From: Tatjana&nbsp;A&nbsp;Nuernberg
Date: September 18 2007 7:46am
Subject: bk commit into 5.0 tree (tnurnberg:1.2476) BUG#19828
List-Archive: http://lists.mysql.com/commits/34362
X-Bug: 19828
Message-Id: <E1IXXmo-0005YH-FF@salvation.azundris.com>

Below is the list of changes that have just been committed into a local
5.0 repository of tnurnberg. When tnurnberg does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet@stripped, 2007-09-18 09:46:18+02:00, tnurnberg@stripped +5 -0
  Bug#19828: Case sensitivity in hostname leads to inconsistent behavior
  
  clean up SHOW GRANTS so it will show host-names with case as entered.
  make REVOKE and friends case-sensitive to make things more intuitive.
  Patch by Martin Friebe.

  mysql-test/r/grant.result@stripped, 2007-09-18 09:46:15+02:00, tnurnberg@stripped +3 -0
    Bug#19828: Case sensitivity in hostname leads to inconsistent behavior
    
    clean up after test so random order of tests is possible

  mysql-test/r/grant3.result@stripped, 2007-09-18 09:46:15+02:00, tnurnberg@stripped +122 -0
    Bug#19828: Case sensitivity in hostname leads to inconsistent behavior
    
    Show that REVOKE, SHOW GRANTS etc. are now consistently case-sensitive.

  mysql-test/t/grant.test@stripped, 2007-09-18 09:46:15+02:00, tnurnberg@stripped +3 -0
    Bug#19828: Case sensitivity in hostname leads to inconsistent behavior
    
    clean up after test so random order of tests is possible

  mysql-test/t/grant3.test@stripped, 2007-09-18 09:46:15+02:00, tnurnberg@stripped +100 -0
    Bug#19828: Case sensitivity in hostname leads to inconsistent behavior
    
    Show that REVOKE, SHOW GRANTS etc. are now consistently case-sensitive.

  sql/sql_acl.cc@stripped, 2007-09-18 09:46:15+02:00, tnurnberg@stripped +28 -7
    Bug#19828: Case sensitivity in hostname leads to inconsistent behavior
    
    clean up SHOW GRANTS so it will show host-names with case as entered.
    make REVOKE and friends case-sensitive to make things more intuitive.
    Patch by Martin Friebe.

