diff --git a/maxscale-system-test/CMakeLists.txt b/maxscale-system-test/CMakeLists.txt index a3aa38e1e..da04de531 100644 --- a/maxscale-system-test/CMakeLists.txt +++ b/maxscale-system-test/CMakeLists.txt @@ -825,6 +825,7 @@ add_test_executable(test_hints.cpp test_hints hints2 LABELS hintfilter readwrite # works only with yum-based distributions # TODO: make it working with zypper and apt, move part of KDC setup to MDBCI add_test_executable(kerberos_setup.cpp kerberos_setup kerberos LABELS HEAVY gssapi REPL_BACKEND) +add_test_derived(kerberos_setup_ssl kerberos_setup kerberos_ssl LABELS HEAVY gssapi REPL_BACKEND) # Configures 'keepalived' on two Maxscale machines and tried failover add_test_executable(keepalived.cpp keepalived keepalived LABELS REPL_BACKEND TWO_MAXSCALES) diff --git a/maxscale-system-test/cnf/maxscale.cnf.template.kerberos_ssl b/maxscale-system-test/cnf/maxscale.cnf.template.kerberos_ssl new file mode 100644 index 000000000..fea09d0c5 --- /dev/null +++ b/maxscale-system-test/cnf/maxscale.cnf.template.kerberos_ssl @@ -0,0 +1,112 @@ +[maxscale] +threads=###threads### + +[server1] +type=server +address=###node_server_IP_1### +port=###node_server_port_1### +protocol=MySQLBackend +authenticator=GSSAPIBackendAuth + +[server2] +type=server +address=###node_server_IP_2### +port=###node_server_port_2### +protocol=MySQLBackend +authenticator=GSSAPIBackendAuth + +[server3] +type=server +address=###node_server_IP_3### +port=###node_server_port_3### +protocol=MySQLBackend +authenticator=GSSAPIBackendAuth + +[server4] +type=server +address=###node_server_IP_4### +port=###node_server_port_4### +protocol=MySQLBackend +authenticator=GSSAPIBackendAuth + + +[MySQL-Monitor] +type=monitor +module=mysqlmon +servers=server1,server2,server3,server4 +user=maxskysql +password=skysql +monitor_interval=1000 +detect_stale_master=false + +[RW-Split-Router] +type=service +router=readwritesplit +servers=server1,server2,server3,server4 +user=maxskysql +password=skysql +slave_selection_criteria=LEAST_GLOBAL_CONNECTIONS +max_slave_connections=1 + +[Read-Connection-Router-Slave] +type=service +router=readconnroute +router_options=slave +servers=server1,server2,server3,server4 +user=maxskysql +password=skysql + +[Read-Connection-Router-Master] +type=service +router=readconnroute +router_options=master +servers=server1,server2,server3,server4 +user=maxskysql +password=skysql + +[CLI] +type=service +router=cli + +[RW-Split-Listener] +type=listener +service=RW-Split-Router +protocol=MySQLClient +port=4006 +authenticator=GSSAPIAuth +authenticator_options=principal_name=mariadb/maxscale.test@MAXSCALE.TEST +ssl=required +ssl_cert=/###access_homedir###/certs/server-cert.pem +ssl_key=/###access_homedir###/certs/server-key.pem +ssl_ca_cert=/###access_homedir###/certs/ca.pem + + +[Read-Connection-Listener-Slave] +type=listener +service=Read-Connection-Router-Slave +protocol=MySQLClient +port=4009 +authenticator=GSSAPIAuth +authenticator_options=principal_name=mariadb/maxscale.test@MAXSCALE.TEST +ssl=required +ssl_cert=/###access_homedir###/certs/server-cert.pem +ssl_key=/###access_homedir###/certs/server-key.pem +ssl_ca_cert=/###access_homedir###/certs/ca.pem + +[Read-Connection-Listener-Master] +type=listener +service=Read-Connection-Router-Master +protocol=MySQLClient +port=4008 +authenticator=GSSAPIAuth +authenticator_options=principal_name=mariadb/maxscale.test@MAXSCALE.TEST +ssl=required +ssl_cert=/###access_homedir###/certs/server-cert.pem +ssl_key=/###access_homedir###/certs/server-key.pem +ssl_ca_cert=/###access_homedir###/certs/ca.pem + +[CLI-Listener] +type=listener +service=CLI +protocol=maxscaled +socket=default diff --git a/maxscale-system-test/kerberos_setup.cpp b/maxscale-system-test/kerberos_setup.cpp index 89cf295f6..64b12bd25 100644 --- a/maxscale-system-test/kerberos_setup.cpp +++ b/maxscale-system-test/kerberos_setup.cpp @@ -158,17 +158,17 @@ int main(int argc, char* argv[]) Test->tprintf("Trying use usr1 to execute query: RW Split\n"); Test->add_result(Test->repl->ssh_node(1, - "echo select User,Host from mysql.user | mysql -uusr1 -h maxscale.maxscale.test -P 4006", + "echo select User,Host from mysql.user | mysql --ssl -uusr1 -h maxscale.maxscale.test -P 4006", false), "Error executing query against RW Split\n"); Test->tprintf("Trying use usr1 to execute query: Read Connection Master\n"); Test->add_result(Test->repl->ssh_node(1, - "echo select User,Host from mysql.user | mysql -uusr1 -h maxscale.maxscale.test -P 4008", + "echo select User,Host from mysql.user | mysql --ssl -uusr1 -h maxscale.maxscale.test -P 4008", false), "Error executing query against Read Connection Master\n"); Test->tprintf("Trying use usr1 to execute query: Read Connection Slave\n"); Test->add_result(Test->repl->ssh_node(1, - "echo select User,Host from mysql.user | mysql -uusr1 -h maxscale.maxscale.test -P 4009", + "echo select User,Host from mysql.user | mysql --ssl -uusr1 -h maxscale.maxscale.test -P 4009", false), "Error executing query against Read Connection Slave\n"); @@ -177,6 +177,10 @@ int main(int argc, char* argv[]) Test->repl->ssh_node(i, "sudo rm -f /etc/my.cnf.d/kerb.cnf", true); } + Test->repl->connect(); + Test->try_query(Test->repl->nodes[0], "DROP USER usr1"); + Test->repl->disconnect(); + int rval = Test->global_result; delete Test; return rval; diff --git a/maxscale-system-test/long_sysbench.cpp b/maxscale-system-test/long_sysbench.cpp index defebf991..c217e17c7 100644 --- a/maxscale-system-test/long_sysbench.cpp +++ b/maxscale-system-test/long_sysbench.cpp @@ -25,38 +25,20 @@ int main(int argc, char* argv[]) Test->tprintf("Connecting to RWSplit %s\n", Test->maxscales->IP[0]); - sprintf(&sys1[0], sysbench_prepare, Test->sysbench_dir, Test->sysbench_dir, Test->maxscales->IP[0]); + sprintf(&sys1[0], SYSBENCH_PREPARE, Test->maxscales->IP[0]); Test->tprintf("Preparing sysbench tables\n%s\n", sys1); Test->set_timeout(10000); Test->add_result(system(sys1), "Error executing sysbench prepare\n"); - char* readonly; - char* ro_on = (char*) "on"; - char* ro_off = (char*) "off"; - Test->stop_timeout(); current_port = port[0]; Test->tprintf("Trying test with port %d\n", current_port); - if (current_port == Test->maxscales->readconn_slave_port[0]) - { - readonly = ro_on; - } - else - { - readonly = ro_off; - } - - sprintf(&sys1[0], - sysbench_command_long, - Test->sysbench_dir, - Test->sysbench_dir, - Test->maxscales->IP[0], - current_port, - readonly); + sprintf(&sys1[0], SYSBENCH_COMMAND_LONG, Test->maxscales->IP[0], + current_port); Test->set_log_copy_interval(300); Test->tprintf("Executing sysbench \n%s\n", sys1); if (system(sys1) != 0) @@ -69,6 +51,8 @@ int main(int argc, char* argv[]) printf("Dropping sysbanch tables!\n"); fflush(stdout); + Test->try_query(Test->maxscales->conn_rwsplit[0], (char*) "DROP TABLE sbtest1"); + /* Test->try_query(Test->maxscales->conn_rwsplit[0], (char*) "DROP TABLE sbtest1"); if (!Test->smoke) { @@ -76,8 +60,9 @@ int main(int argc, char* argv[]) Test->try_query(Test->maxscales->conn_rwsplit[0], (char*) "DROP TABLE sbtest3"); Test->try_query(Test->maxscales->conn_rwsplit[0], (char*) "DROP TABLE sbtest4"); } + */ - // global_result += execute_query(Test->maxscales->conn_rwsplit[0], (char *) "DROP TABLE sbtest"); + Test->global_result += execute_query(Test->maxscales->conn_rwsplit[0], (char *) "DROP TABLE sbtest1"); printf("closing connections to MaxScale!\n"); fflush(stdout); @@ -90,8 +75,5 @@ int main(int argc, char* argv[]) int rval = Test->global_result; delete Test; - fflush(stdout); - Test->tprintf("Logs copied!\n"); - fflush(stdout); return rval; } diff --git a/maxscale-system-test/mdbci/run_test.sh b/maxscale-system-test/mdbci/run_test.sh index 97e2a739d..bfa53f188 100755 --- a/maxscale-system-test/mdbci/run_test.sh +++ b/maxscale-system-test/mdbci/run_test.sh @@ -70,6 +70,11 @@ if [ $res == 0 ] ; then cmake .. -DBUILD_SYSTEM_TESTS=Y -DBUILDNAME=$name -DCMAKE_BUILD_TYPE=Debug cd maxscale-system-test make +set -x + echo ${test_set} | grep "NAME#" + if [ $? == 0 ] ; then + named_test=`echo ${test_set} | sed "s/NAME#//" | sed "s/ //g"` + fi if [ ! -z "${named_test}" ] ; then ./${named_test} diff --git a/maxscale-system-test/mdbci/set_env.sh b/maxscale-system-test/mdbci/set_env.sh index bfae2a772..7f1f14fa5 100644 --- a/maxscale-system-test/mdbci/set_env.sh +++ b/maxscale-system-test/mdbci/set_env.sh @@ -74,7 +74,9 @@ export maxscale_IP=$maxscale_network export maxscale_access_user=$maxscale_whoami # Sysbench directory (should be sysbench >= 0.5) -export sysbench_dir=${sysbench_dir:-"$HOME/sysbench_deb7/sysbench/"} +sb=`which sysbench` +export sysbench_dir=$(dirname ${sb}) +#export sysbench_dir=${sysbench_dir:-""} export ssl=true diff --git a/maxscale-system-test/mxs657_restart.cpp b/maxscale-system-test/mxs657_restart.cpp index 5783d4d01..2dd6151d9 100644 --- a/maxscale-system-test/mxs657_restart.cpp +++ b/maxscale-system-test/mxs657_restart.cpp @@ -6,7 +6,6 @@ #include "testconnections.h" -#include "sysbench_commands.h" #include "sql_t1.h" #include "get_com_select_insert.h" diff --git a/maxscale-system-test/sysbench_commands.h b/maxscale-system-test/sysbench_commands.h index 630c3a628..68fc6b833 100644 --- a/maxscale-system-test/sysbench_commands.h +++ b/maxscale-system-test/sysbench_commands.h @@ -1,78 +1,77 @@ #ifndef SYSBENCH_COMMANDS_H #define SYSBENCH_COMMANDS_H -/*const char * sysbench_prepare = - * "sysbench --test=oltp \ - * --oltp-table-size=1000000 --mysql-db=test --mysql-user=skysql --mysql-password=skysql \ +/*const char * SYSBENCH_PREPARE = + * "sysbench oltp_read_write \ + * --mysql-db=test --mysql-user=skysql --mysql-password=skysql \ * --mysql-port=4006 --mysql-host=%s prepare"; * * * - * const char * sysbench_command = - * "sysbench --test=oltp \ + * const char * SYSBENCH_COMMAND = + * "sysbench oltp_read_write \ * --mysql-host=%s --mysql-port=%d --mysql-user=skysql --mysql-password=skysql \ - * --mysql-db=test --mysql-table-engine=innodb \ - * --num-threads=32 --oltp-table-size=1000000 --oltp-read-only=off \ + * --mysql-db=test \ + * --num-threads=32 \ * --oltp-dist-type=uniform --oltp-skip-trx=off --init-rng=on --oltp-test-mode=complex \ - * --max-requests=0 --max-time=600 run";*/ + * --max-requests=0 --time=600 run";*/ -const char* sysbench_prepare - = - "%s/sysbench --test=%s/tests/db/oltp.lua \ - --oltp-table-size=1000000 --mysql-db=test --mysql-user=skysql --mysql-password=skysql \ - --mysql-port=4006 --mysql-host=%s --oltp-tables-count=4 prepare"; +const char* SYSBENCH_PREPARE = + "sysbench oltp_read_write \ + --mysql-db=test --mysql-user=skysql --mysql-password=skysql \ + --mysql-port=4006 --mysql-host=%s prepare"; -const char* sysbench_command - = - "%s/sysbench --test=%s/tests/db/oltp.lua \ +const char* SYSBENCH_COMMAND = + "sysbench oltp_read_write \ --mysql-host=%s --mysql-port=%d --mysql-user=skysql --mysql-password=skysql \ - --mysql-db=test --mysql-table-engine=innodb --mysql-ignore-duplicates=on \ - --num-threads=32 --oltp-table-size=1000000 --oltp-tables-count=2 --oltp-read-only=%s \ - --oltp-dist-type=uniform --oltp-skip-trx=off --init-rng=on --oltp-test-mode=complex \ - --max-requests=0 --report-interval=5 --max-time=100 run"; + --mysql-db=test \ + --threads=32 \ + --max-requests=0 --report-interval=5 --time=100 run"; +const char* SYSBENCH_PREPARE_RO = + "sysbench oltp_read_only \ + --mysql-db=test --mysql-user=skysql --mysql-password=skysql \ + --mysql-port=4006 --mysql-host=%s prepare"; -const char* sysbench_prepare1 - = - "%s/sysbench --test=%s/tests/db/oltp.lua \ - --oltp-table-size=1000 --mysql-db=test --mysql-user=skysql --mysql-password=skysql \ - --mysql-port=4006 --mysql-host=%s --oltp-tables-count=1 prepare"; - -const char* sysbench_command1 - = - "%s/sysbench --test=%s/tests/db/oltp.lua \ - --mysql-host=%s --mysql-port=%d --mysql-user=skysql --mysql-password=skysql \ - --mysql-db=test --mysql-table-engine=innodb --mysql-ignore-duplicates=on \ - --num-threads=32 --oltp-table-size=1000 --oltp-tables-count=1 --oltp-read-only=%s \ - --oltp-dist-type=uniform --oltp-skip-trx=off --init-rng=on --oltp-test-mode=complex \ - --max-requests=0 --report-interval=5 --max-time=100 run"; - - -const char* sysbench_command_long - = - "%s/sysbench --test=%s/tests/db/oltp.lua \ +const char* SYSBENCH_COMMAND_RO = + "sysbench oltp_read_only \ --mysql-host=%s --mysql-port=%d --mysql-user=skysql --mysql-password=skysql \ - --mysql-db=test --mysql-table-engine=innodb --mysql-ignore-duplicates=on \ - --num-threads=32 --oltp-table-size=1000000 --oltp-tables-count=2 --oltp-read-only=%s \ - --oltp-dist-type=uniform --oltp-skip-trx=off --init-rng=on --oltp-test-mode=complex \ - --max-requests=0 --report-interval=5 --max-time=2592000 run"; + --mysql-db=test \ + --threads=32 \ + --max-requests=0 --report-interval=5 --time=100 run"; -const char* sysbench_prepare_short - = - "%s/sysbench --test=%s/tests/db/oltp.lua \ - --oltp-table-size=10000 --mysql-db=test --mysql-user=skysql --mysql-password=skysql \ - --mysql-port=4006 --mysql-host=%s --oltp-tables-count=4 prepare"; +const char* SYSBENCH_PREPARE1 = + "sysbench oltp_read_write \ + --mysql-db=test --mysql-user=skysql --mysql-password=skysql \ + --mysql-port=4006 --mysql-host=%s prepare"; -const char* sysbench_command_short - = - "%s/sysbench --test=%s/tests/db/oltp.lua \ +const char* SYSBENCH_COMMAND1 = + "sysbench oltp_read_write \ + --mysql-host=%s --mysql-port=%d --mysql-user=skysql --mysql-password=skysql \ + --mysql-db=test \ + --threads=32 \ + --max-requests=0 --report-interval=5 --time=100 run"; + + +const char* SYSBENCH_COMMAND_LONG = + "sysbench oltp_read_write \ + --mysql-host=%s --mysql-port=%d --mysql-user=skysql --mysql-password=skysql \ + --mysql-db=test \ + --threads=32 \ + --max-requests=0 --report-interval=5 --time=2592000 run"; + + +const char* SYSBENCH_PREPARE_SHORT = + "sysbench oltp_read_write \ + --mysql-db=test --mysql-user=skysql --mysql-password=skysql \ + --mysql-port=4006 --mysql-host=%s prepare"; + +const char* SYSBENCH_COMMAND_SHORT = + "sysbench oltp_read_write \ --mysql-host=%s --mysql-port=%d --mysql-user=skysql --mysql-password=skysql \ - --mysql-db=test --mysql-table-engine=innodb --mysql-ignore-duplicates=on \ - --num-threads=32 --oltp-table-size=10000 --oltp-tables-count=2 --oltp-read-only=%s \ - --oltp-dist-type=uniform --oltp-skip-trx=off --init-rng=on --oltp-test-mode=complex \ - --max-requests=0 --report-interval=5 --max-time=300 run"; - - + --mysql-db=test \ + --threads=32 \ + --max-requests=0 --report-interval=5 --time=300 run"; #endif // SYSBENCH_COMMANDS_H diff --git a/maxscale-system-test/sysbench_example.cpp b/maxscale-system-test/sysbench_example.cpp index d8f414c43..74632da0f 100644 --- a/maxscale-system-test/sysbench_example.cpp +++ b/maxscale-system-test/sysbench_example.cpp @@ -21,7 +21,7 @@ int main(int argc, char* argv[]) fflush(stdout); Test->tprintf("Connecting to RWSplit %s\n", Test->maxscales->IP[0]); - sprintf(&sys1[0], sysbench_prepare_short, Test->sysbench_dir, Test->sysbench_dir, Test->maxscales->IP[0]); + sprintf(&sys1[0], SYSBENCH_PREPARE_SHORT, Test->maxscales->IP[0]); Test->tprintf("Preparing sysbench tables\n%s\n", sys1); Test->set_timeout(10000); @@ -29,13 +29,8 @@ int main(int argc, char* argv[]) Test->stop_timeout(); - sprintf(&sys1[0], - sysbench_command_short, - Test->sysbench_dir, - Test->sysbench_dir, - Test->maxscales->IP[0], - Test->maxscales->rwsplit_port[0], - "off"); + sprintf(&sys1[0], SYSBENCH_COMMAND_SHORT, Test->maxscales->IP[0], + Test->maxscales->rwsplit_port[0]); Test->set_log_copy_interval(300); Test->tprintf("Executing sysbench \n%s\n", sys1); if (system(sys1) != 0) @@ -48,15 +43,17 @@ int main(int argc, char* argv[]) printf("Dropping sysbanch tables!\n"); fflush(stdout); - Test->try_query(Test->maxscales->conn_rwsplit[0], (char*) "DROP TABLE sbtest1"); - if (!Test->smoke) - { - Test->try_query(Test->maxscales->conn_rwsplit[0], (char*) "DROP TABLE sbtest2"); - Test->try_query(Test->maxscales->conn_rwsplit[0], (char*) "DROP TABLE sbtest3"); - Test->try_query(Test->maxscales->conn_rwsplit[0], (char*) "DROP TABLE sbtest4"); - } + /* + * Test->try_query(Test->maxscales->conn_rwsplit[0], (char *) "DROP TABLE sbtest1"); + * if (!Test->smoke) + * { + * Test->try_query(Test->maxscales->conn_rwsplit[0], (char *) "DROP TABLE sbtest2"); + * Test->try_query(Test->maxscales->conn_rwsplit[0], (char *) "DROP TABLE sbtest3"); + * Test->try_query(Test->maxscales->conn_rwsplit[0], (char *) "DROP TABLE sbtest4"); + * } + */ - // global_result += execute_query(Test->maxscales->conn_rwsplit[0], (char *) "DROP TABLE sbtest"); + Test->global_result += execute_query(Test->maxscales->conn_rwsplit[0], (char*) "DROP TABLE sbtest1"); printf("closing connections to MaxScale!\n"); fflush(stdout); diff --git a/maxscale-system-test/sysbench_kill_slave.cpp b/maxscale-system-test/sysbench_kill_slave.cpp index be20ce3bc..669a8dde0 100644 --- a/maxscale-system-test/sysbench_kill_slave.cpp +++ b/maxscale-system-test/sysbench_kill_slave.cpp @@ -28,59 +28,36 @@ int main(int argc, char* argv[]) port[0] = Test->maxscales->rwsplit_port[0]; port[1] = Test->maxscales->readconn_master_port[0]; - port[2] = Test->maxscales->readconn_slave_port[0]; + // port[2] = Test->maxscales->readconn_slave_port[0]; Test->tprintf("Connecting to RWSplit %s\n", Test->maxscales->IP[0]); if (Test->smoke) { - sprintf(&sys1[0], sysbench_prepare1, Test->sysbench_dir, Test->sysbench_dir, Test->maxscales->IP[0]); + sprintf(&sys1[0], SYSBENCH_PREPARE1, Test->maxscales->IP[0]); } else { - sprintf(&sys1[0], sysbench_prepare, Test->sysbench_dir, Test->sysbench_dir, Test->maxscales->IP[0]); + sprintf(&sys1[0], SYSBENCH_PREPARE, Test->maxscales->IP[0]); } Test->tprintf("Preparing sysbench tables\n%s\n", sys1); Test->set_timeout(5000); Test->add_result(system(sys1), "Error executing sysbench prepare\n"); - char* readonly; - char* ro_on = (char*) "on"; - char* ro_off = (char*) "off"; Test->set_timeout(2000); - for (int k = 0; k < 3; k++) + for (int k = 0; k < 2; k++) { Test->tprintf("Trying test with port %d\n", port[k]); pthread_create(&kill_vm_thread1, NULL, kill_vm_thread, NULL); - if (port[k] == Test->maxscales->readconn_slave_port[0]) - { - readonly = ro_on; - } - else - { - readonly = ro_off; - } if (Test->smoke) { - sprintf(&sys1[0], - sysbench_command1, - Test->sysbench_dir, - Test->sysbench_dir, - Test->maxscales->IP[0], - port[k], - readonly); + sprintf(&sys1[0], SYSBENCH_COMMAND1, Test->maxscales->IP[0], port[k]); } else { - sprintf(&sys1[0], - sysbench_command, - Test->sysbench_dir, - Test->sysbench_dir, - Test->maxscales->IP[0], - port[k], - readonly); + sprintf(&sys1[0], SYSBENCH_COMMAND, Test->maxscales->IP[0], port[k]); } Test->tprintf("Executing sysbench tables\n%s\n", sys1); if (system(sys1) != 0) @@ -104,13 +81,16 @@ int main(int argc, char* argv[]) printf("Dropping sysbanch tables!\n"); fflush(stdout); - Test->try_query(Test->maxscales->conn_rwsplit[0], (char*) "DROP TABLE sbtest1"); - if (!Test->smoke) - { - Test->try_query(Test->maxscales->conn_rwsplit[0], (char*) "DROP TABLE sbtest2"); - Test->try_query(Test->maxscales->conn_rwsplit[0], (char*) "DROP TABLE sbtest3"); - Test->try_query(Test->maxscales->conn_rwsplit[0], (char*) "DROP TABLE sbtest4"); - } + /* + * Test->try_query(Test->maxscales->conn_rwsplit[0], (char *) "DROP TABLE sbtest1"); + * if (!Test->smoke) + * { + * Test->try_query(Test->maxscales->conn_rwsplit[0], (char *) "DROP TABLE sbtest2"); + * Test->try_query(Test->maxscales->conn_rwsplit[0], (char *) "DROP TABLE sbtest3"); + * Test->try_query(Test->maxscales->conn_rwsplit[0], (char *) "DROP TABLE sbtest4"); + * } + */ + Test->global_result += execute_query(Test->maxscales->conn_rwsplit[0], (char*) "DROP TABLE sbtest1"); printf("closing connections to MaxScale!\n"); fflush(stdout); diff --git a/server/modules/authenticator/MySQLAuth/dbusers.cc b/server/modules/authenticator/MySQLAuth/dbusers.cc index 5e5eaddf9..fa71ef6a6 100644 --- a/server/modules/authenticator/MySQLAuth/dbusers.cc +++ b/server/modules/authenticator/MySQLAuth/dbusers.cc @@ -162,7 +162,8 @@ static char* get_users_query(const char* server_version, int version, bool inclu { if (is_mariadb) // 10.1.1 or newer, supports default roles { - return version >= 100202 ? + // Require 10.2.15 due to MDEV-15840 and MDEV-15556 + return version >= 100215 ? get_mariadb_102_users_query(include_root) : get_mariadb_users_query(include_root); } diff --git a/server/modules/authenticator/MySQLAuth/mysql_auth.cc b/server/modules/authenticator/MySQLAuth/mysql_auth.cc index 6be26757e..68995f2dd 100644 --- a/server/modules/authenticator/MySQLAuth/mysql_auth.cc +++ b/server/modules/authenticator/MySQLAuth/mysql_auth.cc @@ -285,9 +285,9 @@ static bool is_localhost_address(struct sockaddr_storage* addr) */ static int mysql_auth_authenticate(DCB* dcb) { - int auth_ret = ssl_authenticate_check_status(dcb); + int auth_ret = MXS_AUTH_SSL_COMPLETE; MYSQL_session* client_data = (MYSQL_session*)dcb->data; - if (auth_ret == MXS_AUTH_SSL_COMPLETE && *client_data->user) + if (*client_data->user) { MXS_DEBUG("Receiving connection from '%s' to database '%s'.", client_data->user, diff --git a/server/modules/authenticator/PAM/PAMAuth/pam_client_session.cc b/server/modules/authenticator/PAM/PAMAuth/pam_client_session.cc index ebab8df20..837666ecd 100644 --- a/server/modules/authenticator/PAM/PAMAuth/pam_client_session.cc +++ b/server/modules/authenticator/PAM/PAMAuth/pam_client_session.cc @@ -332,9 +332,9 @@ Buffer PamClientSession::create_auth_change_packet() const int PamClientSession::authenticate(DCB* dcb) { - int rval = ssl_authenticate_check_status(dcb); + int rval = MXS_AUTH_SSL_COMPLETE; MYSQL_session* ses = static_cast(dcb->data); - if (rval == MXS_AUTH_SSL_COMPLETE && *ses->user) + if (*ses->user) { rval = MXS_AUTH_FAILED; if (m_state == PAM_AUTH_INIT) diff --git a/server/modules/protocol/MySQL/mariadbclient/mysql_client.cc b/server/modules/protocol/MySQL/mariadbclient/mysql_client.cc index 7ef427fe4..ae2db1a76 100644 --- a/server/modules/protocol/MySQL/mariadbclient/mysql_client.cc +++ b/server/modules/protocol/MySQL/mariadbclient/mysql_client.cc @@ -225,10 +225,9 @@ std::string get_version_string(SERVICE* service) } // Older applications don't understand versions other than 5 and cause strange problems - const char prefix[] = "5.5.5-"; - - if (strncmp(rval.c_str(), prefix, sizeof(prefix) - 1) != 0) + if (rval[0] != '5') { + const char prefix[] = "5.5.5-"; rval = prefix + rval; } @@ -735,7 +734,13 @@ static int gw_read_do_authentication(DCB* dcb, GWBUF* read_buffer, int nbytes_re int auth_val = MXS_AUTH_FAILED; if (dcb->authfunc.extract(dcb, read_buffer)) { - auth_val = dcb->authfunc.authenticate(dcb); + auth_val = ssl_authenticate_check_status(dcb); + + if (auth_val == MXS_AUTH_SSL_COMPLETE) + { + // TLS connection phase complete + auth_val = dcb->authfunc.authenticate(dcb); + } } else {