[mysql] Remove make_scrambled_password and make_scrambled_password_323 from mysql.h
Tom Lane
tgl at fedoraproject.org
Tue Jul 12 17:59:27 UTC 2011
commit fcc106f8593d6e39dfa3cb959eab7cf8e75448e9
Author: Tom Lane <tgl at redhat.com>
Date: Tue Jul 12 13:58:47 2011 -0400
Remove make_scrambled_password and make_scrambled_password_323 from mysql.h
mysql-dubious-exports.patch | 139 ++++++++++++++++++++++++++++++++++++++-----
mysql.spec | 7 ++-
2 files changed, 130 insertions(+), 16 deletions(-)
---
diff --git a/mysql-dubious-exports.patch b/mysql-dubious-exports.patch
index 3342bf8..0ccb412 100644
--- a/mysql-dubious-exports.patch
+++ b/mysql-dubious-exports.patch
@@ -2,10 +2,39 @@ Prefix mysql_ to the real names of several symbols that have to be exported
from libmysqlclient because mysql-connector-odbc and/or PHP depend on them.
This limits the intrusion on application namespace.
+Also, remove all traces of make_scrambled_password and
+make_scrambled_password_323, so that references to these functions draw
+compile-time warnings, per a suggestion from Paul Howarth in bug #690346.
+It doesn't seem worth trying to get rid of all the internal symbols exposed
+by mysql.h, but these two are relatively easy to get rid of.
-diff -Naur mysql-5.5.8.orig/include/errmsg.h mysql-5.5.8/include/errmsg.h
---- mysql-5.5.8.orig/include/errmsg.h 2010-12-03 12:58:24.000000000 -0500
-+++ mysql-5.5.8/include/errmsg.h 2010-12-27 14:29:59.184552374 -0500
+
+diff -Naur mysql-5.5.14.orig/client/mysqladmin.cc mysql-5.5.14/client/mysqladmin.cc
+--- mysql-5.5.14.orig/client/mysqladmin.cc 2011-06-21 12:42:41.000000000 -0400
++++ mysql-5.5.14/client/mysqladmin.cc 2011-07-12 12:19:59.578066771 -0400
+@@ -20,6 +20,7 @@
+ #include <my_pthread.h> /* because of signal() */
+ #include <sys/stat.h>
+ #include <mysql.h>
++#include <password.h> /* my_make_scrambled_password_323, my_make_scrambled_password */
+ #include <sql_common.h>
+ #include <welcome_copyright_notice.h> /* ORACLE_WELCOME_COPYRIGHT_NOTICE */
+
+@@ -975,9 +976,9 @@
+ }
+ }
+ if (old)
+- make_scrambled_password_323(crypted_pw, typed_password);
++ my_make_scrambled_password_323(crypted_pw, typed_password, strlen(typed_password));
+ else
+- make_scrambled_password(crypted_pw, typed_password);
++ my_make_scrambled_password(crypted_pw, typed_password, strlen(typed_password));
+ }
+ else
+ crypted_pw[0]=0; /* No password */
+diff -Naur mysql-5.5.14.orig/include/errmsg.h mysql-5.5.14/include/errmsg.h
+--- mysql-5.5.14.orig/include/errmsg.h 2011-06-21 12:42:39.000000000 -0400
++++ mysql-5.5.14/include/errmsg.h 2011-07-12 11:55:29.194204015 -0400
@@ -24,6 +24,7 @@
#endif
void init_client_errs(void);
@@ -14,10 +43,10 @@ diff -Naur mysql-5.5.8.orig/include/errmsg.h mysql-5.5.8/include/errmsg.h
extern const char *client_errors[]; /* Error messages */
#ifdef __cplusplus
}
-diff -Naur mysql-5.5.8.orig/include/my_sys.h mysql-5.5.8/include/my_sys.h
---- mysql-5.5.8.orig/include/my_sys.h 2010-12-03 12:58:24.000000000 -0500
-+++ mysql-5.5.8/include/my_sys.h 2010-12-27 14:27:23.956926896 -0500
-@@ -227,6 +227,7 @@
+diff -Naur mysql-5.5.14.orig/include/my_sys.h mysql-5.5.14/include/my_sys.h
+--- mysql-5.5.14.orig/include/my_sys.h 2011-06-21 12:42:39.000000000 -0400
++++ mysql-5.5.14/include/my_sys.h 2011-07-12 11:55:29.195231427 -0400
