Commit aa77916c authored by peter@mysql.com's avatar peter@mysql.com

Merge

parents ba1e8571 333420e2
...@@ -265,4 +265,5 @@ ...@@ -265,4 +265,5 @@
#define ER_DERIVED_MUST_HAVE_ALIAS 1246 #define ER_DERIVED_MUST_HAVE_ALIAS 1246
#define ER_SELECT_REDUCED 1247 #define ER_SELECT_REDUCED 1247
#define ER_TABLENAME_NOT_ALLOWED_HERE 1248 #define ER_TABLENAME_NOT_ALLOWED_HERE 1248
#define ER_ERROR_MESSAGES 249 #define ER_NOT_SUPPORTED_AUTH_MODE 1249
#define ER_ERROR_MESSAGES 250
select length(encrypt('foo', 'ff')) <> 0; select length(encrypt('foo', 'ff')) <> 0;
length(encrypt('foo', 'ff')) <> 0 length(encrypt('foo', 'ff')) <> 0
1 1
select old_password('test'),length(password("1")),length(encrypt('test')),encrypt('test','aa'); select password("a",""), password("a",NULL), password("","a"), password(NULL,"a");
password("a","") password("a",NULL) password("","a") password(NULL,"a")
*2517f7235d68d4ba2e5019c93420523101157a792c01 NULL NULL
select password("aaaaaaaaaaaaaaaa","a"), password("a","aaaaaaaaaaaaaaaa");
password("aaaaaaaaaaaaaaaa","a") password("a","aaaaaaaaaaaaaaaa")
*2cd3b9a44e9a9994789a30f935c92f45a96c5472f381 *37c7c5c794ff144819f2531bf03c57772cd84e40db09
select old_password('test'), length(password("1")), length(encrypt('test')), encrypt('test','aa');
old_password('test') length(password("1")) length(encrypt('test')) encrypt('test','aa') old_password('test') length(password("1")) length(encrypt('test')) encrypt('test','aa')
378b243e220ca493 45 13 aaqPiZY5xR5l. 378b243e220ca493 45 13 aaqPiZY5xR5l.
select old_password(""), old_password(NULL), password(""), password(NULL);
old_password("") old_password(NULL) password("") password(NULL)
NULL NULL
select length(encrypt('foo', 'ff')) <> 0; select length(encrypt('foo', 'ff')) <> 0;
--replace_result $1$aa$4OSUA5cjdx0RUQ08opV27/ aaqPiZY5xR5l. --replace_result $1$aa$4OSUA5cjdx0RUQ08opV27/ aaqPiZY5xR5l.
select old_password('test'),length(password("1")),length(encrypt('test')),encrypt('test','aa');
# Test new and old password handling functions
select password("a",""), password("a",NULL), password("","a"), password(NULL,"a");
select password("aaaaaaaaaaaaaaaa","a"), password("a","aaaaaaaaaaaaaaaa");
select old_password('test'), length(password("1")), length(encrypt('test')), encrypt('test','aa');
select old_password(""), old_password(NULL), password(""), password(NULL);
...@@ -1271,18 +1271,52 @@ String *Item_func_trim::val_str(String *str) ...@@ -1271,18 +1271,52 @@ String *Item_func_trim::val_str(String *str)
return &tmp_value; return &tmp_value;
} }
/*
Password() function can have 2 args now. Second argument can be used
to make results repeatable
*/
String *Item_func_password::val_str(String *str) String *Item_func_password::val_str(String *str)
{ {
String *res =args[0]->val_str(str); struct rand_struct rand_st; // local structure for 2 param version
ulong seed=0; // seed to initialise random generator to
if ((null_value=args[0]->null_value)) if ((null_value=args[0]->null_value))
return 0; return 0;
if (arg_count == 1)
{
String *res =args[0]->val_str(str);
if (res->length() == 0) if (res->length() == 0)
return &empty_string; return &empty_string;
make_scrambled_password(tmp_value,res->c_ptr(),opt_old_passwords, make_scrambled_password(tmp_value,res->c_ptr(),opt_old_passwords,
&current_thd->rand); &current_thd->rand);
str->set(tmp_value,get_password_length(opt_old_passwords),res->charset()); str->set(tmp_value,get_password_length(opt_old_passwords),res->charset());
return str; return str;
}
else
{
/* Check second argument for NULL value. First one is already checked */
if ((null_value=args[1]->null_value))
