fixed so that --ssl and --skip-ssl works with the MySQL clients.

Fixed core dump bug when sending wrong string to AES_DECRYPT()

Docs/manual.texi

@@ -2304,12 +2304,14 @@ to do and is a powerful way to get information about any table in a database
 that will help us create a situation matching the one you have.
 
 @item
-For speed-related bugs or problems with @code{SELECT} statements, you should
-always include the output of @code{EXPLAIN SELECT ...}, and at least the
-number of rows that the @code{SELECT} statement produces.  The more
-information you give about your situation, the more likely it is that someone
-can help you!  For example, the following is an example of a very good bug
-report (it should of course be posted with the @code{mysqlbug} script):
+For speed-related bugs or problems with @code{SELECT} statements, you
+should always include the output of @code{EXPLAIN SELECT ...}, and at
+least the number of rows that the @code{SELECT} statement produces.  You
+should also include the output from @code{SHOW CREATE TABLE table_name}
+for each involved table. The more information you give about your
+situation, the more likely it is that someone can help you!  For
+example, the following is an example of a very good bug report (it
+should of course be posted with the @code{mysqlbug} script):
 
 Example run using the @code{mysql} command-line tool (note the use of the
 @code{\G} statement terminator for statements whose output width would
@@ -50440,6 +50442,12 @@ each individual 4.0.x release.
 
 @itemize @bullet
 @item
+Fixed overrun bug when calling @code{AES_DECRYPT()} with wrong arguments
+@item
+@code{--skip-ssl} can now be used to disable SSL in the MySQL clients,
+even if one is using other ssl options in a options file or previously
+on the command line.
+@item
 Added @code{LOCK TABLES} and @code{CREATE TEMPORARY TABLES} privilege on
 the database level.  One must run the @code{ mysql_fix_privilege_tables}
 script on old installations to activate these.
@@ -50494,12 +50502,13 @@ This affected at least @code{default-table-type} option.
 Fixed a bug that caused @code{REPAIR TABLE} to fail on tables
 with duplicates in a unique key.
 @item
-Fixed a bug in guessing a field type out of the function. The error was 
-introduced in 4.0.3 so that field type depended on the first argument to
-the function instead of the function itself
+Fixed a bug from 4.0.3 in calculating the default field type for some
+functions. This affected queries of type @code{CREATE TABLE table_name
+SELECT expression(),...}
 @item
-Fixed a bug with wildcarded fields in select list, which led to the wrong 
-number of elements in a list containing all fields
+Fixed bug in queries of type
+@code{SELECT * FROM table-list GROUP BY ...} and
+@code{SELECT DISTINCT * FROM ...}.
 @item
 Fixed bug with the @code{--slow-log} when logging an administrator command
 (like @code{FLUSH TABLES}).

client/mysql.cc

@@ -2209,9 +2209,6 @@ sql_real_connect(char *host,char *database,char *user,char *password,
   if (using_opt_local_infile)
     mysql_options(&mysql,MYSQL_OPT_LOCAL_INFILE, (char*) &opt_local_infile);
 #ifdef HAVE_OPENSSL
-  if (opt_ssl_key || opt_ssl_cert || opt_ssl_ca || opt_ssl_capath ||
-      opt_ssl_cipher)
-    opt_use_ssl= 1;
   if (opt_use_ssl)
     mysql_ssl_set(&mysql, opt_ssl_key, opt_ssl_cert, opt_ssl_ca,
 		  opt_ssl_capath, opt_ssl_cipher);

client/mysqladmin.c

@@ -52,7 +52,7 @@ static uint ex_val_max_len[MAX_MYSQL_VAR];
 static my_bool ex_status_printed = 0; /* First output is not relative. */
 static uint ex_var_count, max_var_length, max_val_length;
 
-#include "sslopt-vars.h"
+#include <sslopt-vars.h>
 
 static void print_version(void);
 static void usage(void);
@@ -150,7 +150,7 @@ static struct my_option my_long_options[] =
   {"sleep", 'i', "Execute commands again and again with a sleep between.",
    (gptr*) &interval, (gptr*) &interval, 0, GET_INT, REQUIRED_ARG, 0, 0, 0, 0,
    0, 0},
-#include "sslopt-longopts.h"
+#include <sslopt-longopts.h>
 #ifndef DONT_ALLOW_USER_CHANGE
   {"user", 'u', "User for login if not current user.", (gptr*) &user,
    (gptr*) &user, 0, GET_STR_ALLOC, REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
@@ -211,6 +211,7 @@ get_one_option(int optid, const struct my_option *opt __attribute__((unused)),
   case '#':
     DBUG_PUSH(argument ? argument : "d:t:o,/tmp/mysqladmin.trace");
     break;
+#include <sslopt-case.h>
   case 'V':
     print_version();
     exit(0);
@@ -279,9 +280,6 @@ int main(int argc,char *argv[])
     mysql_options(&mysql,MYSQL_OPT_CONNECT_TIMEOUT, (char*) &tmp);
   }
 #ifdef HAVE_OPENSSL
-  if (opt_ssl_key || opt_ssl_cert || opt_ssl_ca || opt_ssl_capath ||
-      opt_ssl_cipher)
-    opt_use_ssl= 1;
   if (opt_use_ssl)
     mysql_ssl_set(&mysql, opt_ssl_key, opt_ssl_cert, opt_ssl_ca,
 		  opt_ssl_capath, opt_ssl_cipher);

client/mysqlcheck.c

@@ -20,9 +20,9 @@
 
 #include "client_priv.h"
 #include <m_ctype.h>
-#include "mysql_version.h"
-#include "mysqld_error.h"
-#include "sslopt-vars.h"
+#include <mysql_version.h>
+#include <mysqld_error.h>
+#include <sslopt-vars.h>
 
 /* Exit codes */
 
@@ -121,7 +121,7 @@ static struct my_option my_long_options[] =
   {"socket", 'S', "Socket file to use for connection.",
    (gptr*) &opt_mysql_unix_port, (gptr*) &opt_mysql_unix_port, 0, GET_STR,
    REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
-#include "sslopt-longopts.h"
+#include <sslopt-longopts.h>
   {"tables", OPT_TABLES, "Overrides option --databases (-B).", 0, 0, 0,
    GET_NO_ARG, NO_ARG, 0, 0, 0, 0, 0, 0},
 #ifndef DONT_ALLOW_USER_CHANGE
@@ -239,6 +239,7 @@ get_one_option(int optid, const struct my_option *opt __attribute__((unused)),
   case '#':
     DBUG_PUSH(argument ? argument : "d:t:o");
     break;
+#include <sslopt-case.h>
   case OPT_TABLES:
     opt_databases = 0;
     break;
@@ -529,9 +530,6 @@ static int dbConnect(char *host, char *user, char *passwd)
   if (opt_compress)
     mysql_options(&mysql_connection, MYSQL_OPT_COMPRESS, NullS);
 #ifdef HAVE_OPENSSL
-  if (opt_ssl_key || opt_ssl_cert || opt_ssl_ca || opt_ssl_capath ||
-      opt_ssl_cipher)
-    opt_use_ssl= 1;
   if (opt_use_ssl)
     mysql_ssl_set(&mysql_connection, opt_ssl_key, opt_ssl_cert, opt_ssl_ca,
 		  opt_ssl_capath, opt_ssl_cipher);

client/mysqldump.c

@@ -88,7 +88,7 @@ static my_string opt_mysql_unix_port=0;
 static int   first_error=0;
 extern ulong net_buffer_length;
 static DYNAMIC_STRING extended_row;
-#include "sslopt-vars.h"
+#include <sslopt-vars.h>
 FILE  *md_result_file;
 
 static struct my_option my_long_options[] =
@@ -211,7 +211,7 @@ static struct my_option my_long_options[] =
   {"socket", 'S', "Socket file to use for connection.",
    (gptr*) &opt_mysql_unix_port, (gptr*) &opt_mysql_unix_port, 0, GET_STR,
    REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
-#include "sslopt-longopts.h"
+#include <sslopt-longopts.h>
   {"tab",'T',
    "Creates tab separated textfile for each table to given path. (creates .sql and .txt files). NOTE: This only works if mysqldump is run on the same machine as the mysqld daemon.",
    (gptr*) &path, (gptr*) &path, 0, GET_STR, REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
@@ -335,6 +335,7 @@ get_one_option(int optid, const struct my_option *opt __attribute__((unused)),
   case '#':
     DBUG_PUSH(argument ? argument : "d:t:o");
     break;
+#include <sslopt-case.h>
   case 'V': print_version(); exit(0);
   case 'X':
     opt_xml = 1;
@@ -457,9 +458,6 @@ static int dbConnect(char *host, char *user,char *passwd)
   if (opt_compress)
     mysql_options(&mysql_connection,MYSQL_OPT_COMPRESS,NullS);
 #ifdef HAVE_OPENSSL
-  if (opt_ssl_key || opt_ssl_cert || opt_ssl_ca || opt_ssl_capath ||
-      opt_ssl_cipher)
-    opt_use_ssl= 1;
   if (opt_use_ssl)
     mysql_ssl_set(&mysql_connection, opt_ssl_key, opt_ssl_cert, opt_ssl_ca,
 		  opt_ssl_capath, opt_ssl_cipher);

client/mysqlimport.c

@@ -47,7 +47,7 @@ static char	*opt_password=0, *current_user=0,
 static uint     opt_mysql_port=0;
 static my_string opt_mysql_unix_port=0;
 static my_string opt_ignore_lines=0;
-#include "sslopt-vars.h"
+#include <sslopt-vars.h>
 
 static struct my_option my_long_options[] =
 {
@@ -119,7 +119,7 @@ static struct my_option my_long_options[] =
   {"socket", 'S', "Socket file to use for connection.",
    (gptr*) &opt_mysql_unix_port, (gptr*) &opt_mysql_unix_port, 0, GET_STR,
    REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
-#include "sslopt-longopts.h"
+#include <sslopt-longopts.h>
 #ifndef DONT_ALLOW_USER_CHANGE
   {"user", 'u', "User for login if not current user.", (gptr*) &current_user,
    (gptr*) &current_user, 0, GET_STR, REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
@@ -188,6 +188,7 @@ get_one_option(int optid, const struct my_option *opt __attribute__((unused)),
   case '#':
     DBUG_PUSH(argument ? argument : "d:t:o");
     break;
+#include <sslopt-case.h>
   case 'V': print_version(); exit(0);
   case 'I':
   case '?':
@@ -347,9 +348,6 @@ static MYSQL *db_connect(char *host, char *database, char *user, char *passwd)
     mysql_options(&mysql_connection,MYSQL_OPT_LOCAL_INFILE,
 		  (char*) &opt_local_file);
 #ifdef HAVE_OPENSSL
-  if (opt_ssl_key || opt_ssl_cert || opt_ssl_ca || opt_ssl_capath ||
-      opt_ssl_cipher)
-    opt_use_ssl= 1;
   if (opt_use_ssl)
     mysql_ssl_set(&mysql_connection, opt_ssl_key, opt_ssl_cert, opt_ssl_ca,
 		  opt_ssl_capath, opt_ssl_cipher);

client/mysqlshow.c

@@ -18,16 +18,14 @@
 
 #define SHOW_VERSION "9.4"
 
-#include <my_global.h>
 #include "client_priv.h"
 #include <my_sys.h>
 #include <m_string.h>
-#include "mysql.h"
-#include "mysql_version.h"
-#include "mysqld_error.h"
+#include <mysql.h>
+#include <mysqld_error.h>
 #include <signal.h>
 #include <stdarg.h>
-#include "sslopt-vars.h"
+#include <sslopt-vars.h>
 
 static my_string host=0,opt_password=0,user=0;
 static my_bool opt_show_keys=0,opt_compress=0,opt_status=0, tty_password=0;
@@ -85,9 +83,6 @@ int main(int argc, char **argv)
   if (opt_compress)
     mysql_options(&mysql,MYSQL_OPT_COMPRESS,NullS);
 #ifdef HAVE_OPENSSL
-  if (opt_ssl_key || opt_ssl_cert || opt_ssl_ca || opt_ssl_capath ||
-      opt_ssl_cipher)
-    opt_use_ssl= 1;
   if (opt_use_ssl)
     mysql_ssl_set(&mysql, opt_ssl_key, opt_ssl_cert, opt_ssl_ca,
 		  opt_ssl_capath, opt_ssl_cipher);
@@ -156,7 +151,7 @@ static struct my_option my_long_options[] =
   {"socket", 'S', "Socket file to use for connection.",
    (gptr*) &opt_mysql_unix_port, (gptr*) &opt_mysql_unix_port, 0, GET_STR,
    REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
-#include "sslopt-longopts.h"
+#include <sslopt-longopts.h>
 #ifndef DONT_ALLOW_USER_CHANGE
   {"user", 'u', "User for login if not current user.", (gptr*) &user,
    (gptr*) &user, 0, GET_STR, REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
@@ -224,6 +219,7 @@ get_one_option(int optid, const struct my_option *opt __attribute__((unused)),
   case '#':
     DBUG_PUSH(argument ? argument : "d:t:o");
     break;
+#include <sslopt-case.h>
   case 'V':
     print_version();
     exit(0);

include/sslopt-case.h

+/* Copyright (C) 2000 MySQL AB
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA */
+
+#ifdef HAVE_OPENSSL
+    case OPT_SSL_KEY:
+    case OPT_SSL_CERT:
+    case OPT_SSL_CA:
+    case OPT_SSL_CAPATH:
+    case OPT_SSL_CIPHER:
+    /*
+      Enable use of SSL if we are using any ssl option
+      One can disable SSL later by using --skip-ssl or --ssl=0
+    */
+      opt_use_ssl= 1;
+      break;
+#endif

mysql-test/r/func_str.result

@@ -223,3 +223,8 @@ SELECT CONCAT_WS('";"',title,prio,category,program,bugdesc,created,modified,bugs
 CONCAT_WS('";"',title,prio,category,program,bugdesc,created,modified,bugstatus,submitter)
 Link";"1";"1";"1";"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";"2001-02-28 08:40:16";"20010228084016";"0";"4
 drop table t1;
+CREATE TABLE t1 (id int(11) NOT NULL auto_increment, tmp text NOT NULL, KEY id (id)) TYPE=MyISAM;
+INSERT INTO t1 VALUES (1, 'a545f661efdd1fb66fdee3aab79945bf');
+SELECT 1 FROM t1 WHERE tmp=AES_DECRYPT(tmp,"password");
+1
+DROP TABLE t1;

mysql-test/t/func_str.test

@@ -114,3 +114,12 @@ SELECT CONCAT('"',CONCAT_WS('";"',title,prio,category,program,bugdesc,created,mo
 SELECT CONCAT('"',CONCAT_WS('";"',title,prio,category,program,bugstatus,submitter), '"') FROM t1;
 SELECT CONCAT_WS('";"',title,prio,category,program,bugdesc,created,modified,bugstatus,submitter) FROM t1;
 drop table t1;
+
+#
+# Test bug in AES_DECRYPT() when called with wrong argument
+#
+
+CREATE TABLE t1 (id int(11) NOT NULL auto_increment, tmp text NOT NULL, KEY id (id)) TYPE=MyISAM;
+INSERT INTO t1 VALUES (1, 'a545f661efdd1fb66fdee3aab79945bf');
+SELECT 1 FROM t1 WHERE tmp=AES_DECRYPT(tmp,"password");
+DROP TABLE t1;

mysys/my_aes.c

@@ -178,7 +178,7 @@ int my_aes_decrypt(const char *source, int source_length, char *dest,
   char block[AES_BLOCK_SIZE];	/* 128 bit block used for padding */
   int rc;			/* Result codes */
   int num_blocks;		/* Number of complete blocks */
-  char pad_len;			/* Pad size for the last block */
+  uint pad_len;			/* Pad size for the last block */
   int i;
 
   if ((rc=my_aes_create_key(&aes_key,AES_DECRYPT,key,key_length)))
@@ -197,7 +197,8 @@ int my_aes_decrypt(const char *source, int source_length, char *dest,
   }
 
   rijndaelDecrypt(aes_key.rk, aes_key.nr, source, block);
-  pad_len = block[AES_BLOCK_SIZE-1]; /* Use last char in the block as size */
+  /* Use last char in the block as size */
+  pad_len = (uint) (uchar) block[AES_BLOCK_SIZE-1];
 
   if (pad_len > AES_BLOCK_SIZE)
     return AES_BAD_DATA;

scripts/mysql_explain_log.sh

@@ -279,7 +279,7 @@ sub RunQuery {
 		  if (defined $row->{$_}) {
 		    #if (($_ eq 'type' ) and ($row->{$_} eq 'ALL')) {
 		    if ($row->{type} eq 'ALL') {
-		      push (@{$Param->{ALL}}, "$row->{$_} $_ $Param->{DB} $Param->{Query}");
+		      push (@{$Param->{ALL}}, "$Param->{Query}");
 		      #print ">> $row->{$_} $_ $Param->{DB} $Param->{Query}\n";
 		    }
 		    $Param->{IdxUseCount} ++;

sql/item_strfunc.cc

@@ -114,7 +114,7 @@ String *Item_func_sha::val_str(String *str)
     /* No need to check error as the only case would be too long message */
     sha1_input(&context,(const unsigned char *) sptr->ptr(), sptr->length());
     /* Ensure that memory is free and we got result */
-    if ( !( str->alloc(SHA1_HASH_SIZE*2) || (sha1_result(&context,digest)) ) )
+    if (!( str->alloc(SHA1_HASH_SIZE*2) || (sha1_result(&context,digest))))
     {
       sprintf((char *) str->ptr(),
       "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x\
@@ -144,24 +144,25 @@ void Item_func_sha::fix_length_and_dec()
 
 String *Item_func_aes_encrypt::val_str(String *str)
 {
-  String * sptr = args[0]->val_str(str); // String to encrypt
-  String tmp_value;  // required to handle  second parameter
-  String * key= args[1]->val_str(&tmp_value); // key
+  char key_buff[80];
+  String tmp_key_value(key_buff, sizeof(key_buff));
+  String *sptr= args[0]->val_str(str);			// String to encrypt
+  String *key=  args[1]->val_str(&tmp_key_value);	// key
   int aes_length;
   if (sptr && key) // we need both arguments to be not NULL
   {
     null_value=0;
-    aes_length=my_aes_get_size(sptr->length()); // calculate result length
+    aes_length=my_aes_get_size(sptr->length()); // Calculate result length
     
-    if (!str->alloc(aes_length))  // Ensure that memory is free
+    if (!str_value.alloc(aes_length))		// Ensure that memory is free
     {
       // finally encrypt directly to allocated buffer.
-      if (my_aes_encrypt(sptr->ptr(),sptr->length(), (char*) str->ptr(),
+      if (my_aes_encrypt(sptr->ptr(),sptr->length(), (char*) str_value.ptr(),
 			 key->ptr(), key->length()) == aes_length)
       {		     
 	// We got the expected result length
-	str->length((uint) aes_length);
-	return str;
+	str_value.length((uint) aes_length);
+	return &str_value;
       }
     }
   }
@@ -178,30 +179,35 @@ void Item_func_aes_encrypt::fix_length_and_dec()
 
 String *Item_func_aes_decrypt::val_str(String *str)
 {
-  String * sptr= args[0]->val_str(str); // String to decrypt
-  String tmp_value; // temporary string required for parsing
-  String * key=  args[1]->val_str(&tmp_value); // key
-  int length;        // original length after decrypt
-  if (sptr && key)  // Need to have both arguments not NULL
+  char key_buff[80];
+  String tmp_key_value(key_buff, sizeof(key_buff)), *sptr, *key;
+  DBUG_ENTER("Item_func_aes_decrypt::val_str");
+
+  sptr= args[0]->val_str(str);			// String to decrypt
+  key=  args[1]->val_str(&tmp_key_value);	// Key
+  if (sptr && key)  			// Need to have both arguments not NULL
   {
     null_value=0;
-    if (!str->alloc(sptr->length()))  // Ensure that memory is free
+    if (!str_value.alloc(sptr->length()))  // Ensure that memory is free
     {
       // finally decrypt directly to allocated buffer.
-      length=my_aes_decrypt(sptr->ptr(), sptr->length(), (char*) str->ptr(),
+      int length;
+      length=my_aes_decrypt(sptr->ptr(), sptr->length(),
+			    (char*) str_value.ptr(),
                             key->ptr(), key->length());
       if (length >= 0)  // if we got correct data data
       {      
-        str->length((uint) length);
-        return str;
+        str_value.length((uint) length);
+        DBUG_RETURN(&str_value);
       }
     }
   }
   // Bad parameters. No memory or bad data will all go here
   null_value=1;
-  return 0;
+  DBUG_RETURN(0);
 }
 
+
 void Item_func_aes_decrypt::fix_length_and_dec()
 {
    max_length=args[0]->max_length;

sql/net_pkg.cc

@@ -115,7 +115,13 @@ net_printf(NET *net, uint errcode, ...)
     is useful for rare errors that are not worth the hassle to put in
     errmsg.sys, but at the same time, the message is not fixed text
   */
-  format=errcode ? ER(errcode) : va_arg(args,char*);
+  if (errcode)
+    format= ER(errcode);
+  else
+  {
+    format=va_arg(args,char*);
+    errcode= ER_UNKNOWN_ERROR;
+  }
   offset= net->return_errno ? 2 : 0;
   text_pos=(char*) net->buff+head_length+offset+1;
   (void) vsprintf(my_const_cast(char*) (text_pos),format,args);