"service pack" for SQL statement rewriting module (sql_rewrite.cc):

Tatjana Azundris Nuernberg · Tatjana Azundris Nuernberg · commit a7a65e80ac85 · 2012-06-20T16:27:54.000+01:00
More comments, more tests, some whitespace clean-up.
diff --git a/mysql-test/r/rewrite_general_log.result b/mysql-test/r/rewrite_general_log.result
@@ -11,13 +11,29 @@ set charset default,@dummy='A';
 set names 'latin1',@dummy='B';
 set names 'latin1' collate 'latin1_german2_ci';
 set names default,@dummy='c';
-GRANT ALL on *.* TO test_user1 IDENTIFIED BY 'azundris1';
+CREATE TABLE     t1(f1 INT, f2 INT, f3 INT, f4 INT);
+CREATE PROCEDURE proc_rewrite_1() INSERT INTO test.t1 VALUES ("hocus pocus");
+CREATE FUNCTION  func_rewrite_1(i INT) RETURNS INT DETERMINISTIC RETURN i+1;
+GRANT SELECT(f2), INSERT(f3), INDEX, UPDATE(f1,f3, f2, f4), ALTER
+on test.t1 TO test_user1 IDENTIFIED BY 'azundris1';
+GRANT ALL ON PROCEDURE test.proc_rewrite_1 TO test_user1;
+GRANT EXECUTE ON FUNCTION test.func_rewrite_1 TO test_user1;
+GRANT USAGE ON TABLE test.* TO test_user3@localhost REQUIRE SSL;
+GRANT SELECT,USAGE ON test.* TO test_user3@localhost REQUIRE X509 WITH
+MAX_QUERIES_PER_HOUR 1 MAX_UPDATES_PER_HOUR 2
+MAX_CONNECTIONS_PER_HOUR 3 MAX_USER_CONNECTIONS 4;
+GRANT SELECT ON test.* TO test_user3@localhost REQUIRE NONE
+WITH GRANT OPTION;
+DROP PROCEDURE proc_rewrite_1;
+DROP FUNCTION  func_rewrite_1;
+DROP TABLE     t1;
 CREATE USER test_user2 IDENTIFIED BY 'azundris2';
 CHANGE MASTER TO MASTER_PASSWORD='azundris3';
 CREATE USER 'test_user4'@'localhost';
 SET PASSWORD FOR 'test_user4'@'localhost' = PASSWORD('azundris4');
 SET GLOBAL general_log=       'OFF';
 DROP USER 'test_user4'@'localhost';
+DROP USER 'test_user3'@'localhost';
 DROP USER test_user2;
 DROP USER test_user1;
 CREATE TABLE test_log (argument TEXT);
@@ -32,14 +48,14 @@ Show that we logged stuff at all:
 ------ from file ------
 SELECT TRIM(LEADING '\t' FROM MID(argument,LOCATE('Query',argument)+5)) FROM test_log WHERE argument LIKE '%PASSWORD %';
 TRIM(LEADING '\t' FROM MID(argument,LOCATE('Query',argument)+5))
-GRANT ALL PRIVILEGES ON *.* TO 'test_user1'@'%' IDENTIFIED BY PASSWORD '*8D15E74BC850D11573A52BE84B504DD0BA40C1E3'
+GRANT SELECT (f2), INSERT (f3), UPDATE (f2, f3, f1, f4), INDEX, ALTER ON `test`.`t1` TO 'test_user1'@'%' IDENTIFIED BY PASSWORD '*8D15E74BC850D11573A52BE84B504DD0BA40C1E3'
 CREATE USER 'test_user2'@'%' IDENTIFIED BY PASSWORD '*A142844DBF024D282D88FE19CB4D3FA13B1E96E0'
 CHANGE MASTER TO MASTER_PASSWORD = <secret>
 SET PASSWORD FOR `test_user4`@`localhost`=<secret>
 ------ from table ------
 SELECT argument FROM mysql.general_log WHERE argument LIKE '%PASSWORD %';
 argument
-GRANT ALL PRIVILEGES ON *.* TO 'test_user1'@'%' IDENTIFIED BY PASSWORD '*8D15E74BC850D11573A52BE84B504DD0BA40C1E3'
+GRANT SELECT (f2), INSERT (f3), UPDATE (f2, f3, f1, f4), INDEX, ALTER ON `test`.`t1` TO 'test_user1'@'%' IDENTIFIED BY PASSWORD '*8D15E74BC850D11573A52BE84B504DD0BA40C1E3'
 CREATE USER 'test_user2'@'%' IDENTIFIED BY PASSWORD '*A142844DBF024D282D88FE19CB4D3FA13B1E96E0'
 CHANGE MASTER TO MASTER_PASSWORD = <secret>
 SET PASSWORD FOR `test_user4`@`localhost`=<secret>
@@ -54,6 +70,14 @@ argument
 SET NAMES 'latin1',@dummy:='B'
 SET NAMES 'latin1' COLLATE 'latin1_german2_ci'
 SET NAMES DEFAULT,@dummy:='c'
+SELECT argument FROM mysql.general_log WHERE argument LIKE 'GRANT %';
+argument
+GRANT SELECT (f2), INSERT (f3), UPDATE (f2, f3, f1, f4), INDEX, ALTER ON `test`.`t1` TO 'test_user1'@'%' IDENTIFIED BY PASSWORD '*8D15E74BC850D11573A52BE84B504DD0BA40C1E3'
+GRANT ALL PRIVILEGES ON PROCEDURE `test`.`proc_rewrite_1` TO 'test_user1'@'%'
+GRANT EXECUTE ON FUNCTION `test`.`func_rewrite_1` TO 'test_user1'@'%'
+GRANT USAGE ON `test`.* TO 'test_user3'@'localhost' REQUIRE SSL
+GRANT SELECT ON `test`.* TO 'test_user3'@'localhost' REQUIRE X509 WITH MAX_QUERIES_PER_HOUR 1 MAX_UPDATES_PER_HOUR 2 MAX_CONNECTIONS_PER_HOUR 3 MAX_USER_CONNECTIONS 4
+GRANT SELECT ON `test`.* TO 'test_user3'@'localhost' REQUIRE NONE WITH GRANT OPTION
 ------ done ------ see log_tables.test for more proof! :)
 Bug#13958454 -- show we print SET @a:=5, but SELECT (@a:=5)
 EXPLAIN EXTENDED SELECT @a=5,@b:=10,@c:=20,@d:=40+5,(@e:=80)+5;
diff --git a/mysql-test/t/rewrite_general_log.test b/mysql-test/t/rewrite_general_log.test
@@ -19,15 +19,33 @@ SET GLOBAL log_output =       'FILE,TABLE';
 SET GLOBAL general_log=       'ON';
 
