Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
M
mariadb
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
mariadb
Commits
8f50cd04
Commit
8f50cd04
authored
Jul 30, 2003
by
dlenev@mysql.com
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fix security bug. mysqld server without ssl support was completly
ignorant about ssl_type attribute
parent
a5eacc69
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
10 additions
and
3 deletions
+10
-3
BitKeeper/etc/logging_ok
BitKeeper/etc/logging_ok
+1
-0
sql/sql_acl.cc
sql/sql_acl.cc
+9
-3
No files found.
BitKeeper/etc/logging_ok
View file @
8f50cd04
...
@@ -15,6 +15,7 @@ bell@laptop.sanja.is.com.ua
...
@@ -15,6 +15,7 @@ bell@laptop.sanja.is.com.ua
bell@sanja.is.com.ua
bell@sanja.is.com.ua
bk@admin.bk
bk@admin.bk
davida@isil.mysql.com
davida@isil.mysql.com
dlenev@mysql.com
gluh@gluh.(none)
gluh@gluh.(none)
gluh@gluh.mysql.r18.ru
gluh@gluh.mysql.r18.ru
greg@gcw.ath.cx
greg@gcw.ath.cx
...
...
sql/sql_acl.cc
View file @
8f50cd04
...
@@ -530,7 +530,6 @@ ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user,
...
@@ -530,7 +530,6 @@ ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user,
!
check_scramble
(
password
,
message
,
acl_user
->
salt
,
!
check_scramble
(
password
,
message
,
acl_user
->
salt
,
(
my_bool
)
old_ver
)))
(
my_bool
)
old_ver
)))
{
{
#ifdef HAVE_OPENSSL
Vio
*
vio
=
thd
->
net
.
vio
;
Vio
*
vio
=
thd
->
net
.
vio
;
/*
/*
In this point we know that user is allowed to connect
In this point we know that user is allowed to connect
...
@@ -543,6 +542,7 @@ ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user,
...
@@ -543,6 +542,7 @@ ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user,
case
SSL_TYPE_NONE
:
/* SSL is not required to connect */
case
SSL_TYPE_NONE
:
/* SSL is not required to connect */
user_access
=
acl_user
->
access
;
user_access
=
acl_user
->
access
;
break
;
break
;
#ifdef HAVE_OPENSSL
case
SSL_TYPE_ANY
:
/* Any kind of SSL is good enough */
case
SSL_TYPE_ANY
:
/* Any kind of SSL is good enough */
if
(
vio_type
(
vio
)
==
VIO_TYPE_SSL
)
if
(
vio_type
(
vio
)
==
VIO_TYPE_SSL
)
user_access
=
acl_user
->
access
;
user_access
=
acl_user
->
access
;
...
@@ -625,10 +625,16 @@ ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user,
...
@@ -625,10 +625,16 @@ ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user,
}
}
break
;
break
;
}
}
}
#else
/* HAVE_OPENSSL */
#else
/* HAVE_OPENSSL */
user_access
=
acl_user
->
access
;
default:
/*
If we don't have SSL but SSL is required for this user the
authentication should fail.
*/
break
;
#endif
/* HAVE_OPENSSL */
#endif
/* HAVE_OPENSSL */
}
*
mqh
=
acl_user
->
user_resource
;
*
mqh
=
acl_user
->
user_resource
;
if
(
!
acl_user
->
user
)
if
(
!
acl_user
->
user
)
*
priv_user
=
(
char
*
)
""
;
// Change to anonymous user /* purecov: inspected */
*
priv_user
=
(
char
*
)
""
;
// Change to anonymous user /* purecov: inspected */
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment