WL#6667 Reimplement the password validation plugin API and plugin

        as a component

   * The validate password plugin is converted to component.
   * For mysql-8.0 we will have both component and plugin(But
     plugin will be installed/uninstalled with below deprecate
     warning)
     "validate password plugin' is deprecated and will be
      removed in a future release. Please use validate_password
      component instead"
   * In the next major release we remove the plugin .so file.
   * With the component enabled, we see the system/status
     variables preceded with "validate_password." instead of
     "validate_password_"(for example, if we take 'length'
     system variable we see it as "validate_password.length"
     instead of "validate_password_length")
   * The packaging script should be installing the component
     by default for new installs

   The way it currently works with deprecations and removals
   is the following:
   1. We add a deprecation warning to using the old way and
      we switch the server to use the new way by default for
      new installations.
   2. We expect that people will upgrade their existing
      installations too to avoid the warning.
   3. In the next major release we remove the old way and
      hope that people did #2.

Author: V S Murthy Sidagam

components/library_mysys/CMakeLists.txt

@@ -0,0 +1,24 @@
+# Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+#
+# This program is free software; you can redistribute it and/or modify it under
+# the terms of the GNU General Public License as published by the Free Software
+# Foundation; version 2 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
+
+INCLUDE(${MYSQL_CMAKE_SCRIPT_DIR}/compile_flags.cmake)
+
+INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include)
+
+SET(LIBRARY_MYSYS_SOURCES
+  my_memory.cc
+)
+
+ADD_CONVENIENCE_LIBRARY(library_mysys ${LIBRARY_MYSYS_SOURCES})

components/library_mysys/my_memory.cc

@@ -0,0 +1,89 @@
+/* Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; version 2 of the License.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */
+
+#include <stdlib.h>
+#include <assert.h>
+#include "mysql/components/library_mysys/my_memory.h"
+#include "mysql/components/services/psi_memory.h"
+
+#ifdef HAVE_VALGRIND
+#include <valgrind/valgrind.h>
+
+#define MEM_MALLOCLIKE_BLOCK(p1, p2, p3, p4) \
+        VALGRIND_MALLOCLIKE_BLOCK(p1, p2, p3, p4)
+#define MEM_FREELIKE_BLOCK(p1, p2) VALGRIND_FREELIKE_BLOCK(p1, p2)
+#else /* HAVE_VALGRIND */
+#define MEM_MALLOCLIKE_BLOCK(p1, p2, p3, p4) do {} while (0)
+#define MEM_FREELIKE_BLOCK(p1, p2) do {} while (0)
+#endif /* HAVE_VALGRIND */
+
+#define MY_ZEROFILL     32      /* fill array with zero */
+#define HEADER_SIZE 32
+#define MAGIC 1234
+#define USER_TO_HEADER(P) \
+  ( (my_memory_header*) (((char *) P) - HEADER_SIZE ))
+#define HEADER_TO_USER(P) \
+  ( ((char*) P) + HEADER_SIZE )
+
+struct my_memory_header
+{
+  PSI_memory_key m_key;
+  unsigned int m_magic;
+  size_t m_size;
+  PSI_thread *m_owner;
+};
+typedef struct my_memory_header my_memory_header;
+
+extern "C" void * my_malloc(PSI_memory_key key, size_t size, int flags)
+{
+  my_memory_header *mh;
+  size_t raw_size;
+  static_assert(sizeof(my_memory_header) <= HEADER_SIZE,
+                "We must reserve enough memory to hold the header.");
+
+  raw_size= HEADER_SIZE + size;
+  if (flags & MY_ZEROFILL)
+    mh= (my_memory_header *)calloc(raw_size, 1);
+  else
+    mh= (my_memory_header *)malloc(raw_size);
+
+  if (mh != NULL)
+  {
+    void *user_ptr;
+    mh->m_magic= MAGIC;
+    mh->m_size= size;
+    mh->m_key= PSI_MEMORY_CALL(memory_alloc)(key, size, & mh->m_owner);
+    user_ptr= HEADER_TO_USER(mh);
+    MEM_MALLOCLIKE_BLOCK(user_ptr, size, 0, (flags & MY_ZEROFILL));
+    return user_ptr;
+  }
+  return NULL;
+}
+
+extern "C" void my_free(void *ptr)
+{
+  my_memory_header *mh;
+
+  if (ptr == NULL)
+    return;
+
+  mh= USER_TO_HEADER(ptr);
+  assert(mh->m_magic == MAGIC);
+  PSI_MEMORY_CALL(memory_free)(mh->m_key, mh->m_size, mh->m_owner);
+  /* Catch double free */
+  mh->m_magic= 0xDEAD;
+  MEM_FREELIKE_BLOCK(ptr, 0);
+  free(mh);
+}

components/mysql_server/security_context_imp.h

@@ -0,0 +1,94 @@
+/* Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; version 2 of the License.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02111-1307  USA */
+
+#ifndef SECURITY_CONTEXT_IMP_H
+#define SECURITY_CONTEXT_IMP_H
+
+#include <mysql/components/services/security_context.h>
+#include <mysql/components/service_implementation.h>
+
+/**
+  An implementation of security_context service methods
+*/
+class mysql_security_context_imp
+{
+public:
+  /**
+    Gets the security context for the thread.
+
+    @sa mysql_thd_security_context::get()
+  */
+  static DEFINE_BOOL_METHOD(get,
+  (void *_thd, Security_context_handle *out_ctx));
+
+  /**
+    Sets a new security context for the thread.
+
+    @sa mysql_thd_security_context::set()
+  */
+  static DEFINE_BOOL_METHOD(set,
+  (void *_thd, Security_context_handle in_ctx));
+
+  /**
+    Creates a new security context and initializes it with the defaults
+    (no access, no user etc).
+
+    @sa mysql_security_context_factory::create()
+  */
+  static DEFINE_BOOL_METHOD(create,
+  (Security_context_handle *out_ctx));
+
+  /**
+    Deallocates a security context.
+
+    @sa mysql_security_context_factory::destroy()
+  */
+  static DEFINE_BOOL_METHOD(destroy,
+  (Security_context_handle ctx));
+
+  /**
+    Duplicates a security context.
+
+    @sa mysql_security_context_factory::copy()
+  */
+  static DEFINE_BOOL_METHOD(copy,
+  (Security_context_handle in_ctx, Security_context_handle *out_ctx));
+
+  /**
+    Looks up in the defined user accounts.
+
+    @sa mysql_account_database_security_context_lookup::lookup()
+  */
+  static DEFINE_BOOL_METHOD(lookup,
+  (Security_context_handle ctx, const char *user, const char *host,
+   const char *ip, const char *db));
+
+  /**
+    Reads a named security context attribute and retuns its value.
+
+    @sa mysql_security_context_options::get()
+  */
+  static DEFINE_BOOL_METHOD(get,
+  (Security_context_handle ctx, const char *name, void *inout_pvalue));
+
+  /**
+    Sets a value for a named security context attribute
+
+    @sa mysql_security_context_options::set()
+  */
+  static DEFINE_BOOL_METHOD(set,
+  (Security_context_handle ctx, const char *name, void *pvalue));
+};
+#endif /* SECURITY_CONTEXT_IMP_H */

components/mysql_server/server_component.cc

@@ -25,6 +25,7 @@ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA */
 #include "component_status_var_service.h"
 #include "component_sys_var_service.h"
 #include "system_variable_source_imp.h"
+#include "security_context_imp.h"
 #include "dynamic_loader.h"
 #include "dynamic_loader_path_filter.h"
 #include "dynamic_loader_scheme_file.h"
@@ -291,6 +292,27 @@ BEGIN_SERVICE_IMPLEMENTATION(mysql_server, mysql_backup_lock)
   mysql_release_backup_lock
 END_SERVICE_IMPLEMENTATION()
 
+BEGIN_SERVICE_IMPLEMENTATION(mysql_server, mysql_thd_security_context)
+  mysql_security_context_imp::get,
+  mysql_security_context_imp::set
+END_SERVICE_IMPLEMENTATION()
+
+BEGIN_SERVICE_IMPLEMENTATION(mysql_server, mysql_security_context_factory)
+  mysql_security_context_imp::create,
+  mysql_security_context_imp::destroy,
+  mysql_security_context_imp::copy
+END_SERVICE_IMPLEMENTATION()
+
+BEGIN_SERVICE_IMPLEMENTATION(mysql_server,
+                             mysql_account_database_security_context_lookup)
+  mysql_security_context_imp::lookup
+END_SERVICE_IMPLEMENTATION()
+
+BEGIN_SERVICE_IMPLEMENTATION(mysql_server, mysql_security_context_options)
+  mysql_security_context_imp::get,
+  mysql_security_context_imp::set
+END_SERVICE_IMPLEMENTATION()
+
 BEGIN_COMPONENT_PROVIDES(mysql_server)
   PROVIDES_SERVICE(mysql_server, registry)
   PROVIDES_SERVICE(mysql_server, registry_registration)
@@ -329,6 +351,10 @@ BEGIN_COMPONENT_PROVIDES(mysql_server)
   PROVIDES_SERVICE(mysql_server, status_variable_registration)
   PROVIDES_SERVICE(mysql_server, system_variable_source)
   PROVIDES_SERVICE(mysql_server, mysql_backup_lock)
+  PROVIDES_SERVICE(mysql_server, mysql_thd_security_context)
+  PROVIDES_SERVICE(mysql_server, mysql_security_context_factory)
+  PROVIDES_SERVICE(mysql_server, mysql_account_database_security_context_lookup)
+  PROVIDES_SERVICE(mysql_server, mysql_security_context_options)
 END_COMPONENT_PROVIDES()
 
 static BEGIN_COMPONENT_REQUIRES(mysql_server)

components/mysql_server/server_component.h

@@ -49,7 +49,7 @@ void mysql_string_services_init();
 void mysql_comp_status_var_services_init();
 void mysql_comp_sys_var_services_init();
 void mysql_comp_system_variable_source_init();
-
+void mysql_security_context_init();
 void mysql_backup_lock_service_init();
 
 

components/test/test_sys_var_service.cc

@@ -49,7 +49,7 @@ enum password_policy_enum { PASSWORD_POLICY_LOW,
 
 static const char* policy_names[] = { "LOW", "MEDIUM", "STRONG", NullS };
 
-static TYPELIB password_policy_typelib_t = {
+static TYPE_LIB password_policy_typelib_t = {
         array_elements(policy_names) - 1,
         "password_policy_typelib_t",
         policy_names,

components/test/test_sys_var_service_same.cc

@@ -49,7 +49,7 @@ enum password_policy_enum { PASSWORD_POLICY_LOW,
 
 static const char* policy_names[] = { "LOW", "MEDIUM", "STRONG", NullS };
 
-static TYPELIB password_policy_typelib_t = {
+static TYPE_LIB password_policy_typelib_t = {
         array_elements(policy_names) - 1,
         "password_policy_typelib_t",
         policy_names,

components/validate_password/CMakeLists.txt

@@ -0,0 +1,19 @@
+# Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; version 2 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
+
+MYSQL_ADD_COMPONENT(validate_password
+  validate_password_imp.cc
+  MODULE
+  LINK_LIBRARIES library_mysys)