From 7df0475847103581798ddacf75dbf634e8f98d0a Mon Sep 17 00:00:00 2001 From: "kostja@oak.local" <> Date: Tue, 1 Jul 2003 23:40:59 +0400 Subject: First version of new authentification procedure: now authentification is one-stage (instead of two-stage in 4.1) For now following tasks have been done: - PASSWORD() function was rewritten. PASSWORD() now returns SHA1 hash_stage2; for new passwords user.password contains '*'hash_stage2; sql_yacc.yy also fixed; - password.c: new functions were implemented, old rolled back to 4.0 state - server code was rewritten to use new authorization algorithm (check_user(), change user, and other stuff in sql/sql_parse.cc) - client code was rewritten to use new authorization algorithm (mysql_real_connect, myslq_authenticate in sql-common/client.c) - now server barks on 45-byte-length 4.1.0 passwords and refuses 4.1.0-style authentification. Users with 4.1.0 passwords are blocked (sql/sql_acl.cc) - mysqladmin.c was fixed to work correctly with new passwords Tests for 4.0-4.1.1, 4.1.1-4.1.1 (with or without db/password) logons was performed; mysqladmin also was tested. Additional check are nevertheless necessary. --- include/mysql.h | 4 +++- include/mysql_com.h | 61 +++++++++++++++++++++++++++++++---------------------- 2 files changed, 39 insertions(+), 26 deletions(-) (limited to 'include') diff --git a/include/mysql.h b/include/mysql.h index bd63a10ba45..91ef481e7f7 100644 --- a/include/mysql.h +++ b/include/mysql.h @@ -227,7 +227,9 @@ typedef struct st_mysql enum mysql_status status; my_bool free_me; /* If free in mysql_close */ my_bool reconnect; /* set to 1 if automatic reconnect */ - char scramble_buff[21]; /* New protocol requires longer scramble*/ + + char scramble[SCRAMBLE_LENGTH+1]; /* for new servers */ + char scramble_323[SCRAMBLE_LENGTH_323+1]; /* for old servers */ /* Set if this is the original connection, not a master or a slave we have diff --git a/include/mysql_com.h b/include/mysql_com.h index e87001ff27d..c1f18160667 100644 --- a/include/mysql_com.h +++ b/include/mysql_com.h @@ -48,8 +48,15 @@ enum enum_server_command }; -#define SCRAMBLE_LENGTH 8 -#define SCRAMBLE41_LENGTH 20 +/* + Length of random string sent by server on handshake; this is also length of + obfuscated password, recieved from client +*/ +#define SCRAMBLE_LENGTH 20 +#define SCRAMBLE_LENGTH_323 8 +/* length of password stored in the db: new passwords are preceeded with '*' */ +#define SCRAMBLED_PASSWORD_CHAR_LENGTH (SCRAMBLE_LENGTH*2+1) +#define SCRAMBLED_PASSWORD_CHAR_LENGTH_323 (SCRAMBLE_LENGTH_323*2) #define NOT_NULL_FLAG 1 /* Field can't be NULL */ @@ -300,31 +307,35 @@ extern "C" { extern unsigned long max_allowed_packet; extern unsigned long net_buffer_length; -void randominit(struct rand_struct *,unsigned long seed1, - unsigned long seed2); +/* + These functions are used for authentication by client and server and + implemented in sql/password.c +*/ + +void randominit(struct rand_struct *, unsigned long seed1, + unsigned long seed2); double my_rnd(struct rand_struct *); -void make_scrambled_password(char *to,const char *password, - my_bool force_old_scramble,struct rand_struct *rand_st); -int get_password_length(my_bool force_old_scramble); -char get_password_version(const char* password); -void create_random_string(int length,struct rand_struct *rand_st,char* target); -my_bool validate_password(const char* password, const char* message, - unsigned long* salt); -void password_hash_stage1(char *to, const char *password); -void password_hash_stage2(char *to,const char *salt); -void password_crypt(const char* from,char* to, const char* password,int length); -void get_hash_and_password(unsigned long* salt, unsigned char pversion,char* hash, - unsigned char* bin_password); -void get_salt_from_password(unsigned