From e5701d83637d3d09976ef7cb2ebf489f63b81138 Mon Sep 17 00:00:00 2001 From: Sergei Golubchik Date: Wed, 13 Feb 2019 20:35:11 +0100 Subject: [PATCH] cleanup: Account_options move account options from LEX to Account_options structure namely, mqh and ssl_* Also, use LEX_CSTRING for ssl_*/x509_* strings and move setting of ACL_USER::account_locked where it belongs --- sql/sql_acl.cc | 110 ++++++++++++++++++++++---------------------- sql/sql_lex.h | 10 ++-- sql/sql_yacc.yy | 52 +++++++++------------ sql/sql_yacc_ora.yy | 53 +++++++++------------ 4 files changed, 103 insertions(+), 122 deletions(-) diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index 9b457963a5e..05e522e6595 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -3039,9 +3039,7 @@ static void acl_update_role(const char *rolename, ulong privileges) static int acl_user_update(THD *thd, ACL_USER *acl_user, uint nauth, const ACL_USER *from, const LEX_USER &combo, - const enum SSL_type ssl_type, - const char *ssl_cipher, const char *x509_issuer, - const char *x509_subject, const USER_RESOURCES *mqh, + const Account_options &options, const ulong privileges) { if (from) @@ -3077,23 +3075,27 @@ static int acl_user_update(THD *thd, ACL_USER *acl_user, uint nauth, } acl_user->access= privileges; - if (mqh->specified_limits & USER_RESOURCES::QUERIES_PER_HOUR) - acl_user->user_resource.questions= mqh->questions; - if (mqh->specified_limits & USER_RESOURCES::UPDATES_PER_HOUR) - acl_user->user_resource.updates= mqh->updates; - if (mqh->specified_limits & USER_RESOURCES::CONNECTIONS_PER_HOUR) - acl_user->user_resource.conn_per_hour= mqh->conn_per_hour; - if (mqh->specified_limits & USER_RESOURCES::USER_CONNECTIONS) - acl_user->user_resource.user_conn= mqh->user_conn; - if (mqh->specified_limits & USER_RESOURCES::MAX_STATEMENT_TIME) - acl_user->user_resource.max_statement_time= mqh->max_statement_time; - if (ssl_type != SSL_TYPE_NOT_SPECIFIED) - { - acl_user->ssl_type= ssl_type; - acl_user->ssl_cipher= safe_strdup_root(&acl_memroot, ssl_cipher); - acl_user->x509_issuer= safe_strdup_root(&acl_memroot, safe_str(x509_issuer)); - acl_user->x509_subject= safe_strdup_root(&acl_memroot, safe_str(x509_subject)); - } + if (options.specified_limits & USER_RESOURCES::QUERIES_PER_HOUR) + acl_user->user_resource.questions= options.questions; + if (options.specified_limits & USER_RESOURCES::UPDATES_PER_HOUR) + acl_user->user_resource.updates= options.updates; + if (options.specified_limits & USER_RESOURCES::CONNECTIONS_PER_HOUR) + acl_user->user_resource.conn_per_hour= options.conn_per_hour; + if (options.specified_limits & USER_RESOURCES::USER_CONNECTIONS) + acl_user->user_resource.user_conn= options.user_conn; + if (options.specified_limits & USER_RESOURCES::MAX_STATEMENT_TIME) + acl_user->user_resource.max_statement_time= options.max_statement_time; + if (options.ssl_type != SSL_TYPE_NOT_SPECIFIED) + { + acl_user->ssl_type= options.ssl_type; + acl_user->ssl_cipher= safe_strdup_root(&acl_memroot, options.ssl_cipher.str); + acl_user->x509_issuer= safe_strdup_root(&acl_memroot, + safe_str(options.x509_issuer.str)); + acl_user->x509_subject= safe_strdup_root(&acl_memroot, + safe_str(options.x509_subject.str)); + } + if (options.account_locked != ACCOUNTLOCK_UNSPECIFIED) + acl_user->account_locked= options.account_locked == ACCOUNTLOCK_LOCKED; return 0; } @@ -4296,9 +4298,7 @@ static int replace_user_table(THD *thd, const User_table &user_table, } if (acl_user_update(thd, &new_acl_user, nauth, old_row_exists ? old_acl_user : NULL, - *combo, lex->ssl_type, lex->ssl_cipher, - lex->x509_issuer, lex->x509_subject, &lex->mqh, - rights)) + *combo, lex->account_options, rights)) goto end; if (user_table.set_auth(new_acl_user)) @@ -4309,55 +4309,54 @@ static int replace_user_table(THD *thd, const User_table &user_table, DBUG_RETURN(1); } - switch (lex->ssl_type) { + switch (lex->account_options.ssl_type) { case SSL_TYPE_NOT_SPECIFIED: break; case SSL_TYPE_NONE: case SSL_TYPE_ANY: case SSL_TYPE_X509: - user_table.set_ssl_type(lex->ssl_type); + user_table.set_ssl_type(lex->account_options.ssl_type); user_table.set_ssl_cipher("", 0); user_table.set_x509_issuer("", 0); user_table.set_x509_subject("", 0); break; case SSL_TYPE_SPECIFIED: - user_table.set_ssl_type(lex->ssl_type); - if (lex->ssl_cipher) - user_table.set_ssl_cipher(lex->ssl_cipher, strlen(lex->ssl_cipher)); + user_table.set_ssl_type(lex->account_options.ssl_type); + if (lex->account_options.ssl_cipher.str) + user_table.set_ssl_cipher(lex->account_options.ssl_cipher.str, + lex->account_options.ssl_cipher.length); else user_table.set_ssl_cipher("", 0); - if (lex->x509_issuer) - user_table.set_x509_issuer(lex->x509_issuer, strlen(lex->x509_issuer)); + if (lex->account_options.x509_issuer.str) + user_table.set_x509_issuer(lex->account_options.x509_issuer.str, + lex->account_options.x509_issuer.length); else user_table.set_x509_issuer("", 0); - if (lex->x509_subject) - user_table.set_x509_subject(lex->x509_subject, strlen(lex->x509_subject)); + if (lex->account_options.x509_subject.str) + user_table.set_x509_subject(lex->account_options.x509_subject.str, + lex->account_options.x509_subject.length); else user_table.set_x509_subject("", 0); break; } - if (lex->mqh.specified_limits & USER_RESOURCES::QUERIES_PER_HOUR) - user_table.set_max_questions(lex->mqh.questions); - if (lex->mqh.specified_limits & USER_RESOURCES::UPDATES_PER_HOUR) - user_table.set_max_updates(lex->mqh.updates); - if (lex->mqh.specified_limits & USER_RESOURCES::CONNECTIONS_PER_HOUR) - user_table.set_max_connections(lex->mqh.conn_per_hour); - if (lex->mqh.specified_limits & USER_RESOURCES::USER_CONNECTIONS) - user_table.set_max_user_connections(lex->mqh.user_conn); - if (lex->mqh.specified_limits & USER_RESOURCES::MAX_STATEMENT_TIME) - user_table.set_max_statement_time(lex->mqh.max_statement_time); + if (lex->account_options.specified_limits & USER_RESOURCES::QUERIES_PER_HOUR) + user_table.set_max_questions(lex->account_options.questions); + if (lex->account_options.specified_limits & USER_RESOURCES::UPDATES_PER_HOUR) + user_table.set_max_updates(lex->account_options.updates); + if (lex->account_options.specified_limits & USER_RESOURCES::CONNECTIONS_PER_HOUR) + user_table.set_max_connections(lex->account_options.conn_per_hour); + if (lex->account_options.specified_limits & USER_RESOURCES::USER_CONNECTIONS) + user_table.set_max_user_connections(lex->account_options.user_conn); + if (lex->account_options.specified_limits & USER_RESOURCES::MAX_STATEMENT_TIME) + user_table.set_max_statement_time(lex->account_options.max_statement_time); - mqh_used= (mqh_used || lex->mqh.questions || lex->mqh.updates || - lex->mqh.conn_per_hour || lex->mqh.user_conn || - lex->mqh.max_statement_time != 0.0); + mqh_used= (mqh_used || lex->account_options.questions || lex->account_options.updates || + lex->account_options.conn_per_hour || lex->account_options.user_conn || + lex->account_options.max_statement_time != 0.0); if (lex->account_options.account_locked != ACCOUNTLOCK_UNSPECIFIED) - { - bool lock_value= lex->account_options.account_locked == ACCOUNTLOCK_LOCKED; - user_table.set_account_locked(lock_value); - new_acl_user.account_locked= lock_value; - } + user_table.set_account_locked(new_acl_user.account_locked); } if (old_row_exists) @@ -6543,8 +6542,11 @@ static bool merge_one_role_privileges(ACL_ROLE *grantee) static bool has_auth(LEX_USER *user, LEX *lex) { return user->has_auth() || - lex->ssl_type != SSL_TYPE_NOT_SPECIFIED || lex->ssl_cipher || - lex->x509_issuer || lex->x509_subject || lex->mqh.specified_limits; + lex->account_options.ssl_type != SSL_TYPE_NOT_SPECIFIED || + lex->account_options.ssl_cipher.str || + lex->account_options.x509_issuer.str || + lex->account_options.x509_subject.str || + lex->account_options.specified_limits; } static bool copy_and_check_auth(LEX_USER *to, LEX_USER *from, THD *thd) @@ -11240,9 +11242,7 @@ bool sp_grant_privileges(THD *thd, const char *sp_db, const char *sp_name, if (user_list.push_back(combo, thd->mem_root)) DBUG_RETURN(TRUE); - thd->lex->ssl_type= SSL_TYPE_NOT_SPECIFIED; - thd->lex->ssl_cipher= thd->lex->x509_subject= thd->lex->x509_issuer= 0; - bzero(&thd->lex->mqh, sizeof(thd->lex->mqh)); + thd->lex->account_options.reset(); /* Only care about whether the operation failed or succeeded diff --git a/sql/sql_lex.h b/sql/sql_lex.h index d94e0b0fca5..fc451b21816 100644 --- a/sql/sql_lex.h +++ b/sql/sql_lex.h @@ -2946,7 +2946,7 @@ enum account_lock_type ACCOUNTLOCK_UNLOCKED }; -struct Account_options +struct Account_options: public USER_RESOURCES { Account_options() : account_locked(ACCOUNTLOCK_UNSPECIFIED) @@ -2954,9 +2954,12 @@ struct Account_options void reset() { - account_locked= ACCOUNTLOCK_UNSPECIFIED; + bzero(this, sizeof(*this)); + ssl_type= SSL_TYPE_NOT_SPECIFIED; } + enum SSL_type ssl_type; // defined in violite.h + LEX_CSTRING x509_subject, x509_issuer, ssl_cipher; account_lock_type account_locked; }; @@ -3019,7 +3022,6 @@ public: const char *help_arg; const char *backup_dir; /* For RESTORE/BACKUP */ const char* to_log; /* For PURGE MASTER LOGS TO */ - const char* x509_subject,*x509_issuer,*ssl_cipher; String *wild; /* Wildcard in SHOW {something} LIKE 'wild'*/ sql_exchange *exchange; select_result *result; @@ -3125,7 +3127,6 @@ public: LEX_MASTER_INFO mi; // used by CHANGE MASTER LEX_SERVER_OPTIONS server_options; LEX_CSTRING relay_log_connection_name; - USER_RESOURCES mqh; LEX_RESET_SLAVE reset_slave_info; ulonglong type; ulong next_binlog_file_number; @@ -3163,7 +3164,6 @@ public: */ bool parse_vcol_expr; - enum SSL_type ssl_type; // defined in violite.h enum enum_duplicates duplicates; enum enum_tx_isolation tx_isolation; enum enum_ha_read_modes ha_read_mode; diff --git a/sql/sql_yacc.yy b/sql/sql_yacc.yy index 52150fb0619..d0b357d3187 100644 --- a/sql/sql_yacc.yy +++ b/sql/sql_yacc.yy @@ -3316,9 +3316,6 @@ clear_privileges: lex->grant= lex->grant_tot_col= 0; lex->all_privileges= 0; lex->first_select_lex()->db= null_clex_str; - lex->ssl_type= SSL_TYPE_NOT_SPECIFIED; - lex->ssl_cipher= lex->x509_subject= lex->x509_issuer= 0; - bzero((char *)&(lex->mqh),sizeof(lex->mqh)); lex->account_options.reset(); } ; @@ -17071,23 +17068,23 @@ require_list_element: SUBJECT_SYM TEXT_STRING { LEX *lex=Lex; - if (unlikely(lex->x509_subject)) + if (lex->account_options.x509_subject.str) my_yyabort_error((ER_DUP_ARGUMENT, MYF(0), "SUBJECT")); - lex->x509_subject=$2.str; + lex->account_options.x509_subject= $2; } | ISSUER_SYM TEXT_STRING { LEX *lex=Lex; - if (unlikely(lex->x509_issuer)) + if (lex->account_options.x509_issuer.str) my_yyabort_error((ER_DUP_ARGUMENT, MYF(0), "ISSUER")); - lex->x509_issuer=$2.str; + lex->account_options.x509_issuer= $2; } | CIPHER_SYM TEXT_STRING { LEX *lex=Lex; - if (unlikely(lex->ssl_cipher)) + if (lex->account_options.ssl_cipher.str) my_yyabort_error((ER_DUP_ARGUMENT, MYF(0), "CIPHER")); - lex->ssl_cipher=$2.str; + lex->account_options.ssl_cipher= $2; } ; @@ -17284,52 +17281,47 @@ opt_require_clause: /* empty */ | REQUIRE_SYM require_list { - Lex->ssl_type=SSL_TYPE_SPECIFIED; + Lex->account_options.ssl_type= SSL_TYPE_SPECIFIED; } | REQUIRE_SYM SSL_SYM { - Lex->ssl_type=SSL_TYPE_ANY; + Lex->account_options.ssl_type= SSL_TYPE_ANY; } | REQUIRE_SYM X509_SYM { - Lex->ssl_type=SSL_TYPE_X509; + Lex->account_options.ssl_type= SSL_TYPE_X509; } | REQUIRE_SYM NONE_SYM { - Lex->ssl_type=SSL_TYPE_NONE; + Lex->account_options.ssl_type= SSL_TYPE_NONE; } ; resource_option: MAX_QUERIES_PER_HOUR ulong_num { - LEX *lex=Lex; - lex->mqh.questions=$2; - lex->mqh.specified_limits|= USER_RESOURCES::QUERIES_PER_HOUR; + Lex->account_options.questions=$2; + Lex->account_options.specified_limits|= USER_RESOURCES::QUERIES_PER_HOUR; } | MAX_UPDATES_PER_HOUR ulong_num { - LEX *lex=Lex; - lex->mqh.updates=$2; - lex->mqh.specified_limits|= USER_RESOURCES::UPDATES_PER_HOUR; + Lex->account_options.updates=$2; + Lex->account_options.specified_limits|= USER_RESOURCES::UPDATES_PER_HOUR; } | MAX_CONNECTIONS_PER_HOUR ulong_num { - LEX *lex=Lex; - lex->mqh.conn_per_hour= $2; - lex->mqh.specified_limits|= USER_RESOURCES::CONNECTIONS_PER_HOUR; + Lex->account_options.conn_per_hour= $2; + Lex->account_options.specified_limits|= USER_RESOURCES::CONNECTIONS_PER_HOUR; } | MAX_USER_CONNECTIONS_SYM int_num { - LEX *lex=Lex; - lex->mqh.user_conn= $2; - lex->mqh.specified_limits|= USER_RESOURCES::USER_CONNECTIONS; + Lex->account_options.user_conn= $2; + Lex->account_options.specified_limits|= USER_RESOURCES::USER_CONNECTIONS; } | MAX_STATEMENT_TIME_SYM NUM_literal { - LEX *lex=Lex; - lex->mqh.max_statement_time= $2->val_real(); - lex->mqh.specified_limits|= USER_RESOURCES::MAX_STATEMENT_TIME; + Lex->account_options.max_statement_time= $2->val_real(); + Lex->account_options.specified_limits|= USER_RESOURCES::MAX_STATEMENT_TIME; } ; @@ -17528,9 +17520,7 @@ definer: DEFINER_SYM '=' user_or_role { Lex->definer= $3; - Lex->ssl_type= SSL_TYPE_NOT_SPECIFIED; - Lex->ssl_cipher= Lex->x509_subject= Lex->x509_issuer= 0; - bzero(&(Lex->mqh), sizeof(Lex->mqh)); + Lex->account_options.reset(); } ; diff --git a/sql/sql_yacc_ora.yy b/sql/sql_yacc_ora.yy index 99762e6aeb8..4d05767b1be 100644 --- a/sql/sql_yacc_ora.yy +++ b/sql/sql_yacc_ora.yy @@ -3040,9 +3040,7 @@ clear_privileges: lex->grant= lex->grant_tot_col= 0; lex->all_privileges= 0; lex->first_select_lex()->db= null_clex_str; - lex->ssl_type= SSL_TYPE_NOT_SPECIFIED; - lex->ssl_cipher= lex->x509_subject= lex->x509_issuer= 0; - bzero((char *)&(lex->mqh),sizeof(lex->mqh)); + lex->account_options.reset(); } ; @@ -17207,23 +17205,23 @@ require_list_element: SUBJECT_SYM TEXT_STRING { LEX *lex=Lex; - if (unlikely(lex->x509_subject)) + if (lex->account_options.x509_subject.str) my_yyabort_error((ER_DUP_ARGUMENT, MYF(0), "SUBJECT")); - lex->x509_subject=$2.str; + lex->account_options.x509_subject= $2; } | ISSUER_SYM TEXT_STRING { LEX *lex=Lex; - if (unlikely(lex->x509_issuer)) + if (lex->account_options.x509_issuer.str) my_yyabort_error((ER_DUP_ARGUMENT, MYF(0), "ISSUER")); - lex->x509_issuer=$2.str; + lex->account_options.x509_issuer= $2; } | CIPHER_SYM TEXT_STRING { LEX *lex=Lex; - if (unlikely(lex->ssl_cipher)) + if (lex->account_options.ssl_cipher.str) my_yyabort_error((ER_DUP_ARGUMENT, MYF(0), "CIPHER")); - lex->ssl_cipher=$2.str; + lex->account_options.ssl_cipher= $2; } ; @@ -17420,52 +17418,47 @@ opt_require_clause: /* empty */ | REQUIRE_SYM require_list { - Lex->ssl_type=SSL_TYPE_SPECIFIED; + Lex->account_options.ssl_type= SSL_TYPE_SPECIFIED; } | REQUIRE_SYM SSL_SYM { - Lex->ssl_type=SSL_TYPE_ANY; + Lex->account_options.ssl_type= SSL_TYPE_ANY; } | REQUIRE_SYM X509_SYM { - Lex->ssl_type=SSL_TYPE_X509; + Lex->account_options.ssl_type= SSL_TYPE_X509; } | REQUIRE_SYM NONE_SYM { - Lex->ssl_type=SSL_TYPE_NONE; + Lex->account_options.ssl_type= SSL_TYPE_NONE; } ; resource_option: MAX_QUERIES_PER_HOUR ulong_num { - LEX *lex=Lex; - lex->mqh.questions=$2; - lex->mqh.specified_limits|= USER_RESOURCES::QUERIES_PER_HOUR; + Lex->account_options.questions=$2; + Lex->account_options.specified_limits|= USER_RESOURCES::QUERIES_PER_HOUR; } | MAX_UPDATES_PER_HOUR ulong_num { - LEX *lex=Lex; - lex->mqh.updates=$2; - lex->mqh.specified_limits|= USER_RESOURCES::UPDATES_PER_HOUR; + Lex->account_options.updates=$2; + Lex->account_options.specified_limits|= USER_RESOURCES::UPDATES_PER_HOUR; } | MAX_CONNECTIONS_PER_HOUR ulong_num { - LEX *lex=Lex; - lex->mqh.conn_per_hour= $2; - lex->mqh.specified_limits|= USER_RESOURCES::CONNECTIONS_PER_HOUR; + Lex->account_options.conn_per_hour= $2; + Lex->account_options.specified_limits|= USER_RESOURCES::CONNECTIONS_PER_HOUR; } | MAX_USER_CONNECTIONS_SYM int_num { - LEX *lex=Lex; - lex->mqh.user_conn= $2; - lex->mqh.specified_limits|= USER_RESOURCES::USER_CONNECTIONS; + Lex->account_options.user_conn= $2; + Lex->account_options.specified_limits|= USER_RESOURCES::USER_CONNECTIONS; } | MAX_STATEMENT_TIME_SYM NUM_literal { - LEX *lex=Lex; - lex->mqh.max_statement_time= $2->val_real(); - lex->mqh.specified_limits|= USER_RESOURCES::MAX_STATEMENT_TIME; + Lex->account_options.max_statement_time= $2->val_real(); + Lex->account_options.specified_limits|= USER_RESOURCES::MAX_STATEMENT_TIME; } ; @@ -17665,9 +17658,7 @@ definer: DEFINER_SYM '=' user_or_role { Lex->definer= $3; - Lex->ssl_type= SSL_TYPE_NOT_SPECIFIED; - Lex->ssl_cipher= Lex->x509_subject= Lex->x509_issuer= 0; - bzero(&(Lex->mqh), sizeof(Lex->mqh)); + Lex->account_options.reset(); } ;