From 5d96faedd88a12ea1ed8c7ae024aa95755940ff6 Mon Sep 17 00:00:00 2001 From: Markus Makela Date: Fri, 7 Oct 2016 07:40:11 +0300 Subject: [PATCH] MXS-862: Move sending of OK packet to mysql_client Moving the sending of the final OK packet of the authentication process to the client protocol plugin makes the authentication plugins simpler. By reading the client's sequence and incrementing that by one, the client protocol module will always send the correct sequence byte in the final OK packet. --- server/modules/authenticator/gssapi_auth.c | 3 +-- server/modules/authenticator/mysql_auth.c | 1 - server/modules/include/mysql_client_server_protocol.h | 4 ++++ server/modules/protocol/MySQL/MySQLClient/mysql_client.c | 6 ++++++ 4 files changed, 11 insertions(+), 3 deletions(-) diff --git a/server/modules/authenticator/gssapi_auth.c b/server/modules/authenticator/gssapi_auth.c index 6c165f683..27d574950 100644 --- a/server/modules/authenticator/gssapi_auth.c +++ b/server/modules/authenticator/gssapi_auth.c @@ -281,8 +281,7 @@ int gssapi_auth_authenticate(DCB *dcb) MYSQL_session *ses = (MYSQL_session*)dcb->data; - if (validate_gssapi_token(ses->auth_token, ses->auth_token_len) && - mxs_mysql_send_ok(dcb, 4, 0, NULL)) + if (validate_gssapi_token(ses->auth_token, ses->auth_token_len)) { rval = MXS_AUTH_SUCCEEDED; } diff --git a/server/modules/authenticator/mysql_auth.c b/server/modules/authenticator/mysql_auth.c index 838e64346..a84e20467 100644 --- a/server/modules/authenticator/mysql_auth.c +++ b/server/modules/authenticator/mysql_auth.c @@ -193,7 +193,6 @@ mysql_auth_authenticate(DCB *dcb) { dcb->user = MXS_STRDUP_A(client_data->user); /** Send an OK packet to the client */ - mxs_mysql_send_ok(dcb, ssl_required_by_dcb(dcb) ? 3 : 2, 0, NULL); } else if (dcb->service->log_auth_warnings) { diff --git a/server/modules/include/mysql_client_server_protocol.h b/server/modules/include/mysql_client_server_protocol.h index b50a3fac4..2ef9ad71d 100644 --- a/server/modules/include/mysql_client_server_protocol.h +++ b/server/modules/include/mysql_client_server_protocol.h @@ -70,6 +70,10 @@ #define MYSQL_HEADER_LEN 4L #define MYSQL_CHECKSUM_LEN 4L +/** Offsets to various parts of the client packet */ +#define MYSQL_SEQ_OFFSET 3 +#define MYSQL_COM_OFFSET 4 + #define GW_MYSQL_PROTOCOL_VERSION 10 // version is 10 #define GW_MYSQL_HANDSHAKE_FILLER 0x00 #define GW_MYSQL_SERVER_CAPABILITIES_BYTE1 0xff diff --git a/server/modules/protocol/MySQL/MySQLClient/mysql_client.c b/server/modules/protocol/MySQL/MySQLClient/mysql_client.c index 2ac029271..d61c1c05d 100644 --- a/server/modules/protocol/MySQL/MySQLClient/mysql_client.c +++ b/server/modules/protocol/MySQL/MySQLClient/mysql_client.c @@ -486,6 +486,11 @@ gw_read_do_authentication(DCB *dcb, GWBUF *read_buffer, int nbytes_read) return 1; } + /** Read the client's packet sequence and increment that by one */ + uint8_t next_sequence; + gwbuf_copy_data(read_buffer, MYSQL_SEQ_OFFSET, 1, &next_sequence); + next_sequence++; + /** * The first step in the authentication process is to extract the * relevant information from the buffer supplied and place it @@ -542,6 +547,7 @@ gw_read_do_authentication(DCB *dcb, GWBUF *read_buffer, int nbytes_read) ss_dassert(session->state != SESSION_STATE_ALLOC && session->state != SESSION_STATE_DUMMY); protocol->protocol_auth_state = MXS_AUTH_STATE_COMPLETE; + mxs_mysql_send_ok(dcb, next_sequence, 0, NULL); } else {