1 #ifndef AUTH_INTERNAL_INCLUDED 2 #define AUTH_INTERNAL_INCLUDED 3 4 /* Copyright (c) 2000, 2021, Oracle and/or its affiliates. 5 6 This program is free software; you can redistribute it and/or modify 7 it under the terms of the GNU General Public License, version 2.0, 8 as published by the Free Software Foundation. 9 10 This program is also distributed with certain software (including 11 but not limited to OpenSSL) that is licensed under separate terms, 12 as designated in a particular file or component or in included license 13 documentation. The authors of MySQL hereby grant you an additional 14 permission to link the program and your derivative works with the 15 separately licensed software that they have included with MySQL. 16 17 This program is distributed in the hope that it will be useful, 18 but WITHOUT ANY WARRANTY; without even the implied warranty of 19 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 20 GNU General Public License, version 2.0, for more details. 21 22 You should have received a copy of the GNU General Public License 23 along with this program; if not, write to the Free Software Foundation, 24 51 Franklin Street, Suite 500, Boston, MA 02110-1335 USA */ 25 /* Internals */ 26 27 #include "my_global.h" /* NO_EMBEDDED_ACCESS_CHECKS */ 28 #include "violite.h" /* SSL_type */ 29 30 #include "auth_common.h" 31 32 class ACL_USER; 33 class ACL_PROXY_USER; 34 class GRANT_NAME; 35 class GRANT_TABLE; 36 class GRANT_COLUMN; 37 struct TABLE; 38 39 /* sql_authentication */ 40 void optimize_plugin_compare_by_pointer(LEX_CSTRING *plugin_name); 41 bool auth_plugin_is_built_in(const char *plugin_name); 42 bool auth_plugin_supports_expiration(const char *plugin_name); 43 44 45 const ACL_internal_table_access * 46 get_cached_table_access(GRANT_INTERNAL_INFO *grant_internal_info, 47 const char *schema_name, const char *table_name); 48 49 /* sql_auth_cache */ 50 ulong get_sort(uint count,...); 51 52 53 #ifndef NO_EMBEDDED_ACCESS_CHECKS 54 55 /*sql_authentication */ 56 bool rsa_auth_status(); 57 58 /* sql_auth_cache */ 59 void rebuild_check_host(void); 60 ACL_USER * find_acl_user(const char *host, 61 const char *user, 62 my_bool exact); 63 ACL_PROXY_USER * acl_find_proxy_user(const char *user, 64 const char *host, 65 const char *ip, 66 char *authenticated_as, 67 bool *proxy_used); 68 bool set_user_salt(ACL_USER *acl_user); 69 void acl_insert_proxy_user(ACL_PROXY_USER *new_value); 70 71 void acl_update_user(const char *user, const char *host, 72 enum SSL_type ssl_type, 73 const char *ssl_cipher, 74 const char *x509_issuer, 75 const char *x509_subject, 76 USER_RESOURCES *mqh, 77 ulong privileges, 78 const LEX_CSTRING &plugin, 79 const LEX_CSTRING &auth, 80 MYSQL_TIME password_change_time, 81 LEX_ALTER password_life, 82 ulong what_is_set); 83 void acl_insert_user(const char *user, const char *host, 84 enum SSL_type ssl_type, 85 const char *ssl_cipher, 86 const char *x509_issuer, 87 const char *x509_subject, 88 USER_RESOURCES *mqh, 89 ulong privileges, 90 const LEX_CSTRING &plugin, 91 const LEX_CSTRING &auth, 92 MYSQL_TIME password_change_time, 93 LEX_ALTER password_life); 94 void acl_update_proxy_user(ACL_PROXY_USER *new_value, bool is_revoke); 95 void acl_update_db(const char *user, const char *host, const char *db, 96 ulong privileges); 97 void acl_insert_db(const char *user, const char *host, const char *db, 98 ulong privileges); 99 bool update_sctx_cache(Security_context *sctx, ACL_USER *acl_user_ptr, 100 bool expired); 101 102 /* sql_user_table */ 103 ulong get_access(TABLE *form,uint fieldnr, uint *next_field); 104 bool acl_end_trans_and_close_tables(THD *thd, bool rollback_transaction); 105 void acl_notify_htons(THD* thd, const char* query, size_t query_length); 106 int replace_db_table(TABLE *table, const char *db, 107 const LEX_USER &combo, 108 ulong rights, bool revoke_grant); 109 int replace_user_table(THD *thd, TABLE *table, LEX_USER *combo, 110 ulong rights, bool revoke_grant, 111 bool can_create_user, ulong what_to_replace); 112 int replace_proxies_priv_table(THD *thd, TABLE *table, const LEX_USER *user, 113 const LEX_USER *proxied_user, 114 bool with_grant_arg, bool revoke_grant); 115 int replace_column_table(GRANT_TABLE *g_t, 116 TABLE *table, const LEX_USER &combo, 117 List <LEX_COLUMN> &columns, 118 const char *db, const char *table_name, 119 ulong rights, bool revoke_grant); 120 int replace_table_table(THD *thd, GRANT_TABLE *grant_table, 121 TABLE *table, const LEX_USER &combo, 122 const char *db, const char *table_name, 123 ulong rights, ulong col_rights, 124 bool revoke_grant); 125 int replace_routine_table(THD *thd, GRANT_NAME *grant_name, 126 TABLE *table, const LEX_USER &combo, 127 const char *db, const char *routine_name, 128 bool is_proc, ulong rights, bool revoke_grant); 129 int open_grant_tables(THD *thd, TABLE_LIST *tables, bool *transactional_tables); 130 int handle_grant_table(TABLE_LIST *tables, uint table_no, bool drop, 131 LEX_USER *user_from, LEX_USER *user_to); 132 133 void acl_print_ha_error(TABLE *table, int handler_error); 134 /* sql_authorization */ 135 bool is_privileged_user_for_credential_change(THD *thd); 136 137 #endif /* NO_EMBEDDED_ACCESS_CHECKS */ 138 139 #endif /* AUTH_INTERNAL_INCLUDED */ 140