MDEV 4691- address review comments

13 files changed, 53 insertions, 20 deletions

diff --git a/plugin/auth_gssapi/CMakeLists.txt b/plugin/auth_gssapi/CMakeLists.txt
index 61649e4845a..f85d0deaea1 100644
--- a/plugin/auth_gssapi/CMakeLists.txt
+++ b/plugin/auth_gssapi/CMakeLists.txt
@@ -25,9 +25,12 @@ ENDIF ()
 
 
 MYSQL_ADD_PLUGIN(auth_gssapi server_plugin.cc ${GSSAPI_SERVER} ${GSSAPI_ERRMSG}
-                 LINK_LIBRARIES ${GSSAPI_LIBS}
+                 LINK_LIBRARIES ${GSSAPI_LIBS} 
+                 COMPONENT gssapi-server
                  MODULE_ONLY)
 
 MYSQL_ADD_PLUGIN(auth_gssapi_client client_plugin.cc ${GSSAPI_CLIENT} ${GSSAPI_ERRMSG}
                  LINK_LIBRARIES ${GSSAPI_LIBS}
+                 COMPONENT gssapi-client
+                 CLIENT
                  MODULE_ONLY)
diff --git a/plugin/auth_gssapi/README.md b/plugin/auth_gssapi/README.md
index f20128f1551..7f678400f0d 100644
--- a/plugin/auth_gssapi/README.md
+++ b/plugin/auth_gssapi/README.md
@@ -11,7 +11,7 @@ environment.
 
 ## Server-side preparations on Unix
 To use the plugin, some preparation need to be done on the server side on Unixes.
-MariaDB server will read need access to the Kerberos keytab file, that contains  service principal name for the MariaDB server.
+MariaDB server will need read access to the Kerberos keytab file, that contains  service principal name for the MariaDB server.
 
 
 If you are using **Unix Kerberos KDC (MIT,Heimdal)**
@@ -91,7 +91,7 @@ You may also use alternative *short* form of CREATE USER
 CREATE USER usr1 IDENTIFIED WITH gssapi;
 ```
 
-If this syntax is used, realm part is used for comparison
+If this syntax is used, realm part is *not* used for comparison
 thus 'usr1@EXAMPLE.COM', 'usr1@EXAMPLE.CO.UK' and 'mymachine\usr1' will all identify as 'usr1'.
 
 #Login as GSSAPI user with command line clients
diff --git a/plugin/auth_gssapi/client_plugin.cc b/plugin/auth_gssapi/client_plugin.cc
index aac80e04f92..0ab619a08e6 100644
--- a/plugin/auth_gssapi/client_plugin.cc
+++ b/plugin/auth_gssapi/client_plugin.cc
@@ -1,4 +1,4 @@
-/* Copyright (c) 2015, Shuang Qiu, Robbie Hardwood,
+/* Copyright (c) 2015, Shuang Qiu, Robbie Harwood,
 Vladislav Vaintroub & MariaDB Corporation
 
 All rights reserved.
diff --git a/plugin/auth_gssapi/cmake/FindGSSAPI.cmake b/plugin/auth_gssapi/cmake/FindGSSAPI.cmake
index faee4289722..78111fc2368 100644
--- a/plugin/auth_gssapi/cmake/FindGSSAPI.cmake
+++ b/plugin/auth_gssapi/cmake/FindGSSAPI.cmake
@@ -8,8 +8,28 @@
 
 # Copyright (c) 2006, Pino Toscano, <toscano.pino@tiscali.it>
 #
-# Redistribution and use is allowed according to the terms of the BSD license.
-# For details see the accompanying COPYING-CMAKE-SCRIPTS file.
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+# 1. Redistributions of source code must retain the copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the copyright
+#    notice, this list of conditions and the following disclaimer in the
+#    documentation and/or other materials provided with the distribution.
+# 3. The name of the author may not be used to endorse or promote products 
+#    derived from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+# IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
 
 if(GSSAPI_LIBS AND GSSAPI_FLAVOR)
diff --git a/plugin/auth_gssapi/gssapi_errmsg.cc b/plugin/auth_gssapi/gssapi_errmsg.cc
index 29adf607503..8ea4cab5b02 100644
--- a/plugin/auth_gssapi/gssapi_errmsg.cc
+++ b/plugin/auth_gssapi/gssapi_errmsg.cc
@@ -1,4 +1,4 @@
-/* Copyright (c) 2015, Shuang Qiu, Robbie Hardwood,
+/* Copyright (c) 2015, Shuang Qiu, Robbie Harwood,
 Vladislav Vaintroub & MariaDB Corporation
 
 All rights reserved.
diff --git a/plugin/auth_gssapi/gssapi_errmsg.h b/plugin/auth_gssapi/gssapi_errmsg.h
index 786b2f6c0f9..26db8439e04 100644
--- a/plugin/auth_gssapi/gssapi_errmsg.h
+++ b/plugin/auth_gssapi/gssapi_errmsg.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2015, Shuang Qiu, Robbie Hardwood,
+/* Copyright (c) 2015, Shuang Qiu, Robbie Harwood,
 Vladislav Vaintroub & MariaDB Corporation
 
 All rights reserved.
diff --git a/plugin/auth_gssapi/mysql-test/auth_gssapi/suite.pm b/plugin/auth_gssapi/mysql-test/auth_gssapi/suite.pm
index 3ffc6f1d696..50137ca0211 100644
--- a/plugin/auth_gssapi/mysql-test/auth_gssapi/suite.pm
+++ b/plugin/auth_gssapi/mysql-test/auth_gssapi/suite.pm
@@ -36,11 +36,13 @@ if (!$ENV{'GSSAPI_FULLNAME'}  || !$ENV{'GSSAPI_SHORTNAME'})
   return "Environment variable GSSAPI_SHORTNAME and GSSAPI_FULLNAME need to be set"
 }
 
-foreach $var ('GSSAPI_SHORTNAME','GSSAPI_FULLNAME','GSSAPI_KEYTAB_PATH','GSSAPI_PRINCIPAL_NAME')
+if ($::opt_verbose)
 {
-   print "$var=$ENV{$var}\n";
+  foreach $var ('GSSAPI_SHORTNAME','GSSAPI_FULLNAME','GSSAPI_KEYTAB_PATH','GSSAPI_PRINCIPAL_NAME')
+  {
+    print "$var=$ENV{$var}\n";
+  }
 }
-
 sub is_default { 1 }
 
 bless { };
diff --git a/plugin/auth_gssapi/server_plugin.cc b/plugin/auth_gssapi/server_plugin.cc
index 64f52a332fc..a79074abe79 100644
--- a/plugin/auth_gssapi/server_plugin.cc
+++ b/plugin/auth_gssapi/server_plugin.cc
@@ -1,4 +1,4 @@
-/* Copyright (c) 2015, Shuang Qiu, Robbie Hardwood,
+/* Copyright (c) 2015, Shuang Qiu, Robbie Harwood,
    Vladislav Vaintroub & MariaDB Corporation
 
    All rights reserved.
@@ -59,6 +59,14 @@ static int gssapi_auth(MYSQL_PLUGIN_VIO *vio, MYSQL_SERVER_AUTH_INFO *auth_info)
   const char *user;
   int user_len;
 
+  /* No user name yet ? Read the client handshake packet with the user name. */
+  if (auth_info->user_name == 0)
+  {
+    unsigned char *pkt;
+    if (vio->read_packet(vio, &pkt) < 0)
+      return CR_ERROR;
+  }
+  
   /* Send first packet with target name and mech name */
   if (vio->write_packet(vio, (unsigned char *)first_packet, first_packet_len))
   {
@@ -106,7 +114,7 @@ static int deinitialize_plugin(void *unused)
 /* system variable */
 static MYSQL_SYSVAR_STR(keytab_path, srv_keytab_path,
                         PLUGIN_VAR_RQCMDARG|PLUGIN_VAR_READONLY,
-                        "Keytab file path (Kerberos)",
+                        "Keytab file path for Kerberos authentication",
                         NULL,
                         NULL,
                         "");
@@ -131,7 +139,7 @@ static TYPELIB mech_name_typelib = {
 };
 static MYSQL_SYSVAR_ENUM(mech_name, srv_mech,
                         PLUGIN_VAR_RQCMDARG|PLUGIN_VAR_READONLY,
-                        "GSSAPI mechanism : either Kerberos or Negotiate",
+                        "GSSAPI mechanism",
                         NULL,
                         NULL,
                         2,&mech_name_typelib);
@@ -169,7 +177,7 @@ maria_declare_plugin(gssapi_server)
   NULL,                                  /* status variables */
   system_variables,                      /* system variables */
   "1.0",
-  MariaDB_PLUGIN_MATURITY_EXPERIMENTAL
+  MariaDB_PLUGIN_MATURITY_BETA
 }
 maria_declare_plugin_end;
 
diff --git a/plugin/auth_gssapi/server_plugin.h b/plugin/auth_gssapi/server_plugin.h
index 6f1a2fc7d54..1348835e653 100644
--- a/plugin/auth_gssapi/server_plugin.h
+++ b/plugin/auth_gssapi/server_plugin.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2015, Shuang Qiu, Robbie Hardwood,
+/* Copyright (c) 2015, Shuang Qiu, Robbie Harwood,
 Vladislav Vaintroub & MariaDB Corporation
 
 All rights reserved.
diff --git a/plugin/auth_gssapi/sspi.h b/plugin/auth_gssapi/sspi.h
index ceb668750af..34b8a56a32e 100644
--- a/plugin/auth_gssapi/sspi.h
+++ b/plugin/auth_gssapi/sspi.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2015, Shuang Qiu, Robbie Hardwood,
+/* Copyright (c) 2015, Shuang Qiu, Robbie Harwood,
 Vladislav Vaintroub & MariaDB Corporation
 
 All rights reserved.
diff --git a/plugin/auth_gssapi/sspi_client.cc b/plugin/auth_gssapi/sspi_client.cc
index 4946a0f4a98..34c1ce2e7ee 100644
--- a/plugin/auth_gssapi/sspi_client.cc
+++ b/plugin/auth_gssapi/sspi_client.cc
@@ -1,4 +1,4 @@
-/* Copyright (c) 2015, Shuang Qiu, Robbie Hardwood,
+/* Copyright (c) 2015, Shuang Qiu, Robbie Harwood,
 Vladislav Vaintroub & MariaDB Corporation
 
 All rights reserved.
diff --git a/plugin/auth_gssapi/sspi_errmsg.cc b/plugin/auth_gssapi/sspi_errmsg.cc
index 8c3eb99ed6b..961ef51f42e 100644
--- a/plugin/auth_gssapi/sspi_errmsg.cc
+++ b/plugin/auth_gssapi/sspi_errmsg.cc
@@ -1,4 +1,4 @@
-/* Copyright (c) 2015, Shuang Qiu, Robbie Hardwood,
+/* Copyright (c) 2015, Shuang Qiu, Robbie Harwood,
 Vladislav Vaintroub & MariaDB Corporation
 
 All rights reserved.
diff --git a/plugin/auth_gssapi/sspi_server.cc b/plugin/auth_gssapi/sspi_server.cc
index 1d51a66c3d8..1dfd2986aaa 100644
--- a/plugin/auth_gssapi/sspi_server.cc
+++ b/plugin/auth_gssapi/sspi_server.cc
@@ -1,4 +1,4 @@
-/* Copyright (c) 2015, Shuang Qiu, Robbie Hardwood,
+/* Copyright (c) 2015, Shuang Qiu, Robbie Harwood,
 Vladislav Vaintroub & MariaDB Corporation
 
 All rights reserved.