23#ifndef SQL_USER_CACHE_INCLUDED
24#define SQL_USER_CACHE_INCLUDED
30#include <boost/graph/adjacency_list.hpp>
31#include <boost/graph/graph_selectors.hpp>
32#include <boost/graph/graph_traits.hpp>
33#include <boost/graph/properties.hpp>
34#include <boost/pending/property.hpp>
38#include <unordered_map>
67template <
typename Element_type,
size_t Prealloc>
123 static bool calc_ip_mask(
const char *ip_arg,
long *val);
135 static const char *
calc_ip(
const char *ip_arg,
long *val);
222#define NUM_CREDENTIALS 2
223#define PRIMARY_CRED (NUM_CREDENTIALS - NUM_CREDENTIALS)
224#define SECOND_CRED (PRIMARY_CRED + 1)
330 bool update(
THD *thd,
bool successful_login,
long *ret_days_remaining);
385 void init(
const char *host_arg,
const char *user_arg,
386 const char *proxied_host_arg,
const char *proxied_user_arg,
387 bool with_grant_arg);
390 const char *proxied_host_arg,
const char *proxied_user_arg,
391 bool with_grant_arg);
404 bool matches(
const char *host_arg,
const char *user_arg,
const char *ip_arg,
405 const char *proxied_user_arg,
bool any_proxy_user);
408 return (a == b || (a !=
nullptr && b !=
nullptr && !strcmp(a, b)));
413 bool granted_on(
const char *host_arg,
const char *user_arg) {
415 ((!
user && (!user_arg || !user_arg[0])) ||
416 (
user && user_arg && !strcmp(
user, user_arg))) &&
435 const char *grantor);
467 GRANT_NAME(
const char *h,
const char *d,
const char *u,
const char *t,
473 const char *t,
bool is_routine);
483 GRANT_TABLE(
const char *h,
const char *d,
const char *u,
const char *t,
546 const char *
host,
const char *ip,
const char *db,
const char *
user,
547 const char *tname,
bool exact,
bool name_tolower) {
550 std::string
name = tname;
559 auto it_range = name_hash.equal_range(
key);
560 for (
auto it = it_range.first; it != it_range.second; ++it) {
561 T *grant_name = it->second.get();
563 if (!grant_name->host.get_host() ||
565 grant_name->host.get_host())) ||
566 (ip && !strcmp(ip, grant_name->host.get_host())))
569 if (grant_name->host.compare_hostname(
host, ip) &&
570 (!found || found->sort < grant_name->sort))
581 const char *db,
const char *
user,
583 Acl_type routine_acl_type,
bool exact) {
585 db,
user, tname, exact,
true);
589 const char *db,
const char *
user,
590 const char *tname,
bool exact) {
616 boost::property<boost::vertex_name_t, std::string>>
622typedef boost::adjacency_list<boost::setS,
624 boost::bidirectionalS,
630typedef boost::graph_traits<Granted_roles_graph>::vertex_descriptor
634typedef boost::graph_traits<Granted_roles_graph>::edge_descriptor
642using degree_s_t = boost::graph_traits<Granted_roles_graph>::degree_size_type;
646 boost::graph_traits<Granted_roles_graph>::out_edge_iterator;
650 boost::graph_traits<Granted_roles_graph>::in_edge_iterator;
664 void *
operator new(
size_t size);
665 void operator delete(
void *
p);
796 bool lock(
bool raise_error =
true);
871 uint remaining_login_attempts,
long daynr_locked);
879 uint remaining_login_attempts,
uint32_t Access_bitmask
Definition: auth_acls.h:34
std::pair< LEX_CSTRING, LEX_CSTRING > Auth_id_ref
user, host tuple which reference either acl_cache or g_default_roles
Definition: auth_common.h:83
std::vector< Auth_id_ref > List_of_auth_id_refs
Definition: auth_common.h:84
std::vector< ACL_temporary_lock_state > Lock_state_list
Definition: auth_common.h:72
std::map< std::string, Access_bitmask > SP_access_map
Definition: auth_internal.h:63
std::map< std::string, Access_bitmask > Db_access_map
Definition: auth_internal.h:64
std::map< std::string, bool > Dynamic_privileges
Definition: auth_internal.h:280
std::unordered_set< std::string > Grant_acl_set
Definition: auth_internal.h:88
Kerberos Client Authentication nullptr
Definition: auth_kerberos_client_plugin.cc:251
Definition: sql_auth_cache.h:161
Access_bitmask access
Definition: sql_auth_cache.h:166
ACL_HOST_AND_IP host
Definition: sql_auth_cache.h:164
ACL_ACCESS()
Definition: sql_auth_cache.h:163
ulong sort
Definition: sql_auth_cache.h:165
Definition: sql_auth_cache.h:358
char * user
Definition: sql_auth_cache.h:360
char * db
Definition: sql_auth_cache.h:360
void set_user(MEM_ROOT *mem, const char *user_arg)
Definition: sql_auth_cache.cc:714
void set_host(MEM_ROOT *mem, const char *host_arg)
Definition: sql_auth_cache.cc:718
Definition: sql_auth_cache.h:75
bool check_allow_all_hosts()
Definition: sql_auth_cache.h:152
bool has_wildcard()
Definition: sql_auth_cache.h:147
static bool calc_cidr_mask(const char *ip_arg, long *val)
IP mask parsing in the CIDR format.
Definition: sql_auth_cache.cc:252
long ip_mask
Definition: sql_auth_cache.h:97
size_t get_host_len() const
Definition: sql_auth_cache.h:145
enum_ip_mask_type
IP mask type enum.
Definition: sql_auth_cache.h:80
@ ip_mask_type_cidr
IP specified with a mask in a CIDR form.
Definition: sql_auth_cache.h:88
@ ip_mask_type_subnet
IP specified with a mask in a form of a subnet.
Definition: sql_auth_cache.h:92
@ ip_mask_type_implicit
Only IP is specified.
Definition: sql_auth_cache.h:84
static const char * calc_ip(const char *ip_arg, long *val)
IP parsing.
Definition: sql_auth_cache.cc:275
long ip
Definition: sql_auth_cache.h:97
static bool calc_ip_mask(const char *ip_arg, long *val)
IP mask parsing in the subnet format.
Definition: sql_auth_cache.cc:263
size_t hostname_length
Definition: sql_auth_cache.h:96
void update_hostname(const char *host_arg)
Update the hostname.
Definition: sql_auth_cache.cc:296
ACL_HOST_AND_IP()
Definition: sql_auth_cache.h:138
const char * get_host() const
Definition: sql_auth_cache.h:144
enum_ip_mask_type ip_mask_type
IP mask type.
Definition: sql_auth_cache.h:101
const char * hostname
Definition: sql_auth_cache.h:95
bool compare_hostname(const char *host_arg, const char *ip_arg)
Definition: sql_auth_cache.cc:348
Definition: sql_auth_cache.h:217
char * db
Definition: sql_auth_cache.h:219
Definition: sql_auth_cache.h:366
ACL_HOST_AND_IP proxied_host
Definition: sql_auth_cache.h:368
static int store_data_record(TABLE *table, const LEX_CSTRING &host, const LEX_CSTRING &user, const LEX_CSTRING &proxied_host, const LEX_CSTRING &proxied_user, bool with_grant, const char *grantor)
Definition: sql_auth_cache.cc:688
bool get_with_grant()
Definition: sql_auth_cache.h:395
const char * get_proxied_host()
Definition: sql_auth_cache.h:398
void print_grant(THD *thd, String *str)
Definition: sql_auth_cache.cc:641
bool matches(const char *host_arg, const char *user_arg, const char *ip_arg, const char *proxied_user_arg, bool any_proxy_user)
Definition: sql_auth_cache.cc:592
const char * get_user()
Definition: sql_auth_cache.h:396
void set_host(MEM_ROOT *mem, const char *host_arg)
Definition: sql_auth_cache.cc:710
size_t get_proxied_user_length() const
Definition: sql_auth_cache.h:439
size_t get_user_length() const
Definition: sql_auth_cache.h:437
void init(const char *host_arg, const char *user_arg, const char *proxied_host_arg, const char *proxied_user_arg, bool with_grant_arg)
Definition: sql_auth_cache.cc:543
static int store_pk(TABLE *table, const LEX_CSTRING &host, const LEX_CSTRING &user, const LEX_CSTRING &proxied_host, const LEX_CSTRING &proxied_user)
Definition: sql_auth_cache.cc:652
bool pk_equals(ACL_PROXY_USER *grant)
Definition: sql_auth_cache.cc:618
bool check_validity(bool check_no_resolve)
Definition: sql_auth_cache.cc:579
static bool auth_element_equals(const char *a, const char *b)
Definition: sql_auth_cache.h:407
void set_user(MEM_ROOT *mem, const char *user_arg)
Definition: sql_auth_cache.cc:706
static int store_with_grant(TABLE *table, bool with_grant)
Definition: sql_auth_cache.cc:678
void set_data(ACL_PROXY_USER *grant)
Definition: sql_auth_cache.h:423
old_acl_proxy_users
Definition: sql_auth_cache.h:372
@ MYSQL_PROXIES_PRIV_PROXIED_HOST
Definition: sql_auth_cache.h:375
@ MYSQL_PROXIES_PRIV_HOST
Definition: sql_auth_cache.h:373
@ MYSQL_PROXIES_PRIV_WITH_GRANT
Definition: sql_auth_cache.h:377
@ MYSQL_PROXIES_PRIV_GRANTOR
Definition: sql_auth_cache.h:378
@ MYSQL_PROXIES_PRIV_PROXIED_USER
Definition: sql_auth_cache.h:376
@ MYSQL_PROXIES_PRIV_TIMESTAMP
