From: Alexander Nozdrin Date: August 5 2009 5:38pm Subject: bzr commit into mysql branch (alik:2842) Bug#43006 List-Archive: http://lists.mysql.com/commits/80194 X-Bug: 43006 Message-Id: <20090805173816.DA03F7FC6B@quad> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="Boundary_(ID_uzozaC9Rq2cpa4nCtKT6iQ)" --Boundary_(ID_uzozaC9Rq2cpa4nCtKT6iQ) MIME-version: 1.0 Content-type: text/plain; CHARSET=US-ASCII Content-transfer-encoding: 7BIT Content-disposition: inline #At file:///mnt/raid/alik/MySQL/bzr/bug38247/azalea-bf-bug45584/ based on revid:alik@stripped 2842 Alexander Nozdrin 2009-08-05 Fix for Bug#43006 (main.skip_name_resolve fails on Windows in PB2). The problem consisted of two parts: - Windows resolves localhost to IPv6 '::1' address, instead of IPv4 '127.0.0.1', which is supposed by the server configuration. To fix this issue a new grant to root@'::1' should be added into mysql.user at database initialization (mysql_system_tables_data.sql) - ACL module didn't take IPv6 addresses into account. When name resolving is off, the ACL module checks every hostname from mysql.user whether it requires name resolving or not. The code was written at IPv4 era, so it treated '::1' as a hostname. In order to fix this issue, the ACL code was improved. The code now supposes that: - if a string contains any symbol from the {':', '%', '_', '/'} set, it is an IPv6 address, or a patter, or a IPv4 network address. Thus the string should not be resolved. - if after that the string contains only digits and dots, it is an IPv4 address. Thus the string should not be resolved. Otherwise, it is a host name and should be resolved. modified: scripts/mysql_system_tables_data.sql sql/sql_acl.cc === modified file 'scripts/mysql_system_tables_data.sql' --- a/scripts/mysql_system_tables_data.sql 2009-07-01 20:42:26 +0000 +++ b/scripts/mysql_system_tables_data.sql 2009-08-05 17:38:11 +0000 @@ -24,6 +24,7 @@ set @current_hostname= @@hostname; INSERT INTO tmp_user VALUES ('localhost','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0); REPLACE INTO tmp_user SELECT @current_hostname,'root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0 FROM dual WHERE LOWER( @current_hostname) != 'localhost'; REPLACE INTO tmp_user VALUES ('127.0.0.1','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0); +REPLACE INTO tmp_user VALUES (':1','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0); INSERT INTO tmp_user (host,user) VALUES ('localhost',''); INSERT INTO tmp_user (host,user) SELECT @current_hostname,'' FROM dual WHERE LOWER(@current_hostname ) != 'localhost'; INSERT INTO user SELECT * FROM tmp_user WHERE @had_user_table=0; === modified file 'sql/sql_acl.cc' --- a/sql/sql_acl.cc 2009-07-16 12:51:04 +0000 +++ b/sql/sql_acl.cc 2009-08-05 17:38:11 +0000 @@ -1794,24 +1794,83 @@ static bool compare_hostname(const acl_h (ip && !wild_compare(ip, host->hostname, 0))); } +/** + Check if the given host name needs to be resolved or not. + Host name has to be resolved if it actually contains *name*. + + For example: + 192.168.1.1 --> FALSE + 192.168.1.0/255.255.255.0 --> FALSE + % --> FALSE + 192.168.1.