Merge remote-tracking branch 'origin/develop' into MXS-122

Conflicts:
	server/core/CMakeLists.txt
	server/core/dcb.c
	server/include/dcb.h
	server/include/server.h
	server/modules/protocol/mysql_backend.c

server/include/dcb.h

@@ -23,6 +23,9 @@
 #include <gwbitmask.h>
 #include <skygw_utils.h>
 #include <netinet/in.h>
+#include <openssl/crypto.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
 
 #define ERRHANDLE
 
@@ -132,7 +135,7 @@ typedef struct {
 #define DCBFD_CLOSED -1
 
 /**
- * The statitics gathered on a descriptor control block
+ * The statistics gathered on a descriptor control block
  */
 typedef struct dcbstats {
 	int	n_reads;	/*< Number of reads on this descriptor */
@@ -266,6 +269,7 @@ typedef struct dcb {
 	unsigned int	high_water;	/**< High water mark */
 	unsigned int	low_water;	/**< Low water mark */
 	struct server	*server;	/**< The associated backend server */
+        SSL* ssl; /*< SSL struct for connection */
         int             dcb_port;       /**< port of target server */
         skygw_chk_t     dcb_chk_tail;
 } DCB;
@@ -311,6 +315,7 @@ void            dcb_free(DCB *);
 DCB             *dcb_connect(struct server *, struct session *, const char *);	
 DCB		*dcb_clone(DCB *);
 int             dcb_read(DCB *, GWBUF **);
+int             dcb_read_n(DCB*,GWBUF **,int);
 int             dcb_drain_writeq(DCB *);
 void            dcb_close(DCB *);
 DCB		*dcb_process_zombies(int);		/* Process Zombies except the one behind the pointer */
@@ -338,9 +343,14 @@ bool   dcb_set_state(DCB* dcb, dcb_state_t new_state, dcb_state_t* old_state);
 void   dcb_call_foreach (struct server* server, DCB_REASON reason);
 size_t dcb_get_session_id(DCB* dcb);
 bool   dcb_get_ses_log_info(DCB* dcb, size_t* sesid, int* enabled_logs);
-
-char            *dcb_role_name(DCB *);                  /* Return the name of a role */
-
+char   *dcb_role_name(DCB *);                  /* Return the name of a role */
+int dcb_create_SSL(DCB* dcb);
+int dcb_accept_SSL(DCB* dcb);
+int dcb_connect_SSL(DCB* dcb);
+int gw_write_SSL(SSL* ssl, const void *buf, size_t nbytes);
+int dcb_write_SSL(DCB *dcb,GWBUF *queue);
+int dcb_read_SSL(DCB   *dcb,GWBUF **head);
+int dcb_drain_writeq_SSL(DCB *dcb);
 
 
 /**
@@ -352,4 +362,4 @@ char            *dcb_role_name(DCB *);                  /* Return the name of a
 
 #define DCB_IS_CLONE(d) ((d)->flags & DCBF_CLONE)
 #define DCB_REPLIED(d) ((d)->flags & DCBF_REPLIED)
-#endif /*  _DCB_H */
+#endif /*  _DCB_H *

server/include/gw.h

@@ -1,3 +1,25 @@
+#ifndef _GW_HG
+#define _GW_HG
+
+/*
+ * This file is distributed as part of the MariaDB Corporation MaxScale.  It is free
+ * software: you can redistribute it and/or modify it under the terms of the
+ * GNU General Public License as published by the Free Software Foundation,
+ * version 2.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program; if not, write to the Free Software Foundation, Inc., 51
+ * Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Copyright MariaDB Corporation Ab 2013-2014
+ */
+
+
 #include <stdio.h>
 #include <ctype.h>
 #include <errno.h>
@@ -16,8 +38,8 @@
 #include <sys/socket.h>
 #include <netinet/in.h>
 #include <arpa/inet.h>
-
 #include <stdbool.h>
+#include <gwdirs.h>
 
 #define EXIT_FAILURE 1
 
@@ -65,3 +87,5 @@ int  gw_write(DCB *dcb, const void *buf, size_t nbytes);
 int  gw_getsockerrno(int fd);
 int  parse_bindconfig(char *, unsigned short, struct sockaddr_in *);
 int setipaddress(struct in_addr *, char *);
+char* get_libdir();
+#endif

server/include/gwdirs.h.in

@@ -0,0 +1,48 @@
+#ifndef _GW_DIRS_HG
+#define _GW_DIRS_HG
+
+/*
+ * This file is distributed as part of the MariaDB Corporation MaxScale.  It is free
+ * software: you can redistribute it and/or modify it under the terms of the
+ * GNU General Public License as published by the Free Software Foundation,
+ * version 2.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program; if not, write to the Free Software Foundation, Inc., 51
+ * Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Copyright MariaDB Corporation Ab 2015
+ */
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE 1
+#endif
+#include <stdlib.h>
+#include <string.h>
+/** Default file locations, configured by CMake */
+static const char* default_cnf_fname = "maxscale.cnf";
+static const char* default_configdir = "/etc/";
+static const char* default_piddir = "@MAXSCALE_VARDIR@/run/maxscale/"; /*< This should be changed to just /run eventually, 
+                                                                        * the /var/run folder is an old standard and the newe FSH 3.0
+                                                                        * uses /run for PID files.*/
+static const char* default_logdir = "@MAXSCALE_VARDIR@/log/maxscale/";
+static const char* default_datadir = "@MAXSCALE_VARDIR@/lib/maxscale/";
+static const char* default_libdir = "@CMAKE_INSTALL_PREFIX@/@MAXSCALE_LIBDIR@";
+static const char* default_cachedir = "@MAXSCALE_VARDIR@/cache/maxscale/";
+static const char* default_langdir = "@MAXSCALE_VARDIR@/lib/maxscale/";
+
+static char* configdir = NULL;
+static char* logdir = NULL;
+static char* libdir = NULL;
+static char* cachedir = NULL;
+static char* maxscaledatadir = NULL;
+static char* langdir = NULL;
+static char* piddir = NULL;
+char* get_libdir();
+char* get_datadir();
+char* get_cachedir();
+#endif

