MXS-1167: Skip permission checks for internal services

If a server points to a local MaxScale listener, the permission checks for that server are skipped. This allows permission checks to be used with a mix of external servers and internal services.
2017-03-17 07:48:59 +02:00
parent 2e6e8574a4
commit 0b5d164855
5 changed files with 63 additions and 1 deletions
--- a/server/core/server.c
+++ b/server/core/server.c
@ -1341,3 +1341,22 @@ void server_clear_status(SERVER *server, int bit)
    }
    spinlock_release(&server->lock);
 }
+
+bool server_is_mxs_service(const SERVER *server)
+{
+    bool rval = false;
+
+    /** Do a coarse check for local server pointing to a MaxScale service */
+    if (strcmp(server->name, "127.0.0.1") == 0 ||
+        strcmp(server->name, "::1") == 0 ||
+        strcmp(server->name, "localhost") == 0 ||
+        strcmp(server->name, "localhost.localdomain") == 0)
+    {
+        if (service_port_is_used(server->port))
+        {
+            rval = true;
+        }
+    }
+
+    return rval;
+}
--- a/server/core/service.c
+++ b/server/core/service.c
@ -2296,3 +2296,29 @@ void service_print_users(DCB *dcb, const SERVICE *service)
        }
    }
 }
+
+bool service_port_is_used(unsigned short port)
+{
+    bool rval = false;
+    spinlock_acquire(&service_spin);
+
+    for (SERVICE *service = allServices; service && !rval; service = service->next)
+    {
+        spinlock_acquire(&service->spin);
+
+        for (SERV_LISTENER *proto = service->ports; proto; proto = proto->next)
+        {
+            if (proto->port == port)
+            {
+                rval = true;
+                break;
+            }
+        }
+
+        spinlock_release(&service->spin);
+    }
+
+    spinlock_release(&service_spin);
+
+    return rval;
+}