diff -Nrup a/mysql-test/r/grant.result b/mysql-test/r/grant.result
--- a/mysql-test/r/grant.result	2007-05-11 22:45:44 +02:00
+++ b/mysql-test/r/grant.result	2007-09-18 09:46:15 +02:00
@@ -1121,6 +1121,9 @@ SELECT * FROM test.t1;
 f1	f2
 1	1
 2	2
+REVOKE UPDATE (f1) ON `test`.`t1` FROM 'mysqltest_1'@'localhost';
+REVOKE SELECT ON `test`.* FROM 'mysqltest_1'@'localhost';
+REVOKE ALL ON db27878.* FROM 'mysqltest_1'@'localhost';
 DROP DATABASE db27878;
 use test;
 DROP TABLE t1;
diff -Nrup a/mysql-test/r/grant3.result b/mysql-test/r/grant3.result
--- a/mysql-test/r/grant3.result	2005-03-23 19:18:16 +01:00
+++ b/mysql-test/r/grant3.result	2007-09-18 09:46:15 +02:00
@@ -16,3 +16,125 @@ delete from mysql.db where user like 'my
 delete from mysql.tables_priv where user like 'mysqltest\_%';
 delete from mysql.columns_priv where user like 'mysqltest\_%';
 flush privileges;
+grant select on test.* to CUser@localhost;
+grant select on test.* to CUser@LOCALHOST;
+flush privileges;
+SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
+user	host
+CUser	LOCALHOST
+CUser	localhost
+SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser' order by 1,2;
+user	host	db	select_priv
+CUser	LOCALHOST	test	Y
+CUser	localhost	test	Y
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'LOCALHOST';
+flush privileges;
+SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
+user	host
+CUser	LOCALHOST
+CUser	localhost
+SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser' order by 1,2;
+user	host	db	select_priv
+CUser	localhost	test	Y
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'localhost';
+flush privileges;
+SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
+user	host
+CUser	LOCALHOST
+CUser	localhost
+SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser' order by 1,2;
+user	host	db	select_priv
+DROP USER CUser@localhost;
+DROP USER CUser@LOCALHOST;
+create table t1 (a int);
+grant select on test.t1 to CUser@localhost;
+grant select on test.t1 to CUser@LOCALHOST;
+flush privileges;
+SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
+user	host
+CUser	LOCALHOST
+CUser	localhost
+SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2;
+user	host	db	Table_name	Table_priv	Column_priv
+CUser	LOCALHOST	test	t1	Select	
+CUser	localhost	test	t1	Select	
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'LOCALHOST';
+flush privileges;
+SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
+user	host
+CUser	LOCALHOST
+CUser	localhost
+SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2;
+user	host	db	Table_name	Table_priv	Column_priv
+CUser	localhost	test	t1	Select	
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'localhost';
+flush privileges;
+SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
+user	host
+CUser	LOCALHOST
+CUser	localhost
+SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2;
+user	host	db	Table_name	Table_priv	Column_priv
+DROP USER CUser@localhost;
+DROP USER CUser@LOCALHOST;
+grant select(a) on test.t1 to CUser@localhost;
+grant select(a) on test.t1 to CUser@LOCALHOST;
+flush privileges;
+SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
+user	host
+CUser	LOCALHOST
+CUser	localhost
+SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2;
+user	host	db	Table_name	Table_priv	Column_priv
+CUser	LOCALHOST	test	t1		Select
+CUser	localhost	test	t1		Select
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'LOCALHOST';
+flush privileges;
+SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
+user	host
+CUser	LOCALHOST
+CUser	localhost
+SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2;
+user	host	db	Table_name	Table_priv	Column_priv
+CUser	localhost	test	t1		Select
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'localhost';
+flush privileges;
+SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
+user	host
+CUser	LOCALHOST
+CUser	localhost
+SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2;
+user	host	db	Table_name	Table_priv	Column_priv
+DROP USER CUser@localhost;
+DROP USER CUser@LOCALHOST;
+drop table t1;
+grant select on test.* to CUser2@localhost;
+grant select on test.* to CUser2@LOCALHOST;
+flush privileges;
+SELECT user, host FROM mysql.user where user = 'CUser2' order by 1,2;
+user	host
+CUser2	LOCALHOST
+CUser2	localhost
+SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser2' order by 1,2;
+user	host	db	select_priv
+CUser2	LOCALHOST	test	Y
+CUser2	localhost	test	Y
+REVOKE SELECT ON test.* FROM 'CUser2'@'LOCALHOST';
+flush privileges;
+SELECT user, host FROM mysql.user where user = 'CUser2' order by 1,2;
+user	host
+CUser2	LOCALHOST
+CUser2	localhost
+SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser2' order by 1,2;
+user	host	db	select_priv
+CUser2	localhost	test	Y
+REVOKE SELECT ON test.* FROM 'CUser2'@'localhost';
+flush privileges;
+SELECT user, host FROM mysql.user where user = 'CUser2' order by 1,2;
+user	host
+CUser2	LOCALHOST
+CUser2	localhost
+SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser2' order by 1,2;
+user	host	db	select_priv
+DROP USER CUser2@localhost;
+DROP USER CUser2@LOCALHOST;
diff -Nrup a/mysql-test/t/grant.test b/mysql-test/t/grant.test
--- a/mysql-test/t/grant.test	2007-06-01 13:39:53 +02:00
+++ b/mysql-test/t/grant.test	2007-09-18 09:46:15 +02:00
@@ -1144,6 +1144,9 @@ UPDATE v1 SET f2 = 4;
 SELECT * FROM test.t1;
 disconnect user1;
 connection default;
+REVOKE UPDATE (f1) ON `test`.`t1` FROM 'mysqltest_1'@'localhost';
+REVOKE SELECT ON `test`.* FROM 'mysqltest_1'@'localhost';
+REVOKE ALL ON db27878.* FROM 'mysqltest_1'@'localhost';
 DROP DATABASE db27878;
 use test;
 DROP TABLE t1;
diff -Nrup a/mysql-test/t/grant3.test b/mysql-test/t/grant3.test
--- a/mysql-test/t/grant3.test	2005-04-04 21:43:54 +02:00
+++ b/mysql-test/t/grant3.test	2007-09-18 09:46:15 +02:00
@@ -34,3 +34,103 @@ delete from mysql.db where user like 'my
 delete from mysql.tables_priv where user like 'mysqltest\_%';
 delete from mysql.columns_priv where user like 'mysqltest\_%';
 flush privileges;
+
+#
+# Bug: #19828 Case sensitivity in Grant/Revoke
+#
+
+grant select on test.* to CUser@localhost;
+grant select on test.* to CUser@LOCALHOST;
+flush privileges;
+
+SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
+SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser' order by 1,2;
+
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'LOCALHOST';
+flush privileges;
+
+SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
+SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser' order by 1,2;
+
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'localhost';
+flush privileges;
+
+SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
+SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser' order by 1,2;
+
+DROP USER CUser@localhost;
+DROP USER CUser@LOCALHOST;
+
+#### table grants
+create table t1 (a int);
+grant select on test.t1 to CUser@localhost;
+grant select on test.t1 to CUser@LOCALHOST;
+flush privileges;
+
+SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
+SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2;
+
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'LOCALHOST';
+flush privileges;
+
+SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
+SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2;
+
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'localhost';
+flush privileges;
+
+SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
+SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2;
+
+DROP USER CUser@localhost;
+DROP USER CUser@LOCALHOST;
+
+### column grants
+
+grant select(a) on test.t1 to CUser@localhost;
+grant select(a) on test.t1 to CUser@LOCALHOST;
+flush privileges;
+
+SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
+SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2;
+
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'LOCALHOST';
+flush privileges;
+
+SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
+SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2;
+
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'localhost';
+flush privileges;
+
+SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
+SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2;
+
+DROP USER CUser@localhost;
+DROP USER CUser@LOCALHOST;
+
+drop table t1;
+
+# revoke on a specific DB only
+
+grant select on test.* to CUser2@localhost;
+grant select on test.* to CUser2@LOCALHOST;
+flush privileges;
+
+SELECT user, host FROM mysql.user where user = 'CUser2' order by 1,2;
+SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser2' order by 1,2;
+
+REVOKE SELECT ON test.* FROM 'CUser2'@'LOCALHOST';
+flush privileges;
+
+SELECT user, host FROM mysql.user where user = 'CUser2' order by 1,2;
+SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser2' order by 1,2;
+
+REVOKE SELECT ON test.* FROM 'CUser2'@'localhost';
+flush privileges;
+
+SELECT user, host FROM mysql.user where user = 'CUser2' order by 1,2;
+SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser2' order by 1,2;
+
+DROP USER CUser2@localhost;
+DROP USER CUser2@LOCALHOST;
diff -Nrup a/sql/sql_acl.cc b/sql/sql_acl.cc
--- a/sql/sql_acl.cc	2007-06-20 14:24:27 +02:00
+++ b/sql/sql_acl.cc	2007-09-18 09:46:15 +02:00
@@ -1132,7 +1132,7 @@ static void acl_update_db(const char *us
     {
       if (!acl_db->host.hostname && !host[0] ||
 	  acl_db->host.hostname &&
-	  !my_strcasecmp(system_charset_info, host, acl_db->host.hostname))
+          !strcmp(host, acl_db->host.hostname))
       {
 	if (!acl_db->db && !db[0] ||
 	    acl_db->db && !strcmp(db,acl_db->db))
@@ -4344,6 +4344,12 @@ bool mysql_show_grants(THD *thd,LEX_USER
     if (!(host=acl_db->host.hostname))
       host= "";
 