return 0;
/* Generate the seed first this allows to avoid double allocation */
char* seed_ptr=args[1]->val_str(str)->c_ptr();
while (*seed_ptr)
{
seed=seed*211+*seed_ptr; /* Use simple hashing */
seed_ptr++;
}
/* Use constants which allow nice random values even with small seed */
randominit(&rand_st,seed*111111+33333333L,seed*1111+55555555L);
String *res =args[0]->val_str(str);
if (res->length() == 0)
return &empty_string;
make_scrambled_password(tmp_value,res->c_ptr(),opt_old_passwords,
&rand_st);
str->set(tmp_value,get_password_length(opt_old_passwords),res->charset());
return str;
}
} }
String *Item_func_old_password::val_str(String *str) String *Item_func_old_password::val_str(String *str)
......
...@@ -257,6 +257,7 @@ class Item_func_password :public Item_str_func ...@@ -257,6 +257,7 @@ class Item_func_password :public Item_str_func
char tmp_value[64]; /* This should be enough for new password format */ char tmp_value[64]; /* This should be enough for new password format */
public: public:
Item_func_password(Item *a) :Item_str_func(a) {} Item_func_password(Item *a) :Item_str_func(a) {}
Item_func_password(Item *a, Item *b) :Item_str_func(a,b) {}
String *val_str(String *); String *val_str(String *);
void fix_length_and_dec() { max_length = get_password_length(opt_old_passwords); } void fix_length_and_dec() { max_length = get_password_length(opt_old_passwords); }
const char *func_name() const { return "password"; } const char *func_name() const { return "password"; }
......
...@@ -259,3 +259,4 @@ v/* ...@@ -259,3 +259,4 @@ v/*
"Every derived table must have it's own alias" "Every derived table must have it's own alias"
"Select %u was reduced during optimisation", "Select %u was reduced during optimisation",
"Table '%-.64s' from one of SELECT's can not be used in %-.32s" "Table '%-.64s' from one of SELECT's can not be used in %-.32s"
"Client does not support authentication protocol requested by server. Consider upgrading MySQL client"
\ No newline at end of file
...@@ -253,3 +253,4 @@ ...@@ -253,3 +253,4 @@
"Every derived table must have it's own alias" "Every derived table must have it's own alias"
"Select %u was reduced during optimisation", "Select %u was reduced during optimisation",
"Table '%-.64s' from one of SELECT's can not be used in %-.32s" "Table '%-.64s' from one of SELECT's can not be used in %-.32s"
"Client does not support authentication protocol requested by server. Consider upgrading MySQL client"
\ No newline at end of file
...@@ -261,3 +261,4 @@ ...@@ -261,3 +261,4 @@
"Every derived table must have it's own alias" "Every derived table must have it's own alias"
"Select %u was reduced during optimisation", "Select %u was reduced during optimisation",
"Table '%-.64s' from one of SELECT's can not be used in %-.32s" "Table '%-.64s' from one of SELECT's can not be used in %-.32s"
"Client does not support authentication protocol requested by server. Consider upgrading MySQL client"
\ No newline at end of file
...@@ -250,3 +250,4 @@ ...@@ -250,3 +250,4 @@
"Every derived table must have it's own alias", "Every derived table must have it's own alias",
"Select %u was reduced during optimisation", "Select %u was reduced during optimisation",
"Table '%-.64s' from one of SELECT's can not be used in %-.32s" "Table '%-.64s' from one of SELECT's can not be used in %-.32s"
"Client does not support authentication protocol requested by server. Consider upgrading MySQL client"
\ No newline at end of file
...@@ -255,3 +255,4 @@ ...@@ -255,3 +255,4 @@
"Every derived table must have it's own alias" "Every derived table must have it's own alias"