long *res,const char *password); -void create_key_from_old_password(const char* password,char* key); -void make_password_from_salt(char *to, unsigned long *hash_res, - unsigned char password_version); -char *scramble(char *to,const char *message,const char *password, - my_bool old_ver); -my_bool check_scramble(const char *, const char *message, - unsigned long *salt,my_bool old_ver); +void create_random_string(char *to, uint length, struct rand_struct *rand_st); + +void hash_password(ulong *to, const char *password); +void make_scrambled_password_323(char *to, const char *password); +char *scramble_323(char *to, const char *message, const char *password, + my_bool old_ver); +my_bool check_scramble_323(const char *, const char *message, + unsigned long *salt, my_bool old_ver); +void get_salt_from_password_323(unsigned long *res, const char *password); +void make_password_from_salt_323(char *to, const unsigned long *salt); + +void make_scrambled_password(char *to, const char *password); +char *scramble(char *to, const char *message, const char *password); +my_bool check_scramble(const char *reply, const char *message, + const unsigned char *hash_stage2); +void get_salt_from_password(unsigned char *res, const char *password); +void make_password_from_salt(char *to, const unsigned char *hash_stage2); + +/* end of password.c */ + char *get_tty_password(char *opt_message); -void hash_password(unsigned long *result, const char *password); const char *mysql_errno_to_sqlstate(unsigned int mysql_errno); /* Some other useful functions */ -- cgit v1.2.1 From 1d20b23247e19aa6aa5e309fc47d5c5c3bbfe433 Mon Sep 17 00:00:00 2001 From: "kostja@oak.local" <> Date: Fri, 4 Jul 2003 20:52:04 +0400 Subject: Bug fixes for authentication OLD_PASSWORD made a keyword to allow set password=old_password('abc') constructions. --- include/mysql_com.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/mysql_com.h b/include/mysql_com.h index c1f18160667..784a7782855 100644 --- a/include/mysql_com.h +++ b/include/mysql_com.h @@ -327,7 +327,7 @@ void get_salt_from_password_323(unsigned long *res, const char *password); void make_password_from_salt_323(char *to, const unsigned long *salt); void make_scrambled_password(char *to, const char *password); -char *scramble(char *to, const char *message, const char *password); +void scramble(char *to, const char *message, const char *password); my_bool check_scramble(const char *reply, const char *message, const unsigned char *hash_stage2); void get_salt_from_password(unsigned char *res, const char *password); -- cgit v1.2.1 From a232225b69cc34f18f87a761e19fc0e3d2790d97 Mon Sep 17 00:00:00 2001 From: "kostja@oak.local" <> Date: Tue, 8 Jul 2003 02:36:14 +0400 Subject: Preliminary support for options --secure-auth, --old-passwords Support for option --old-protocol was removed. Some test performed. Tests for SSL and replication are pending. More strict following to specification for --old-passwords is in the TODO. --- include/mysql_com.h | 5 ++--- include/mysqld_error.h | 3 ++- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/include/mysql_com.h b/include/mysql_com.h index 784a7782855..1f9d996c457 100644 --- a/include/mysql_com.h +++ b/include/mysql_com.h @@ -319,10 +319,9 @@ void create_random_string(char *to, uint length, struct rand_struct *rand_st); void hash_password(ulong *to, const char *password); void make_scrambled_password_323(char *to, const char *password); -char *scramble_323(char *to, const char *message, const char *password, - my_bool old_ver); +char *scramble_323(char *to, const char *message, const char *password); my_bool check_scramble_323(const char *, const char *message, - unsigned long *salt, my_bool old_ver); + unsigned long *salt); void get_salt_from_password_323(unsigned