% --> FALSE + AB% --> FALSE + + AAAAFFFF --> TRUE (Hostname) + AAAA:FFFF:1234:5678 --> FALSE + ::1 --> FALSE + + This function does not check if the given string is a valid host name or + not. It assumes that the argument is a valid host name. + + @param hostname the string to check. + + @return a flag telling if the argument needs to be resolved or not. + @retval TRUE the argument is a host name and needs to be resolved. + @retval FALSE the argument is either an IP address, or a patter and + should not be resolved. +*/ + bool hostname_requires_resolving(const char *hostname) { - char cur; if (!hostname) return FALSE; - size_t namelen= strlen(hostname); - size_t lhlen= strlen(my_localhost); - if ((namelen == lhlen) && - !my_strnncoll(system_charset_info, (const uchar *)hostname, namelen, - (const uchar *)my_localhost, strlen(my_localhost))) + + /* Check if hostname is the localhost. */ + + size_t hostname_len= strlen(hostname); + size_t localhost_len= strlen(my_localhost); + + if (hostname == my_localhost || + hostname_len == localhost_len && + !my_strnncoll(system_charset_info, + (const uchar *) hostname, hostname_len, + (const uchar *) my_localhost, strlen(my_localhost))) + { return FALSE; - for (; (cur=*hostname); hostname++) + } + + /* + If the string contains any of {':', '%', '_', '/'}, it is definitely + not a host name: + - ':' means that the string is an IPv6 address; + - '%' or '_' means that the string is a pattern; + - '/' means that the string is an IPv4 network address; + */ + + for (const char *p= hostname; *p; ++p) { - if ((cur != '%') && (cur != '_') && (cur != '.') && (cur != '/') && - ((cur < '0') || (cur > '9'))) - return TRUE; + switch (*p) { + case ':': + case '%': + case '_': + case '/': + return FALSE; + } } - return FALSE; + + /* + Now we have to tell a host name (ab.cd, 12.ab) from an IPv4 address + (12.34.56.78). The assumption is that if the string contains only + digits and dots, it is an IPv4 address. Otherwise -- a host name. + */ + + for (const char *p= hostname; *p; ++p) + { + if (*p != '.' && !my_isdigit(&my_charset_latin1, *p)) + return TRUE; /* a "letter" has been found. */ + } + + return FALSE; /* all characters are either dots or digits. */ } --Boundary_(ID_uzozaC9Rq2cpa4nCtKT6iQ) MIME-version: 1.0 Content-type: text/bzr-bundle; CHARSET=US-ASCII; name="bzr/alik@stripped" Content-transfer-encoding: 7BIT Content-disposition: inline; filename="bzr/alik@stripped" # Bazaar merge directive format 2 (Bazaar 0.90) # revision_id: alik@stripped # target_branch: file:///mnt/raid/alik/MySQL/bzr/bug38247/azalea-bf-\ # bug45584/ # testament_sha1: ca2795f44d88ae5c7e6e10457945eaa5b2f6a347 # timestamp: 2009-08-05 21:38:16 +0400 # base_revision_id: alik@stripped # # Begin bundle IyBCYXphYXIgcmV2aXNpb24gYnVuZGxlIHY0CiMKQlpoOTFBWSZTWUVAUd4ABMl/gF05SgB7//// e2XfoL////5gCmfe04GaXDqAq7mV0a2sDo4FSqKGEogSYRpT9JPRPU81RsKYxqmTR+qHqeoANHiT 0gNNpBKIJo0xNBMhT0p+ppqBtQ09JoMmmnqAGgAB6g5o0aGmEA0wJpoAyGhiANGI0MEZABIiIQyC NU/VHtNR5CntUxp6mk9JoyB6nqaAABoaDmjRoaYQDTAmmgDIaGIA0YjQwRkAEkgQCYRHoRkyaGia n6nkmUmYjao9QAAYQ9OWyBfYzOqKqAEkl7By0pxrfZ2mFyPgZXsxP4stVrdFG427DX85LVX66mlx d6dmdiqauxaJ2tb3M6kkQo5e2W7cnfwbOiVVSTi5zmD8WIVLNRom59C6EyoabbR6QlJGthEnfYTi l1+GXzpAIqudiAtYrOzfMS+9KA1NFzE/dPTirX02CPS1jRjKKcDx3Rt/HI6A65G0oKUxy4R4o8xb IUnpX6lBtg2uPgGz11zUvlGbrfTzuaWMrHb04qljv0aAZr4/DTel/NpJrjW1p3R5WX7L3OTJErIy s4YNbZyHyZGwZNST369P372i+JbqX/zIGKRFRQjezB/VRHiqyCsKq6B6bbY+T+AtvtdZBbx78WOb Ypebandp6pLsylE7rGEUhgMJ5a3u6zDNeJWO5g+rlp6zW1ekBRVVRfDjbYYXIa6ufhHgnAbno8SV rE3VGRx4GrEhgaq0ucEMMUa80nbMykkaKBcpOwzUg6cpECb71SaoZOWW1cJ30CwqoXHOC4o65g4G mGfEifnZYEpm21kUoGlt89iyl2EcbkNOPI7Nem8ujLhq3NY/ESzMWkBmVWAW1RODk2V5A5yI4V+0 Ux16NOh0QcKDiA8f1zGBwJJy7kZbrrsdfnHgz88EkoB8LDLRZGH2xFWKMwGPIes04axo6XTBngsW iwqWRW+xolAqJ0lvzQ7wl6vxjlte/M08jn80YiBQi8yTmhgzULr1fVdfOWeIzIJhupGAHFo+ken1 Hxd1DunlJOTvZ6T5+jfSjqN3xEOkyZ+n7LdcBu5b06I67CVMKedeGCS5x5gK0OpG+1ym9eY/ujEl fh6UCOdhmI8QgPZ8WyyOb35SCSiQIqlxCDs6fnTgIM5xqYYFOSNsEKcpJypSvGKTSfCXFawHYIw+ tywssgotnrVgEFlLwheXKwCos4tCjyfbdyUvpfu3eYii7JFjd+aULwKo1UMxfE+nkTZN5HItKUp8 Gai2pRKAC5w24jfAdZiPoKZPLjzjYZioyAyxopmqCmHEodH+hFKPwYeyOdEepLCdtowrcBOZeU3l uncdx35du7HJzhOjIsfoqZuD9cndadrTE5dW2E5puSlobGlpxyOYzwW0OKQTaRqlcWAaXHB6ZLyh MabTkkiY80MRf+Tcdl0YFvezYrWor271MyFDpgQ5llibZxKB7Q8xPpwOicxZGJiEj47H+xICRv4c RyYg42MDwAZOlrhcxyVRBvE5QgBM0LOCpWxtBw1FhhVtB5yoZFpUoVHp1JHbEvHoJq9gyqoKR6gW DhnEqQO4D2crj2Aawbooqsc+CZ5V0qOVKA5qPQf4z7J9CtoVHlTveMvVE9Kn7QPrJDqVmpG5apDE YM5DbzfyXflfFxP0gOfCqcPPx8HJG0SlNcE6hDdJCXfF+6jFW/YeCm1E3fxWCrDsbMQEGGXwbaHy NCoPGst6R/la+x/3SM8JGaqnSI9lgqtXaFWZZwSA5TWvNtk2rvmtOkIgacB7tKV9VljJpwiThPSA dsJjyPApFyPccSJxPhx2eZUj0Lbv3K997C2MDuI7mxJIq56xfEu+8Bx+HD2HuHAx8zJ82HynMhLD 17i1amrWilNSpQkOR8ksBhCiI7W2UK4HMxFJxoVOjGupTevlOZDYbD1GgO+RE+Y1wjq8/ncHWmGn znfzLdL+wQ4XqeFnOBQD8QqmhYzM6Ym3rqaqJkXZ4DlVsUzc4z0+BxpyCT14gyMlAHjRM2Nr69wz iwcnPUnp9HyHg9jMZ/mbTgchxYThIGsAicxhQTmgYtSOhWSpWEdejcS2rF3Q17XsqisRu1LMuj3t ljvBtydu7w0KI2t6uuCSnViiWO0CBwiVI54RocpzSdnQYu5bjyNE9CxxHLmMadymUEPCwa/FyasQ blpTRzQJJnRKm695tzI8S+ClVQUdt+Z0FnDISmLEN57LorJNKQRojJSDUEWFsLbxi6/UUN1iCDxV eFr3CZkmIDGNkhC4ioYMvtZ5jh2okdY2Y1nSeBpiPHmeRf0lasyLRm/gdxOrGVtch4HW2rsdv6wJ IUW3HWZoJQuCc68rvx2BHuke3OHYKQ5BOdaTfBwmGTMkZfvIr6QR7CTjQTgbwGODMwcWLEeWcnLS kp6kmga2j4toxtOIHbsnNt6CCWqucE5LXMSrYe+9GJfZMFDB0jKmmlDLHdQ+vFkwFlG2ILmTBk0m RA8nYDhDHsGaklTD3XDekBYFfGnQmOgkqIjGDAUU8IJ357Jvl1DpjxbOTF5D0cxFMSB7kss9qVYY MqeUS5MmcHn6xEipjQ1rj2lcOXBa7AZZKTi1QjMxrsg7pUIVuAMPImijtguEwwDISsV6PfvuNenJ 5TlG/cnWUXyZ1sDV9ePiHHCPIba59WA8pglMUdIGN+d9bCc4lZD9zxgXWFUtJlbTYM+9kJjTW338 u3CEPBEkwYrhOACeKCS/eabQHy9VbUYlciM4TfBRFCE2JrxVLs4HY/F1wU5rzaBvUSa+IHurjBWK EllsYLsmRiKJQY0w8rV6HgUXg4VTPIv+aAbA2I9tgzQpRdhhZ3WD3fuM4xFoEBzZmw/Bjhw+oHhZ JfHANzk/mW1O2k9VQ0Cznzmoyd8DSCZhf38pkNAcwOo0wbbaiEDhDydFlx02Syb3AZb3uSOkR6u9 +lY/bAzsn0heeZlrryJGvt+swIKng9asQqlNHF/av2YWxRPWMNO5DMxr0WMRZKok30oeNxoxSNPq tLq0K0TjQW6U8lwxjVkQRAyGcapogzNZOu2+aGum4ksFMH0pQWwIF563A+kFzrzLa27Dj3kwQFgK 80mBxCGNKkUqiiFcisStyh1iUIFwHJ3nMFhRV5uVQ0ItGxmZM+KBz9UUQhByzTPeXM0YD2O8Cbvx cQkTEx8Qiqwii2NVZM+ZokXIvNrB2RCxkhSK//Dz3Hvul1FTAx9MTlQtENgQiFwJlJTcYlbGKg2H aA+jIzmqeKliY3nbny90xafP6vKYwRMZ+kJwB0By+JCoOc1byGm7+KROTl5qxZKxs5pWOeHtb1Ye gygQlshQbdFiKijInyLFOdTI6KDIFJRYRfEhWJ7SXfZ6AbM8hQR5P6vksTDZmcjRZNPm2IIZyNs2 cX0YN+Vf+LuSKcKEgioCjvA= --Boundary_(ID_uzozaC9Rq2cpa4nCtKT6iQ)--