"Select %u was reduced during optimisation", "Select %u was reduced during optimisation",
"Table '%-.64s' from one of SELECT's can not be used in %-.32s" "Table '%-.64s' from one of SELECT's can not be used in %-.32s"
"Client does not support authentication protocol requested by server. Consider upgrading MySQL client"
\ No newline at end of file
...@@ -250,3 +250,4 @@ ...@@ -250,3 +250,4 @@
"Every derived table must have it's own alias" "Every derived table must have it's own alias"
"Select %u was reduced during optimisation", "Select %u was reduced during optimisation",
"Table '%-.64s' from one of SELECT's can not be used in %-.32s" "Table '%-.64s' from one of SELECT's can not be used in %-.32s"
"Client does not support authentication protocol requested by server. Consider upgrading MySQL client"
\ No newline at end of file
...@@ -260,3 +260,4 @@ ...@@ -260,3 +260,4 @@
"Für jede abgeleitete Tabelle muss ein eigener Alias angegeben werden.", "Für jede abgeleitete Tabelle muss ein eigener Alias angegeben werden.",
"Select %u wurde während der Optimierung reduziert.", "Select %u wurde während der Optimierung reduziert.",
"Tabelle '%-.64s', die in einem der SELECT-Befehle verwendet wurde kann nicht in %-.32s verwendet werden." "Tabelle '%-.64s', die in einem der SELECT-Befehle verwendet wurde kann nicht in %-.32s verwendet werden."
"Client does not support authentication protocol requested by server. Consider upgrading MySQL client"
\ No newline at end of file
...@@ -250,3 +250,4 @@ ...@@ -250,3 +250,4 @@
"Every derived table must have it's own alias" "Every derived table must have it's own alias"
"Select %u was reduced during optimisation", "Select %u was reduced during optimisation",
"Table '%-.64s' from one of SELECT's can not be used in %-.32s" "Table '%-.64s' from one of SELECT's can not be used in %-.32s"
"Client does not support authentication protocol requested by server. Consider upgrading MySQL client"
\ No newline at end of file
...@@ -252,3 +252,4 @@ ...@@ -252,3 +252,4 @@
"Every derived table must have it's own alias" "Every derived table must have it's own alias"
"Select %u was reduced during optimisation", "Select %u was reduced during optimisation",
"Table '%-.64s' from one of SELECT's can not be used in %-.32s" "Table '%-.64s' from one of SELECT's can not be used in %-.32s"
"Client does not support authentication protocol requested by server. Consider upgrading MySQL client"
\ No newline at end of file
...@@ -250,3 +250,4 @@ ...@@ -250,3 +250,4 @@
"Every derived table must have it's own alias" "Every derived table must have it's own alias"
"Select %u was reduced during optimisation", "Select %u was reduced during optimisation",
"Table '%-.64s' from one of SELECT's can not be used in %-.32s" "Table '%-.64s' from one of SELECT's can not be used in %-.32s"
"Client does not support authentication protocol requested by server. Consider upgrading MySQL client"
\ No newline at end of file
...@@ -252,3 +252,4 @@ ...@@ -252,3 +252,4 @@
"Every derived table must have it's own alias" "Every derived table must have it's own alias"
"Select %u was reduced during optimisation", "Select %u was reduced during optimisation",
"Table '%-.64s' from one of SELECT's can not be used in %-.32s" "Table '%-.64s' from one of SELECT's can not be used in %-.32s"
"Client does not support authentication protocol requested by server. Consider upgrading MySQL client"
\ No newline at end of file
...@@ -250,3 +250,4 @@ ...@@ -250,3 +250,4 @@
"Every derived table must have it's own alias" "Every derived table must have it's own alias"
"Select %u was reduced during optimisation", "Select %u was reduced during optimisation",