server/include/modules.h

@@ -68,7 +68,6 @@ extern	void	unload_all_modules();
 extern	void	printModules();
 extern	void	dprintAllModules(DCB *);
 extern 	RESULTSET	*moduleGetList();
-extern	char	*get_maxscale_home(void);
 extern void module_feedback_send(void*);
 extern void moduleShowFeedbackReport(DCB *dcb);
 

server/include/secrets.h

@@ -53,5 +53,5 @@ typedef	struct maxkeys {
 
 extern int	secrets_writeKeys(char *filename);
 extern char	*decryptPassword(char *);
-extern char	*encryptPassword(char *);
+extern char	*encryptPassword(char*,char *);
 #endif

server/include/server.h

@@ -43,6 +43,7 @@
  * 30/08/14	Massimiliano Pinto	Addition of SERVER_STALE_STATUS
  * 27/10/14	Massimiliano Pinto	Addition of SERVER_MASTER_STICKINESS
  * 19/02/15	Mark Riddoch		Addition of serverGetList
+ * 01/06/15	Massimiliano Pinto	Addition of server_update_address/port
  *
  * @endverbatim
  */
@@ -202,5 +203,7 @@ extern char	*serverGetParameter(SERVER *, char *);
 extern void	server_update(SERVER *, char *, char *, char *);
 extern void     server_set_unique_name(SERVER *, char *);
 extern DCB      *server_get_persistent(SERVER *, char *, const char *);
+extern void	server_update_address(SERVER *, char *);
+extern void	server_update_port(SERVER *,  unsigned short);
 extern RESULTSET	*serverGetList();
 #endif

server/include/service.h

@@ -26,7 +26,10 @@
 #include <hashtable.h>
 #include <resultset.h>
 #include <maxconfig.h>
-
+#include <openssl/crypto.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+#include <openssl/dh.h>
 /**
  * @file service.h
  *
@@ -105,6 +108,24 @@ typedef struct server_ref_t{
         SERVER* server;
 }SERVER_REF;
 
+typedef enum {
+  SSL_DISABLED,
+  SSL_ENABLED,
+  SSL_REQUIRED
+} ssl_mode_t;
+
+enum{
+  SERVICE_SSLV3,
+  SERVICE_TLS10,
+  SERVICE_TLS11,
+  SERVICE_TLS12,
+  SERVICE_SSL_MAX,
+  SERVICE_TLS_MAX,
+  SERVICE_SSL_TLS_MAX
+};
+
+#define DEFAULT_SSL_CERT_VERIFY_DEPTH 100 /*< The default certificate verification depth */
+
 /**
  * Defines a service within the gateway.
  *
@@ -149,8 +170,19 @@ typedef struct service {
 	FILTER_DEF	**filters;		/**< Ordered list of filters */
 	int		n_filters;		/**< Number of filters */
         int             conn_timeout;           /*< Session timeout in seconds */
+        ssl_mode_t ssl_mode; /*< one of DISABLED, ENABLED or REQUIRED */
 	char		*weightby;
 	struct service	*next;			/**< The next service in the linked list */
+        SSL_CTX         *ctx;
+        SSL_METHOD      *method;                           /*<  SSLv3 or TLS1.0/1.1/1.2 methods
+                                                           * see: https://www.openssl.org/docs/ssl/SSL_CTX_new.html */
+        int ssl_cert_verify_depth; /*< SSL certificate verification depth */
+        int ssl_method_type; /*< Which of the SSLv3 or TLS1.0/1.1/1.2 methods to use */
+        char* ssl_cert; /*< SSL certificate */
+        char* ssl_key; /*< SSL private key */
+        char* ssl_ca_cert; /*< SSL CA certificate */
+        bool ssl_init_done; /*< If SSL has already been initialized for this service */
+
 } SERVICE;
 
 typedef enum count_spec_t {COUNT_NONE=0, COUNT_ATLEAST, COUNT_EXACT, COUNT_ATMOST} count_spec_t;
@@ -178,6 +210,11 @@ extern	int	serviceRestart(SERVICE *);
 extern	int	serviceSetUser(SERVICE *, char *, char *);
 extern	int	serviceGetUser(SERVICE *, char **, char **);
 extern	void	serviceSetFilters(SERVICE *, char *);
+extern  int     serviceSetSSL(SERVICE *service, char* action);
+extern  int     serviceInitSSL(SERVICE* service);
+extern  int     serviceSetSSLVersion(SERVICE *service, char* version);
+extern  int     serviceSetSSLVerifyDepth(SERVICE* service, int depth);
+extern  void    serviceSetCertificates(SERVICE *service, char* cert,char* key, char* ca_cert);
 extern	int	serviceEnableRootUser(SERVICE *, int );
 extern	int	serviceSetTimeout(SERVICE *, int );
 extern	void	serviceWeightBy(SERVICE *, char *);