long *res, const char *password); void make_password_from_salt_323(char *to, const unsigned long *salt); diff --git a/include/mysqld_error.h b/include/mysqld_error.h index 565c2812c50..341e0144ca3 100644 --- a/include/mysqld_error.h +++ b/include/mysqld_error.h @@ -286,4 +286,5 @@ #define ER_REVOKE_GRANTS 1267 #define ER_CANT_AGGREGATE_3COLLATIONS 1268 #define ER_CANT_AGGREGATE_NCOLLATIONS 1269 -#define ER_ERROR_MESSAGES 270 +#define ER_SERVER_IS_IN_SECURE_AUTH_MODE 1270 +#define ER_ERROR_MESSAGES 271 -- cgit v1.2.1 From 09e53b016967a84126dc50474a54010712893bf1 Mon Sep 17 00:00:00 2001 From: "kostja@oak.local" <> Date: Fri, 18 Jul 2003 18:25:54 +0400 Subject: Style fixes, comments for 4.1.1 authorization Now special 1-byte packet is used for request of old password Fixed bug with --skip-grant-tables and acl_getroot --- include/mysql.h | 4 ++-- include/mysql_com.h | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/include/mysql.h b/include/mysql.h index bf05f6e8e37..079808d9ba7 100644 --- a/include/mysql.h +++ b/include/mysql.h @@ -228,8 +228,8 @@ typedef struct st_mysql my_bool free_me; /* If free in mysql_close */ my_bool reconnect; /* set to 1 if automatic reconnect */ - char scramble[SCRAMBLE_LENGTH+1]; /* for new servers */ - char scramble_323[SCRAMBLE_LENGTH_323+1]; /* for old servers */ + /* session-wide random string */ + char scramble[max(SCRAMBLE_LENGTH,SCRAMBLE_LENGTH_323)+1]; /* Set if this is the original connection, not a master or a slave we have diff --git a/include/mysql_com.h b/include/mysql_com.h index e5782235934..87cedafb93d 100644 --- a/include/mysql_com.h +++ b/include/mysql_com.h @@ -318,9 +318,9 @@ void randominit(struct rand_struct *, unsigned long seed1, double my_rnd(struct rand_struct *); void create_random_string(char *to, uint length, struct rand_struct *rand_st); -void hash_password(ulong *to, const char *password); +void hash_password(ulong *to, const char *password, uint password_len); void make_scrambled_password_323(char *to, const char *password); -char *scramble_323(char *to, const char *message, const char *password); +void scramble_323(char *to, const char *message, const char *password); my_bool check_scramble_323(const char *, const char *message, unsigned long *salt); void get_salt_from_password_323(unsigned long *res, const char *password); -- cgit v1.2.1 From 715f8747d49bec27ae4948e74e18247dc4e9d52b Mon Sep 17 00:00:00 2001 From: "kostja@oak.local" <> Date: Fri, 18 Jul 2003 18:57:21 +0400 Subject: few compile-time bugs fixed --- include/mysql.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/mysql.h b/include/mysql.h index 079808d9ba7..10bacffb2b1 100644 --- a/include/mysql.h +++ b/include/mysql.h @@ -229,7 +229,7 @@ typedef struct st_mysql my_bool reconnect; /* set to 1 if automatic reconnect */ /* session-wide random string */ - char scramble[max(SCRAMBLE_LENGTH,SCRAMBLE_LENGTH_323)+1]; + char scramble[SCRAMBLE_LENGTH+1]; /* Set if this is the original connection, not a master or a slave we have -- cgit v1.2.1 From 79922d946ac7c7c9c77c10fd7f831f14f2a9892c Mon Sep 17 00:00:00 2001 From: "serg@serg.mylan" <> Date: Tue, 5 Aug 2003 21:14:15 +0200 Subject: table checksum background: my_checksum() mysys function NISAM checksum code moved from mysys to isam/ - it's obsolete MyISAM checksum code moved to mysys table's checksum accessible from sql layer SHOW TABLE STATUS shows checksum (WL#646) code cleanup --- include/my_sys.h | 6 ++++-- include/myisam.h | 2 -- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/include/my_sys.h b/include/my_sys.h index e4125a2e7e6..6721d77a8af 100644 --- a/include/my_sys.h +++ b/include/my_sys.h @@ -213,7 +213,7 @@ extern uint get_charset_number(const char *cs_name); extern const char *get_charset_name(uint cs_number); extern CHARSET_INFO *get_charset(uint cs_number, myf flags); extern CHARSET_INFO *get_charset_by_name(const char *cs_name, myf flags); -extern CHARSET_INFO *get_charset_by_csname(const char *cs_name, +extern CHARSET_INFO *get_charset_by_csname(const char *cs_name, uint cs_flags, myf my_flags); extern void free_charsets(void); extern char *get_charsets_dir(char *buf); @@ -507,6 +507,8 @@ typedef struct st_keycache ulonglong size; } KEY_CACHE; +typedef uint32 ha_checksum; + #include /* Prototypes for mysys and my_func functions */ @@ -749,7 +751,7 @@ extern void print_defaults(const char *conf_file, const char **groups); extern my_bool my_compress(byte *, ulong *, ulong *); extern my_bool my_uncompress(byte *, ulong *, ulong *); extern byte *my_compress_alloc(const byte *packet, ulong *len, ulong *complen); -extern ulong checksum(const byte *mem, uint count); +extern ha_checksum my_checksum(ha_checksum crc, const byte *mem, uint count); extern uint my_bit_log2(ulong value); uint my_count_bits(ulonglong v); extern void my_sleep(ulong m_seconds); diff --git a/include/myisam.h b/include/myisam.h index e85d3057672..0ffcdae8567 100644 --- a/include/myisam.h +++ b/include/myisam.h @@ -53,8 +53,6 @@ extern "C" { #define mi_portable_sizeof_char_ptr 8 -typedef uint32 ha_checksum; - /* Param to/from mi_info */ typedef struct st_mi_isaminfo /* Struct from h_info */ -- cgit v1.2.1 From 58bdc6f5e18671812942f4599d8bd99f4991f668 Mon Sep 17 00:00:00 2001 From: "serg@serg.mylan" <> Date: Thu, 21 Aug 2003 18:30:43 +0200 Subject: use crc32() from bundled zlib if system zlib is unavailable --- include/my_sys.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/my_sys.h b/include/my_sys.h index 6721d77a8af..a6a4d46e227 100644 --- a/include/my_sys.h +++ b/include/my_sys.h @@ -753,8 +753,9 @@ extern my_bool my_uncompress(byte *, ulong *, ulong *); extern byte *my_compress_alloc(const byte *packet, ulong *len, ulong *complen); extern ha_checksum my_checksum(ha_checksum crc, const byte *mem, uint count); extern uint my_bit_log2(ulong value); -uint my_count_bits(ulonglong v); +extern uint my_count_bits(ulonglong v); extern void my_sleep(ulong m_seconds); +extern ulong crc32(ulong crc, const uchar *buf, uint len); #ifdef __WIN__ extern my_bool have_tcpip; /* Is set if tcpip is used */ -- cgit v1.2.1 From bf3e65b128bad752ceecc3bb37ca5317902891e2 Mon Sep 17 00:00:00 2001 From: "hf@deer.(none)" <> Date: Thu, 28 Aug 2003 13:39:46 +0500 Subject: SCRUM: Fixed some mess with STDCALL in function's declarations --- include/mysql.h | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'include') diff --git a/include/mysql.h b/include/mysql.h index 8e8ffc2b788..d58b729bfc1 100644 --- a/include/mysql.h +++ b/include/mysql.h @@ -541,16 +541,16 @@ typedef struct st_mysql_stmt typedef struct st_mysql_methods { - my_bool STDCALL (*read_query_result)(MYSQL *mysql); - my_bool STDCALL (*advanced_command)(MYSQL *mysql, + my_bool (STDCALL *read_query_result)(MYSQL *mysql); + my_bool (STDCALL *advanced_command)(MYSQL *mysql, enum enum_server_command command, const char *header, unsigned long header_length, const char *arg, unsigned long arg_length, my_bool skip_check); - MYSQL_RES * STDCALL (*store_result)(MYSQL *mysql); - MYSQL_RES * STDCALL (*use_result)(MYSQL *mysql); - void STDCALL (*fetch_lengths)(unsigned long *to, MYSQL_ROW column, uint field_count); + MYSQL_RES * (STDCALL *store_result)(MYSQL *mysql); + MYSQL_RES * (STDCALL *use_result)(MYSQL *mysql); + void (STDCALL *fetch_lengths)(unsigned long *to, MYSQL_ROW column, uint field_count); } MYSQL_METHODS; MYSQL_STMT * STDCALL mysql_prepare(MYSQL * mysql, const char *query, -- cgit v1.2.1 From 6cad89775b4ed78c02c2fa9f3e49181f63b7fb65 Mon Sep 17 00:00:00 2001 From: "dlenev@dlenev.mshome" <> Date: Fri, 29 Aug 2003 03:23:18 +0400 Subject: Fixed problem with absence of gmtime_r under Windows. --- include/my_pthread.h | 1 - 1 file changed, 1 deletion(-) (limited to 'include') diff --git a/include/my_pthread.h b/include/my_pthread.h index d8374cad314..f4976abee10 100644 --- a/include/my_pthread.h +++ b/include/my_pthread.h @@ -111,7 +111,6 @@ void pthread_exit(void *a); /* was #define pthread_exit(A) ExitThread(A)*/ #endif #define pthread_self() win_pthread_self #define HAVE_LOCALTIME_R 1 -#define HAVE_GMTIME_R 1 #define _REENTRANT 1 #define HAVE_PTHREAD_ATTR_SETSTACKSIZE 1 -- cgit v1.2.1 From 234208f03e9b92f1100814ce18d2820ca4c1deb3 Mon Sep 17 00:00:00 2001 From: "miguel@hegel.local" <> Date: Fri, 29 Aug 2003 22:13:57 -0400 Subject: Fix VC++ compiler error with redifinition return type --- include/thr_alarm.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/thr_alarm.h b/include/thr_alarm.h index 439f046252f..8ff4472f700 100644 --- a/include/thr_alarm.h +++ b/include/thr_alarm.h @@ -100,7 +100,7 @@ typedef struct st_alarm { #define thr_alarm_init(A) (*(A))=0 #define thr_alarm_in_use(A) (*(A)!= 0) void init_thr_alarm(uint max_alarm); -bool thr_alarm(thr_alarm_t *alarmed, uint sec, ALARM *buff); +my_bool thr_alarm(thr_alarm_t *alarmed, uint sec, ALARM *buff); void thr_alarm_kill(pthread_t thread_id); void thr_end_alarm(thr_alarm_t *alarmed); void end_thr_alarm(my_bool free_structures); -- cgit v1.2.1 From 2486222cd2192418b7bdcbf89a42d77e698f1899 Mon Sep 17 00:00:00 2001 From: "dlenev@dlenev.mshome" <> Date: Mon, 1 Sep 2003 15:16:20 +0400 Subject: Implemented replication over SSL Added proper options to CHANGE MASTER TO, new fields to SHOW SLAVE STATUS, Honoring this parameters during connection to master. Introduced new format of master.info file --- include/mysqld_error.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/mysqld_error.h b/include/mysqld_error.h index 17ededfbb52..e5c2898d0e7 100644 --- a/include/mysqld_error.h +++ b/include/mysqld_error.h @@ -288,4 +288,5 @@ #define ER_CANT_AGGREGATE_NCOLLATIONS 1269 #define ER_VARIABLE_IS_NOT_STRUCT 1270 #define ER_UNKNOWN_COLLATION 1271 -#define ER_ERROR_MESSAGES 272 +#define ER_SLAVE_IGNORED_SSL_PARAMS 1272 +#define ER_ERROR_MESSAGES 273 -- cgit v1.2.1 From 2317fa3ba5312dd6fde14c89930ee35c53b6e3fe Mon Sep 17 00:00:00 2001 From: "serg@serg.mylan" <> Date: Wed, 3 Sep 2003 16:31:01 +0200 Subject: C cleanups --- include/mysql_com.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/mysql_com.h b/include/mysql_com.h index 8d61641cf29..b8dc877f125 100644 --- a/include/mysql_com.h +++ b/include/mysql_com.h @@ -319,7 +319,7 @@ void randominit(struct rand_struct *, unsigned long seed1, double my_rnd(struct rand_struct *); void create_random_string(char *to, uint length, struct rand_struct *rand_st); -void hash_password(ulong *to, const char *password, uint password_len); +void hash_password(unsigned long *to, const char *password, uint password_len); void make_scrambled_password_323(char *to, const char *password); void scramble_323(char *to, const char *message, const char *password); my_bool check_scramble_323(const char *, const char *message, -- cgit v1.2.1 From 2ba517a3f14653006f2e309494256bfd47c34d4d Mon Sep 17 00:00:00 2001 From: "hf@deer.(none)" <> Date: Mon, 8 Sep 2003 13:11:18 +0500 Subject: fix for #1210 --- include/errmsg.h | 1 + 1 file changed, 1 insertion(+) (limited to 'include') diff --git a/include/errmsg.h b/include/errmsg.h index 1f4e6e12f00..a354c125e36 100644 --- a/include/errmsg.h +++ b/include/errmsg.h @@ -86,3 +86,4 @@ extern const char *client_errors[]; /* Error messages */ #define CR_SHARED_MEMORY_CONNECT_SET_ERROR 2045 #define CR_CONN_UNKNOW_PROTOCOL 2046 #define CR_INVALID_CONN_HANDLE 2047 +#define CR_MYSQL_SERVER_INIT_MISSED 2048 -- cgit v1.2.1