"Table '%-.64s' from one of SELECT's can not be used in %-.32s" "Table '%-.64s' from one of SELECT's can not be used in %-.32s"
"Client does not support authentication protocol requested by server. Consider upgrading MySQL client"
\ No newline at end of file
...@@ -252,3 +252,4 @@ ...@@ -252,3 +252,4 @@
"Every derived table must have it's own alias" "Every derived table must have it's own alias"
"Select %u was reduced during optimisation", "Select %u was reduced during optimisation",
"Table '%-.64s' from one of SELECT's can not be used in %-.32s" "Table '%-.64s' from one of SELECT's can not be used in %-.32s"
"Client does not support authentication protocol requested by server. Consider upgrading MySQL client"
\ No newline at end of file
...@@ -252,3 +252,4 @@ ...@@ -252,3 +252,4 @@
"Every derived table must have it's own alias" "Every derived table must have it's own alias"
"Select %u was reduced during optimisation", "Select %u was reduced during optimisation",
"Table '%-.64s' from one of SELECT's can not be used in %-.32s" "Table '%-.64s' from one of SELECT's can not be used in %-.32s"
"Client does not support authentication protocol requested by server. Consider upgrading MySQL client"
\ No newline at end of file
...@@ -254,3 +254,4 @@ ...@@ -254,3 +254,4 @@
"Every derived table must have it's own alias" "Every derived table must have it's own alias"
"Select %u was reduced during optimisation", "Select %u was reduced during optimisation",
"Table '%-.64s' from one of SELECT's can not be used in %-.32s" "Table '%-.64s' from one of SELECT's can not be used in %-.32s"
"Client does not support authentication protocol requested by server. Consider upgrading MySQL client"
\ No newline at end of file
...@@ -250,3 +250,4 @@ ...@@ -250,3 +250,4 @@
"Every derived table must have it's own alias" "Every derived table must have it's own alias"
"Select %u was reduced during optimisation", "Select %u was reduced during optimisation",
"Table '%-.64s' from one of SELECT's can not be used in %-.32s" "Table '%-.64s' from one of SELECT's can not be used in %-.32s"
"Client does not support authentication protocol requested by server. Consider upgrading MySQL client"
\ No newline at end of file
...@@ -254,3 +254,4 @@ ...@@ -254,3 +254,4 @@
"Every derived table must have it's own alias" "Every derived table must have it's own alias"
"Select %u was reduced during optimisation", "Select %u was reduced during optimisation",
"Table '%-.64s' from one of SELECT's can not be used in %-.32s" "Table '%-.64s' from one of SELECT's can not be used in %-.32s"
"Client does not support authentication protocol requested by server. Consider upgrading MySQL client"
\ No newline at end of file
...@@ -253,3 +253,4 @@ ...@@ -253,3 +253,4 @@
"Every derived table must have it's own alias" "Every derived table must have it's own alias"
"Select %u ", "Select %u ",
"Table '%-.64s' from one of SELECT's can not be used in %-.32s" "Table '%-.64s' from one of SELECT's can not be used in %-.32s"
"Client does not support authentication protocol requested by server. Consider upgrading MySQL client"
\ No newline at end of file
...@@ -246,3 +246,4 @@ ...@@ -246,3 +246,4 @@
"Every derived table must have it's own alias" "Every derived table must have it's own alias"
"Select %u was reduced during optimisation", "Select %u was reduced during optimisation",
"Table '%-.64s' from one of SELECT's can not be used in %-.32s" "Table '%-.64s' from one of SELECT's can not be used in %-.32s"
"Client does not support authentication protocol requested by server. Consider upgrading MySQL client"
