From 311126758e5335b19d5c6311ff63580e20f24b88 Mon Sep 17 00:00:00 2001 From: Vladislav Vaintroub Date: Mon, 15 Oct 2018 22:11:14 +0100 Subject: MDEV-17462 Heap corruption with auth_gssapi on Windows. use FreeContextAttributes() on individual members of SecPkgContext_NativeNames, not on the struct itself. --- plugin/auth_gssapi/sspi_server.cc | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'plugin') diff --git a/plugin/auth_gssapi/sspi_server.cc b/plugin/auth_gssapi/sspi_server.cc index d2c2ae7e4b9..c3ec8161567 100644 --- a/plugin/auth_gssapi/sspi_server.cc +++ b/plugin/auth_gssapi/sspi_server.cc @@ -103,7 +103,12 @@ static int get_client_name_from_context(CtxtHandle *ctxt, *p = 0; } strncpy(name, native_names.sClientName, name_len); - FreeContextBuffer(&native_names); + + if (native_names.sClientName) + FreeContextBuffer(native_names.sClientName); + if (native_names.sServerName) + FreeContextBuffer(native_names.sServerName); + return CR_OK; } -- cgit v1.2.1 From 64b48aebe411655d2524c30f0c509612b27eea71 Mon Sep 17 00:00:00 2001 From: Vladislav Vaintroub Date: Mon, 15 Oct 2018 22:57:15 +0100 Subject: make auth_gssapi_basic work, also in domain environment. --- plugin/auth_gssapi/mysql-test/auth_gssapi/basic.result | 2 ++ plugin/auth_gssapi/mysql-test/auth_gssapi/basic.test | 1 + plugin/auth_gssapi/sspi_server.cc | 2 +- 3 files changed, 4 insertions(+), 1 deletion(-) (limited to 'plugin') diff --git a/plugin/auth_gssapi/mysql-test/auth_gssapi/basic.result b/plugin/auth_gssapi/mysql-test/auth_gssapi/basic.result index dc5155fac8c..3044f984ffa 100644 --- a/plugin/auth_gssapi/mysql-test/auth_gssapi/basic.result +++ b/plugin/auth_gssapi/mysql-test/auth_gssapi/basic.result @@ -1,4 +1,6 @@ INSTALL SONAME 'auth_gssapi'; +Warnings: +Note 1105 SSPI: using principal name 'localhost', mech 'Negotiate' CREATE USER 'GSSAPI_SHORTNAME' IDENTIFIED WITH gssapi; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() diff --git a/plugin/auth_gssapi/mysql-test/auth_gssapi/basic.test b/plugin/auth_gssapi/mysql-test/auth_gssapi/basic.test index f47ad8c20e2..e6e8cde68ca 100644 --- a/plugin/auth_gssapi/mysql-test/auth_gssapi/basic.test +++ b/plugin/auth_gssapi/mysql-test/auth_gssapi/basic.test @@ -1,3 +1,4 @@ +--replace_regex /name '[a-zA-Z@.]+'/name 'localhost'/ INSTALL SONAME 'auth_gssapi'; # diff --git a/plugin/auth_gssapi/sspi_server.cc b/plugin/auth_gssapi/sspi_server.cc index c3ec8161567..a4223e3cf7f 100644 --- a/plugin/auth_gssapi/sspi_server.cc +++ b/plugin/auth_gssapi/sspi_server.cc @@ -289,7 +289,7 @@ int plugin_init() { srv_principal_name= get_default_principal_name(); } - my_printf_error(0, "SSPI: using principal name '%s', mech '%s'", + my_printf_error(ER_UNKNOWN_ERROR, "SSPI: using principal name '%s', mech '%s'", ME_ERROR_LOG | ME_NOTE, srv_principal_name, srv_mech_name); ret = AcquireCredentialsHandle( -- cgit v1.2.1 From ea9c407e0be92bb2ac1160d9b8081867b49d8f9b Mon Sep 17 00:00:00 2001 From: Vladislav Vaintroub Date: Mon, 15 Oct 2018 23:07:30 +0100 Subject: Fix regular expression in replace_regex in auth_gssapi test. --- plugin/auth_gssapi/mysql-test/auth_gssapi/basic.test | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'plugin') diff --git a/plugin/auth_gssapi/mysql-test/auth_gssapi/basic.test b/plugin/auth_gssapi/mysql-test/auth_gssapi/basic.test index e6e8cde68ca..2307aa3934a 100644 --- a/plugin/auth_gssapi/mysql-test/auth_gssapi/basic.test +++ b/plugin/auth_gssapi/mysql-test/auth_gssapi/basic.test @@ -1,4 +1,4 @@ ---replace_regex /name '[a-zA-Z@.]