revno: 3690.1.180

committer: gopal.shankar@oracle.com

branch nick: mysql-flushpriv2

timestamp: Thu 2012-03-29 00:20:54 +0530

message:

  Bug#12766319 - 61865: RENAME USER DOES NOT WORK CORRECTLY -

                        REQUIRES FLUSH PRIVILEGES

  PROBLEM:

    RENAME USER does not work as expected when from_user contains just

  IP and to_user contains IP/MASK. Attempt to connect to MySQL using

  renamed user fails. Attempts to connect succeed only after command

  FLUSH PRIVILEGES.

  ANALYSIS:

    MySQL maintains access control list for users in global DYNAMIC ARRAY

  'acl_users'. This list is updated by acl_reload(), which loads 'acl_users'

  from mysql.user table.

    For faster search we maintain HASH acl_check_hosts, which contains

  user details with hostnames without any wild cards. All the users whose

  host name contains wild cards are stored in DYNAMIC_ARRAY acl_wild_hosts.

    ADD/DROP/RENAME user basically updates 'acl_users' along with mysql.user.

  At the end of these operations init_check_hosts() is called to update

  acl_check_hosts and  acl_wild_cards based on 'acl_users'.

  Bug#12766319 - 61865: RENAME USER DOES NOT WORK CORRECTLY -

                        REQUIRES FLUSH PRIVILEGES

  PROBLEM:

    RENAME USER does not work as expected when from_user contains just

  IP and to_user contains IP/MASK. Attempt to connect to MySQL using

  renamed user fails. Attempts to connect succeed only after command

  FLUSH PRIVILEGES.

  ANALYSIS:

    MySQL maintains access control list for users in global DYNAMIC ARRAY

  'acl_users'. This list is updated by acl_reload(), which loads 'acl_users'

  from mysql.user table.

    For faster search we maintain HASH acl_check_hosts, which contains

  user details with hostnames without any wild cards. All the users whose

  host name contains wild cards are stored in DYNAMIC_ARRAY acl_wild_hosts.

    ADD/DROP/RENAME user basically updates 'acl_users' along with mysql.user.

  At the end of these operations init_check_hosts() is called to update

  acl_check_hosts and  acl_wild_cards based on 'acl_users'.

    During RENAME, when it updates 'acl_users' in handle_grant_struct(),

  hostname is copied into 'acl_users' list updating only ACL_USER->hostname

  but it does not update ACL_USER->host->ip, ACL_USER->host->ip_mask. This

  is route cause for this bug.

    FLUSH PRIVILEGES command invokes acl_reload(). This function updates all

  members of ACL_USER->host (including ip and ip_mask). Hence attempts to connect

  to MySQL succeeds there after.

  FIX:

    Make changes to handle_grant_struct() to properly update ACL_USER->host->ip,

  ACL_USER->host->ip_mask. This is done using existing update_hostname().

  Note:

    In addition to the fix described above, the code related to acl_host_and_ip is

  modified. The new code helps avoid doing similar mistakes, of updating

  hostname, without updating ip_mask. These changes also improves the related code.