\ No newline at end of file
...@@ -258,3 +258,4 @@ ...@@ -258,3 +258,4 @@
"Every derived table must have it's own alias" "Every derived table must have it's own alias"
"Select %u was reduced during optimisation", "Select %u was reduced during optimisation",
"Table '%-.64s' from one of SELECT's can not be used in %-.32s" "Table '%-.64s' from one of SELECT's can not be used in %-.32s"
"Client does not support authentication protocol requested by server. Consider upgrading MySQL client"
\ No newline at end of file
...@@ -251,3 +251,4 @@ ...@@ -251,3 +251,4 @@
"Every derived table must have it's own alias" "Every derived table must have it's own alias"
"Select %u was reduced during optimisation", "Select %u was reduced during optimisation",
"Table '%-.64s' from one of SELECT's can not be used in %-.32s" "Table '%-.64s' from one of SELECT's can not be used in %-.32s"
"Client does not support authentication protocol requested by server. Consider upgrading MySQL client"
\ No newline at end of file
...@@ -250,3 +250,4 @@ ...@@ -250,3 +250,4 @@
"Every derived table must have it's own alias" "Every derived table must have it's own alias"
"Select %u was reduced during optimisation", "Select %u was reduced during optimisation",
"Table '%-.64s' from one of SELECT's can not be used in %-.32s" "Table '%-.64s' from one of SELECT's can not be used in %-.32s"
"Client does not support authentication protocol requested by server. Consider upgrading MySQL client"
\ No newline at end of file
...@@ -255,3 +255,4 @@ ...@@ -255,3 +255,4 @@
"Every derived table must have it's own alias" "Every derived table must have it's own alias"
"Select %u was iii", "Select %u was iii",
"Table '%-.64s' from one of SELECT's can not be used in %-.32s" "Table '%-.64s' from one of SELECT's can not be used in %-.32s"
"Client does not support authentication protocol requested by server. Consider upgrading MySQL client"
\ No newline at end of file
...@@ -189,9 +189,9 @@ end: ...@@ -189,9 +189,9 @@ end:
static int check_user(THD *thd,enum_server_command command, const char *user, static int check_user(THD *thd,enum_server_command command, const char *user,
const char *passwd, const char *db, bool check_count, const char *passwd, const char *db, bool check_count,
bool do_send_error, char* crypted_scramble, bool simple_connect, bool do_send_error,
bool had_password,uint *cur_priv_version, char* crypted_scramble, bool had_password,
ACL_USER** hint_user) uint *cur_priv_version, ACL_USER** hint_user)
{ {
thd->db=0; thd->db=0;
thd->db_length=0; thd->db_length=0;
...@@ -221,6 +221,14 @@ static int check_user(THD *thd,enum_server_command command, const char *user, ...@@ -221,6 +221,14 @@ static int check_user(THD *thd,enum_server_command command, const char *user,
if (thd->master_access & NO_ACCESS) if (thd->master_access & NO_ACCESS)
{ {
if (do_send_error) if (do_send_error)
{
/* Old client should get nicer error message if password version is not supported*/
if (simple_connect && *hint_user && (*hint_user)->pversion)
{
net_printf(thd, ER_NOT_SUPPORTED_AUTH_MODE);
mysql_log.write(thd,COM_CONNECT,ER(ER_NOT_SUPPORTED_AUTH_MODE));
}
else
{ {
net_printf(thd, ER_ACCESS_DENIED_ERROR, net_printf(thd, ER_ACCESS_DENIED_ERROR,
thd->user, thd->user,
...@@ -230,6 +238,7 @@ static int check_user(THD *thd,enum_server_command command, const char *user, ...@@ -230,6 +238,7 @@ static int check_user(THD *thd,enum_server_command command, const char *user,
thd->user, thd->user,
thd->host_or_ip, thd->host_or_ip,
had_password ? ER(ER_YES) : ER(ER_NO)); had_password ? ER(ER_YES) : ER(ER_NO));
}