+'/name 'localhost'/ +--replace_regex /name '[^']+'/name 'localhost'/ INSTALL SONAME 'auth_gssapi'; # -- cgit v1.2.1 From 952f394f8e936bb254062c7e6f4f62afd1c90f8e Mon Sep 17 00:00:00 2001 From: Vladislav Vaintroub Date: Tue, 16 Oct 2018 09:17:03 +0100 Subject: remove MYF flags from plugin --- plugin/auth_gssapi/sspi_server.cc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'plugin') diff --git a/plugin/auth_gssapi/sspi_server.cc b/plugin/auth_gssapi/sspi_server.cc index a4223e3cf7f..b3605ddb0d9 100644 --- a/plugin/auth_gssapi/sspi_server.cc +++ b/plugin/auth_gssapi/sspi_server.cc @@ -42,11 +42,11 @@ static void log_error(SECURITY_STATUS err, const char *msg) { char buf[1024]; sspi_errmsg(err, buf, sizeof(buf)); - my_printf_error(ER_UNKNOWN_ERROR, "SSPI server error 0x%x - %s - %s", MYF(0), msg, buf); + my_printf_error(ER_UNKNOWN_ERROR, "SSPI server error 0x%x - %s - %s", 0, msg, buf); } else { - my_printf_error(ER_UNKNOWN_ERROR, "SSPI server error %s", MYF(0), msg); + my_printf_error(ER_UNKNOWN_ERROR, "SSPI server error %s", 0, msg); } } -- cgit v1.2.1 From 5a5bc21a65eb28f22b2896d96bd5fad0557b5719 Mon Sep 17 00:00:00 2001 From: Vladislav Vaintroub Date: Tue, 16 Oct 2018 09:19:03 +0100 Subject: auth_gssapi : Fix string formatting in my_printf_error() --- plugin/auth_gssapi/sspi_server.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'plugin') diff --git a/plugin/auth_gssapi/sspi_server.cc b/plugin/auth_gssapi/sspi_server.cc index b3605ddb0d9..fe90a195d88 100644 --- a/plugin/auth_gssapi/sspi_server.cc +++ b/plugin/auth_gssapi/sspi_server.cc @@ -42,7 +42,7 @@ static void log_error(SECURITY_STATUS err, const char *msg) { char buf[1024]; sspi_errmsg(err, buf, sizeof(buf)); - my_printf_error(ER_UNKNOWN_ERROR, "SSPI server error 0x%x - %s - %s", 0, msg, buf); + my_printf_error(ER_UNKNOWN_ERROR, "SSPI server error 0x%x - %s - %s", 0, err, msg, buf); } else { -- cgit v1.2.1 From 3859273d048f0a4194c076f44aed4b45475ed158 Mon Sep 17 00:00:00 2001 From: Daniel Black Date: Sat, 10 Feb 2018 18:28:23 +1100 Subject: MDEV-14267: correct FSF address --- plugin/auth_ed25519/ed25519-t.c | 2 +- plugin/user_variables/user_variables.cc | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'plugin') diff --git a/plugin/auth_ed25519/ed25519-t.c b/plugin/auth_ed25519/ed25519-t.c index f7d58c48d7c..fa058f69325 100644 --- a/plugin/auth_ed25519/ed25519-t.c +++ b/plugin/auth_ed25519/ed25519-t.c @@ -12,7 +12,7 @@ You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02111-1301 USA */ #include #include diff --git a/plugin/user_variables/user_variables.cc b/plugin/user_variables/user_variables.cc index 9190b2effb7..35378e0c8c8 100644 --- a/plugin/user_variables/user_variables.cc +++ b/plugin/user_variables/user_variables.cc @@ -11,7 +11,7 @@ You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02111-1301 USA */ #define MYSQL_SERVER #include -- cgit v1.2.1