From 67fee60f801f556e47a434c476b407914e92c0cb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Markus=20M=C3=A4kel=C3=A4?= Date: Fri, 28 Feb 2020 15:36:43 +0200 Subject: [PATCH] Fix Auth Error server status The mon_ping_or_connect_to_db resets the MYSQL handle which caused the loss of the error message. Returning a new enumeration value for authentication errors solves this problem. --- include/maxscale/monitor.h | 3 ++- server/core/monitor.cc | 27 ++++++++++--------- .../modules/monitor/mariadbmon/mariadbmon.cc | 4 +-- 3 files changed, 18 insertions(+), 16 deletions(-) diff --git a/include/maxscale/monitor.h b/include/maxscale/monitor.h index 3795e34a2..0a70391ca 100644 --- a/include/maxscale/monitor.h +++ b/include/maxscale/monitor.h @@ -179,7 +179,8 @@ typedef enum MONITOR_CONN_NEWCONN_OK, /* No existing connection or no ping reply. New connection created * successfully. */ MONITOR_CONN_REFUSED, /* No existing connection or no ping reply. Server refused new connection. */ - MONITOR_CONN_TIMEOUT /* No existing connection or no ping reply. Timeout on new connection. */ + MONITOR_CONN_TIMEOUT, /* No existing connection or no ping reply. Timeout on new connection. */ + MONITOR_CONN_ACCESS_DENIED /* Server refused new connection due to authentication failure */ } mxs_connect_result_t; /** Monitor events */ diff --git a/server/core/monitor.cc b/server/core/monitor.cc index 225072f5c..bf8b2aaa7 100644 --- a/server/core/monitor.cc +++ b/server/core/monitor.cc @@ -772,25 +772,20 @@ bool check_monitor_permissions(MXS_MONITOR* monitor, const char* query) for (MXS_MONITORED_SERVER* mondb = monitor->monitored_servers; mondb; mondb = mondb->next) { - if (!mon_connection_is_ok(mon_ping_or_connect_to_db(monitor, mondb))) + auto result = mon_ping_or_connect_to_db(monitor, mondb); + + if (!mon_connection_is_ok(result)) { MXS_ERROR("[%s] Failed to connect to server '%s' ([%s]:%d) when" - " checking monitor user credentials and permissions: %s", + " checking monitor user credentials and permissions.", monitor->name, mondb->server->name, mondb->server->address, - mondb->server->port, - mysql_error(mondb->con)); - switch (mysql_errno(mondb->con)) - { - case ER_ACCESS_DENIED_ERROR: - case ER_DBACCESS_DENIED_ERROR: - case ER_ACCESS_DENIED_NO_PASSWORD_ERROR: - break; + mondb->server->port); - default: + if (result != MONITOR_CONN_ACCESS_DENIED) + { rval = true; - break; } } else if (mxs_mysql_query(mondb->con, query) != 0) @@ -1499,7 +1494,13 @@ mxs_connect_result_t mon_ping_or_connect_to_db(MXS_MONITOR* mon, MXS_MONITORED_S } else { + auto err = mysql_errno(mysql); mysql_close(mysql); + + if (err == ER_ACCESS_DENIED_ERROR || err == ER_ACCESS_DENIED_NO_PASSWORD_ERROR) + { + conn_result = MONITOR_CONN_ACCESS_DENIED; + } } if (conn_result == MONITOR_CONN_REFUSED && (int)difftime(end, start) >= mon->connect_timeout) @@ -2844,7 +2845,7 @@ void MonitorInstanceSimple::tick() */ monitor_clear_pending_status(pMs, SERVER_DOWN_CLEAR_BITS); - if (mysql_errno(pMs->con) == ER_ACCESS_DENIED_ERROR) + if (rval == MONITOR_CONN_ACCESS_DENIED) { monitor_set_pending_status(pMs, SERVER_AUTH_ERROR); } diff --git a/server/modules/monitor/mariadbmon/mariadbmon.cc b/server/modules/monitor/mariadbmon/mariadbmon.cc index 0f00cece6..0dad79a2f 100644 --- a/server/modules/monitor/mariadbmon/mariadbmon.cc +++ b/server/modules/monitor/mariadbmon/mariadbmon.cc @@ -382,8 +382,8 @@ void MariaDBMonitor::update_server(MariaDBServer* server) // The server is not running. Clear some of the bits. User-set bits and some long-term bits // can stay. server->clear_status(SERVER_DOWN_CLEAR_BITS); - auto conn_errno = mysql_errno(conn); - if (conn_errno == ER_ACCESS_DENIED_ERROR || conn_errno == ER_ACCESS_DENIED_NO_PASSWORD_ERROR) + + if (conn_status == MONITOR_CONN_ACCESS_DENIED) { server->set_status(SERVER_AUTH_ERROR); }