 # SET NAMES / SET CHARSET
-# keep these in lower case we can tell them from the upper case rewrites!
+# keep these in lower case so we can tell them from the upper case rewrites!
 set character set 'hebrew';
 set charset default,@dummy='A';
 set names 'latin1',@dummy='B';
 set names 'latin1' collate 'latin1_german2_ci';
 set names default,@dummy='c';
 
 # 1.1.1.1
-GRANT ALL on *.* TO test_user1 IDENTIFIED BY 'azundris1';
+
+CREATE TABLE     t1(f1 INT, f2 INT, f3 INT, f4 INT);
+CREATE PROCEDURE proc_rewrite_1() INSERT INTO test.t1 VALUES ("hocus pocus");
+CREATE FUNCTION  func_rewrite_1(i INT) RETURNS INT DETERMINISTIC RETURN i+1;
+
+GRANT SELECT(f2), INSERT(f3), INDEX, UPDATE(f1,f3, f2, f4), ALTER
+      on test.t1 TO test_user1 IDENTIFIED BY 'azundris1';
+GRANT ALL ON PROCEDURE test.proc_rewrite_1 TO test_user1;
+GRANT EXECUTE ON FUNCTION test.func_rewrite_1 TO test_user1;
+GRANT USAGE ON TABLE test.* TO test_user3@localhost REQUIRE SSL;
+GRANT SELECT,USAGE ON test.* TO test_user3@localhost REQUIRE X509 WITH
+      MAX_QUERIES_PER_HOUR 1 MAX_UPDATES_PER_HOUR 2
+      MAX_CONNECTIONS_PER_HOUR 3 MAX_USER_CONNECTIONS 4;
+GRANT SELECT ON test.* TO test_user3@localhost REQUIRE NONE
+      WITH GRANT OPTION;
+
+DROP PROCEDURE proc_rewrite_1;
+DROP FUNCTION  func_rewrite_1;
+DROP TABLE     t1;
 
 # 1.1.1.2
 CREATE USER test_user2 IDENTIFIED BY 'azundris2';
@@ -45,6 +63,7 @@ SET PASSWORD FOR 'test_user4'@'localhost' = PASSWORD('azundris4');
 SET GLOBAL general_log=       'OFF';
 
 DROP USER 'test_user4'@'localhost';
+DROP USER 'test_user3'@'localhost';
 DROP USER test_user2;
 DROP USER test_user1;
 
@@ -72,6 +91,7 @@ SELECT argument FROM mysql.general_log WHERE argument LIKE '%PASSWORD %';
 --echo ------ rewrite ------
 SELECT argument FROM mysql.general_log WHERE argument LIKE 'SET CHARACTER SET %';
 SELECT argument FROM mysql.general_log WHERE argument LIKE 'SET NAMES %';
+SELECT argument FROM mysql.general_log WHERE argument LIKE 'GRANT %';
 --echo ------ done ------ see log_tables.test for more proof! :)
 
 --echo Bug#13958454 -- show we print SET @a:=5, but SELECT (@a:=5)
diff --git a/sql/sql_rewrite.cc b/sql/sql_rewrite.cc
@@ -16,6 +16,22 @@
    02110-1301  USA */
 
 
+/*
+  In here, we rewrite queries (to obfuscate passwords etc.) that need it
+  before we log them.
+
+  Stored procedures may also rewrite their statements (to show the actual
+  values of their variables etc.). There is currently no scenario where
+  a statement can be eligible for both rewrites. (see sp_instr.cc)
+  Special consideration will need to be taken if this assertion is changed.
+
+  We also do not intersect with query cache at this time, as QC only
+  caches SELECTs (which we don't rewrite). If and when QC becomes more
+  general, it should probably cache the rewritten query along with the
+  user-submitted one. (see sql_parse.cc)
+*/
+
+
 #include "sql_acl.h"    // append_user
 #include "sql_parse.h"  // get_current_user
 #include "sql_show.h"   // append_identifier
@@ -39,7 +55,7 @@ static void mysql_rewrite_grant(THD *thd, String *rlb)
   {
     ulong priv;
 
-    for (c= 0, priv = SELECT_ACL; priv <= GLOBAL_ACLS; c++, priv <<= 1)
+    for (c= 0, priv= SELECT_ACL; priv <= GLOBAL_ACLS; c++, priv <<= 1)
     {
       if (priv == GRANT_ACL)
         continue;
@@ -54,7 +70,13 @@ static void mysql_rewrite_grant(THD *thd, String *rlb)
         cols.length(0);
         cols.append(STRING_WITH_LEN(" ("));
 
-        while ((column = column_iter++))
+        /*
+          If the statement was GRANT SELECT(f2), INSERT(f3), UPDATE(f1,f3, f2),
+          our list cols will contain the order f2, f3, f1, and thus that's
+          the order we'll recreate the privilege: UPDATE (f2, f3, f1)
+        */
+
+        while ((column= column_iter++))
         {
           if (column->rights & priv)
           {
@@ -95,12 +117,14 @@ static void mysql_rewrite_grant(THD *thd, String *rlb)
   {
     append_identifier(thd, rlb, first_table->db, strlen(first_table->db));
     rlb->append(STRING_WITH_LEN("."));
-    append_identifier(thd, rlb, first_table->table_name, strlen(first_table->table_name));
+    append_identifier(thd, rlb, first_table->table_name,
+                      strlen(first_table->table_name));
   }
   else
   {
     if (lex->current_select->db)
-      append_identifier(thd, rlb, lex->current_select->db, strlen(lex->current_select->db));
+      append_identifier(thd, rlb, lex->current_select->db,
+                        strlen(lex->current_select->db));
     else
       rlb->append("*");
     rlb->append(STRING_WITH_LEN(".*"));
