest_8@'';
revoke update (a) on t1 from mysqltest_8;
show grants for mysqltest_8@'';
show grants for mysqltest_8;
select * from information_schema.column_privileges;
flush privileges;
show grants for mysqltest_8@'';
show grants for mysqltest_8;
--echo Table privileges
grant update on t1 to mysqltest_8@'';
grant update on t1 to mysqltest_8;
show grants for mysqltest_8@'';
show grants for mysqltest_8;
flush privileges;
show grants for mysqltest_8@'';
show grants for mysqltest_8;
select * from information_schema.table_privileges;
connect (conn5,localhost,mysqltest_8,,);
select * from t1;
disconnect conn5;
connection master;
revoke update on t1 from mysqltest_8@'';
revoke update on t1 from mysqltest_8;
show grants for mysqltest_8@'';
show grants for mysqltest_8;
select * from information_schema.table_privileges;
flush privileges;
show grants for mysqltest_8@'';
show grants for mysqltest_8;
--echo "DROP USER" should clear privileges
grant all privileges on mysqltest.* to mysqltest_8@'';
grant select on mysqltest.* to mysqltest_8@'';
grant update on t1 to mysqltest_8@'';
grant update (a) on t1 to mysqltest_8@'';
grant all privileges on mysqltest.* to mysqltest_8;
show grants for mysqltest_8@'';
show grants for mysqltest_8;
select * from information_schema.user_privileges
where grantee like "'mysqltest_8'%";
connect (conn5,localhost,mysqltest_8,,);
select * from t1;
disconnect conn5;
connection master;
flush privileges;
show grants for mysqltest_8@'';
show grants for mysqltest_8;
drop user mysqltest_8@'';
--error 1141
show grants for mysqltest_8@'';
show grants for mysqltest_8;
select * from information_schema.user_privileges
where grantee like "'mysqltest_8'%";
drop user mysqltest_8;
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
--error 1045
connect (conn6,localhost,mysqltest_8,,);
connection master;
--error 1141
show grants for mysqltest_8;
drop user mysqltest_8@host8;
--error 1141
show grants for mysqltest_8@host8;
# Restore the anonymous users.
insert into mysql.user select * from t2;
flush privileges;
drop table t2;
drop table t1;
This diff is collapsed.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment