Commit c752d2ca authored by serg@serg.mylan's avatar serg@serg.mylan

removed one more hack that - as usual - almost always worked

(but broke permission handling for *some* IP's after we started to compare in utf8)
Bug #1636
parent 6457b899
......@@ -52,7 +52,8 @@ static byte* acl_entry_get_key(acl_entry *entry,uint *length,
return (byte*) entry->key;
}
#define ACL_KEY_LENGTH (sizeof(long)+NAME_LEN+USERNAME_LENGTH+1)
#define IP_ADDR_STRLEN
#define ACL_KEY_LENGTH (IP_ADDR_STRLEN+1+NAME_LEN+1+USERNAME_LENGTH+1)
static DYNAMIC_ARRAY acl_hosts,acl_users,acl_dbs;
static MEM_ROOT mem, memex;
......@@ -909,7 +910,7 @@ static void acl_insert_db(const char *user, const char *host, const char *db,
Get privilege for a host, user and db combination
*/
ulong acl_get(const char *host, const char *ip, const char *bin_ip,
ulong acl_get(const char *host, const char *ip,
const char *user, const char *db, my_bool db_is_pattern)
{
ulong host_access,db_access;
......@@ -919,8 +920,7 @@ ulong acl_get(const char *host, const char *ip, const char *bin_ip,
acl_entry *entry;
VOID(pthread_mutex_lock(&acl_cache->lock));
memcpy_fixed(&key,bin_ip,sizeof(struct in_addr));
end=strmov((tmp_db=strmov(key+sizeof(struct in_addr),user)+1),db);
end=strmov((tmp_db=strmov(strmov(key, ip ? ip : "")+1,user)+1),db);
if (lower_case_table_names)
{
my_casedn_str(&my_charset_latin1, tmp_db);
......@@ -1331,7 +1331,7 @@ static bool test_if_create_new_users(THD *thd)
bzero((char*) &tl,sizeof(tl));
tl.db= (char*) "mysql";
tl.real_name= (char*) "user";
db_access=acl_get(thd->host, thd->ip, (char*) &thd->remote.sin_addr,
db_access=acl_get(thd->host, thd->ip,
thd->priv_user, tl.db, 0);
if (!(db_access & INSERT_ACL))
{
......
......@@ -134,7 +134,7 @@ public:
my_bool acl_init(THD *thd, bool dont_read_acl_tables);
void acl_reload(THD *thd);
void acl_free(bool end=0);
ulong acl_get(const char *host, const char *ip, const char *bin_ip,
ulong acl_get(const char *host, const char *ip,
const char *user, const char *db, my_bool db_is_pattern);
int acl_getroot(THD *thd, USER_RESOURCES *mqh, const char *passwd,
uint passwd_len);
......
......@@ -618,8 +618,7 @@ bool mysql_change_db(THD *thd, const char *name)
if (test_all_bits(thd->master_access,DB_ACLS))
db_access=DB_ACLS;
else
db_access= (acl_get(thd->host,thd->ip,(char*) &thd->remote.sin_addr,
thd->priv_user,dbname,0) |
db_access= (acl_get(thd->host,thd->ip, thd->priv_user,dbname,0) |
thd->master_access);
if (!(db_access & DB_ACLS) && (!grant_option || check_grant_db(thd,dbname)))
{
......@@ -684,8 +683,7 @@ int mysqld_show_create_db(THD *thd, char *dbname,
if (test_all_bits(thd->master_access,DB_ACLS))
db_access=DB_ACLS;
else
db_access= (acl_get(thd->host,thd->ip,(char*) &thd->remote.sin_addr,
thd->priv_user,dbname,0) |
db_access= (acl_get(thd->host,thd->ip, thd->priv_user,dbname,0) |
thd->master_access);
if (!(db_access & DB_ACLS) && (!grant_option || check_grant_db(thd,dbname)))
{
......
......@@ -3376,7 +3376,7 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv,
db_access= thd->db_access;
if (!(thd->master_access & SELECT_ACL) &&
(db && (!thd->db || strcmp(db,thd->db))))
db_access=acl_get(thd->host, thd->ip, (char*) &thd->remote.sin_addr,
db_access=acl_get(thd->host, thd->ip,
thd->priv_user, db, test(want_access & GRANT_ACL));
*save_priv=thd->master_access | db_access;
DBUG_RETURN(FALSE);
......@@ -3396,7 +3396,7 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv,
DBUG_RETURN(FALSE); // Allow select on anything
if (db && (!thd->db || strcmp(db,thd->db)))
db_access=acl_get(thd->host, thd->ip, (char*) &thd->remote.sin_addr,
db_access=acl_get(thd->host, thd->ip,
thd->priv_user, db, test(want_access & GRANT_ACL));
else
db_access=thd->db_access;
......
......@@ -75,8 +75,7 @@ mysqld_show_dbs(THD *thd,const char *wild)
{
#ifndef NO_EMBEDDED_ACCESS_CHECKS
if (thd->master_access & (DB_ACLS | SHOW_DB_ACL) ||
acl_get(thd->host, thd->ip, (char*) &thd->remote.sin_addr,
thd->priv_user, file_name,0) ||
acl_get(thd->host, thd->ip, thd->priv_user, file_name,0) ||
(grant_option && !check_grant_db(thd, file_name)))
#endif
{
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment