Mirrors
/
mariadb
mirror of https://github.com/MariaDB/server
3
0
Fork 0
Code Releases Activity
Browse Source

cleanup: Account_options 

move account options from LEX to Account_options structure
namely, mqh and ssl_*

Also, use LEX_CSTRING for ssl_*/x509_* strings and move
setting of ACL_USER::account_locked where it belongs
pull/1166/head
Sergei Golubchik 7 years ago
parent
6c8ce999f8
commit
e5701d8363
4 changed files with 103 additions and 122 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 110
      sql/sql_acl.cc
  2. 10
      sql/sql_lex.h
  3. 52
      sql/sql_yacc.yy
  4. 53
      sql/sql_yacc_ora.yy

110
sql/sql_acl.cc
View File

@ -3039,9 +3039,7 @@ static void acl_update_role(const char *rolename, ulong privileges)
static int acl_user_update(THD *thd, ACL_USER *acl_user, uint nauth,
const ACL_USER *from, const LEX_USER &combo,
const enum SSL_type ssl_type,
const char *ssl_cipher, const char *x509_issuer,
const char *x509_subject, const USER_RESOURCES *mqh,
const Account_options &options,
const ulong privileges)
{
if (from)
@ -3077,23 +3075,27 @@ static int acl_user_update(THD *thd, ACL_USER *acl_user, uint nauth,
}
acl_user->access= privileges;
if (mqh->specified_limits & USER_RESOURCES::QUERIES_PER_HOUR)
acl_user->user_resource.questions= mqh->questions;
if (mqh->specified_limits & USER_RESOURCES::UPDATES_PER_HOUR)
acl_user->user_resource.updates= mqh->updates;
if (mqh->specified_limits & USER_RESOURCES::CONNECTIONS_PER_HOUR)
acl_user->user_resource.conn_per_hour= mqh->conn_per_hour;
if (mqh->specified_limits & USER_RESOURCES::USER_CONNECTIONS)
acl_user->user_resource.user_conn= mqh->user_conn;
if (mqh->specified_limits & USER_RESOURCES::MAX_STATEMENT_TIME)
acl_user->user_resource.max_statement_time= mqh->max_statement_time;
if (ssl_type != SSL_TYPE_NOT_SPECIFIED)
{
acl_user->ssl_type= ssl_type;
acl_user->ssl_cipher= safe_strdup_root(&acl_memroot, ssl_cipher);
acl_user->x509_issuer= safe_strdup_root(&acl_memroot, safe_str(x509_issuer));
acl_user->x509_subject= safe_strdup_root(&acl_memroot, safe_str(x509_subject));
}
if (options.specified_limits & USER_RESOURCES::QUERIES_PER_HOUR)
acl_user->user_resource.questions= options.questions;
if (options.specified_limits & USER_RESOURCES::UPDATES_PER_HOUR)
acl_user->user_resource.updates= options.updates;
if (options.specified_limits & USER_RESOURCES::CONNECTIONS_PER_HOUR)
acl_user->user_resource.conn_per_hour= options.conn_per_hour;
if (options.specified_limits & USER_RESOURCES::USER_CONNECTIONS)
acl_user->user_resource.user_conn= options.user_conn;
if (options.specified_limits & USER_RESOURCES::MAX_STATEMENT_TIME)
acl_user->user_resource.max_statement_time= options.max_statement_time;
if (options.ssl_type != SSL_TYPE_NOT_SPECIFIED)
{
acl_user->ssl_type= options.ssl_type;
acl_user->ssl_cipher= safe_strdup_root(&acl_memroot, options.ssl_cipher.str);
acl_user->x509_issuer= safe_strdup_root(&acl_memroot,
safe_str(options.x509_issuer.str));
acl_user->x509_subject= safe_strdup_root(&acl_memroot,
safe_str(options.x509_subject.str));
}
if (options.account_locked != ACCOUNTLOCK_UNSPECIFIED)
acl_user->account_locked= options.account_locked == ACCOUNTLOCK_LOCKED;
return 0;
}
@ -4296,9 +4298,7 @@ static int replace_user_table(THD *thd, const User_table &user_table,
}
if (acl_user_update(thd, &new_acl_user, nauth,
old_row_exists ? old_acl_user : NULL,
*combo, lex->ssl_type, lex->ssl_cipher,
lex->x509_issuer, lex->x509_subject, &lex->mqh,
rights))
*combo, lex->account_options, rights))
goto end;
if (user_table.set_auth(new_acl_user))
@ -4309,55 +4309,54 @@ static int replace_user_table(THD *thd, const User_table &user_table,
DBUG_RETURN(1);
}
switch (lex->ssl_type) {
switch (lex->account_options.ssl_type) {
case SSL_TYPE_NOT_SPECIFIED:
break;
case SSL_TYPE_NONE:
case SSL_TYPE_ANY:
case SSL_TYPE_X509:
user_table.set_ssl_type(lex->ssl_type);
user_table.set_ssl_type(lex->account_options.ssl_type);
user_table.set_ssl_cipher("", 0);
user_table.set_x509_issuer("", 0);
user_table.set_x509_subject("", 0);
break;
case SSL_TYPE_SPECIFIED:
user_table.set_ssl_type(lex->ssl_type);
if (lex->ssl_cipher)
user_table.set_ssl_cipher(lex->ssl_cipher, strlen(lex->ssl_cipher));
user_table.set_ssl_type(lex->account_options.ssl_type);
if (lex->account_options.ssl_cipher.str)
user_table.set_ssl_cipher(lex->account_options.ssl_cipher.str,
lex->account_options.ssl_cipher.length);
else
user_table.set_ssl_cipher("", 0);
if (lex->x509_issuer)
user_table.set_x509_issuer(lex->x509_issuer, strlen(lex->x509_issuer));
if (lex->account_options.x509_issuer.str)
user_table.set_x509_issuer(lex->account_options.x509_issuer.str,
lex->account_options.x509_issuer.length);
else
user_table.set_x509_issuer("", 0);
if (lex->x509_subject)
user_table.set_x509_subject(lex->x509_subject, strlen(lex->x509_subject));
if (lex->account_options.x509_subject.str)
user_table.set_x509_subject(lex->account_options.x509_subject.str,
lex->account_options.x509_subject.length);
else
user_table.set_x509_subject("", 0);
break;
}
if (lex->mqh.specified_limits & USER_RESOURCES::QUERIES_PER_HOUR)
user_table.set_max_questions(lex->mqh.questions);
if (lex->mqh.specified_limits & USER_RESOURCES::UPDATES_PER_HOUR)
user_table.set_max_updates(lex->mqh.updates);
if (lex->mqh.specified_limits & USER_RESOURCES::CONNECTIONS_PER_HOUR)
user_table.set_max_connections(lex->mqh.conn_per_hour);
if (lex->mqh.specified_limits & USER_RESOURCES::USER_CONNECTIONS)
user_table.set_max_user_connections(lex->mqh.user_conn);
if (lex->mqh.specified_limits & USER_RESOURCES::MAX_STATEMENT_TIME)
user_table.set_max_statement_time(lex->mqh.max_statement_time);
if (lex->account_options.specified_limits & USER_RESOURCES::QUERIES_PER_HOUR)
user_table.set_max_questions(lex->account_options.questions);
if (lex->account_options.specified_limits & USER_RESOURCES::UPDATES_PER_HOUR)
user_table.set_max_updates(lex->account_options.updates);
if (lex->account_options.specified_limits & USER_RESOURCES::CONNECTIONS_PER_HOUR)
user_table.set_max_connections(lex->account_options.conn_per_hour);
if (lex->account_options.specified_limits & USER_RESOURCES::USER_CONNECTIONS)
user_table.set_max_user_connections(lex->account_options.user_conn);
if (lex->account_options.specified_limits & USER_RESOURCES::MAX_STATEMENT_TIME)
user_table.set_max_statement_time(lex->account_options.max_statement_time);
mqh_used= (mqh_used || lex->mqh.questions || lex->mqh.updates ||
lex->mqh.conn_per_hour || lex->mqh.user_conn ||
lex->mqh.max_statement_time != 0.0);
mqh_used= (mqh_used || lex->account_options.questions || lex->account_options.updates ||
lex->account_options.conn_per_hour || lex->account_options.user_conn ||
lex->account_options.max_statement_time != 0.0);
if (lex->account_options.account_locked != ACCOUNTLOCK_UNSPECIFIED)
{
bool lock_value= lex->account_options.account_locked == ACCOUNTLOCK_LOCKED;
user_table.set_account_locked(lock_value);
new_acl_user.account_locked= lock_value;
}
user_table.set_account_locked(new_acl_user.account_locked);
}
if (old_row_exists)
@ -6543,8 +6542,11 @@ static bool merge_one_role_privileges(ACL_ROLE *grantee)
static bool has_auth(LEX_USER *user, LEX *lex)
{
return user->has_auth() ||
lex->ssl_type != SSL_TYPE_NOT_SPECIFIED || lex->ssl_cipher ||
lex->x509_issuer || lex->x509_subject || lex->mqh.specified_limits;
lex->account_options.ssl_type != SSL_TYPE_NOT_SPECIFIED ||
lex->account_options.ssl_cipher.str ||
lex->account_options.x509_issuer.str ||
lex->account_options.x509_subject.str ||
lex->account_options.specified_limits;
}
static bool copy_and_check_auth(LEX_USER *to, LEX_USER *from, THD *thd)
@ -11240,9 +11242,7 @@ bool sp_grant_privileges(THD *thd, const char *sp_db, const char *sp_name,
if (user_list.push_back(combo, thd->mem_root))
DBUG_RETURN(TRUE);
thd->lex->ssl_type= SSL_TYPE_NOT_SPECIFIED;
thd->lex->ssl_cipher= thd->lex->x509_subject= thd->lex->x509_issuer= 0;
bzero(&thd->lex->mqh, sizeof(thd->lex->mqh));
thd->lex->account_options.reset();
/*
Only care about whether the operation failed or succeeded

10
sql/sql_lex.h
View File

@ -2946,7 +2946,7 @@ enum account_lock_type
ACCOUNTLOCK_UNLOCKED
};
struct Account_options
struct Account_options: public USER_RESOURCES
{
Account_options()
: account_locked(ACCOUNTLOCK_UNSPECIFIED)
@ -2954,9 +2954,12 @@ struct Account_options
void reset()
{
account_locked= ACCOUNTLOCK_UNSPECIFIED;
bzero(this, sizeof(*this));
ssl_type= SSL_TYPE_NOT_SPECIFIED;
}
enum SSL_type ssl_type; // defined in violite.h
LEX_CSTRING x509_subject, x509_issuer, ssl_cipher;
account_lock_type account_locked;
};
@ -3019,7 +3022,6 @@ public:
const char *help_arg;
const char *backup_dir; /* For RESTORE/BACKUP */
const char* to_log; /* For PURGE MASTER LOGS TO */
const char* x509_subject,*x509_issuer,*ssl_cipher;
String *wild; /* Wildcard in SHOW {something} LIKE 'wild'*/
sql_exchange *exchange;
select_result *result;
@ -3125,7 +3127,6 @@ public:
LEX_MASTER_INFO mi; // used by CHANGE MASTER
LEX_SERVER_OPTIONS server_options;
LEX_CSTRING relay_log_connection_name;
USER_RESOURCES mqh;
LEX_RESET_SLAVE reset_slave_info;
ulonglong type;
ulong next_binlog_file_number;
@ -3163,7 +3164,6 @@ public:
*/
bool parse_vcol_expr;
enum SSL_type ssl_type; // defined in violite.h
enum enum_duplicates duplicates;
enum enum_tx_isolation tx_isolation;
enum enum_ha_read_modes ha_read_mode;

52
sql/sql_yacc.yy
View File

@ -3316,9 +3316,6 @@ clear_privileges:
lex->grant= lex->grant_tot_col= 0;
lex->all_privileges= 0;
lex->first_select_lex()->db= null_clex_str;
lex->ssl_type= SSL_TYPE_NOT_SPECIFIED;
lex->ssl_cipher= lex->x509_subject= lex->x509_issuer= 0;
bzero((char *)&(lex->mqh),sizeof(lex->mqh));
lex->account_options.reset();
}
;
@ -17071,23 +17068,23 @@ require_list_element:
SUBJECT_SYM TEXT_STRING
{
LEX *lex=Lex;
if (unlikely(lex->x509_subject))
if (lex->account_options.x509_subject.str)
my_yyabort_error((ER_DUP_ARGUMENT, MYF(0), "SUBJECT"));
lex->x509_subject=$2.str;
lex->account_options.x509_subject= $2;
}
| ISSUER_SYM TEXT_STRING
{
LEX *lex=Lex;
if (unlikely(lex->x509_issuer))
if (lex->account_options.x509_issuer.str)
my_yyabort_error((ER_DUP_ARGUMENT, MYF(0), "ISSUER"));
lex->x509_issuer=$2.str;
lex->account_options.x509_issuer= $2;
}
| CIPHER_SYM TEXT_STRING
{
LEX *lex=Lex;
if (unlikely(lex->ssl_cipher))
if (lex->account_options.ssl_cipher.str)
my_yyabort_error((ER_DUP_ARGUMENT, MYF(0), "CIPHER"));
lex->ssl_cipher=$2.str;
lex->account_options.ssl_cipher= $2;
}
;
@ -17284,52 +17281,47 @@ opt_require_clause:
/* empty */
| REQUIRE_SYM require_list
{
Lex->ssl_type=SSL_TYPE_SPECIFIED;
Lex->account_options.ssl_type= SSL_TYPE_SPECIFIED;
}
| REQUIRE_SYM SSL_SYM
{
Lex->ssl_type=SSL_TYPE_ANY;
Lex->account_options.ssl_type= SSL_TYPE_ANY;
}
| REQUIRE_SYM X509_SYM
{
Lex->ssl_type=SSL_TYPE_X509;
Lex->account_options.ssl_type= SSL_TYPE_X509;
}
| REQUIRE_SYM NONE_SYM
{
Lex->ssl_type=SSL_TYPE_NONE;
Lex->account_options.ssl_type= SSL_TYPE_NONE;
}
;
resource_option:
MAX_QUERIES_PER_HOUR ulong_num
{
LEX *lex=Lex;
lex->mqh.questions=$2;
lex->mqh.specified_limits|= USER_RESOURCES::QUERIES_PER_HOUR;
Lex->account_options.questions=$2;
Lex->account_options.specified_limits|= USER_RESOURCES::QUERIES_PER_HOUR;
}
| MAX_UPDATES_PER_HOUR ulong_num
{
LEX *lex=Lex;
lex->mqh.updates=$2;
lex->mqh.specified_limits|= USER_RESOURCES::UPDATES_PER_HOUR;
Lex->account_options.updates=$2;
Lex->account_options.specified_limits|= USER_RESOURCES::UPDATES_PER_HOUR;
}
| MAX_CONNECTIONS_PER_HOUR ulong_num
{
LEX *lex=Lex;
lex->mqh.conn_per_hour= $2;
lex->mqh.specified_limits|= USER_RESOURCES::CONNECTIONS_PER_HOUR;
Lex->account_options.conn_per_hour= $2;
Lex->account_options.specified_limits|= USER_RESOURCES::CONNECTIONS_PER_HOUR;
}
| MAX_USER_CONNECTIONS_SYM int_num
{
LEX *lex=Lex;
lex->mqh.user_conn= $2;
lex->mqh.specified_limits|= USER_RESOURCES::USER_CONNECTIONS;
Lex->account_options.user_conn= $2;
Lex->account_options.specified_limits|= USER_RESOURCES::USER_CONNECTIONS;
}
| MAX_STATEMENT_TIME_SYM NUM_literal
{
LEX *lex=Lex;
lex->mqh.max_statement_time= $2->val_real();
lex->mqh.specified_limits|= USER_RESOURCES::MAX_STATEMENT_TIME;
Lex->account_options.max_statement_time= $2->val_real();
Lex->account_options.specified_limits|= USER_RESOURCES::MAX_STATEMENT_TIME;
}
;
@ -17528,9 +17520,7 @@ definer:
DEFINER_SYM '=' user_or_role
{
Lex->definer= $3;
Lex->ssl_type= SSL_TYPE_NOT_SPECIFIED;
Lex->ssl_cipher= Lex->x509_subject= Lex->x509_issuer= 0;
bzero(&(Lex->mqh), sizeof(Lex->mqh));
Lex->account_options.reset();
}
;

53
sql/sql_yacc_ora.yy
View File

@ -3040,9 +3040,7 @@ clear_privileges:
lex->grant= lex->grant_tot_col= 0;
lex->all_privileges= 0;
lex->first_select_lex()->db= null_clex_str;
lex->ssl_type= SSL_TYPE_NOT_SPECIFIED;
lex->ssl_cipher= lex->x509_subject= lex->x509_issuer= 0;
bzero((char *)&(lex->mqh),sizeof(lex->mqh));
lex->account_options.reset();
}
;
@ -17207,23 +17205,23 @@ require_list_element:
SUBJECT_SYM TEXT_STRING
{
LEX *lex=Lex;
if (unlikely(lex->x509_subject))
if (lex->account_options.x509_subject.str)
my_yyabort_error((ER_DUP_ARGUMENT, MYF(0), "SUBJECT"));
lex->x509_subject=$2.str;
lex->account_options.x509_subject= $2;
}
| ISSUER_SYM TEXT_STRING
{
LEX *lex=Lex;
if (unlikely(lex->x509_issuer))
if (lex->account_options.x509_issuer.str)
my_yyabort_error((ER_DUP_ARGUMENT, MYF(0), "ISSUER"));
lex->x509_issuer=$2.str;
lex->account_options.x509_issuer= $2;
}
| CIPHER_SYM TEXT_STRING
{
LEX *lex=Lex;
if (unlikely(lex->ssl_cipher))
if (lex->account_options.ssl_cipher.str)
my_yyabort_error((ER_DUP_ARGUMENT, MYF(0), "CIPHER"));
lex->ssl_cipher=$2.str;
lex->account_options.ssl_cipher= $2;
}
;
@ -17420,52 +17418,47 @@ opt_require_clause:
/* empty */
| REQUIRE_SYM require_list
{
Lex->ssl_type=SSL_TYPE_SPECIFIED;
Lex->account_options.ssl_type= SSL_TYPE_SPECIFIED;
}
| REQUIRE_SYM SSL_SYM
{
Lex->ssl_type=SSL_TYPE_ANY;
Lex->account_options.ssl_type= SSL_TYPE_ANY;
}
| REQUIRE_SYM X509_SYM
{
Lex->ssl_type=SSL_TYPE_X509;
Lex->account_options.ssl_type= SSL_TYPE_X509;
}
| REQUIRE_SYM NONE_SYM
{
Lex->ssl_type=SSL_TYPE_NONE;
Lex->account_options.ssl_type= SSL_TYPE_NONE;
}
;
resource_option:
MAX_QUERIES_PER_HOUR ulong_num
{
LEX *lex=Lex;
lex->mqh.questions=$2;
lex->mqh.specified_limits|= USER_RESOURCES::QUERIES_PER_HOUR;
Lex->account_options.questions=$2;
Lex->account_options.specified_limits|= USER_RESOURCES::QUERIES_PER_HOUR;
}
| MAX_UPDATES_PER_HOUR ulong_num
{
LEX *lex=Lex;
lex->mqh.updates=$2;
lex->mqh.specified_limits|= USER_RESOURCES::UPDATES_PER_HOUR;
Lex->account_options.updates=$2;
Lex->account_options.specified_limits|= USER_RESOURCES::UPDATES_PER_HOUR;
}
| MAX_CONNECTIONS_PER_HOUR ulong_num
{
LEX *lex=Lex;
lex->mqh.conn_per_hour= $2;
lex->mqh.specified_limits|= USER_RESOURCES::CONNECTIONS_PER_HOUR;
Lex->account_options.conn_per_hour= $2;
Lex->account_options.specified_limits|= USER_RESOURCES::CONNECTIONS_PER_HOUR;
}
| MAX_USER_CONNECTIONS_SYM int_num
{
LEX *lex=Lex;
lex->mqh.user_conn= $2;
lex->mqh.specified_limits|= USER_RESOURCES::USER_CONNECTIONS;
Lex->account_options.user_conn= $2;
Lex->account_options.specified_limits|= USER_RESOURCES::USER_CONNECTIONS;
}
| MAX_STATEMENT_TIME_SYM NUM_literal
{
LEX *lex=Lex;
lex->mqh.max_statement_time= $2->val_real();
lex->mqh.specified_limits|= USER_RESOURCES::MAX_STATEMENT_TIME;
Lex->account_options.max_statement_time= $2->val_real();
Lex->account_options.specified_limits|= USER_RESOURCES::MAX_STATEMENT_TIME;
}
;
@ -17665,9 +17658,7 @@ definer:
DEFINER_SYM '=' user_or_role
{
Lex->definer= $3;
Lex->ssl_type= SSL_TYPE_NOT_SPECIFIED;
Lex->ssl_cipher= Lex->x509_subject= Lex->x509_issuer= 0;
bzero(&(Lex->mqh), sizeof(Lex->mqh));
Lex->account_options.reset();
}
;

Write Preview
Loading…
Cancel
Save