Style fixes, comments for 4.1.1 authorization

Now special 1-byte packet is used for request of old password
Fixed bug with --skip-grant-tables and acl_getroot


include/mysql.h:
  removed scramble_323 member as now scramble_323 function does not count
  on trailing zero for scramble
include/mysql_com.h:
  updated declarations
libmysql/libmysql.c:
  now server sends special 1-byte packet instead of old scramble
  to re-request password.
  mysql->scramble_323 replaced with mysql->scramble
sql-common/client.c:
  now server sends special 1-byte packet instead of old scramble
  to re-request password.
  mysql->scramble_323 replaces with mysql->scramble
sql/password.c:
  comments beautified
  hash_password now accepts password length
sql/protocol.cc:
  added send_old_password_request function
sql/protocol.h:
  added send_old_password_request function
sql/sql_acl.cc:
  style fixes, bug with --skip-grant-tables and acl_getroot
  fixed
sql/sql_class.h:
  thd->scramble_323 removed as now
  old functions accept not null-terminated scrambles
sql/sql_crypt.cc:
  fixed with new hash_password proto
sql/sql_parse.cc:
  style fixes
  few comments added

1 files changed, 45 insertions, 48 deletions

diff --git a/sql/password.c b/sql/password.c
index 2e9139c12aa..16227aab611 100644
--- a/sql/password.c
+++ b/sql/password.c
@@ -110,15 +110,17 @@ double my_rnd(struct rand_struct *rand_st)
     Used for Pre-4.1 password handling
   SYNOPSIS
     hash_password()
-    result    OUT store hash in this location
-    password  IN  plain text password to build hash
+    result       OUT store hash in this location
+    password     IN  plain text password to build hash
+    password_len IN  password length (password may be not null-terminated)
 */
 
-void hash_password(ulong *result, const char *password)
+void hash_password(ulong *result, const char *password, uint password_len)
 {
   register ulong nr=1345345333L, add=7, nr2=0x12345671L;
   ulong tmp;
-  for (; *password ; password++)
+  const char *password_end= password + password_len;
+  for (; password < password_end; password++)
   {
     if (*password == ' ' || *password == '\t')
       continue;                                 /* skip space in password */
@@ -129,7 +131,6 @@ void hash_password(ulong *result, const char *password)
   }
   result[0]=nr & (((ulong) 1L << 31) -1L); /* Don't use sign bit (str2int) */;
   result[1]=nr2 & (((ulong) 1L << 31) -1L);
-  return;
 }
 
 
@@ -145,7 +146,7 @@ void hash_password(ulong *result, const char *password)
 void make_scrambled_password_323(char *to, const char *password)
 {
   ulong hash_res[2];
-  hash_password(hash_res, password);
+  hash_password(hash_res, password, strlen(password));
   sprintf(to, "%08lx%08lx", hash_res[0], hash_res[1]);
 }
 
@@ -157,14 +158,12 @@ void make_scrambled_password_323(char *to, const char *password)
     scramble_323()
     to       OUT Store scrambled message here. Buffer must be at least
                  SCRAMBLE_LENGTH_323+1 bytes long
-    message  IN  Message to scramble. Message must be exactly 
-                 SRAMBLE_LENGTH_323 long and NULL terminated. 
+    message  IN  Message to scramble. Message must be at least
+                 SRAMBLE_LENGTH_323 bytes long.
     password IN  Password to use while scrambling
-  RETURN
-    End of scrambled string
 */
 
-char *scramble_323(char *to, const char *message, const char *password)
+void scramble_323(char *to, const char *message, const char *password)
 {
   struct rand_struct rand_st;
   ulong hash_pass[2], hash_message[2];
@@ -172,18 +171,18 @@ char *scramble_323(char *to, const char *message, const char *password)
   if (password && password[0])
   {
     char *to_start=to;
-    hash_password(hash_pass,password);
-    hash_password(hash_message, message);
+    hash_password(hash_pass,password, strlen(password));
+    hash_password(hash_message, message, SCRAMBLE_LENGTH_323);
     randominit(&rand_st,hash_pass[0] ^ hash_message[0],
                hash_pass[1] ^ hash_message[1]);
-    while (*message++)
+    const char *message_end= message + SCRAMBLE_LENGTH_323;
+    for (; message < message_end; message++)
       *to++= (char) (floor(my_rnd(&rand_st)*31)+64);
     char extra=(char) (floor(my_rnd(&rand_st)*31));
     while (to_start != to)
       *(to_start++)^=extra;
   }
   *to= 0;
-  return to;
 }
 
 
@@ -192,11 +191,13 @@ char *scramble_323(char *to, const char *message, const char *password)
     Used in pre 4.1 password handling
   SYNOPSIS
     check_scramble_323()
-    scrambled  IN scrambled message to check.
-    message    IN original random message which was used for scrambling; must
-                  be exactly SCRAMBLED_LENGTH_323 bytes long and
-                  NULL-terminated.
-    hash_pass  IN password which should be used for scrambling
+    scrambled  scrambled message to check.
+    message    original random message which was used for scrambling; must
+               be exactly SCRAMBLED_LENGTH_323 bytes long and
+               NULL-terminated.
+    hash_pass  password which should be used for scrambling
+    All params are IN.
+
   RETURN VALUE
     0 - password correct
    !0 - password invalid
@@ -211,11 +212,7 @@ check_scramble_323(const char *scrambled, const char *message,
   char buff[16],*to,extra;                      /* Big enough for check */
   const char *pos;
   
-  /* Check if this exactly N bytes. Overwise this is something fishy */
-  if (strlen(message) != SCRAMBLE_LENGTH_323)
-    return 1;                                   /* Wrong password */
-
-  hash_password(hash_message,message);
+  hash_password(hash_message, message, SCRAMBLE_LENGTH_323);
   randominit(&rand_st,hash_pass[0] ^ hash_message[0],
              hash_pass[1] ^ hash_message[1]);
   to=buff;
@@ -231,7 +228,7 @@ check_scramble_323(const char *scrambled, const char *message,
   return 0;
 }
 
-static uint8 char_val(uint8 X)
+static inline uint8 char_val(uint8 X)
 {
   return (uint) (X >= '0' && X <= '9' ? X-'0' :
       X >= 'A' && X <= 'Z' ? X-'A'+10 : X-'a'+10);
@@ -280,7 +277,10 @@ void make_password_from_salt_323(char *to, const ulong *salt)
 }
 
 
-/******************* MySQL 4.1.1 authentification routines ******************/
+/*
+     **************** MySQL 4.1.1 authentification routines *************
+*/
+
 /*
     Generate string of printable random characters of requested length
   SYNOPSIS
@@ -315,19 +315,16 @@ void create_random_string(char *to, uint length, struct rand_struct *rand_st)
     str, len  IN  the beginning and the length of the input string
 */
 
-static
-void
+static void
 octet2hex(char *to, const uint8 *str, uint len)
 {
-  static const char alphabet[] = { '0', '1', '2', '3', '4', '5', '6', '7',
-                                   '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
   const uint8 *str_end= str + len; 
   for (; str != str_end; ++str)
   {
-    *to++= alphabet[(*str & 0xF0) >> 4];
-    *to++= alphabet[*str & 0x0F];
+    *to++= _dig_vec[(*str & 0xF0) >> 4];
+    *to++= _dig_vec[*str & 0x0F];
   }
-  *to++= '\0';
+  *to= '\0';
 }
 
 
@@ -341,15 +338,14 @@ octet2hex(char *to, const uint8 *str, uint len)
                   overlap; len % 2 == 0
 */ 
 
-static
-void
+static void
 hex2octet(uint8 *to, const char *str, uint len)
 {
   const char *str_end= str + len;
   while (str < str_end)
   {
-    *to= char_val(*str++) << 4;
-    *to++|= char_val(*str++);
+    register char tmp= char_val(*str++);
+    *to++= (tmp << 4) | char_val(*str++);
   }
 }
 
@@ -366,9 +362,8 @@ hex2octet(uint8 *to, const char *str, uint len)
     len     IN  length of s1 and s2
 */
 
-static
-void
-my_crypt(char *to, const uint8 *s1, const uint8 *s2, uint len)
+static void
+my_crypt(char *to, const uchar *s1, const uchar *s2, uint len)
 {
   const uint8 *s1_end= s1 + len;
   while (s1 < s1_end)
@@ -447,7 +442,7 @@ scramble(char *to, const char *message, const char *password)
   sha1_input(&sha1_context, hash_stage2, SHA1_HASH_SIZE);
   /* xor allows 'from' and 'to' overlap: lets take advantage of it */
   sha1_result(&sha1_context, (uint8 *) to);
-  my_crypt(to, (const uint8 *) to, hash_stage1, SCRAMBLE_LENGTH);
+  my_crypt(to, (const uchar *) to, hash_stage1, SCRAMBLE_LENGTH);
 }
 
 
@@ -459,11 +454,13 @@ scramble(char *to, const char *message, const char *password)
     long (if not, something fishy is going on).
   SYNOPSIS
     check_scramble()
-    scramble     IN clients' reply, presumably produced by scramble()
-    message      IN original random string, previously sent to client
-                    (presumably second argument of scramble()), must be 
-                    exactly SCRAMBLE_LENGTH long and NULL-terminated.
-    hash_stage2  IN hex2octet-decoded database entry
+    scramble     clients' reply, presumably produced by scramble()
+    message      original random string, previously sent to client
+                 (presumably second argument of scramble()), must be 
+                 exactly SCRAMBLE_LENGTH long and NULL-terminated.
+    hash_stage2  hex2octet-decoded database entry
+    All params are IN.
+
   RETURN VALUE
     0  password is correct
     !0  password is invalid
@@ -483,7 +480,7 @@ check_scramble(const char *scramble, const char *message,
   sha1_input(&sha1_context, hash_stage2, SHA1_HASH_SIZE);
   sha1_result(&sha1_context, buf);
   /* encrypt scramble */
-  my_crypt((char *) buf, buf, (const uint8 *) scramble, SCRAMBLE_LENGTH);
+    my_crypt((char *) buf, buf, (const uchar *) scramble, SCRAMBLE_LENGTH);
   /* now buf supposedly contains hash_stage1: so we can get hash_stage2 */
   sha1_reset(&sha1_context);
   sha1_input(&sha1_context, buf, SHA1_HASH_SIZE);