2961 Georgi Kodinov 2010-06-04
WL1054: implemented the external_user plugin authentication output variable
added:
mysql-test/suite/sys_vars/r/external_user_basic.result
mysql-test/suite/sys_vars/t/external_user_basic.test
modified:
include/mysql/plugin_auth.h
mysql-test/r/plugin_auth.result
mysql-test/t/plugin_auth.test
plugin/auth/test_plugin.c
sql/sql_acl.cc
sql/sql_class.h
sql/sys_vars.cc
sql/sys_vars.h
2960 Georgi Kodinov 2010-06-02
WL1054: Fixed valgrind warnings.
modified:
sql/sql_acl.cc
=== modified file 'include/mysql/plugin_auth.h'
--- a/include/mysql/plugin_auth.h 2010-03-16 11:56:07 +0000
+++ b/include/mysql/plugin_auth.h 2010-06-04 10:51:12 +0000
@@ -63,6 +63,15 @@ typedef struct st_mysql_server_auth_info
used by MySQL for authorization, and shown in CURRENT_USER()
*/
char authenticated_as[MYSQL_USERNAME_LENGTH+1];
+
+
+ /**
+ The unique user name that was used by the plugin to authenticate.
+ Plugins should put null-terminated UTF-8 here.
+ Available through the @@EXTERNAL_USER variable.
+ */
+ char external_user[512];
+
/**
This only affects the "Authentication failed. Password used: %s"
error message. has the following values :
=== modified file 'mysql-test/r/plugin_auth.result'
--- a/mysql-test/r/plugin_auth.result 2010-05-25 13:33:07 +0000
+++ b/mysql-test/r/plugin_auth.result 2010-06-04 10:51:12 +0000
@@ -182,3 +182,31 @@ SELECT @@LOCAL.proxy_user;
DROP USER plug;
DROP USER plug_dest;
## END @@proxy_user tests
+## @@external_user tests
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
+GRANT PROXY ON plug_dest TO plug;
+SELECT USER(),CURRENT_USER(),@@LOCAL.external_user;
+USER() CURRENT_USER() @@LOCAL.external_user
+root@localhost root@localhost NULL
+SELECT @@GLOBAL.external_user;
+ERROR HY000: Variable 'external_user' is a SESSION variable
+SELECT @@LOCAL.external_user;
+@@LOCAL.external_user
+NULL
+SET GLOBAL external_user = 'test';
+ERROR HY000: Variable 'external_user' is a read only variable
+SET LOCAL external_user = 'test';
+ERROR HY000: Variable 'external_user' is a read only variable
+SELECT @@LOCAL.external_user;
+@@LOCAL.external_user
+NULL
+# in connection plug_con
+SELECT @@LOCAL.external_user;
+@@LOCAL.external_user
+'plug'@'%'
+# in connection default
+## cleanup
+DROP USER plug;
+DROP USER plug_dest;
+## END @@external_user tests
=== added file 'mysql-test/suite/sys_vars/r/external_user_basic.result'
--- a/mysql-test/suite/sys_vars/r/external_user_basic.result 1970-01-01 00:00:00 +0000
+++ b/mysql-test/suite/sys_vars/r/external_user_basic.result 2010-06-04 10:51:12 +0000
@@ -0,0 +1,3 @@
+SELECT @@SESSION.EXTERNAL_USER FROM DUAL;
+@@SESSION.EXTERNAL_USER
+NULL
=== added file 'mysql-test/suite/sys_vars/t/external_user_basic.test'
--- a/mysql-test/suite/sys_vars/t/external_user_basic.test 1970-01-01 00:00:00 +0000
+++ b/mysql-test/suite/sys_vars/t/external_user_basic.test 2010-06-04 10:51:12 +0000
@@ -0,0 +1 @@
+SELECT @@SESSION.EXTERNAL_USER FROM DUAL;
=== modified file 'mysql-test/t/plugin_auth.test'
--- a/mysql-test/t/plugin_auth.test 2010-05-25 13:33:07 +0000
+++ b/mysql-test/t/plugin_auth.test 2010-06-04 10:51:12 +0000
@@ -267,3 +267,32 @@ disconnect plug_con;
DROP USER plug;
DROP USER plug_dest;
--echo ## END @@proxy_user tests
+
+--echo ## @@external_user tests
+CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
+CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
+GRANT PROXY ON plug_dest TO plug;
+SELECT USER(),CURRENT_USER(),@@LOCAL.external_user;
+
+--error ER_INCORRECT_GLOBAL_LOCAL_VAR
+SELECT @@GLOBAL.external_user;
+SELECT @@LOCAL.external_user;
+
+--error ER_INCORRECT_GLOBAL_LOCAL_VAR
+SET GLOBAL external_user = 'test';
+--error ER_INCORRECT_GLOBAL_LOCAL_VAR
+SET LOCAL external_user = 'test';
+SELECT @@LOCAL.external_user;
+
+connect(plug_con,localhost,plug,plug_dest);
+connection plug_con;
+--echo # in connection plug_con
+SELECT @@LOCAL.external_user;
+connection default;
+--echo # in connection default
+disconnect plug_con;
+
+--echo ## cleanup
+DROP USER plug;
+DROP USER plug_dest;
+--echo ## END @@external_user tests
=== modified file 'plugin/auth/test_plugin.c'
--- a/plugin/auth/test_plugin.c 2010-05-28 08:22:14 +0000
+++ b/plugin/auth/test_plugin.c 2010-06-04 10:51:12 +0000
@@ -33,7 +33,6 @@
a correct password. It shows the situation when a number of questions
is not known in advance.
*/
-#define _GNU_SOURCE /* for RTLD_DEFAULT */
#include <my_global.h>
#include <mysql/plugin_auth.h>
@@ -79,6 +78,9 @@ static int auth_test_plugin(MYSQL_PLUGIN
/* copy auth string as a destination name to check it */
strcpy (info->authenticated_as, info->auth_string);
+ /* copy something into the external user name */
+ strcpy (info->external_user, info->auth_string);
+
return CR_OK;
}
=== modified file 'sql/sql_acl.cc'
--- a/sql/sql_acl.cc 2010-06-02 15:04:08 +0000
+++ b/sql/sql_acl.cc 2010-06-04 10:51:12 +0000
@@ -8972,6 +8972,7 @@ acl_authenticate(THD *thd, uint connect_
(opt_old_style_user_limits ? sctx->host_or_ip : sctx->priv_host),
&acl_user->user_resource))
DBUG_RETURN (1); // The error is set by get_or_create_user_conn()
+
#endif
}
else
@@ -9030,6 +9031,9 @@ acl_authenticate(THD *thd, uint connect_
}
}
+ if (mpvio.auth_info.external_user[0])
+ sctx->external_user= my_strdup (mpvio.auth_info.external_user, MYF(0));
+
if (res == CR_OK_HANDSHAKE_COMPLETE)
thd->stmt_da->disable_status();
else
=== modified file 'sql/sql_class.h'
--- a/sql/sql_class.h 2010-05-27 09:16:17 +0000
+++ b/sql/sql_class.h 2010-06-04 10:51:12 +0000
@@ -863,6 +863,8 @@ public:
char proxy_user[USERNAME_LENGTH + MAX_HOSTNAME + 5];
/* The host privilege we are using */
char priv_host[MAX_HOSTNAME];
+ /* The external user (if available) */
+ char *external_user;
/* points to host if host is available, otherwise points to ip */
const char *host_or_ip;
ulong master_access; /* Global privileges from mysql.user */
=== modified file 'sql/sys_vars.cc'
--- a/sql/sys_vars.cc 2010-05-25 13:33:07 +0000
+++ b/sql/sys_vars.cc 2010-06-04 10:51:12 +0000
@@ -1415,9 +1415,12 @@ static Sys_var_uint Sys_protocol_version
READ_ONLY GLOBAL_VAR(protocol_version), NO_CMD_LINE,
