Commit 9c123d0c authored by monty@mashka.mysql.fi's avatar monty@mashka.mysql.fi

Don't give the anonymous user create temp table or lock tables privileges.

SET PASSWORD=... closed connection on error.
parent 378d977d
......@@ -50448,6 +50448,9 @@ each individual 4.0.x release.
@itemize @bullet
@item
@code{SET PASSWORD FOR ...} closed the connection in case of errors (bug
from 4.0.3).
@item
Increased max possible @code{max_allowed_packet} in @code{mysqld} to 1G.
@item
Fixed bug when doing a multi-line @code{INSERT} on a table with an
......@@ -80,4 +80,4 @@ select count(*) from t3 where n >= 4;
count(*)
100
unlock tables;
drop table if exists t1,t2,t3;
drop table if exists t1,t2,t3,t4;
......@@ -160,7 +160,7 @@ then
echo ""
echo "Updating new privileges in MySQL 4.0.2 from old ones"
@bindir@/mysql --user=root --password="$root_password" --host="$host" mysql <<END_OF_DATA
update user set show_db_priv= select_priv, super_priv=process_priv, execute_priv=process_priv, create_tmp_table_priv='Y', Lock_tables_priv='Y', Repl_slave_priv=file_priv, Repl_client_priv=file_priv;
update user set show_db_priv= select_priv, super_priv=process_priv, execute_priv=process_priv, create_tmp_table_priv='Y', Lock_tables_priv='Y', Repl_slave_priv=file_priv, Repl_client_priv=file_priv where user<>"";
END_OF_DATA
echo ""
fi
......
......@@ -896,7 +896,7 @@ byte *sys_var_thd_enum::value_ptr(THD *thd, enum_var_type type)
bool sys_var_thd_bit::update(THD *thd, set_var *var)
{
bool res= (*update_func)(thd, var);
int res= (*update_func)(thd, var);
thd->lex.select_lex.options=thd->options;
return res;
}
......@@ -1010,7 +1010,7 @@ byte *sys_var_insert_id::value_ptr(THD *thd, enum_var_type type)
bool sys_var_slave_skip_counter::check(THD *thd, set_var *var)
{
bool result=0;
int result= 0;
LOCK_ACTIVE_MI;
pthread_mutex_lock(&active_mi->rli.run_lock);
if (active_mi->rli.slave_running)
......@@ -1236,26 +1236,24 @@ sys_var *find_sys_var(const char *str, uint length)
RETURN VALUE
0 ok
1 Something got wrong (normally no variables was updated)
1 ERROR, message sent (normally no variables was updated)
-1 ERROR, message not sent
*/
bool sql_set_variables(THD *thd, List<set_var_base> *var_list)
int sql_set_variables(THD *thd, List<set_var_base> *var_list)
{
bool error=0;
int error= 0;
List_iterator<set_var_base> it(*var_list);
set_var_base *var;
while ((var=it++))
{
if (var->check(thd))
return 1;
if ((error=var->check(thd)))
return error;
}
it.rewind();
while ((var=it++))
{
if (var->update(thd))
error=1;
}
error|= var->update(thd); // Returns 0, -1 or 1
return error;
}
......@@ -1264,14 +1262,14 @@ bool sql_set_variables(THD *thd, List<set_var_base> *var_list)
Functions to handle SET mysql_internal_variable=const_expr
*****************************************************************************/
bool set_var::check(THD *thd)
int set_var::check(THD *thd)
{
if (var->check_type(type))
{
my_error(type == OPT_GLOBAL ? ER_LOCAL_VARIABLE : ER_GLOBAL_VARIABLE,
MYF(0),
var->name);
return 1;
return -1;
}
if ((type == OPT_GLOBAL && check_global_access(thd, SUPER_ACL)))
return 1;
......@@ -1282,28 +1280,29 @@ bool set_var::check(THD *thd)
if (var->check_default(type))
{
my_error(ER_NO_DEFAULT, MYF(0), var->name);
return 1;
return -1;
}
return 0;
}
if (value->fix_fields(thd,0))
return 1;
return -1;
if (var->check_update_type(value->result_type()))
{
my_error(ER_WRONG_TYPE_FOR_VAR, MYF(0), var->name);
return 1;
return -1;
}
return var->check(thd, this);
return var->check(thd, this) ? -1 : 0;
}
bool set_var::update(THD *thd)
int set_var::update(THD *thd)
{
int error;
if (!value)
var->set_default(thd, type);
else if (var->update(thd, this))
return 1; // should never happen
return -1; // should never happen
if (var->after_update)
(*var->after_update)(thd, type);
return 0;
......@@ -1314,19 +1313,19 @@ bool set_var::update(THD *thd)
Functions to handle SET @user_variable=const_expr
*****************************************************************************/
bool set_var_user::check(THD *thd)
int set_var_user::check(THD *thd)
{
return user_var_item->fix_fields(thd,0);
return user_var_item->fix_fields(thd,0) ? -1 : 0;
}
bool set_var_user::update(THD *thd)
int set_var_user::update(THD *thd)
{
if (user_var_item->update())
{
/* Give an error if it's not given already */
send_error(&thd->net, ER_SET_CONSTANTS_ONLY);
return 1;
my_error(ER_SET_CONSTANTS_ONLY, MYF(0));
return -1;
}
return 0;
}
......@@ -1336,16 +1335,19 @@ bool set_var_user::update(THD *thd)
Functions to handle SET PASSWORD
*****************************************************************************/
bool set_var_password::check(THD *thd)
int set_var_password::check(THD *thd)
{
if (!user->host.str)
user->host.str= (char*) thd->host_or_ip;
return check_change_password(thd, user->host.str, user->user.str);
/* Returns 1 as the function sends error to client */
return check_change_password(thd, user->host.str, user->user.str) ? 1 : 0;
}
bool set_var_password::update(THD *thd)
int set_var_password::update(THD *thd)
{
return change_password(thd, user->host.str, user->user.str, password);
/* Returns 1 as the function sends error to client */
return (change_password(thd, user->host.str, user->user.str, password) ?
1 : 0);
}
/****************************************************************************
......
......@@ -359,8 +359,8 @@ class set_var_base :public Sql_alloc
public:
set_var_base() {}
virtual ~set_var_base() {}
virtual bool check(THD *thd)=0; /* To check privileges etc. */
virtual bool update(THD *thd)=0; /* To set the value */
virtual int check(THD *thd)=0; /* To check privileges etc. */
virtual int update(THD *thd)=0; /* To set the value */
};
......@@ -394,8 +394,8 @@ class set_var :public set_var_base
else
value=value_arg;
}
bool check(THD *thd);
bool update(THD *thd);
int check(THD *thd);
int update(THD *thd);
};
......@@ -408,8 +408,8 @@ class set_var_user: public set_var_base
set_var_user(Item_func_set_user_var *item)
:user_var_item(item)
{}
bool check(THD *thd);
bool update(THD *thd);
int check(THD *thd);
int update(THD *thd);
};
/* For SET PASSWORD */
......@@ -422,8 +422,8 @@ class set_var_password: public set_var_base
set_var_password(LEX_USER *user_arg,char *password_arg)
:user(user_arg), password(password_arg)
{}
bool check(THD *thd);
bool update(THD *thd);
int check(THD *thd);
int update(THD *thd);
};
......@@ -434,7 +434,7 @@ class set_var_password: public set_var_base
void set_var_init();
void set_var_free();
sys_var *find_sys_var(const char *str, uint length=0);
bool sql_set_variables(THD *thd, List<set_var_base> *var_list);
int sql_set_variables(THD *thd, List<set_var_base> *var_list);
void fix_delay_key_write(THD *thd, enum_var_type type);
extern sys_var_str sys_charset;
......@@ -783,7 +783,6 @@ ulong acl_get(const char *host, const char *ip, const char *bin_ip,
db_access=0; host_access= ~0;
char key[ACL_KEY_LENGTH],*tmp_db,*end;
acl_entry *entry;
THD *thd= current_thd;
VOID(pthread_mutex_lock(&acl_cache->lock));
memcpy_fixed(&key,bin_ip,sizeof(struct in_addr));
......@@ -1015,6 +1014,21 @@ bool check_change_password(THD *thd, const char *host, const char *user)
}
/*
Change a password for a user
SYNOPSIS
change_password()
thd Thread handle
host Hostname
user User name
new_password New password for host@user
RETURN VALUES
0 ok
1 ERROR; In this case the error is sent to the client.
*/
bool change_password(THD *thd, const char *host, const char *user,
char *new_password)
{
......
......@@ -332,7 +332,7 @@ bool mysql_change_db(THD *thd,const char *name)
int length, db_length;
char *dbname=my_strdup((char*) name,MYF(MY_WME));
char path[FN_REFLEN];
uint db_access;
ulong db_access;
DBUG_ENTER("mysql_change_db");
if (!dbname || !(db_length=strip_sp(dbname)))
......
......@@ -2202,9 +2202,7 @@ mysql_execute_command(void)
break;
}
case SQLCOM_SET_OPTION:
if (sql_set_variables(thd, &lex->var_list))
res= -1;
else
if (!(res=sql_set_variables(thd, &lex->var_list)))
send_ok(&thd->net);
break;
case SQLCOM_UNLOCK_TABLES:
......
......@@ -435,8 +435,9 @@ user_connect(0);
user_query("LOCK TABLES $opt_database.test3 READ");
user_query("UNLOCK TABLES");
safe_query("revoke SELECT,INSERT,UPDATE,DELETE on $opt_database.test3 from $user");
user_connect(1);
user_connect(0);
safe_query("revoke LOCK TABLES on *.* from $user");
user_connect(1);
safe_query("drop table $opt_database.test3");
#
......
This diff is collapsed.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment