79 lines
3 KiB
C++
79 lines
3 KiB
C++
/* Copyright (c) 2022, 2024, Oracle and/or its affiliates.
|
|
|
|
This program is free software; you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License, version 2.0,
|
|
as published by the Free Software Foundation.
|
|
|
|
This program is designed to work with certain software (including
|
|
but not limited to OpenSSL) that is licensed under separate terms,
|
|
as designated in a particular file or component or in included license
|
|
documentation. The authors of MySQL hereby grant you an additional
|
|
permission to link the program and your derivative works with the
|
|
separately licensed software that they have either included with
|
|
the program or referenced in the documentation.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License, version 2.0, for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program; if not, write to the Free Software
|
|
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
|
|
|
|
#include "storing_auto_thd.h"
|
|
|
|
/**
|
|
Wrapper of create_internal_thd() function, creating a temporary THD
|
|
with the following differences compared to original code:
|
|
- created THD does not have system_user flag set
|
|
- instead, THD has minimal privileges needed to set system variables
|
|
- a user name assigned, so the variables can be persisted with such THD
|
|
|
|
@param ctx Security context smart pointer to be assigned.
|
|
@retval THD object created
|
|
*/
|
|
THD *create_internal_thd_ctx(Sctx_ptr<Security_context> &ctx) {
|
|
THD *thd = create_internal_thd();
|
|
|
|
// undo skip_grants
|
|
thd->set_system_user(false);
|
|
thd->set_connection_admin(false);
|
|
|
|
const std::vector<std::string> priv_list = {
|
|
"ENCRYPTION_KEY_ADMIN", "ROLE_ADMIN",
|
|
"SYSTEM_VARIABLES_ADMIN", "AUDIT_ADMIN",
|
|
"TELEMETRY_LOG_ADMIN", "PERSIST_RO_VARIABLES_ADMIN"};
|
|
const ulong static_priv_list = (SUPER_ACL | FILE_ACL);
|
|
|
|
lex_start(thd);
|
|
/* create security context for internal THD */
|
|
Security_context_factory default_factory(
|
|
thd, "sys_session", "localhost", Default_local_authid(thd),
|
|
Grant_temporary_dynamic_privileges(thd, priv_list),
|
|
Grant_temporary_static_privileges(thd, static_priv_list),
|
|
Drop_temporary_dynamic_privileges(priv_list));
|
|
ctx = default_factory.create();
|
|
/* attach this ctx to current security_context */
|
|
thd->set_security_context(ctx.get());
|
|
thd->real_id = my_thread_self();
|
|
#ifndef NDEBUG
|
|
thd->for_debug_only_is_set_persist_options = true;
|
|
#endif
|
|
|
|
return thd;
|
|
}
|
|
|
|
/**
|
|
Wrapper of destroy_internal_thd() function, safely destroying
|
|
a temporary THD and its associated security context smart pointer.
|
|
|
|
@param thd Pointer to THD object to be destroyed.
|
|
@param ctx Security context smart pointer to be cleared.
|
|
*/
|
|
void destroy_internal_thd_ctx(THD *thd, Sctx_ptr<Security_context> &ctx) {
|
|
thd->free_items();
|
|
lex_end(thd->lex);
|
|
ctx.reset(nullptr);
|
|
destroy_internal_thd(thd);
|
|
}
|