hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Move dbusers.c out of the core

Browse Source 
The dbusers.c was a MySQL protocol specific file which was used directly
by some of the modules.

Added a new return value for the loadusers authenticator entry point which
allows fatal failures to occur when users are loaded. Currently this is
only taken into notice when the service is first started. If a listener
later returns a fatal error, it is only logged but the service stays in
operation.

Moved the MySQLAuth authenticator sources and the tests that relate to
this module into a subdirectory in the authenticator
directory. Eventually, all authenticators could have a subdirectory of
their own.
This commit is contained in:
Markus Makela
2016-10-20 21:26:06 +03:00
parent fe689504b0
commit 4e07c3313c
23 changed files with 127 additions and 352 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
server/modules/routing/avro/avro_client.c
View File

@ -40,7 +40,6 @@
#include "avrorouter.h"
#include <maxavro.h>
#include <maxscale/alloc.h>
#include <maxscale/dbusers.h>
extern char *blr_extract_column(GWBUF *buf, int col);
extern uint32_t extract_field(uint8_t *src, int bits);

1
server/modules/routing/avro/avrorouter.h
View File

@ -27,7 +27,6 @@
#include <maxscale/spinlock.h>
#include <maxscale/mysql_binlog.h>
#include <maxscale/users.h>
#include <maxscale/dbusers.h>
#include <avro.h>
#include <cdc.h>
#include <maxscale/pcre2.h>

156
server/modules/routing/binlog/blr.c
View File

@ -103,7 +103,6 @@ static void errorReply(ROUTER *instance,
static uint64_t getCapabilities();
static int blr_handler_config(void *userdata, const char *section, const char *name, const char *value);
static int blr_handle_config_item(const char *name, const char *value, ROUTER_INSTANCE *inst);
static int blr_set_service_mysql_user(SERVICE *service);
static int blr_load_dbusers(const ROUTER_INSTANCE *router);
static int blr_check_binlog(ROUTER_INSTANCE *router);
int blr_read_events_all_events(ROUTER_INSTANCE *router, int fix, int debug);
@ -578,18 +577,6 @@ createInstance(SERVICE *service, char **options)
}
}
/* Allocate dbusers for this router here instead of serviceStartPort() */
for (SERV_LISTENER *port = service->ports; port; port = port->next)
{
if ((port->users = mysql_users_alloc()) == NULL)
{
MXS_ERROR("%s: Error allocating dbusers in createInstance",
inst->service->name);
free_instance(inst);
return NULL;
}
}
/* Dynamically allocate master_host server struct, not written in any cnf file */
if (service->dbref == NULL)
{
@ -674,19 +661,10 @@ createInstance(SERVICE *service, char **options)
inst->service->name, inst->binlogdir);
}
/* Set service user or load db users */
blr_set_service_mysql_user(inst->service);
}
else
{
inst->master_state = BLRM_UNCONNECTED;
/* Try loading dbusers */
if (inst->service->ports)
{
blr_load_dbusers(inst);
}
}
/**
@ -2134,140 +2112,6 @@ blr_handle_config_item(const char *name, const char *value, ROUTER_INSTANCE *ins
return 1;
}
/**
* Add the service user to mysql dbusers (service->users)
* via mysql_users_alloc and add_mysql_users_with_host_ipv4
* User is added for '%' and 'localhost' hosts
*
* @param service The current service
* @return 0 on success, 1 on failure
*/
static int
blr_set_service_mysql_user(SERVICE *service)
{
char *dpwd = NULL;
char *newpasswd = NULL;
char *service_user = NULL;
char *service_passwd = NULL;
if (serviceGetUser(service, &service_user, &service_passwd) == 0)
{
MXS_ERROR("failed to get service user details for service %s",
service->name);
return 1;
}
dpwd = decryptPassword(service->credentials.authdata);
if (!dpwd)
{
MXS_ERROR("decrypt password failed for service user %s, service %s",
service_user,
service->name);
return 1;
}
newpasswd = create_hex_sha1_sha1_passwd(dpwd);
if (!newpasswd)
{
MXS_ERROR("create hex_sha1_sha1_password failed for service user %s",
service_user);
MXS_FREE(dpwd);
return 1;
}
/** Add the service user for % and localhost to all listeners so that
* it can always be used. */
for (SERV_LISTENER *port = service->ports; port; port = port->next)
{
add_mysql_users_with_host_ipv4(port->users, service->credentials.name,
"%", newpasswd, "Y", "");
add_mysql_users_with_host_ipv4(port->users, service->credentials.name,
"localhost", newpasswd, "Y", "");
}
MXS_FREE(newpasswd);
MXS_FREE(dpwd);
return 0;
}
/**
* Load mysql dbusers into (service->users)
*
* @param router The router instance
* @return -1 on failure, 0 for no users found, > 0 for found users
*/
static int
blr_load_dbusers(const ROUTER_INSTANCE *router)
{
int loaded_total = 0;
SERVICE *service;
char path[PATH_MAX];
service = router->service;
for (SERV_LISTENER *port = service->ports; port; port = port->next)
{
sprintf(path, "%s/%s/%s/", router->binlogdir, BLR_DBUSERS_DIR, port->name);
if (mxs_mkdir_all(path, 0775))
{
strcat(path, BLR_DBUSERS_FILE);
}
/* Try loading dbusers from configured backends */
int loaded = load_mysql_users(port);
if (loaded < 0)
{
MXS_ERROR("Unable to load users for service %s", service->name);
/* Try loading authentication data from file cache */
loaded = dbusers_load(port->users, path);
if (loaded != -1)
{
MXS_ERROR("Service %s, Listener %s, Using cached credential information file %s.",
service->name, port->name, path);
}
else
{
MXS_ERROR("Service %s, Listener %s, Unable to read cache credential"
" information from %s. No database user added to service users table.",
service->name, port->name, path);
}
}
else
{
/* don't update cache if no user was loaded */
if (loaded == 0)
{
MXS_ERROR("Service %s, Listener %s: failed to load any user information."
" Authentication will probably fail as a result.",
service->name, port->name);
}
else
{
/* update cached data */
dbusers_save(port->users, path);
}
}
loaded_total += loaded;
}
/* At service start last update is set to USERS_REFRESH_TIME seconds earlier.
* This way MaxScale could try reloading users' just after startup
*/
service->rate_limit.last = time(NULL) - USERS_REFRESH_TIME;
service->rate_limit.nloads = 1;
return loaded_total;
}
/**
* Extract a numeric field from a packet of the specified number of bits
*

27
server/modules/routing/binlog/blr_slave.c
View File

@ -432,7 +432,7 @@ blr_slave_query(ROUTER_INSTANCE *router, ROUTER_SLAVE *slave, GWBUF *queue)
else if (strcasecmp(word, "USER()") == 0)
{
/* Return user@host */
char user_host[MYSQL_USER_MAXLEN + 1 + MYSQL_HOSTNAME_MAXLEN + 1] = "";
char user_host[MYSQL_USER_MAXLEN + 1 + MYSQL_HOST_MAXLEN + 1] = "";
MXS_FREE(query_text);
snprintf(user_host, sizeof(user_host),
@ -3401,8 +3401,6 @@ blr_stop_slave(ROUTER_INSTANCE* router, ROUTER_SLAVE* slave)
static int
blr_start_slave(ROUTER_INSTANCE* router, ROUTER_SLAVE* slave)
{
int loaded;
/* if unconfigured return an error */
if (router->master_state == BLRM_UNCONFIGURED)
{
@ -3532,28 +3530,7 @@ blr_start_slave(ROUTER_INSTANCE* router, ROUTER_SLAVE* slave)
router->current_pos, router->binlog_position);
/* Try reloading new users and update cached credentials */
loaded = service_refresh_users(router->service);
if (loaded == 0)
{
for (SERV_LISTENER *port = router->service->ports; port; port = port->next)
{
char path[PATH_MAX];
sprintf(path, "%s/%s/%s/", router->binlogdir, BLR_DBUSERS_DIR, port->name);
if (mxs_mkdir_all(path, 0775))
{
strcat(path, BLR_DBUSERS_FILE);
dbusers_save(port->users, path);
}
}
}
else
{
MXS_NOTICE("Service %s: user credentials could not be refreshed. "
"Will use existing cached credentials (%s/%s) if possible.",
router->service->name, router->binlogdir, BLR_DBUSERS_DIR);
}
service_refresh_users(router->service);
return blr_slave_send_ok(router, slave);
}

1
server/modules/routing/debugcli/debugcmd.c
View File

@ -63,7 +63,6 @@
#include <maxscale/dcb.h>
#include <maxscale/poll.h>
#include <maxscale/users.h>
#include <maxscale/dbusers.h>
#include <maxscale/config.h>
#include <telnetd.h>
#include <maxscale/adminusers.h>

80
server/modules/routing/maxinfo/maxinfo.c
View File

@ -50,7 +50,6 @@
#include <maxscale/resultset.h>
#include <maxscale/secrets.h>
#include <maxscale/users.h>
#include <maxscale/dbusers.h>
MODULE_INFO info =
@ -69,7 +68,6 @@ static int maxinfo_statistics(INFO_INSTANCE *, INFO_SESSION *, GWBUF *);
static int maxinfo_ping(INFO_INSTANCE *, INFO_SESSION *, GWBUF *);
static int maxinfo_execute_query(INFO_INSTANCE *, INFO_SESSION *, char *);
static int handle_url(INFO_INSTANCE *instance, INFO_SESSION *router_session, GWBUF *queue);
static int maxinfo_add_mysql_user(SERVICE *service);
/* The router entry points */
@ -182,13 +180,6 @@ createInstance(SERVICE *service, char **options)
instances = inst;
spinlock_release(&instlock);
/*
* The following add the service user to service->users via mysql_users_alloc()
* password to be used.
*/
maxinfo_add_mysql_user(service);
return (ROUTER *)inst;
}
@ -736,74 +727,3 @@ handle_url(INFO_INSTANCE *instance, INFO_SESSION *session, GWBUF *queue)
gwbuf_free(queue);
return 1;
}
/**
* Add the service user to the service->users
* via mysql_users_alloc and add_mysql_users_with_host_ipv4
* User is added for '%' and 'localhost' hosts
*
* @param service The service for this router
* @return 0 on success, 1 on failure
*/
static int
maxinfo_add_mysql_user(SERVICE *service)
{
int rval = 1;
char *service_user = NULL;
char *service_passwd = NULL;
if (serviceGetUser(service, &service_user, &service_passwd) == 0)
{
MXS_ERROR("maxinfo: failed to get service user details");
return 1;
}
char *dpwd = decryptPassword(service->credentials.authdata);
if (!dpwd)
{
MXS_ERROR("maxinfo: decrypt password failed for service user %s", service_user);
return 1;
}
SERV_LISTENER *port = service->ports;
while (port)
{
while (port && strcmp(port->protocol, "MySQLClient"))
{
port = port->next;
}
if (port)
{
port->users = (void *)mysql_users_alloc();
char *newpasswd = create_hex_sha1_sha1_passwd(dpwd);
if (!newpasswd)
{
MXS_ERROR("maxinfo: create hex_sha1_sha1_password failed for "
"service user %s", service_user);
users_free(port->users);
break;
}
/* add service user for % and localhost */
add_mysql_users_with_host_ipv4(port->users, service->credentials.name,
"%", newpasswd, "Y", "");
add_mysql_users_with_host_ipv4(port->users, service->credentials.name,
"localhost", newpasswd, "Y", "");
rval = 0;
MXS_FREE(newpasswd);
/** Continue processing listeners in case there are multiple
* MySQLClient listeners*/
port = port->next;
}
}
MXS_FREE(dpwd);
return rval;
}