diff --git a/mysql-dubious-exports.patch b/mysql-dubious-exports.patch index 3342bf8..0ccb412 100644 --- a/mysql-dubious-exports.patch +++ b/mysql-dubious-exports.patch @@ -2,10 +2,39 @@ Prefix mysql_ to the real names of several symbols that have to be exported from libmysqlclient because mysql-connector-odbc and/or PHP depend on them. This limits the intrusion on application namespace. +Also, remove all traces of make_scrambled_password and +make_scrambled_password_323, so that references to these functions draw +compile-time warnings, per a suggestion from Paul Howarth in bug #690346. +It doesn't seem worth trying to get rid of all the internal symbols exposed +by mysql.h, but these two are relatively easy to get rid of. -diff -Naur mysql-5.5.8.orig/include/errmsg.h mysql-5.5.8/include/errmsg.h ---- mysql-5.5.8.orig/include/errmsg.h 2010-12-03 12:58:24.000000000 -0500 -+++ mysql-5.5.8/include/errmsg.h 2010-12-27 14:29:59.184552374 -0500 + +diff -Naur mysql-5.5.14.orig/client/mysqladmin.cc mysql-5.5.14/client/mysqladmin.cc +--- mysql-5.5.14.orig/client/mysqladmin.cc 2011-06-21 12:42:41.000000000 -0400 ++++ mysql-5.5.14/client/mysqladmin.cc 2011-07-12 12:19:59.578066771 -0400 +@@ -20,6 +20,7 @@ + #include /* because of signal() */ + #include + #include ++#include /* my_make_scrambled_password_323, my_make_scrambled_password */ + #include + #include /* ORACLE_WELCOME_COPYRIGHT_NOTICE */ + +@@ -975,9 +976,9 @@ + } + } + if (old) +- make_scrambled_password_323(crypted_pw, typed_password); ++ my_make_scrambled_password_323(crypted_pw, typed_password, strlen(typed_password)); + else +- make_scrambled_password(crypted_pw, typed_password); ++ my_make_scrambled_password(crypted_pw, typed_password, strlen(typed_password)); + } + else + crypted_pw[0]=0; /* No password */ +diff -Naur mysql-5.5.14.orig/include/errmsg.h mysql-5.5.14/include/errmsg.h +--- mysql-5.5.14.orig/include/errmsg.h 2011-06-21 12:42:39.000000000 -0400 ++++ mysql-5.5.14/include/errmsg.h 2011-07-12 11:55:29.194204015 -0400 @@ -24,6 +24,7 @@ #endif void init_client_errs(void); @@ -14,10 +43,10 @@ diff -Naur mysql-5.5.8.orig/include/errmsg.h mysql-5.5.8/include/errmsg.h extern const char *client_errors[]; /* Error messages */ #ifdef __cplusplus } -diff -Naur mysql-5.5.8.orig/include/my_sys.h mysql-5.5.8/include/my_sys.h ---- mysql-5.5.8.orig/include/my_sys.h 2010-12-03 12:58:24.000000000 -0500 -+++ mysql-5.5.8/include/my_sys.h 2010-12-27 14:27:23.956926896 -0500 -@@ -227,6 +227,7 @@ +diff -Naur mysql-5.5.14.orig/include/my_sys.h mysql-5.5.14/include/my_sys.h +--- mysql-5.5.14.orig/include/my_sys.h 2011-06-21 12:42:39.000000000 -0400 ++++ mysql-5.5.14/include/my_sys.h 2011-07-12 11:55:29.195231427 -0400 +@@ -223,6 +223,7 @@ /* charsets */ #define MY_ALL_CHARSETS_SIZE 2048 @@ -25,7 +54,7 @@ diff -Naur mysql-5.5.8.orig/include/my_sys.h mysql-5.5.8/include/my_sys.h extern MYSQL_PLUGIN_IMPORT CHARSET_INFO *default_charset_info; extern MYSQL_PLUGIN_IMPORT CHARSET_INFO *all_charsets[MY_ALL_CHARSETS_SIZE]; extern CHARSET_INFO compiled_charsets[]; -@@ -914,6 +915,9 @@ +@@ -900,6 +901,9 @@ extern uint get_collation_number(const char *name); extern const char *get_charset_name(uint cs_number); @@ -35,9 +64,9 @@ diff -Naur mysql-5.5.8.orig/include/my_sys.h mysql-5.5.8/include/my_sys.h extern CHARSET_INFO *get_charset(uint cs_number, myf flags); extern CHARSET_INFO *get_charset_by_name(const char *cs_name, myf flags); extern CHARSET_INFO *get_charset_by_csname(const char *cs_name, -diff -Naur mysql-5.5.8.orig/include/mysql.h.pp mysql-5.5.8/include/mysql.h.pp ---- mysql-5.5.8.orig/include/mysql.h.pp 2010-12-03 12:58:24.000000000 -0500 -+++ mysql-5.5.8/include/mysql.h.pp 2010-12-27 14:27:23.956926896 -0500 +diff -Naur mysql-5.5.14.orig/include/mysql.h.pp mysql-5.5.14/include/mysql.h.pp +--- mysql-5.5.14.orig/include/mysql.h.pp 2011-06-21 12:42:39.000000000 -0400 ++++ mysql-5.5.14/include/mysql.h.pp 2011-07-12 11:58:43.662068564 -0400 @@ -86,7 +86,7 @@ void my_net_local_init(NET *net); void net_end(NET *net); @@ -47,10 +76,24 @@ diff -Naur mysql-5.5.8.orig/include/mysql.h.pp mysql-5.5.8/include/mysql.h.pp my_bool net_flush(NET *net); my_bool my_net_write(NET *net,const unsigned char *packet, size_t len); my_bool net_write_command(NET *net,unsigned char command, -diff -Naur mysql-5.5.8.orig/include/mysql_com.h mysql-5.5.8/include/mysql_com.h ---- mysql-5.5.8.orig/include/mysql_com.h 2010-12-03 12:58:24.000000000 -0500 -+++ mysql-5.5.8/include/mysql_com.h 2010-12-27 14:27:23.957927198 -0500 -@@ -448,6 +448,7 @@ +@@ -128,13 +128,11 @@ + double my_rnd(struct rand_struct *); + void create_random_string(char *to, unsigned int length, struct rand_struct *rand_st); + void hash_password(unsigned long *to, const char *password, unsigned int password_len); +-void make_scrambled_password_323(char *to, const char *password); + void scramble_323(char *to, const char *message, const char *password); + my_bool check_scramble_323(const unsigned char *reply, const char *message, + unsigned long *salt); + void get_salt_from_password_323(unsigned long *res, const char *password); + void make_password_from_salt_323(char *to, const unsigned long *salt); +-void make_scrambled_password(char *to, const char *password); + void scramble(char *to, const char *message, const char *password); + my_bool check_scramble(const unsigned char *reply, const char *message, + const unsigned char *hash_stage2); +diff -Naur mysql-5.5.14.orig/include/mysql_com.h mysql-5.5.14/include/mysql_com.h +--- mysql-5.5.14.orig/include/mysql_com.h 2011-06-21 12:42:39.000000000 -0400 ++++ mysql-5.5.14/include/mysql_com.h 2011-07-12 11:58:52.166065391 -0400 +@@ -452,6 +452,7 @@ void my_net_local_init(NET *net); void net_end(NET *net); void net_clear(NET *net, my_bool clear_buffer); @@ -58,3 +101,69 @@ diff -Naur mysql-5.5.8.orig/include/mysql_com.h mysql-5.5.8/include/mysql_com.h my_bool net_realloc(NET *net, size_t length); my_bool net_flush(NET *net); my_bool my_net_write(NET *net,const unsigned char *packet, size_t len); +@@ -533,14 +534,12 @@ + void create_random_string(char *to, unsigned int length, struct rand_struct *rand_st); + + void hash_password(unsigned long *to, const char *password, unsigned int password_len); +-void make_scrambled_password_323(char *to, const char *password); + void scramble_323(char *to, const char *message, const char *password); + my_bool check_scramble_323(const unsigned char *reply, const char *message, + unsigned long *salt); + void get_salt_from_password_323(unsigned long *res, const char *password); + void make_password_from_salt_323(char *to, const unsigned long *salt); + +-void make_scrambled_password(char *to, const char *password); + void scramble(char *to, const char *message, const char *password); + my_bool check_scramble(const unsigned char *reply, const char *message, + const unsigned char *hash_stage2); +diff -Naur mysql-5.5.14.orig/sql/password.c mysql-5.5.14/sql/password.c +--- mysql-5.5.14.orig/sql/password.c 2011-06-21 12:42:40.000000000 -0400 ++++ mysql-5.5.14/sql/password.c 2011-07-12 11:59:29.194068612 -0400 +@@ -154,23 +154,6 @@ + + + /* +- Wrapper around my_make_scrambled_password_323() to maintain client lib ABI +- compatibility. +- In server code usage of my_make_scrambled_password_323() is preferred to +- avoid strlen(). +- SYNOPSIS +- make_scrambled_password_323() +- to OUT store scrambled password here +- password IN NULL-terminated string with user-supplied password +-*/ +- +-void make_scrambled_password_323(char *to, const char *password) +-{ +- my_make_scrambled_password_323(to, password, strlen(password)); +-} +- +- +-/* + Scramble string with password. + Used in pre 4.1 authentication phase. + SYNOPSIS +@@ -433,23 +416,6 @@ + + + /* +- Wrapper around my_make_scrambled_password() to maintain client lib ABI +- compatibility. +- In server code usage of my_make_scrambled_password() is preferred to +- avoid strlen(). +- SYNOPSIS +- make_scrambled_password() +- buf OUT buffer of size 2*SHA1_HASH_SIZE + 2 to store hex string +- password IN NULL-terminated password string +-*/ +- +-void make_scrambled_password(char *to, const char *password) +-{ +- my_make_scrambled_password(to, password, strlen(password)); +-} +- +- +-/* + Produce an obscure octet sequence from password and random + string, recieved from the server. This sequence corresponds to the + password, but password can not be easily restored from it. The sequence diff --git a/mysql.spec b/mysql.spec index af6ccbf..0594a36 100644 --- a/mysql.spec +++ b/mysql.spec @@ -1,6 +1,6 @@ Name: mysql Version: 5.5.14 -Release: 1%{?dist} +Release: 2%{?dist} Summary: MySQL client programs and shared libraries Group: Applications/Databases URL: http://www.mysql.com @@ -611,6 +611,11 @@ fi %{_mandir}/man1/mysql_client_test.1* %changelog +* Tue Jul 12 2011 Tom Lane 5.5.14-2 +- Remove make_scrambled_password and make_scrambled_password_323 from mysql.h, + since we're not allowing clients to call those functions anyway +Related: #690346 + * Mon Jul 11 2011 Tom Lane 5.5.14-1 - Update to MySQL 5.5.14, for various fixes described at http://dev.mysql.com/doc/refman/5.5/en/news-5-5-14.html