+@@ -223,6 +223,7 @@
/* charsets */
#define MY_ALL_CHARSETS_SIZE 2048
@@ -25,7 +54,7 @@ diff -Naur mysql-5.5.8.orig/include/my_sys.h mysql-5.5.8/include/my_sys.h
extern MYSQL_PLUGIN_IMPORT CHARSET_INFO *default_charset_info;
extern MYSQL_PLUGIN_IMPORT CHARSET_INFO *all_charsets[MY_ALL_CHARSETS_SIZE];
extern CHARSET_INFO compiled_charsets[];
-@@ -914,6 +915,9 @@
+@@ -900,6 +901,9 @@
extern uint get_collation_number(const char *name);
extern const char *get_charset_name(uint cs_number);
@@ -35,9 +64,9 @@ diff -Naur mysql-5.5.8.orig/include/my_sys.h mysql-5.5.8/include/my_sys.h
extern CHARSET_INFO *get_charset(uint cs_number, myf flags);
extern CHARSET_INFO *get_charset_by_name(const char *cs_name, myf flags);
extern CHARSET_INFO *get_charset_by_csname(const char *cs_name,
-diff -Naur mysql-5.5.8.orig/include/mysql.h.pp mysql-5.5.8/include/mysql.h.pp
---- mysql-5.5.8.orig/include/mysql.h.pp 2010-12-03 12:58:24.000000000 -0500
-+++ mysql-5.5.8/include/mysql.h.pp 2010-12-27 14:27:23.956926896 -0500
+diff -Naur mysql-5.5.14.orig/include/mysql.h.pp mysql-5.5.14/include/mysql.h.pp
+--- mysql-5.5.14.orig/include/mysql.h.pp 2011-06-21 12:42:39.000000000 -0400
++++ mysql-5.5.14/include/mysql.h.pp 2011-07-12 11:58:43.662068564 -0400
@@ -86,7 +86,7 @@
void my_net_local_init(NET *net);
void net_end(NET *net);
@@ -47,10 +76,24 @@ diff -Naur mysql-5.5.8.orig/include/mysql.h.pp mysql-5.5.8/include/mysql.h.pp
my_bool net_flush(NET *net);
my_bool my_net_write(NET *net,const unsigned char *packet, size_t len);
my_bool net_write_command(NET *net,unsigned char command,
-diff -Naur mysql-5.5.8.orig/include/mysql_com.h mysql-5.5.8/include/mysql_com.h
---- mysql-5.5.8.orig/include/mysql_com.h 2010-12-03 12:58:24.000000000 -0500
-+++ mysql-5.5.8/include/mysql_com.h 2010-12-27 14:27:23.957927198 -0500
-@@ -448,6 +448,7 @@
+@@ -128,13 +128,11 @@
+ double my_rnd(struct rand_struct *);
+ void create_random_string(char *to, unsigned int length, struct rand_struct *rand_st);
+ void hash_password(unsigned long *to, const char *password, unsigned int password_len);
+-void make_scrambled_password_323(char *to, const char *password);
+ void scramble_323(char *to, const char *message, const char *password);
+ my_bool check_scramble_323(const unsigned char *reply, const char *message,
+ unsigned long *salt);
+ void get_salt_from_password_323(unsigned long *res, const char *password);
+ void make_password_from_salt_323(char *to, const unsigned long *salt);
+-void make_scrambled_password(char *to, const char *password);
+ void scramble(char *to, const char *message, const char *password);
+ my_bool check_scramble(const unsigned char *reply, const char *message,
+ const unsigned char *hash_stage2);
+diff -Naur mysql-5.5.14.orig/include/mysql_com.h mysql-5.5.14/include/mysql_com.h
+--- mysql-5.5.14.orig/include/mysql_com.h 2011-06-21 12:42:39.000000000 -0400
++++ mysql-5.5.14/include/mysql_com.h 2011-07-12 11:58:52.166065391 -0400
+@@ -452,6 +452,7 @@
void my_net_local_init(NET *net);
void net_end(NET *net);
void net_clear(NET *net, my_bool clear_buffer);
@@ -58,3 +101,69 @@ diff -Naur mysql-5.5.8.orig/include/mysql_com.h mysql-5.5.8/include/mysql_com.h
my_bool net_realloc(NET *net, size_t length);
my_bool net_flush(NET *net);
my_bool my_net_write(NET *net,const unsigned char *packet, size_t len);
+@@ -533,14 +534,12 @@
+ void create_random_string(char *to, unsigned int length, struct rand_struct *rand_st);
+
+ void hash_password(unsigned long *to, const char *password, unsigned int password_len);
+-void make_scrambled_password_323(char *to, const char *password);
+ void scramble_323(char *to, const char *message, const char *password);
+ my_bool check_scramble_323(const unsigned char *reply, const char *message,
+ unsigned long *salt);
+ void get_salt_from_password_323(unsigned long *res, const char *password);
+ void make_password_from_salt_323(char *to, const unsigned long *salt);
+
+-void make_scrambled_password(char *to, const char *password);
+ void scramble(char *to, const char *message, const char *password);
+ my_bool check_scramble(const unsigned char *reply, const char *message,
+ const unsigned char *hash_stage2);
+diff -Naur mysql-5.5.14.orig/sql/password.c mysql-5.5.14/sql/password.c
+--- mysql-5.5.14.orig/sql/password.c 2011-06-21 12:42:40.000000000 -0400
++++ mysql-5.5.14/sql/password.c 2011-07-12 11:59:29.194068612 -0400
+@@ -154,23 +154,6 @@
+
+
+ /*
+- Wrapper around my_make_scrambled_password_323() to maintain client lib ABI
+- compatibility.
+- In server code usage of my_make_scrambled_password_323() is preferred to
+- avoid strlen().
+- SYNOPSIS
+- make_scrambled_password_323()
+- to OUT store scrambled password here
+- password IN NULL-terminated string with user-supplied password
+-*/
+-
+-void make_scrambled_password_323(char *to, const char *password)
+-{
+- my_make_scrambled_password_323(to, password, strlen(password));
+-}
+-
+-
+-/*
+ Scramble string with password.
+ Used in pre 4.1 authentication phase.
+ SYNOPSIS
+@@ -433,23 +416,6 @@
+
+
+ /*
+- Wrapper around my_make_scrambled_password() to maintain client lib ABI
+- compatibility.
+- In server code usage of my_make_scrambled_password() is preferred to
+- avoid strlen().
+- SYNOPSIS
+- make_scrambled_password()
+- buf OUT buffer of size 2*SHA1_HASH_SIZE + 2 to store hex string
+- password IN NULL-terminated password string
+-*/
+-
+-void make_scrambled_password(char *to, const char *password)
+-{
+- my_make_scrambled_password(to, password, strlen(password));
+-}
+-
+-
+-/*
+ Produce an obscure octet sequence from password and random
+ string, recieved from the server. This sequence corresponds to the
+ password, but password can not be easily restored from it. The sequence
diff --git a/mysql.spec b/mysql.spec
index af6ccbf..0594a36 100644
--- a/mysql.spec
+++ b/mysql.spec
@@ -1,6 +1,6 @@
Name: mysql
Version: 5.5.14
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: MySQL client programs and shared libraries
Group: Applications/Databases
URL: http://www.mysql.com
@@ -611,6 +611,11 @@ fi
%{_mandir}/man1/mysql_client_test.1*
%changelog
+* Tue Jul 12 2011 Tom Lane <tgl at redhat.com> 5.5.14-2
+- Remove make_scrambled_password and make_scrambled_password_323 from mysql.h,
+ since we're not allowing clients to call those functions anyway
+Related: #690346
+
* Mon Jul 11 2011 Tom Lane <tgl at redhat.com> 5.5.14-1
- Update to MySQL 5.5.14, for various fixes described at
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-14.html
More information about the scm-commits
mailing list