Definition: sql_auth_cache.h:379
@ MYSQL_PROXIES_PRIV_USER
Definition: sql_auth_cache.h:374
const char * proxied_user
Definition: sql_auth_cache.h:369
const char * get_proxied_user()
Definition: sql_auth_cache.h:397
const char * user
Definition: sql_auth_cache.h:367
bool granted_on(const char *host_arg, const char *user_arg)
Definition: sql_auth_cache.h:413
bool with_grant
Definition: sql_auth_cache.h:370
Definition: sql_auth_cache.h:309
Password_locked_state()
Definition: sql_auth_cache.h:331
bool is_default() const
Definition: sql_auth_cache.h:314
void set_parameters(int password_lock_time_days, uint failed_login_attempts)
Definition: sql_auth_cache.cc:406
int m_password_lock_time_days
read from the user config.
Definition: sql_auth_cache.h:341
uint get_failed_login_attempts() const
Definition: sql_auth_cache.h:321
bool is_active() const
Definition: sql_auth_cache.h:311
void set_temporary_lock_state_parameters(uint remaining_login_attempts, long daynr_locked)
Definition: sql_auth_cache.cc:400
uint m_remaining_login_attempts
The remaining login tries, valid only if m_failed_login_attempts and m_password_lock_time_days are no...
Definition: sql_auth_cache.h:351
long m_daynr_locked
The day the account is locked, 0 if not locked.
Definition: sql_auth_cache.h:353
uint get_remaining_login_attempts() const
Definition: sql_auth_cache.h:322
uint m_failed_login_attempts
read from the user config.
Definition: sql_auth_cache.h:346
int get_password_lock_time_days() const
Definition: sql_auth_cache.h:318
bool update(THD *thd, bool successful_login, long *ret_days_remaining)
Updates the password locked state based on the time of day fetched from the THD.
Definition: sql_auth_cache.cc:425
long get_daynr_locked() const
Definition: sql_auth_cache.h:325
Class that compares ACL_USER objects.
Definition: sql_auth_cache.h:196
bool operator()(const ACL_USER &a, const ACL_USER &b)
Determine sort order of two user accounts.
Definition: sql_auth_cache.cc:4005
Definition: sql_auth_cache.h:248
bool account_locked
Specifies whether the user account is locked or unlocked.
Definition: sql_auth_cache.h:263
Acl_credential credentials[NUM_CREDENTIALS]
Additional credentials.
Definition: sql_auth_cache.h:300
void set_mfa(MEM_ROOT *mem, I_multi_factor_auth *m)
Definition: sql_auth_cache.cc:525
MYSQL_TIME password_last_changed
Definition: sql_auth_cache.h:257
bool use_default_password_reuse_interval
Ignore password_reuse_interval, use the global default global_password_reuse_interval.
Definition: sql_auth_cache.h:290
uint password_lifetime
Definition: sql_auth_cache.h:258
Lex_acl_attrib_udyn password_require_current
The current password needed to be specified while changing it.
Definition: sql_auth_cache.h:295
bool can_authenticate
Definition: sql_auth_cache.h:256
bool is_role
If this ACL_USER was used as a role id then this flag is true.
Definition: sql_auth_cache.h:269
void set_host(MEM_ROOT *mem, const char *host_arg)
Definition: sql_auth_cache.cc:521
LEX_CSTRING plugin
Definition: sql_auth_cache.h:254
bool use_default_password_history
Ignore password_history_length, use the global default global_password_history.
Definition: sql_auth_cache.h:280
ACL_USER()
Definition: sql_auth_cache.cc:362
enum SSL_type ssl_type
Definition: sql_auth_cache.h:252
const char * x509_subject
Definition: sql_auth_cache.h:253
const char * ssl_cipher
Definition: sql_auth_cache.h:253
size_t get_username_length() const
Definition: sql_auth_cache.h:308
uint32 password_reuse_interval
The number of days that would have to pass before a password can be reused.
Definition: sql_auth_cache.h:285
I_multi_factor_auth * m_mfa
Definition: sql_auth_cache.h:355
bool password_expired
Definition: sql_auth_cache.h:255
USER_RESOURCES user_resource
Definition: sql_auth_cache.h:250
void set_user(MEM_ROOT *mem, const char *user_arg)
Definition: sql_auth_cache.cc:517
class ACL_USER::Password_locked_state password_locked_state
char * user
Definition: sql_auth_cache.h:251
const char * x509_issuer
Definition: sql_auth_cache.h:253
bool use_default_password_lifetime
Definition: sql_auth_cache.h:259
uint32 password_history_length
The number of old passwords to check when setting a new password.
Definition: sql_auth_cache.h:274
ACL_USER * copy(MEM_ROOT *root)
Definition: sql_auth_cache.cc:483
Class that compares ACL_ACCESS objects.
Definition: sql_auth_cache.h:174
bool operator()(const ACL_ACCESS &a, const ACL_ACCESS &b)
Determine sort order of two user accounts.
Definition: sql_auth_cache.cc:3975
Enables preserving temporary account locking attributes during ACL DDL.
Definition: sql_auth_cache.h:868
static bool is_modified(ACL_USER *acl_user)
Definition: sql_auth_cache.cc:2184
const char * m_host
Definition: sql_auth_cache.h:887
const uint m_remaining_login_attempts
Definition: sql_auth_cache.h:889
static void restore_temporary_account_locking(Prealloced_array< ACL_USER, ACL_PREALLOC_SIZE > *old_acl_users, Lock_state_list *modified_user_lock_state_list)
Enables restoring temporary account locking attributes of all users after ACL reload.
Definition: sql_auth_cache.cc:2253
const long m_daynr_locked
Definition: sql_auth_cache.h:890
static void restore_user_lock_state(const char *host, const char *user, uint remaining_login_attempts, long daynr_locked)
Enables restoring temporary account locking attributes of a user after ACL reload.
Definition: sql_auth_cache.cc:2231
const char * m_user
Definition: sql_auth_cache.h:888
ACL_temporary_lock_state(const char *host, const char *user, uint remaining_login_attempts, long daynr_locked)
Definition: sql_auth_cache.cc:2176
static ACL_USER * preserve_user_lock_state(const char *host, const char *user, Lock_state_list &user_list)
Enables preserving temporary account locking attributes of a user during ACL DDL.
Definition: sql_auth_cache.cc:2203
Definition: sql_auth_cache.h:499
Acl_cache_allocator(const Acl_cache_allocator< U > &other)
Definition: sql_auth_cache.h:508
Acl_cache_allocator & operator=(const Acl_cache_allocator< U > &other)
Definition: sql_auth_cache.h:512
Acl_cache_allocator()
Definition: sql_auth_cache.h:501
Lock guard for ACL Cache.
Definition: sql_auth_cache.h:785
Acl_cache_lock_guard(THD *thd, Acl_cache_lock_mode mode)
Acl_cache_lock_guard constructor.
Definition: sql_auth_cache.cc:3756
Acl_cache_lock_mode m_mode
Lock mode.
Definition: sql_auth_cache.h:806
bool lock(bool raise_error=true)
Explicitly take lock on Acl_cache_lock_cache object.
Definition: sql_auth_cache.cc:3772
void unlock()
Explicitly unlock all acquired locks.
Definition: sql_auth_cache.cc:3802
~Acl_cache_lock_guard()
Acl_cache_lock_guard destructor.
Definition: sql_auth_cache.h:794
bool already_locked()
Check whether lock is already obtained or not.
Definition: sql_auth_cache.cc:3834
bool m_locked
Lock status.
Definition: sql_auth_cache.h:808
THD * m_thd
Handle to THD object.
Definition: sql_auth_cache.h:804
Definition: sql_auth_cache.h:700
int32 size()
Return a snapshot of the number of items in the cache.
Definition: sql_auth_cache.cc:3509
void increase_version()
When ever the role graph is modified we must flatten the privileges again.
Definition: sql_auth_cache.cc:3487
uint64 version()
Return a lower boundary to the current version count.
Definition: sql_auth_cache.cc:3507
~Acl_cache()
Definition: sql_auth_cache.cc:3404
Acl_map * create_acl_map(uint64 version, Security_context *sctx)
Creates a new acl map for the authorization id of the security context.
Definition: sql_auth_cache.cc:3657
mysql_mutex_t m_cache_flush_mutex
Definition: sql_auth_cache.h:769
void flush_cache()
Removes all acl map objects with a references count of zero.
Definition: sql_auth_cache.cc:3596
std::atomic< uint64 > m_role_graph_version
Role graph version counter.
Definition: sql_auth_cache.h:767
void clear_acl_cache()
Removes all acl map objects when shutdown_acl_cache is called.
Definition: sql_auth_cache.cc:3639
Acl_cache_internal m_cache
Definition: sql_auth_cache.h:768
Acl_cache()
Definition: sql_auth_cache.cc:3391
Acl_map * checkout_acl_map(Security_context *sctx, Auth_id_ref &uid, List_of_auth_id_refs &active_roles)
Returns a pointer to an acl map to the caller and increase the reference count on the object,...
Definition: sql_auth_cache.cc:3511
void return_acl_map(Acl_map *map)
When the security context is done with the acl map it calls the cache to decrease the reference count...
Definition: sql_auth_cache.cc:3567
Definition: sql_auth_cache.h:226
uint8 m_salt[SCRAMBLE_LENGTH+1]
The salt variable is used as the password hash for native_password_authetication.
Definition: sql_auth_cache.h:240
uint8 m_salt_len
In the old protocol the salt_len indicated what type of autnetication protocol was used: 0 - no passw...
Definition: sql_auth_cache.h:245
LEX_CSTRING m_auth_string
Definition: sql_auth_cache.h:235
Acl_credential()
Definition: sql_auth_cache.h:228
Container for global, schema, table/view and routine ACL maps.
Definition: sql_auth_cache.h:653
Grant_acl_set * grant_acls()
Definition: sql_auth_cache.cc:3469
void increase_reference_count()
Definition: sql_auth_cache.cc:3483
std::atomic< int32 > m_reference_count
Definition: sql_auth_cache.h:684
Dynamic_privileges * dynamic_privileges()
Definition: sql_auth_cache.cc:3477
Restrictions & restrictions()
Definition: sql_auth_cache.cc:3481
SP_access_map * lib_acls()
Definition: sql_auth_cache.cc:3475
Acl_map(Security_context *sctx, uint64 ver)
Definition: sql_auth_cache.cc:3409
Acl_map & operator=(const Acl_map &map)
Definition: sql_auth_cache.cc:3459
void decrease_reference_count()
Definition: sql_auth_cache.cc:3485
Acl_map(const Acl_map &map)=delete
~Acl_map()
Definition: sql_auth_cache.cc:3437
Db_access_map * db_acls()
Definition: sql_auth_cache.cc:3463
SP_access_map m_sp_acls
Definition: sql_auth_cache.h:690
Table_access_map m_table_acls
Definition: sql_auth_cache.h:688
Access_bitmask m_global_acl
Definition: sql_auth_cache.h:689
uint32 reference_count()
Definition: sql_auth_cache.h:681
SP_access_map m_lib_acls
Definition: sql_auth_cache.h:692
Db_access_map * db_wild_acls()
Definition: sql_auth_cache.cc:3465
Access_bitmask global_acl()
Definition: sql_auth_cache.cc:3461
Db_access_map m_db_acls
Definition: sql_auth_cache.h:686
uint64 m_version
Definition: sql_auth_cache.h:685
Db_access_map m_db_wild_acls
Definition: sql_auth_cache.h:687
Table_access_map * table_acls()
Definition: sql_auth_cache.cc:3467
SP_access_map * sp_acls()
Definition: sql_auth_cache.cc:3471
Dynamic_privileges m_dynamic_privileges
Definition: sql_auth_cache.h:694
SP_access_map * func_acls()
Definition: sql_auth_cache.cc:3473
Restrictions m_restrictions
Definition: sql_auth_cache.h:695
SP_access_map m_func_acls
Definition: sql_auth_cache.h:691
Grant_acl_set m_with_admin_acls
Definition: sql_auth_cache.h:693
uint64 version()
Definition: sql_auth_cache.h:680
Cache to store the Restrictions of every auth_id.
Definition: sql_auth_cache.h:821
Acl_restrictions(Acl_restrictions &&)=delete
malloc_unordered_map< std::string, Restrictions > m_restrictions_map
Definition: sql_auth_cache.h:838
Acl_restrictions(const Acl_restrictions &)=delete
Acl_restrictions & operator=(Acl_restrictions &&)=delete
void upsert_restrictions(const ACL_USER *acl_user, const Restrictions &restriction)
Update, insert or remove the Restrictions for the ACL_USER.
Definition: sql_auth_cache.cc:4062
Restrictions find_restrictions(const ACL_USER *acl_user) const
Find the Restrictions of the ACL_USER.
Definition: sql_auth_cache.cc:4089
size_t size() const
Definition: sql_auth_cache.cc:4103
void remove_restrictions(const ACL_USER *acl_user)
Remove the Restrictions of the ACL_USER.
Definition: sql_auth_cache.cc:4042
Acl_restrictions & operator=(const Acl_restrictions &)=delete
Acl_restrictions()
Construstor.
Definition: sql_auth_cache.cc:4035
Definition: sql_auth_cache.h:451
Access_bitmask rights
Definition: sql_auth_cache.h:453
GRANT_COLUMN(String &c, Access_bitmask y)
Definition: sql_auth_cache.cc:948
std::string column
Definition: sql_auth_cache.h:454
Definition: sql_auth_cache.h:458
void set_user_details(const char *h, const char *d, const char *u, const char *t, bool is_routine)
Definition: sql_auth_cache.cc:951
std::string hash_key
Definition: sql_auth_cache.h:466
char * tname
Definition: sql_auth_cache.h:463
const char * user
Definition: sql_auth_cache.h:462
Access_bitmask privs
Definition: sql_auth_cache.h:464
ACL_HOST_AND_IP host
Definition: sql_auth_cache.h:460
char * db
Definition: sql_auth_cache.h:461
virtual ~GRANT_NAME()=default
ulong sort
Definition: sql_auth_cache.h:465
GRANT_NAME(const char *h, const char *d, const char *u, const char *t, Access_bitmask p, bool is_routine)
Definition: sql_auth_cache.cc:975
virtual bool ok()
Definition: sql_auth_cache.h:471
Definition: sql_auth_cache.h:476
collation_unordered_multimap< std::string, unique_ptr_destroy_only< GRANT_COLUMN > > hash_columns
Definition: sql_auth_cache.h:481
GRANT_TABLE(const char *h, const char *d, const char *u, const char *t, Access_bitmask p, Access_bitmask c)
Definition: sql_auth_cache.cc:981
bool init(TABLE *col_privs)
Definition: sql_auth_cache.cc:1039
bool ok() override
Definition: sql_auth_cache.h:488
Access_bitmask cols
Definition: sql_auth_cache.h:478
An interface to access information about Multi factor authentication methods.
Definition: sql_mfa.h:49
Malloc_allocator is a C++ STL memory allocator based on my_malloc/my_free.
Definition: malloc_allocator.h:63
A typesafe replacement for DYNAMIC_ARRAY.
Definition: prealloced_array.h:71
Container of all restrictions for a given user.
Definition: partial_revokes.h:155
A set of THD members describing the current authenticated user.
Definition: sql_security_ctx.h:54
Using this class is fraught with peril, and you need to be very careful when doing so.
Definition: sql_string.h:167
For each client connection we create a separate thread with THD serving as a thread/connection descri...
Definition: sql_lexer_thd.h:36
Definition: auth_internal.h:66
Definition: sql_auth_cache.h:444
uint16 length
Definition: sql_auth_cache.h:447
char key[1]
Definition: sql_auth_cache.h:448
Access_bitmask access
Definition: sql_auth_cache.h:446
std::unordered_map, but with my_malloc and collation-aware comparison.
Definition: map_helpers.h:219
std::unordered_multimap, but with my_malloc and collation-aware comparison.
Definition: map_helpers.h:235
std::unordered_map, but with my_malloc, so that you can track the memory used using PSI memory keys.
Definition: map_helpers.h:157
std::unordered_multimap, but with my_malloc, so that you can track the memory used using PSI memory k...
Definition: map_helpers.h:198
const char * p
Definition: ctype-mb.cc:1225
Acl_type
Definition: sql_lex.h:267
A better implementation of the UNIX ctype(3) library.
int my_strcasecmp(const CHARSET_INFO *cs, const char *s1, const char *s2)
Definition: m_ctype.h:651
size_t my_casedn_str(const CHARSET_INFO *cs, char *str)
Definition: m_ctype.h:732
static auto find_or_nullptr(const Container &container, const Key &key)
Some useful helpers for associative arrays with MySQL-specific semantics.
Definition: map_helpers.h:54
MYSQL_PLUGIN_IMPORT CHARSET_INFO * system_charset_info
Definition: mysqld.cc:1562
const char wild_many
Character constant for wildcard representing zero or more characters (SQL style).
Definition: mf_wcomp.h:43
const char wild_one
Character constant for wildcard representing any one character (SQL style).
Definition: mf_wcomp.h:37
This file follows Google coding style, except for the name MEM_ROOT (which is kept for historical rea...
std::unique_ptr< T, Destroy_only< T > > unique_ptr_destroy_only
std::unique_ptr, but only destroying.
Definition: my_alloc.h:480
Header for compiler-dependent features.
Some integer typedefs for easier portability.
uint8_t uint8
Definition: my_inttypes.h:63
int32_t int32
Definition: my_inttypes.h:66
uint64_t uint64
Definition: my_inttypes.h:69
uint16_t uint16
Definition: my_inttypes.h:65
uint32_t uint32
Definition: my_inttypes.h:67
#define UINT_MAX32
Definition: my_inttypes.h:79
Functions related to handling of plugins and other dynamically loaded libraries.
#define MYSQL_PLUGIN_IMPORT
Definition: my_sharedlib.h:71
Common header for many mysys elements.
Common definition between mysql server & client.
#define SCRAMBLE_LENGTH
Length of random string sent by server on handshake; this is also length of obfuscated password,...
Definition: mysql_com.h:128
ABI for instrumented mutexes.
Time declarations shared between the server and client API: you should not add anything to this heade...
char * user
Definition: mysqladmin.cc:67
const char * host
Definition: mysqladmin.cc:66
std::string str(const mysqlrouter::ConfigGenerator::Options::Endpoint &ep)
Definition: config_generator.cc:1117
static PFS_engine_table_share_proxy table
Definition: pfs.cc:61
Tag dispatch for custom Role_properties.
Definition: sql_auth_cache.h:604
BOOST_INSTALL_PROPERTY(vertex, acl_user)
vertex_acl_user_t
Definition: sql_auth_cache.h:605
@ vertex_acl_user
Definition: sql_auth_cache.h:605
const std::string password_lock_time_days("password_lock_time_days")
underkeys of password locking
const std::string failed_login_attempts("failed_login_attempts")
underkeys of password locking
bool length(const dd::Spatial_reference_system *srs, const Geometry *g1, double *length, bool *null) noexcept
Computes the length of linestrings and multilinestrings.
Definition: length.cc:76
size_t size(const char *const c)
Definition: base64.h:46
mode
Definition: file_handle.h:61
std::map< Key, Value, Compare, ut::allocator< std::pair< const Key, Value > > > map
Specialization of map which uses ut_allocator.
Definition: ut0new.h:2894
std::conditional_t< !std::is_array< T >::value, std::unique_ptr< T, detail::Deleter< T > >, std::conditional_t< detail::is_unbounded_array_v< T >, std::unique_ptr< T, detail::Array_deleter< std::remove_extent_t< T > > >, void > > unique_ptr
The following is a common type that is returned by all the ut::make_unique (non-aligned) specializati...
Definition: ut0new.h:2440
PSI_memory_key key_memory_acl_cache
Definition: psi_memory_key.cc:102
required string key
Definition: replication_asynchronous_connection_failover.proto:60
required string type
Definition: replication_group_member_actions.proto:34
Lex_acl_attrib_udyn
This is generic enum.
Definition: table.h:2651
GRANT_NAME * routine_hash_search(const char *host, const char *ip, const char *db, const char *user, const char *tname, Acl_type routine_acl_type, bool exact)
Definition: sql_auth_cache.h:580
uint grant_version
Definition: sql_auth_cache.cc:169
std::unique_ptr< malloc_unordered_multimap< std::string, unique_ptr_destroy_only< GRANT_TABLE > > > column_priv_hash
Definition: sql_auth_cache.cc:145
Prealloced_array< ACL_DB, ACL_PREALLOC_SIZE > * acl_dbs
Definition: sql_auth_cache.cc:137
std::unique_ptr< malloc_unordered_multimap< std::string, unique_ptr_destroy_only< GRANT_NAME > > > proc_priv_hash
Definition: sql_auth_cache.cc:148
Acl_user_ptr_list * cached_acl_users_for_name(const char *name)
Fetch the list of ACL_USERs which share name or have no name.
Definition: sql_auth_cache.cc:1184
Acl_cache_allocator< ACL_USER * > Acl_user_ptr_allocator
Definition: sql_auth_cache.h:515
boost::adjacency_list< boost::setS, boost::vecS, boost::bidirectionalS, Role_properties, Role_edge_properties > Granted_roles_graph
A graph of all users/roles privilege inheritance.
Definition: sql_auth_cache.h:627
T * name_hash_search(const malloc_unordered_multimap< std::string, unique_ptr_destroy_only< T > > &name_hash, const char *host, const char *ip, const char *db, const char *user, const char *tname, bool exact, bool name_tolower)
Definition: sql_auth_cache.h:543
Acl_cache_lock_mode
Enum for specifying lock type over Acl cache.
Definition: sql_auth_cache.h:778
MYSQL_PLUGIN_IMPORT CHARSET_INFO * files_charset_info
Definition: mysqld.cc:1562
MEM_ROOT global_acl_memory
Definition: sql_auth_cache.cc:133
malloc_unordered_multimap< std::string, unique_ptr_destroy_only< GRANT_NAME > > * get_routine_priv_hash(Acl_type type)
Returns a non-owning raw pointer of either func_priv_hash, proc_priv_hash or library_priv_hash.
Definition: sql_auth_cache.cc:180
Prealloced_array< ACL_USER, ACL_PREALLOC_SIZE > * acl_users
Definition: sql_auth_cache.cc:135
bool allow_all_hosts
Definition: sql_auth_cache.cc:168
boost::property< boost::vertex_acl_user_t, ACL_USER, boost::property< boost::vertex_name_t, std::string > > Role_properties
Custom vertex properties used in Granted_roles_graph TODO ACL_USER contains too much information.
Definition: sql_auth_cache.h:617
boost::graph_traits< Granted_roles_graph >::in_edge_iterator in_edge_itr_t
The type for the iterator returned by in_edges().
Definition: sql_auth_cache.h:650
Acl_cache * get_global_acl_cache()
Definition: sql_auth_cache.cc:111
std::unique_ptr< malloc_unordered_multimap< std::string, unique_ptr_destroy_only< GRANT_NAME > > > library_priv_hash
Definition: sql_auth_cache.h:533
std::unique_ptr< malloc_unordered_multimap< std::string, unique_ptr_destroy_only< GRANT_NAME > > > func_priv_hash
Definition: sql_auth_cache.h:533
boost::graph_traits< Granted_roles_graph >::out_edge_iterator out_edge_itr_t
The type for the iterator returned by out_edges().
Definition: sql_auth_cache.h:646
std::unique_ptr< Acl_restrictions > acl_restrictions
Definition: sql_auth_cache.cc:153
Prealloced_array< ACL_HOST_AND_IP, ACL_PREALLOC_SIZE > * acl_wild_hosts
Definition: sql_auth_cache.cc:138
void rebuild_cached_acl_users_for_name(void)
Build the lists of ACL_USERs which share name or have no name.
Definition: sql_auth_cache.cc:1134
#define NUM_CREDENTIALS
Definition: sql_auth_cache.h:222
boost::property< boost::edge_capacity_t, int > Role_edge_properties
Definition: sql_auth_cache.h:619
MEM_ROOT memex
Definition: sql_auth_cache.cc:134
boost::graph_traits< Granted_roles_graph >::vertex_descriptor Role_vertex_descriptor
The data type of a vertex in the Granted_roles_graph.
Definition: sql_auth_cache.h:631
boost::graph_traits< Granted_roles_graph >::edge_descriptor Role_edge_descriptor
The data type of an edge in the Granted_roles_graph.
Definition: sql_auth_cache.h:635
GRANT_TABLE * table_hash_search(const char *host, const char *ip, const char *db, const char *user, const char *tname, bool exact)
Definition: sql_auth_cache.h:588
std::list< ACL_USER *, Acl_user_ptr_allocator > Acl_user_ptr_list
Definition: sql_auth_cache.h:516
std::unordered_map< std::string, Role_vertex_descriptor > Role_index_map
The datatype of the map between authids and graph vertex descriptors.
Definition: sql_auth_cache.h:638
boost::graph_traits< Granted_roles_graph >::degree_size_type degree_s_t
The type used for the number of edges incident to a vertex in the graph.
Definition: sql_auth_cache.h:642
collation_unordered_map< std::string, ACL_USER * > * acl_check_hosts
Definition: sql_auth_cache.cc:152
const size_t ACL_PREALLOC_SIZE
Definition: sql_auth_cache.h:523
Prealloced_array< ACL_PROXY_USER, ACL_PREALLOC_SIZE > * acl_proxy_users
Definition: sql_auth_cache.cc:136
GRANT_COLUMN * column_hash_search(GRANT_TABLE *t, const char *cname, size_t length)
Definition: sql_auth_cache.h:596
LF_HASH Acl_cache_internal
Definition: sql_auth_cache.h:698
static MEM_ROOT mem
Definition: sql_servers.cc:100
case opt name
Definition: sslopt-case.h:29
Definition: sql_auth_cache.h:503
Acl_cache_allocator< U > other
Definition: sql_auth_cache.h:504
Definition: m_ctype.h:421
The MEM_ROOT is a simple arena, where allocations are carved out of larger blocks.
Definition: my_alloc.h:83
Definition: mysql_lex_string.h:40
Definition: mysql_time.h:82
An instrumented mutex structure.
Definition: mysql_mutex_bits.h:50
Definition: sql_connect.h:41
SSL_type
Definition: violite.h:307