+    /*
+      here could be decided to only show GRANTS for the hostname in excact case.
+      This would be in line with create/revoke grants, and show only one line
+      On the other hand, the user has the combination of both grants, so they
+      should display
+    */ 
     if (!strcmp(lex_user->user.str,user) &&
 	!my_strcasecmp(system_charset_info, lex_user->host.str, host))
     {
@@ -4379,7 +4385,8 @@ bool mysql_show_grants(THD *thd,LEX_USER
 	db.append(lex_user->user.str, lex_user->user.length,
 		  system_charset_info);
 	db.append (STRING_WITH_LEN("'@'"));
-	db.append(lex_user->host.str, lex_user->host.length,
+       // host and lex_user->host are equal except for case
+       db.append(host, lex_user->host.length,
                   system_charset_info);
 	db.append ('\'');
 	if (want_access & GRANT_ACL)
@@ -4407,6 +4414,12 @@ bool mysql_show_grants(THD *thd,LEX_USER
     if (!(host= grant_table->host.hostname))
       host= "";
 
+    /*
+      here could be decided to only show GRANTS for the hostname in excact case.
+      This would be in line with create/revoke grants, and show only one line
+      On the other hand, the user has the combination of both grants, so they
+      should display
+    */ 
     if (!strcmp(lex_user->user.str,user) &&
 	!my_strcasecmp(system_charset_info, lex_user->host.str, host))
     {
@@ -4487,7 +4500,8 @@ bool mysql_show_grants(THD *thd,LEX_USER
 	global.append(lex_user->user.str, lex_user->user.length,
 		      system_charset_info);
 	global.append(STRING_WITH_LEN("'@'"));
-	global.append(lex_user->host.str,lex_user->host.length,
+       // host and lex_user->host are equal except for case
+       global.append(host, lex_user->host.length,
 		      system_charset_info);
 	global.append('\'');
 	if (table_access & GRANT_ACL)
@@ -4543,6 +4557,12 @@ static int show_routine_grants(THD* thd,
     if (!(host= grant_proc->host.hostname))
       host= "";
 
+    /*
+      here could be decided to only show GRANTS for the hostname in excact case.
+      This would be in line with create/revoke grants, and show only one line
+      On the other hand, the user has the combination of both grants, so they
+      should display
+    */ 
     if (!strcmp(lex_user->user.str,user) &&
 	!my_strcasecmp(system_charset_info, lex_user->host.str, host))
     {
@@ -4586,7 +4606,8 @@ static int show_routine_grants(THD* thd,
 	global.append(lex_user->user.str, lex_user->user.length,
 		      system_charset_info);
 	global.append(STRING_WITH_LEN("'@'"));
-	global.append(lex_user->host.str,lex_user->host.length,
+       // host and lex_user->host are equal except for case
+       global.append(host,lex_user->host.length,
 		      system_charset_info);
 	global.append('\'');
 	if (proc_access & GRANT_ACL)
@@ -5541,7 +5562,7 @@ bool mysql_revoke_all(THD *thd,  List <L
 	  host= "";
 
 	if (!strcmp(lex_user->user.str,user) &&
-	    !my_strcasecmp(system_charset_info, lex_user->host.str, host))
+            !strcmp(lex_user->host.str, host))
 	{
 	  if (!replace_db_table(tables[1].table, acl_db->db, *lex_user, ~(ulong)0, 1))
 	  {
@@ -5572,7 +5593,7 @@ bool mysql_revoke_all(THD *thd,  List <L
 	  host= "";
 
 	if (!strcmp(lex_user->user.str,user) &&
-	    !my_strcasecmp(system_charset_info, lex_user->host.str, host))
+            !strcmp(lex_user->host.str, host))
 	{
 	  if (replace_table_table(thd,grant_table,tables[2].table,*lex_user,
 				  grant_table->db,
@@ -5618,7 +5639,7 @@ bool mysql_revoke_all(THD *thd,  List <L
 	  host= "";
 
 	if (!strcmp(lex_user->user.str,user) &&
-	    !my_strcasecmp(system_charset_info, lex_user->host.str, host))
+            !strcmp(lex_user->host.str, host))
 	{
 	  if (!replace_routine_table(thd,grant_proc,tables[4].table,*lex_user,
 				  grant_proc->db,