return(1); // Error already given return(1); // Error already given
} }
else else
...@@ -638,8 +647,9 @@ check_connections(THD *thd) ...@@ -638,8 +647,9 @@ check_connections(THD *thd)
/* Store information if we used password. passwd will be dammaged */ /* Store information if we used password. passwd will be dammaged */
bool using_password=test(passwd[0]); bool using_password=test(passwd[0]);
/* Check user permissions. If password failure we'll get scramble back */ /* Check user permissions. If password failure we'll get scramble back */
if (check_user(thd,COM_CONNECT, user, passwd, db, 1, simple_connect, if (check_user(thd, COM_CONNECT, user, passwd, db, 1, simple_connect,
prepared_scramble,using_password,&cur_priv_version,&cached_user)<0) simple_connect, prepared_scramble, using_password, &cur_priv_version,
&cached_user)<0)
{ {
/* If The client is old we just have to return error */ /* If The client is old we just have to return error */
if (simple_connect) if (simple_connect)
...@@ -679,7 +689,7 @@ check_connections(THD *thd) ...@@ -679,7 +689,7 @@ check_connections(THD *thd)
} }
/* Final attempt to check the user based on reply */ /* Final attempt to check the user based on reply */
if (check_user(thd,COM_CONNECT, tmp_user, (char*)net->read_pos, if (check_user(thd,COM_CONNECT, tmp_user, (char*)net->read_pos,
tmp_db, 1, 1,prepared_scramble,using_password,&cur_priv_version, tmp_db, 1, 0, 1, prepared_scramble, using_password, &cur_priv_version,
&cached_user)) &cached_user))
return -1; return -1;
} }
...@@ -1077,7 +1087,8 @@ bool dispatch_command(enum enum_server_command command, THD *thd, ...@@ -1077,7 +1087,8 @@ bool dispatch_command(enum enum_server_command command, THD *thd,
Do not retry if we already have sent error (result>0) Do not retry if we already have sent error (result>0)
*/ */
if (check_user(thd,COM_CHANGE_USER, user, passwd, db, 0, simple_connect, if (check_user(thd,COM_CHANGE_USER, user, passwd, db, 0, simple_connect,
prepared_scramble,using_password,&cur_priv_version,&cached_user)<0) simple_connect, prepared_scramble, using_password, &cur_priv_version,
&cached_user)<0)
{ {
/* If The client is old we just have to have auth failure */ /* If The client is old we just have to have auth failure */
if (simple_connect) if (simple_connect)
...@@ -1112,7 +1123,7 @@ bool dispatch_command(enum enum_server_command command, THD *thd, ...@@ -1112,7 +1123,7 @@ bool dispatch_command(enum enum_server_command command, THD *thd,
/* Final attempt to check the user based on reply */ /* Final attempt to check the user based on reply */
if (check_user(thd,COM_CHANGE_USER, tmp_user, (char*)net->read_pos, if (check_user(thd,COM_CHANGE_USER, tmp_user, (char*)net->read_pos,
tmp_db, 0, 1,prepared_scramble,using_password,&cur_priv_version, tmp_db, 0, 0, 1, prepared_scramble, using_password, &cur_priv_version,
&cached_user)) &cached_user))
goto restore_user; goto restore_user;
} }
......
...@@ -2209,9 +2209,9 @@ simple_expr: ...@@ -2209,9 +2209,9 @@ simple_expr:
| NOW_SYM '(' expr ')' | NOW_SYM '(' expr ')'
{ $$= new Item_func_now($3); Lex->safe_to_cache_query=0;} { $$= new Item_func_now($3); Lex->safe_to_cache_query=0;}
| PASSWORD '(' expr ')' | PASSWORD '(' expr ')'
{ { $$= new Item_func_password($3); }
$$= new Item_func_password($3); | PASSWORD '(' expr ',' expr ')'
} { $$= new Item_func_password($3,$5); }
| POINTFROMTEXT '(' expr ')' | POINTFROMTEXT '(' expr ')'
{ $$= new Item_func_geometry_from_text($3); } { $$= new Item_func_geometry_from_text($3); }
| POINTFROMTEXT '(' expr ',' expr ')' | POINTFROMTEXT '(' expr ',' expr ')'
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment