~drizzle-trunk/drizzle/development

« back to all changes in this revision

Viewing changes to drizzled/session.cc

Committer: Brian Aker
Date: 2010-02-10 23:50:24 UTC
mfrom: (1273.11.8 refactoring-security-context)
Revision ID: brian@gaz-20100210235024-rn2825pucq4mtfl4

Merge in security refactor.

files modified:
drizzled/function/str/user.cc

drizzled/name_resolution_context.h

drizzled/security_context.h

drizzled/session.cc

drizzled/session.h

drizzled/show.cc

drizzled/table.h

plugin/auth_http/auth_http.cc

plugin/auth_pam/auth_pam.cc

plugin/drizzle_protocol/oldlibdrizzle.cc

plugin/info_schema/processlist.cc

plugin/innobase/handler/ha_innodb.cc

plugin/mysql_protocol/oldlibdrizzle.cc

Show diffs side-by-side

added added

removed removed

drizzled/session.cc

392

if (global_system_variables.log_warnings)

393

errmsg_printf(ERRMSG_LVL_WARN, ER(ER_FORCING_CLOSE),internal::my_progname,

394

thread_id,

395

(security_ctx.user.c_str() ?

396

security_ctx.user.c_str() : ""));

395

(getSecurityContext().getUser().c_str() ?

396

getSecurityContext().getUser().c_str() : ""));

397

disconnect(0, false);

398

}

399

678

679

if (passwd_len != 0 && passwd_len != SCRAMBLE_LENGTH)

680

{

681

my_error(ER_HANDSHAKE_ERROR, MYF(0), security_ctx.ip.c_str());

681

my_error(ER_HANDSHAKE_ERROR, MYF(0), getSecurityContext().getIp().c_str());

682

return false;

683

}

684

687

if (is_authenticated != true)

688

{

689

my_error(ER_ACCESS_DENIED_ERROR, MYF(0),

690

security_ctx.user.c_str(),

691

security_ctx.ip.c_str(),

690

getSecurityContext().getUser().c_str(),

691

getSecurityContext().getIp().c_str(),

692

passwd_len ? ER(ER_YES) : ER(ER_NO));

693

694

return false;

695

}

696

697

security_ctx.skip_grants();

698

699

697

/* Change database if necessary */

700

698

if (in_db && in_db[0])

701

699

{

1614

1612

memset(&status_var, 0, sizeof(status_var));

1615

1613

}

1616

1614

1617

void Security_context::skip_grants()

1618

{

1619

/* privileges for the user are unknown everything is allowed */

1620

}

1621

1622

1615

1623

1616

/****************************************************************************

1624

1617

Handling of open and locked tables states.

1732

1725

{

1733

1726

if (! killed && variables.log_warnings > 1)

1734

1727

{

1735

Security_context *sctx= &security_ctx;

1728

SecurityContext *sctx= &security_ctx;

1736

1729

1737

1730

errmsg_printf(ERRMSG_LVL_WARN, ER(ER_NEW_ABORTING_CONNECTION)

1738

1731

, thread_id

1739

1732

, (db.empty() ? "unconnected" : db.c_str())

1740

, sctx->user.empty() == false ? sctx->user.c_str() : "unauthenticated"

1741

, sctx->ip.c_str()

1733

, sctx->getUser().empty() == false ? sctx->getUser().c_str() : "unauthenticated"

1734

, sctx->getIp().c_str()

1742

1735

, (main_da.is_error() ? main_da.message() : ER(ER_UNKNOWN_ERROR)));

1743

1736

}

1744

1737

}

Older »