From: drh <drh@noemail.net>
Date: Thu, 11 Sep 2014 14:01:41 +0000 (+0000)
Subject: Move user authentication blocking from sqlite3_prepare() over to the
X-Git-Tag: version-3.8.7~120^2~6
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b2445d5ee8b58a4e9e006d697e14dae3f4c43cad;p=thirdparty%2Fsqlite.git

Move user authentication blocking from sqlite3_prepare() over to the
table lock generator, thus allowing SQL statements (like
"PRAGMA locking_mode") that do not touch database content to run
prior to authentication.

FossilOrigin-Name: 70121e7cf868b7d6d19bf98794ddc3809a901456
---

diff --git a/manifest b/manifest
index 12328063d0..2e3e9eb42d 100644
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Add\ssupport\sfor\sthe\sextra\sparameter\son\sthe\ssqlite3_set_authorizer()\scallback\nand\ssupport\sfor\sfailing\san\sATTACH\swith\san\sauthentication-required\sdatabase\nusing\sbad\scredentials.\s\sThe\sextension\sis\snow\sfeature\scomplete,\sbut\smuch\ntesting\sand\sbug-fixing\sremains.
-D 2014-09-11T13:44:52.150
+C Move\suser\sauthentication\sblocking\sfrom\ssqlite3_prepare()\sover\sto\sthe\ntable\slock\sgenerator,\sthus\sallowing\sSQL\sstatements\s(like\s\n"PRAGMA\slocking_mode")\sthat\sdo\snot\stouch\sdatabase\scontent\sto\srun\nprior\sto\sauthentication.
+D 2014-09-11T14:01:41.319
 F Makefile.arm-wince-mingw32ce-gcc d6df77f1f48d690bd73162294bbba7f59507c72f
 F Makefile.in cf57f673d77606ab0f2d9627ca52a9ba1464146a
 F Makefile.linux-gcc 91d710bdc4998cb015f39edf3cb314ec4f4d7e23
@@ -174,7 +174,7 @@ F src/btmutex.c 49ca66250c7dfa844a4d4cb8272b87420d27d3a5
 F src/btree.c b1c1cd1cc3ae2e433a23b9a6c9ab53805707d8cd
 F src/btree.h a79aa6a71e7f1055f01052b7f821bd1c2dce95c8
 F src/btreeInt.h e0ecb5dba292722039a7540beb3fc448103273cc
-F src/build.c 4c7aac1ddda782c6f1cad84aeabec6e8d0be7495
+F src/build.c 8b02494e4dc9c4a6c9aff1cac8b40c426733f025
 F src/callback.c 7b44ce59674338ad48b0e84e7b72f935ea4f68b0
 F src/complete.c 535183afb3c75628b78ce82612931ac7cdf26f14
 F src/ctime.c 16cd19215d9fd849ee2b7509b092f2e0bbd6a958
@@ -220,8 +220,8 @@ F src/parse.y 22d6a074e5f5a7258947a1dc55a9bf946b765dd0
 F src/pcache.c 2048affdb09a04478b5fc6e64cb1083078d369be
 F src/pcache.h 9b559127b83f84ff76d735c8262f04853be0c59a
 F src/pcache1.c dab8ab930d4a73b99768d881185994f34b80ecaa
-F src/pragma.c 3b7b1a5e90804006f44c65464c7032ee6a1d24e3
-F src/prepare.c f82c009a763e739c6bdf02a270ccfda9e54f783c
+F src/pragma.c 3f3e959390a10c0131676f0e307acce372777e0f
+F src/prepare.c 6ef0cf2f9274982988ed6b7cab1be23147e94196
 F src/printf.c e74925089a85e3c9f0e315595f41c139d3d118c2
 F src/random.c d10c1f85b6709ca97278428fd5db5bbb9c74eece
 F src/resolve.c 0d1621e45fffe4b4396477cf46e41a84b0145ffb
@@ -1197,7 +1197,7 @@ F tool/vdbe_profile.tcl 67746953071a9f8f2f668b73fe899074e2c6d8c1
 F tool/warnings-clang.sh f6aa929dc20ef1f856af04a730772f59283631d4
 F tool/warnings.sh 0abfd78ceb09b7f7c27c688c8e3fe93268a13b32
 F tool/win/sqlite.vsix deb315d026cc8400325c5863eef847784a219a2f
-P 2f6d8f32eef526b5912f42ab467e3c7812480d8b
-R 8b68610f4a9d73b92fb9d68a3359baf2
+P 596e728b0eb19a34c888e33d4d37978ca2bf1e00
+R c54f70fc39612d9ea503f6c456a7ab1f
 U drh
-Z 6a1c7f3384e27f9ad12e8ea277382ab2
+Z e2993baf94376fc5d680228ffe933715
diff --git a/manifest.uuid b/manifest.uuid
index 1b3da62f36..a5702df9c7 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-596e728b0eb19a34c888e33d4d37978ca2bf1e00
\ No newline at end of file
+70121e7cf868b7d6d19bf98794ddc3809a901456
\ No newline at end of file
diff --git a/src/build.c b/src/build.c
index c94c5a1310..d95cf849e6 100644
--- a/src/build.c
+++ b/src/build.c
@@ -156,6 +156,24 @@ void sqlite3FinishCoding(Parse *pParse){
     while( sqlite3VdbeDeletePriorOpcode(v, OP_Close) ){}
     sqlite3VdbeAddOp0(v, OP_Halt);
 
+#if SQLITE_USER_AUTHENTICATION
+    if( pParse->nTableLock>0 && db->init.busy==0 ){
+      if( db->auth.authLevel<UAUTH_User ){
+        if( db->auth.authLevel==UAUTH_Unknown ){
+          u8 authLevel = UAUTH_Fail;
+          sqlite3UserAuthCheckLogin(db, "main", &authLevel);
+          db->auth.authLevel = authLevel;
+          if( authLevel<UAUTH_Admin ) db->flags &= ~SQLITE_WriteSchema;
+        }
+        if( db->auth.authLevel<UAUTH_User ){
+          pParse->rc = SQLITE_AUTH_USER;
+          sqlite3ErrorMsg(pParse, "user not authenticated");
+          return;
+        }
+      }
+    }
+#endif
+
     /* The cookie mask contains one bit for each database file open.
     ** (Bit 0 is for main, bit 1 is for temp, and so forth.)  Bits are
     ** set for each database that is used.  Generate code to start a
diff --git a/src/pragma.c b/src/pragma.c
index cbd593f215..543f265ba9 100644
--- a/src/pragma.c
+++ b/src/pragma.c
@@ -1398,7 +1398,7 @@ void sqlite3Pragma(
         mask &= ~(SQLITE_ForeignKeys);
       }
 #if SQLITE_USER_AUTHENTICATION
-      if( db->auth.authLevel<UAUTH_Admin ){
+      if( db->auth.authLevel==UAUTH_User ){
         /* Do not allow non-admin users to modify the schema arbitrarily */
         mask &= ~(SQLITE_WriteSchema);
       }
diff --git a/src/prepare.c b/src/prepare.c
index c57fda0026..a05e619f3e 100644
--- a/src/prepare.c
+++ b/src/prepare.c
@@ -715,20 +715,6 @@ static int sqlite3LockAndPrepare(
     return SQLITE_MISUSE_BKPT;
   }
   sqlite3_mutex_enter(db->mutex);
-#if SQLITE_USER_AUTHENTICATION
-  if( db->auth.authLevel<UAUTH_User ){
-    if( db->auth.authLevel==UAUTH_Unknown ){
-      u8 authLevel = UAUTH_Fail;
-      sqlite3UserAuthCheckLogin(db, "main", &authLevel);
-      db->auth.authLevel = authLevel;
-    }
-    if( db->auth.authLevel<UAUTH_User ){
-      sqlite3ErrorWithMsg(db, SQLITE_AUTH_USER, "user not authenticated");
-      sqlite3_mutex_leave(db->mutex);
-      return SQLITE_ERROR;
-    }
-  }
-#endif
   sqlite3BtreeEnterAll(db);
   rc = sqlite3Prepare(db, zSql, nBytes, saveSqlFlag, pOld, ppStmt, pzTail);
   if( rc==SQLITE_SCHEMA ){