merge

dbb744a3 · Vladislav Vaintroub · ab5c6cd7 · 4da30b3e · dbb744a3 · dbb744a3
Commit dbb744a3 authored Apr 16, 2012 by Vladislav Vaintroub
Showing with 101 additions and 8 deletions

sql/mysql_install_db.cc sql/mysql_install_db.cc +13 -5

win/packaging/ca/CustomAction.cpp win/packaging/ca/CustomAction.cpp +85 -1

win/packaging/extra.wxs.in win/packaging/extra.wxs.in +3 -2

No files found.
--- a/sql/mysql_install_db.cc
+++ b/sql/mysql_install_db.cc
@@ -316,9 +316,9 @@ static int create_myini()
 static const char update_root_passwd_part1[]=
-  "UPDATE mysql.user SET Password = PASSWORD('";
+  "UPDATE mysql.user SET Password = PASSWORD(";
 static const char update_root_passwd_part2[]=
-  "') where User='root';\n";
+  ") where User='root';\n";
 static const char remove_default_user_cmd[]= 
  "DELETE FROM mysql.user where User='';\n";
 static const char allow_remote_root_access_cmd[]=
@@ -589,11 +589,19 @@ static int create_db_instance()
  }
  /* Change root password if requested. */
-  if (opt_password)
+  if (opt_password && opt_password[0])
  {
-    verbose("Changing root password",remove_default_user_cmd);
+    verbose("Setting root password",remove_default_user_cmd);
    fputs(update_root_passwd_part1, in);
-    fputs(opt_password, in);
+    /* Use hex encoding for password, to avoid escaping problems.*/
+    fputc('0', in);
+    fputc('x', in);
+    for(int i= 0; opt_password[i]; i++)
+    {
+      fprintf(in,"%02x",opt_password[i]);
+    }
    fputs(update_root_passwd_part2, in);
    fflush(in);
  }

--- a/win/packaging/ca/CustomAction.cpp
+++ b/win/packaging/ca/CustomAction.cpp
@@ -71,6 +71,82 @@ LExit:
  return WcaFinalize(er); 
 }
+/*
+  Escape command line parameter fpr pass to CreateProcess().
+  We assume out has enough space to include encoded string 
+  2*wcslen(in) is enough.
+  It is assumed that called will add double quotation marks before and after
+  the string.
+*/
+static void EscapeCommandLine(const wchar_t *in, wchar_t *out)
+{
+  const wchar_t special_chars[]=L" \t\n\v\"";
+  bool needs_escaping= false;
+  size_t pos;
+  for(int i=0; i< sizeof(special_chars) -1; i++)
+  {
+    if (wcschr(in, special_chars[i]))
+    {
+      needs_escaping = true;
+      break;
+    }
+  }
+  if(!needs_escaping)
+  {
+    wcscpy(out, in);
+    return;
+  }
+  pos= 0;
+  for(int i = 0 ; ; i++) 
+  {
+    size_t n_backslashes = 0;
+    wchar_t c;
+    while (in[i] == L'\\') 
+    {
+      i++;
+      n_backslashes++;
+    }
+    c= in[i];
+    if (c == 0) 
+    {
+      /*
+        Escape all backslashes, but let the terminating double quotation mark 
+        that caller adds be interpreted as a metacharacter.
+      */
+      for(int j= 0; j < 2*n_backslashes;j++)
+      {
+        out[pos++]=L'\\';
+      }
+      break;
+    }
+    else if (c == L'"') 
+    {
+      /*
+        Escape all backslashes and the following double quotation mark.
+      */
+      for(int j= 0; j < 2*n_backslashes + 1; j++)
+      {
+        out[pos++]=L'\\';
+      }
+      out[pos++]= L'"';
+    }
+    else 
+    {
+      /* Backslashes aren't special here. */
+      for (int j=0; j < n_backslashes; j++)
+        out[pos++] = L'\\';
+      out[pos++]= c;
+    }
+  }
+  out[pos++]= 0;
+}
 /* 
  Check for if directory is empty during install, 
  sets "<PROPERTY>_NOT_EMPTY" otherise
@@ -460,6 +536,8 @@ unsigned long long GetMaxBufferSize(unsigned long long totalPhys)
  return totalPhys;
 #endif
 }
 /*
  Checks SERVICENAME, PORT and BUFFERSIZE parameters 
 */
@@ -468,6 +546,8 @@ extern "C" UINT  __stdcall CheckDatabaseProperties (MSIHANDLE hInstall)
  wchar_t ServiceName[MAX_PATH]={0};
  wchar_t SkipNetworking[MAX_PATH]={0};
  wchar_t QuickConfig[MAX_PATH]={0};
+  wchar_t Password[MAX_PATH]={0};
+  wchar_t EscapedPassword[2*MAX_PATH+2];
  wchar_t Port[6];
  wchar_t BufferPoolSize[16];
  DWORD PortLen=6;
@@ -510,8 +590,12 @@ extern "C" UINT  __stdcall CheckDatabaseProperties (MSIHANDLE hInstall)
    }
  }
-  DWORD SkipNetworkingLen= MAX_PATH;
+  DWORD PasswordLen= MAX_PATH;
+  MsiGetPropertyW (hInstall, L"PASSWORD", Password, &PasswordLen);
+  EscapeCommandLine(Password, EscapedPassword);
+  MsiSetPropertyW(hInstall,L"ESCAPEDPASSWORD",EscapedPassword);
+  DWORD SkipNetworkingLen= MAX_PATH;
  MsiGetPropertyW(hInstall, L"SKIPNETWORKING", SkipNetworking, 
    &SkipNetworkingLen);
  MsiGetPropertyW(hInstall, L"PORT", Port, &PortLen);

--- a/win/packaging/extra.wxs.in
+++ b/win/packaging/extra.wxs.in
@@ -34,6 +34,7 @@
    <!-- Root password -->
    <Property Id="PASSWORD" Hidden="yes" Secure="yes" />
+    <Property Id="ESCAPEDPASSWORD" Hidden="yes" Secure="yes" />
    <!-- Database port -->
    <Property Id="PORT" Value="3306" Secure="yes"/>
    <!-- Whether to allow remote access for root user -->
@@ -668,7 +669,7 @@
    <CustomAction Id='PresetDatabaseProperties' BinaryKey='wixca.dll' DllEntry='PresetDatabaseProperties' />
    <CustomAction Id="CreateDatabaseCommand" Property="CreateDatabase"
    Value=
-    "&quot;[#F.bin.mysql_install_db.exe]&quot;  &quot;--service=[SERVICENAME]&quot; --port=[PORT] &quot;--password=[PASSWORD]&quot; &quot;--datadir=[DATADIR]\&quot; [SKIPNETWORKING] [ALLOWREMOTEROOTACCESS] [DEFAULTUSER]"
+    "&quot;[#F.bin.mysql_install_db.exe]&quot;  &quot;--service=[SERVICENAME]&quot; --port=[PORT] &quot;--password=[ESCAPEDPASSWORD]&quot; &quot;--datadir=[DATADIR]\&quot; [SKIPNETWORKING] [ALLOWREMOTEROOTACCESS] [DEFAULTUSER]"
     Execute="immediate"
     HideTarget="yes"
     />
@@ -703,7 +704,7 @@
        <![CDATA[&DBInstance=3 AND NOT !DBInstance=3 AND OLDERVERSIONBEINGUPGRADED=""]]>
      </Custom>
      <Custom Action="ErrorDataDirNotEmpty" After="CheckDataDirectoryEmpty" >DATADIRNOTEMPTY</Custom>
+      <Custom Action="CheckDatabaseProperties" Before="CreateDatabaseCommand">SERVICENAME</Custom>
      <Custom Action="CreateDatabaseCommand" After="CostFinalize" >
        <![CDATA[&DBInstance=3 AND NOT !DBInstance=3 AND OLDERVERSIONBEINGUPGRADED=""]]>
      </Custom>