MySQL 8.0.39
Source Code Documentation
security_context.h
Go to the documentation of this file.
1/* Copyright (c) 2017, 2024, Oracle and/or its affiliates.
2
3This program is free software; you can redistribute it and/or modify
4it under the terms of the GNU General Public License, version 2.0,
5as published by the Free Software Foundation.
6
7This program is designed to work with certain software (including
8but not limited to OpenSSL) that is licensed under separate terms,
9as designated in a particular file or component or in included license
10documentation. The authors of MySQL hereby grant you an additional
11permission to link the program and your derivative works with the
12separately licensed software that they have either included with
13the program or referenced in the documentation.
14
15This program is distributed in the hope that it will be useful,
16but WITHOUT ANY WARRANTY; without even the implied warranty of
17MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18GNU General Public License, version 2.0, for more details.
19
20You should have received a copy of the GNU General Public License
21along with this program; if not, write to the Free Software
22Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
23
24#ifndef SECURITY_CONTEXT_H
25#define SECURITY_CONTEXT_H
26
29
30/**
31 Below are the set of services provides methods for components to manipulate
32 the thread's security context.
33 * mysql_thd_security_context
34 * mysql_security_context_factory
35 * mysql_account_database_security_context_lookup
36 * mysql_security_context_options
37
38 These services allows creation, copying, filling in by user account and
39 destruction of security context objects. It also allows getting and setting
40 the security context for a thread. And it also allows reading and setting
41 security context properties.
42
43 The range of the above services allows components to inspect the security
44 context they're running it, impersonate a user account of their choice
45 (a.k.a. sudo in Unix) and craft a security context not related to an
46 existing user account.
47
48 No authentication is done in any of the above services. Authentication is
49 specific to the media and does not belong to the security context, that's
50 used mostly for authorization.
51
52 Make sure you keep the original security context of a thread or restore it
53 when done, as leaving a different security context active may lead to various
54 kinds of problems.
55*/
56
57/* manipulates the THD relationship to the security context */
58BEGIN_SERVICE_DEFINITION(mysql_thd_security_context)
59/**
60 Gets the security context for the thread.
61
62 @param[in] _thd The thread to get the context from
63 @param[out] out_ctx placeholder for the security context handle
64 @retval true failure
65 @retval false success
66*/
68
69/**
70 Sets a new security context for the thread.
71
72 @param[in] _thd The thread to set the context to
73 @param[in] in_ctx The handle of the new security context
74 @retval true failure
75 @retval false success
76*/
78END_SERVICE_DEFINITION(mysql_thd_security_context)
79
80/* factory methods: allocate, deallocate, copy */
81BEGIN_SERVICE_DEFINITION(mysql_security_context_factory)
82/**
83 Creates a new security context and initializes it with the defaults
84 (no access, no user etc).
85
86 @param[out] out_ctx placeholder for the newly created security context
87 handle
88 @retval true failure
89 @retval false success
90*/
92
93/**
94 Deallocates a security context.
95
96 @param[in] ctx The handle of the security context to destroy
97 @retval true failure
98 @retval false success
99*/
101
102/**
103 Duplicates a security context.
104
105 @param[in] in_ctx The handle of the security context to copy
106 @param[out] out_ctx placeholder for the handle of the copied
107 security context
108 @retval true failure
109 @retval false success
110*/
113END_SERVICE_DEFINITION(mysql_security_context_factory)
114
115/* interact with the user account database */
116BEGIN_SERVICE_DEFINITION(mysql_account_database_security_context_lookup)
117/**
118 Looks up in the defined user accounts an account based on
119 the user\@host[ip] combo supplied and checks if the user
120 has access to the database requested.
121 The lookup is done in exactly the same way as at login time.
122 The new security context need to checkout additional privileges using
123 the checkout_acl method.
124 @param[in] ctx The handle of the security context to update
125 @param[in] user The user name to look up
126 @param[in] host The host name to look up
127 @param[in] ip The ip of the incoming connection
128 @param[in] db The database to check access to
129 @retval true failure
130 @retval false success
131*/
133 const char *host, const char *ip, const char *db));
134END_SERVICE_DEFINITION(mysql_account_database_security_context_lookup)
135
136/* options */
137BEGIN_SERVICE_DEFINITION(mysql_security_context_options)
138/**
139 Reads a named security context attribute and returns its value.
140 Currently defined names are:
141
142 - user MYSQL_LEX_CSTRING * login user (a.k.a. the user's part of USER())
143 - host MYSQL_LEX_CSTRING * login host (a.k.a. the host's part of USER())
144 - ip MYSQL_LEX_CSTRING * login client ip
145 - host_or_ip MYSQL_LEX_CSTRING * host, if present, ip if not.
146 - priv_user MYSQL_LEX_CSTRING * authenticated user
147 (a.k.a. the user's part of CURRENT_USER())
148 - priv_host MYSQL_LEX_CSTRING * authenticated host
149 (a.k.a. the host's part of CURRENT_USER())
150 - proxy_user MYSQL_LEX_CSTRING * the proxy user used in authenticating
151
152 - privilege_super DECLARE_BOOL_METHOD * 1 if the user account has
153 supper privilege, 0 otherwise
154 - privilege_execute DECLARE_BOOL_METHOD * 1 if the user account has
155 execute privilege, 0 otherwise
156
157 @param[in] ctx The handle of the security context to read from
158 @param[in] name The option name to read
159 @param[out] inout_pvalue The value of the option. Type depends on the name.
160 @retval true failure
161 @retval false success
162*/
164 void *inout_pvalue));
165
166/**
167 Sets a value for a named security context attribute
168 Currently defined names are:
169
170 - user MYSQL_LEX_CSTRING * login user (a.k.a. the user's part of USER())
171 - host MYSQL_LEX_CSTRING * login host (a.k.a. the host's part of USER())
172 - ip MYSQL_LEX_CSTRING * login client ip
173 - priv_user MYSQL_LEX_CSTRING * authenticated user
174 (a.k.a. the user's part of CURRENT_USER())
175 - priv_host MYSQL_LEX_CSTRING * authenticated host
176 (a.k.a. the host's part of CURRENT_USER())
177 - proxy_user MYSQL_LEX_CSTRING * the proxy user used in authenticating
178
179 - privilege_super DECLARE_BOOL_METHOD * 1 if the user account has
180 supper privilege, 0 otherwise
181 - privilege_execute DECLARE_BOOL_METHOD * 1 if the user account has
182 execute privilege, 0 otherwise
183
184 @param[in] ctx The handle of the security context to set into
185 @param[in] name The option name to set
186 @param[in] pvalue The value of the option. Type depends on the name.
187 @retval true failure
188 @retval false success
189*/
191 void *pvalue));
192END_SERVICE_DEFINITION(mysql_security_context_options)
193
194#endif /* SECURITY_CONTEXT_H */
struct Security_context_handle_imp * Security_context_handle
Definition: dynamic_privilege.h:29
char * user
Definition: mysqladmin.cc:60
const char * host
Definition: mysqladmin.cc:59
void copy(Shards< COUNT > &dst, const Shards< COUNT > &src) noexcept
Copy the counters, overwrite destination.
Definition: ut0counter.h:354
static int destroy(mysql_cond_t *that, const char *, unsigned int)
Definition: mysql_cond_v1_native.cc:54
void get(PSI_field *, PSI_longlong *) noexcept
Definition: pfs_plugin_column_bigint_v1_all_empty.cc:32
static mysql_service_status_t create(const char *service_names[], reference_caching_channel *out_channel) noexcept
Definition: component.cc:36
std::set< Key, Compare, ut::allocator< Key > > set
Specialization of set which uses ut_allocator.
Definition: ut0new.h:2882
#define END_SERVICE_DEFINITION(name)
A macro to end the last Service definition started with the BEGIN_SERVICE_DEFINITION macro.
Definition: service.h:91
#define BEGIN_SERVICE_DEFINITION(name)
Declares a new Service.
Definition: service.h:86
#define DECLARE_BOOL_METHOD(name, args)
Declares a method that returns bool as a part of the Service definition.
Definition: service.h:112
case opt name
Definition: sslopt-case.h:33
char * lookup(UDF_INIT *, UDF_ARGS *args, char *result, unsigned long *res_length, unsigned char *null_value, unsigned char *)
Definition: udf_example.cc:613