← Back to branch summary

~drizzle-trunk/drizzle/development

« back to all changes in this revision

Viewing changes to drizzled/sql_connect.cc

  • Committer: brian
  • Date: 2008-08-02 07:52:28 UTC
  • Revision ID: brian@localhost.localdomain-20080802075228-pjeanzl53moqomio
First pass through cleaning up security context.

Show diffs side-by-side

added added

removed removed

Lines of Context:
drizzled/sql_connect.cc
71
71
  should be done with this in mind; 'thd' is INOUT, all other params
72
72
  are 'IN'.
73
73
 
74
 
  @retval  0  OK; thd->security_ctx->user/master_access/priv_user/db_access and
75
 
              thd->db are updated; OK is sent to the client.
 
74
  @retval  0  OK
76
75
  @retval  1  error, e.g. access denied or handshake error, not sent to
77
76
              the client. A message is pushed into the error stack.
78
77
*/
96
95
 
97
96
  if (passwd_len != 0 && passwd_len != SCRAMBLE_LENGTH)
98
97
  {
99
 
    my_error(ER_HANDSHAKE_ERROR, MYF(0), thd->main_security_ctx.host_or_ip);
 
98
    my_error(ER_HANDSHAKE_ERROR, MYF(0), thd->main_security_ctx.ip);
100
99
    return(1);
101
100
  }
102
101
 
106
105
  {
107
106
    my_error(ER_ACCESS_DENIED_ERROR, MYF(0),
108
107
             thd->main_security_ctx.user,
109
 
             thd->main_security_ctx.host_or_ip,
 
108
             thd->main_security_ctx.ip,
110
109
             passwd_len ? ER(ER_YES) : ER(ER_NO));
111
110
 
112
111
    return 1;
136
135
    break-in attempts.
137
136
  */
138
137
  general_log_print(thd, command,
139
 
                    (thd->main_security_ctx.priv_user ==
140
 
                     thd->main_security_ctx.user ?
141
 
                     (char*) "%s@%s on %s" :
142
 
                     (char*) "%s@%s as anonymous on %s"),
 
138
                    ((char*) "%s@%s on %s"),
143
139
                    thd->main_security_ctx.user,
144
 
                    thd->main_security_ctx.host_or_ip,
 
140
                    thd->main_security_ctx.ip,
145
141
                    db ? db : (char*) "");
146
142
 
147
 
  /*
148
 
    This is the default access rights for the current database.  It's
149
 
    set to 0 here because we don't have an active database yet (and we
150
 
    may not have an active database to set.
151
 
  */
152
 
  thd->main_security_ctx.db_access=0;
153
 
 
154
143
  /* Change database if necessary */
155
144
  if (db && db[0])
156
145
  {
252
241
  thd->set_active_vio(net->vio);
253
242
#endif
254
243
 
255
 
  if (!thd->main_security_ctx.host)         // If TCP/IP connection
 
244
  // TCP/IP connection
256
245
  {
257
246
    char ip[NI_MAXHOST];
258
247
 
259
248
    if (vio_peer_addr(net->vio, ip, &thd->peer_port, NI_MAXHOST))
260
249
    {
261
 
      my_error(ER_BAD_HOST_ERROR, MYF(0), thd->main_security_ctx.host_or_ip);
 
250
      my_error(ER_BAD_HOST_ERROR, MYF(0), thd->main_security_ctx.ip);
262
251
      return 1;
263
252
    }
264
253
    if (!(thd->main_security_ctx.ip= my_strdup(ip,MYF(MY_WME))))
265
254
      return 1; /* The error is set by my_strdup(). */
266
 
    thd->main_security_ctx.host_or_ip= thd->main_security_ctx.ip;
267
 
    thd->main_security_ctx.host= ip_to_hostname(&net->vio->remote, 
268
 
                                                net->vio->addrLen);
269
 
    thd->main_security_ctx.host_or_ip= thd->main_security_ctx.host;
270
 
  }
271
 
  else /* Hostname given means that the connection was on a socket */
272
 
  {
273
 
    thd->main_security_ctx.host_or_ip= thd->main_security_ctx.host;
274
 
    thd->main_security_ctx.ip= 0;
275
 
    /* Reset sin_addr */
276
 
    memset(&net->vio->remote, 0, sizeof(net->vio->remote));
277
255
  }
278
256
  vio_keepalive(net->vio, true);
279
257
  
322
300
        pkt_len < MIN_HANDSHAKE_SIZE)
323
301
    {
324
302
      my_error(ER_HANDSHAKE_ERROR, MYF(0),
325
 
               thd->main_security_ctx.host_or_ip);
 
303
               thd->main_security_ctx.ip);
326
304
      return 1;
327
305
    }
328
306
  }
355
333
  if (end >= (char*) net->read_pos+ pkt_len +2)
356
334
  {
357
335
 
358
 
    my_error(ER_HANDSHAKE_ERROR, MYF(0), thd->main_security_ctx.host_or_ip);
 
336
    my_error(ER_HANDSHAKE_ERROR, MYF(0), thd->main_security_ctx.ip);
359
337
    return 1;
360
338
  }
361
339
 
392
370
 
393
371
  if (passwd + passwd_len + db_len > (char *)net->read_pos + pkt_len)
394
372
  {
395
 
    my_error(ER_HANDSHAKE_ERROR, MYF(0), thd->main_security_ctx.host_or_ip);
 
373
    my_error(ER_HANDSHAKE_ERROR, MYF(0), thd->main_security_ctx.ip);
396
374
    return 1;
397
375
  }
398
376
 
521
499
      sql_print_warning(ER(ER_NEW_ABORTING_CONNECTION),
522
500
                        thd->thread_id,(thd->db ? thd->db : "unconnected"),
523
501
                        sctx->user ? sctx->user : "unauthenticated",
524
 
                        sctx->host_or_ip,
 
502
                        sctx->ip,
525
503
                        (thd->main_da.is_error() ? thd->main_da.message() :
526
504
                         ER(ER_UNKNOWN_ERROR)));
527
505
    }
563
541
      sql_print_warning(ER(ER_NEW_ABORTING_CONNECTION),
564
542
                        thd->thread_id,(thd->db ? thd->db : "unconnected"),
565
543
                        sctx->user ? sctx->user : "unauthenticated",
566
 
                        sctx->host_or_ip, "init_connect command failed");
 
544
                        sctx->ip, "init_connect command failed");
567
545
      sql_print_warning("%s", thd->main_da.message());
568
546
    }
569
547
    thd->proc_info=0;