|
|
bk commit into 4.0 tree (1.1477): msg#00386db.mysql.devel
Below is the list of changes that have just been committed into a local 4.0 repository of monty. When monty does a push these changes will be propagated to the main repository and, within 24 hours after the push, to the public repository. For information on how to access the public repository see http://www.mysql.com/doc/I/n/Installing_source_tree.html ChangeSet 1.1477 03/04/28 10:32:56 monty@xxxxxxxxxxxxxxx +7 -0 Fix for openssl on Solaris Fix for grant bug with SELECT * tests/grant.res 1.10 03/04/28 10:32:53 monty@xxxxxxxxxxxxxxx +37 -18 new grant results tests/grant.pl 1.12 03/04/28 10:32:53 monty@xxxxxxxxxxxxxxx +17 -3 New grant test for SELECT * sql/sql_parse.cc 1.308 03/04/28 10:32:53 monty@xxxxxxxxxxxxxxx +14 -6 Added comment sql/sql_base.cc 1.156 03/04/28 10:32:53 monty@xxxxxxxxxxxxxxx +3 -2 Fix for grant bug with SELECT * sql/sql_acl.cc 1.93 03/04/28 10:32:53 monty@xxxxxxxxxxxxxxx +9 -8 Indentation cleanup sql/item_strfunc.cc 1.58 03/04/28 10:32:53 monty@xxxxxxxxxxxxxxx +0 -3 Fix for openssl on Solaris include/my_global.h 1.41 03/04/28 10:32:53 monty@xxxxxxxxxxxxxxx +4 -0 Fix for openssl on Solaris # This is a BitKeeper patch. What follows are the unified diffs for the # set of deltas contained in the patch. The rest of the patch, the part # that BitKeeper cares about, is below these diffs. # User: monty # Host: mashka.mysql.fi # Root: /home/my/mysql-4.0 --- 1.57/sql/item_strfunc.cc Sat Apr 26 20:43:25 2003 +++ 1.58/sql/item_strfunc.cc Mon Apr 28 10:32:53 2003 @@ -27,9 +27,6 @@ #include "mysql_priv.h" #include "sql_acl.h" #include <m_ctype.h> -#ifdef HAVE_CRYPT_H -#include <crypt.h> -#endif #ifdef HAVE_OPENSSL #include <openssl/des.h> #endif /* HAVE_OPENSSL */ --- 1.92/sql/sql_acl.cc Wed Apr 16 13:05:23 2003 +++ 1.93/sql/sql_acl.cc Mon Apr 28 10:32:53 2003 @@ -1997,10 +1997,10 @@ } -int mysql_table_grant (THD *thd, TABLE_LIST *table_list, - List <LEX_USER> &user_list, - List <LEX_COLUMN> &columns, ulong rights, - bool revoke_grant) +int mysql_table_grant(THD *thd, TABLE_LIST *table_list, + List <LEX_USER> &user_list, + List <LEX_COLUMN> &columns, ulong rights, + bool revoke_grant) { ulong column_priv = 0; List_iterator <LEX_USER> str_list (user_list); @@ -2374,7 +2374,7 @@ mem_check->ok() && hash_insert(&hash_tables,(byte*) mem_check)) { /* This could only happen if we are out memory */ - grant_option = FALSE; /* purecov: deadcode */ + grant_option= FALSE; /* purecov: deadcode */ goto end_unlock; } } @@ -2404,7 +2404,8 @@ void grant_reload(THD *thd) { - HASH old_hash_tables;bool old_grant_option; + HASH old_hash_tables; + bool old_grant_option; MEM_ROOT old_mem; DBUG_ENTER("grant_reload"); @@ -2413,14 +2414,14 @@ pthread_mutex_lock(&LOCK_grant); grant_version++; old_hash_tables=hash_tables; - old_grant_option = grant_option; + old_grant_option= grant_option; old_mem = memex; if (grant_init(thd)) { // Error. Revert to old hash grant_free(); /* purecov: deadcode */ hash_tables=old_hash_tables; /* purecov: deadcode */ - grant_option = old_grant_option; /* purecov: deadcode */ + grant_option= old_grant_option; /* purecov: deadcode */ memex = old_mem; /* purecov: deadcode */ } else --- 1.155/sql/sql_base.cc Thu Mar 13 18:52:53 2003 +++ 1.156/sql/sql_base.cc Mon Apr 28 10:32:53 2003 @@ -1984,8 +1984,9 @@ (!db_name || !strcmp(tables->db,db_name)))) { /* Ensure that we have access right to all columns */ - if (grant_option && !thd->master_access && - check_grant_all_columns(thd,SELECT_ACL,table) ) + if (grant_option && !