VALID_RANGE(0, ~0), DEFAULT(PROTOCOL_VERSION), BLOCK_SIZE(1));
-static Sys_var_ro_session_charptr Sys_proxy_user(
+static Sys_var_proxy_user Sys_proxy_user(
"proxy_user", "The proxy user account name used when logging in",
- READ_ONLY SESSION_ONLY(long_query_time_double), NO_CMD_LINE,
+ IN_SYSTEM_CHARSET);
+
+static Sys_var_external_user Sys_exterenal_user(
+ "external_user", "The external user account used when logging in",
IN_SYSTEM_CHARSET);
static Sys_var_ulong Sys_read_buff_size(
=== modified file 'sql/sys_vars.h'
--- a/sql/sys_vars.h 2010-05-31 08:39:59 +0000
+++ b/sql/sys_vars.h 2010-06-04 10:51:12 +0000
@@ -453,35 +453,20 @@ public:
};
-class Sys_var_ro_session_charptr: public sys_var
+class Sys_var_proxy_user: public sys_var
{
public:
- Sys_var_ro_session_charptr(const char *name_arg,
- const char *comment, int flag_args, ptrdiff_t off, size_t size,
- CMD_LINE getopt,
- enum charset_enum is_os_charset_arg,
- const char *def_val = 0, PolyLock *lock=0,
- enum binlog_status_enum binlog_status_arg=VARIABLE_NOT_IN_BINLOG,
- on_check_function on_check_func=0,
- on_update_function on_update_func=0,
- uint deprecated_version=0, const char *substitute=0,
- int parse_flag= PARSE_NORMAL)
+ Sys_var_proxy_user(const char *name_arg,
+ const char *comment, enum charset_enum is_os_charset_arg)
: sys_var(&all_sys_vars, name_arg, comment,
- flag_args, off, getopt.id,
- getopt.arg_type, SHOW_CHAR, (intptr)NULL,
- lock, VARIABLE_NOT_IN_BINLOG,
- on_check_func, on_update_func,
- deprecated_version, substitute, parse_flag)
+ sys_var::READONLY+sys_var::ONLY_SESSION, 0, -1,
+ NO_ARG, SHOW_CHAR, (intptr)NULL,
+ 0, VARIABLE_NOT_IN_BINLOG,
+ 0, 0,
+ 0, 0, PARSE_NORMAL)
{
is_os_charset= is_os_charset_arg == IN_FS_CHARSET;
- /*
- use GET_STR_ALLOC - if ALLOCATED it must be *always* allocated,
- otherwise (GET_STR) you'll never know whether to free it or not.
- (think of an exit because of an error right after my_getopt)
- */
option.var_type= GET_STR;
- DBUG_ASSERT(flag_args == sys_var::ONLY_SESSION + sys_var::READONLY);
- DBUG_ASSERT(getopt.arg_type == NO_ARG);
}
bool do_check(THD *thd, set_var *var)
{
@@ -511,6 +496,23 @@ protected:
(uchar *) &(thd->security_ctx->proxy_user[0]) : NULL;
}
};
+
+class Sys_var_external_user : public Sys_var_proxy_user
+{
+public:
+ Sys_var_external_user(const char *name_arg, const char *comment_arg,
+ enum charset_enum is_os_charset_arg)
+ : Sys_var_proxy_user (name_arg, comment_arg, is_os_charset_arg)
+ {}
+
+protected:
+ virtual uchar *session_value_ptr(THD *thd, LEX_STRING *base)
+ {
+ return thd->security_ctx->proxy_user[0] ?
+ (uchar *) &(thd->security_ctx->proxy_user[0]) : NULL;
+ }
+};
+
/**
The class for string variables. Useful for strings that aren't necessarily
\0-terminated. Otherwise the same as Sys_var_charptr.
Attachment: [text/bzr-bundle] bzr/georgi.kodinov@oracle.com-20100604105112-0jqxv5mv5rg8jf4m.bundle
| Thread |
|---|
| • bzr push into mysql-next-mr-wl1054 branch (Georgi.Kodinov:2960 to 2961) | Georgi Kodinov | 4 Jun |