(table->grant.privilege & + table->grant.want_privilege) && + check_grant_all_columns(thd,SELECT_ACL,table)) DBUG_RETURN(-1); Field **ptr=table->field,*field; thd->used_tables|=table->map; --- 1.307/sql/sql_parse.cc Sat Apr 26 20:43:25 2003 +++ 1.308/sql/sql_parse.cc Mon Apr 28 10:32:53 2003 @@ -2519,12 +2519,20 @@ /**************************************************************************** Get the user (global) and database privileges for all used tables - Returns true (error) if we can't get the privileges and we don't use - table/column grants. - The idea of EXTRA_ACL is that one will be granted access to the table if - one has the asked privilege on any column combination of the table; For - example to be able to check a table one needs to have SELECT privilege on - any column of the table. + + NOTES + The idea of EXTRA_ACL is that one will be granted access to the table if + one has the asked privilege on any column combination of the table; For + example to be able to check a table one needs to have SELECT privilege on + any column of the table. + + RETURN + 0 ok + 1 If we can't get the privileges and we don't use table/column grants. + + save_priv In this we store global and db level grants for the table + Note that we don't store db level grants if the global grants + is enough to satisfy the request. ****************************************************************************/ bool --- 1.11/tests/grant.pl Sat Mar 15 04:34:40 2003 +++ 1.12/tests/grant.pl Mon Apr 28 10:32:53 2003 @@ -63,6 +63,12 @@ #goto test; # +# Enable column grant code +# +safe_query("grant select(user) on mysql.user to $user"); +safe_query("revoke select(user) on mysql.user from $user"); + +# # Test grants on user level # @@ -408,21 +414,29 @@ user_connect(0,"dummy"); safe_query("grant SELECT on $opt_database.* to $user identified by ''"); user_connect(0); -safe_query("revoke ALL PRIVILEGES on $opt_database.test from $user identified by ''"); +safe_query("revoke ALL PRIVILEGES on $opt_database.test from $user identified by '', ${opt_user}\@127.0.0.1 identified by 'dummy2'"); safe_query("revoke ALL PRIVILEGES on $opt_database.* from $user identified by ''"); + safe_query("show grants for $user"); # # Test bug reported in SELECT INTO OUTFILE # -safe_query("create table $opt_database.test3 (a int)"); +safe_query("create table $opt_database.test3 (a int, b int)"); safe_query("grant SELECT on $opt_database.test3 to $user"); safe_query("grant FILE on *.* to $user"); -safe_query("insert into $opt_database.test3 values (1)"); +safe_query("insert into $opt_database.test3 values (1,1)"); user_connect(0); user_query("select * into outfile '$tmp_table' from $opt_database.test3"); safe_query("revoke SELECT on $opt_database.test3 from $user"); +safe_query("grant SELECT(a) on $opt_database.test3 to $user"); +user_query("select a from $opt_database.test3"); +user_query("select * from $opt_database.test3",1); +user_query("select a,b from $opt_database.test3",1); +user_query("select b from $opt_database.test3",1); + +safe_query("revoke SELECT(a) on $opt_database.test3 from $user"); safe_query("revoke FILE on *.* from $user"); safe_query("drop table $opt_database.test3"); --- 1.9/tests/grant.res Sat Mar 15 04:41:55 2003 +++ 1.10/tests/grant.res Mon Apr 28 10:32:53 2003 @@ -10,6 +10,8 @@ create database grant_test Connecting grant_user Error on connect: Access denied for user: '@localhost' to database 'grant_test' +grant select(user) on mysql.user to grant_user@localhost +revoke select(user) on mysql.user from grant_user@localhost grant select on *.* to grant_user@localhost set password FOR grant_user2@localhost = password('test') Error in execute: Can't find any matching row in the user table @@ -106,21 +108,21 @@ 2 select * from mysql.user where user = 'grant_user' -Error in execute: select command denied to user: 'grant_user@localhost' for table 'user' +Error in execute: Access denied for user: 'grant_user@localhost' to database 'mysql' insert into grant_test.test values (4,0) -Error in execute: insert command denied to user: 'grant_user@localhost' for table 'test' +Error in execute: Access denied for user: 'grant_user@localhost' to database 'grant_test' update grant_test.test set a=1 -Error in execute: update command denied to user: 'grant_user@localhost' for table 'test' +Error in execute: Access denied for user: 'grant_user@localhost' to database 'grant_test' delete from grant_test.test -Error in execute: delete command denied to user: 'grant_user@localhost' for table 'test' +Error in execute: Access denied for user: 'grant_user@localhost' to database 'grant_test' create table grant_test.test2 (a int) -Error in execute: create command denied to user: 'grant_user@localhost' for table 'test2' +Error in execute: Access denied for user: 'grant_user@localhost' to database 'grant_test' ALTER TABLE grant_test.test add c int -Error in execute: alter command denied to user: 'grant_user@localhost' for table 'test' +Error in execute: Access denied for user: 'grant_user@localhost' to database 'grant_test' CREATE INDEX dummy ON grant_test.test (a) -Error in execute: index command denied to user: 'grant_user@localhost' for table 'test' +Error in execute: Access denied for user: 'grant_user@localhost' to database 'grant_test' drop table grant_test.test -Error in execute: drop command denied to user: 'grant_user@localhost' for table 'test' +Error in execute: Access denied for user: 'grant_user@localhost' to database 'grant_test' grant ALL PRIVILEGES on grant_test.* to grant_user2@localhost Error in execute: Access denied for user: 'grant_user@localhost' to database 'grant_test' grant ALL PRIVILEGES on grant_test.* to grant_user@localhost WITH GRANT OPTION @@ -133,14 +135,14 @@ REVOKE ALL PRIVILEGES on grant_test.* from grant_user@localhost Connecting grant_user insert into grant_test.test values (6,0) -Error in execute: insert command denied to user: 'grant_user@localhost' for table 'test' +Error in execute: Access denied for user: 'grant_user@localhost' to database 'grant_test' REVOKE GRANT OPTION on grant_test.* from grant_user@localhost Connecting grant_user Error on connect: Access denied for user: 'grant_user@localhost' to database 'grant_test' grant ALL PRIVILEGES on grant_test.* to grant_user@localhost Connecting grant_user select * from mysql.user where user = 'grant_user' -Error in execute: select command denied to user: 'grant_user@localhost' for table 'user' +Error in execute: Access denied for user: 'grant_user@localhost' to database 'mysql' insert into grant_test.test values (7,0) update grant_test.test set a=3 where a=2 delete from grant_test.test where a=3 @@ -152,7 +154,7 @@ test insert into mysql.user (host,user) values ('error','grant_user',0) -Error in execute: insert command denied to user: 'grant_user@localhost' for table 'user' +Error in execute: Access denied for user: 'grant_user@localhost' to database 'mysql' revoke ALL PRIVILEGES on grant_test.* from grant_user@localhost select * from mysql.user where user = 'grant_user' localhost grant_user N N N N N N N N N N N N N N N N N N N N N 0 0 0 @@ -200,7 +202,7 @@ update grant_test.test set b=b+1 revoke SELECT on *.* from grant_user@localhost Connecting grant_user -lect * from test +select * from test Error in execute: select command denied to user: 'grant_user@localhost' for table 'test' grant select on grant_test.test to grant_user@localhost delete from grant_test.test where a=1 @@ -233,7 +235,7 @@ select count(*) from test,test2 Error in execute: select command denied to user: 'grant_user@localhost' for table 'test2' replace into test2 SELECT a from test -Error in execute: update command denied to user: 'grant_user@localhost' for table 'test2' +Error in execute: delete command denied to user: 'grant_user@localhost' for table 'test2' grant update on grant_test.test2 to grant_user@localhost replace into test2 SELECT a,a from test Error in execute: delete command denied to user: 'grant_user@localhost' for table 'test2' @@ -448,21 +450,34 @@ Connecting grant_user grant SELECT on grant_test.* to grant_user@localhost identified by '' Connecting grant_user -revoke ALL PRIVILEGES on grant_test.test from grant_user@localhost identified by '' +revoke ALL PRIVILEGES on grant_test.test from grant_user@localhost identified by '', grant_user@xxxxxxxxx identified by 'dummy2' revoke ALL PRIVILEGES on grant_test.* from grant_user@localhost identified by '' show grants for grant_user@localhost -create table grant_test.test3 (a int) +GRANT USAGE ON *.* TO 'grant_user'@'localhost' + +create table grant_test.test3 (a int, b int) grant SELECT on grant_test.test3 to grant_user@localhost grant FILE on *.* to grant_user@localhost -insert into grant_test.test3 values (1) +insert into grant_test.test3 values (1,1) Connecting grant_user select * into outfile '/tmp/mysql-grant.test' from grant_test.test3 revoke SELECT on grant_test.test3 from grant_user@localhost +grant SELECT(a) on grant_test.test3 to grant_user@localhost +select a from grant_test.test3 +1 + +select * from grant_test.test3 +Error in execute: select command denied to user: 'grant_user@localhost' for column 'b' in table 'test3' +select a,b from grant_test.test3 +Error in execute: SELECT command denied to user: 'grant_user@localhost' for column 'b' in table 'test3' +select b from grant_test.test3 +Error in execute: SELECT command denied to user: 'grant_user@localhost' for column 'b' in table 'test3' +revoke SELECT(a) on grant_test.test3 from grant_user@localhost revoke FILE on *.* from grant_user@localhost drop table grant_test.test3 create table grant_test.test3 (a int) Connecting grant_user -Access denied for user: 'grant_user@localhost' to database 'grant_test' +Error on connect: Access denied for user: 'grant_user@localhost' to database 'grant_test' grant INSERT on grant_test.test3 to grant_user@localhost Connecting grant_user select * into outfile '/tmp/mysql-grant.test' from grant_test.test3 @@ -487,9 +502,11 @@ Connecting grant_user revoke LOCK TABLES on *.* from grant_user@localhost Connecting grant_user -Access denied for user: 'grant_user@localhost' to database 'grant_test' +Error on connect: Access denied for user: 'grant_user@localhost' to database 'grant_test' drop table grant_test.test3 show grants for grant_user@localhost +GRANT USAGE ON *.* TO 'grant_user'@'localhost' + grant all on *.* to grant_user@localhost WITH MAX_QUERIES_PER_HOUR 1 MAX_UPDATES_PER_HOUR 2 MAX_CONNECTIONS_PER_HOUR 3 show grants for grant_user@localhost GRANT ALL PRIVILEGES ON *.* TO 'grant_user'@'localhost' WITH MAX_QUERIES_PER_HOUR 1 MAX_UPDATES_PER_HOUR 2 MAX_CONNECTIONS_PER_HOUR 3 @@ -501,6 +518,8 @@ revoke ALL PRIVILEGES on *.* from grant_user@localhost show grants for grant_user@localhost +GRANT USAGE ON *.* TO 'grant_user'@'localhost' WITH MAX_QUERIES_PER_HOUR 1 MAX_UPDATES_PER_HOUR 2 MAX_CONNECTIONS_PER_HOUR 3 + drop database grant_test delete from user where user='grant_user' delete from db where user='grant_user' --- 1.40/include/my_global.h Wed Apr 23 21:52:14 2003 +++ 1.41/include/my_global.h Mon Apr 28 10:32:53 2003 @@ -267,6 +267,10 @@ #include <asm/atomic.h> #endif #include <errno.h> /* Recommended by debian */ +/* We need the following to go around a problem with openssl on solaris */ +#if defined(HAVE_CRYPT) +#include <crypt.h> +#endif /* Go around some bugs in different OS and compilers */ #if defined(_HPUX_SOURCE) && defined(HAVE_SYS_STREAM_H) -- MySQL Internals Mailing List For list archives: http://lists.mysql.com/internals To unsubscribe: http://lists.mysql.com/internals?unsub=gcdmd-internals@xxxxxxxxxxx |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | Segfault during mysql_install_db: 00386, Sebastian Bergmann |
|---|---|
| Next by Date: | bk commit - mysqldoc tree (1.456): 00386, monty |
| Previous by Thread: | bk commit into 4.0 tree (1.1477)i: 00386, guilhem |
| Next by Thread: | bk commit into 4.1 tree (1.1520): 00386, Sinisa |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |