hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch '2.1' into develop

Browse Source
This commit is contained in:
Markus Mäkelä
2017-03-14 10:45:25 +02:00
parent 7b3c287ac3 fbcd25342c
commit 8c7618035b
7 changed files with 86 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
server/modules/protocol/MySQL/MySQLBackend/mysql_backend.c
View File

@ -1355,7 +1355,7 @@ static int gw_change_user(DCB *backend,
message = create_auth_fail_str(username,
backend->session->client_dcb->remote,
password_set,
"",
false,
auth_ret);
if (message == NULL)
{

68
server/modules/protocol/MySQL/MySQLClient/mysql_client.c
View File

@ -83,7 +83,6 @@ static void mysql_client_auth_error_handling(DCB *dcb, int auth_val, int packet_
static int gw_read_do_authentication(DCB *dcb, GWBUF *read_buffer, int nbytes_read);
static int gw_read_normal_data(DCB *dcb, GWBUF *read_buffer, int nbytes_read);
static int gw_read_finish_processing(DCB *dcb, GWBUF *read_buffer, uint64_t capabilities);
extern char* create_auth_fail_str(char *username, char *hostaddr, char *sha1, char *db, int);
static bool ensure_complete_packet(DCB *dcb, GWBUF **read_buffer, int nbytes_read);
static void gw_process_one_new_client(DCB *client_dcb);
@ -1047,86 +1046,67 @@ mysql_client_auth_error_handling(DCB *dcb, int auth_val, int packet_number)
{
int message_len;
char *fail_str = NULL;
MYSQL_session *session = (MYSQL_session*)dcb->data;
switch (auth_val)
{
case MXS_AUTH_NO_SESSION:
MXS_DEBUG("%lu [gw_read_client_event] session "
"creation failed. fd %d, "
"state = MYSQL_AUTH_NO_SESSION.",
pthread_self(),
dcb->fd);
MXS_DEBUG("%lu [gw_read_client_event] session creation failed. fd %d, "
"state = MYSQL_AUTH_NO_SESSION.", pthread_self(), dcb->fd);
/** Send ERR 1045 to client */
mysql_send_auth_error(dcb,
packet_number,
0,
"failed to create new session");
mysql_send_auth_error(dcb, packet_number, 0, "failed to create new session");
break;
case MXS_AUTH_FAILED_DB:
MXS_DEBUG("%lu [gw_read_client_event] database "
"specified was not valid. fd %d, "
"state = MYSQL_FAILED_AUTH_DB.",
pthread_self(),
dcb->fd);
MXS_DEBUG("%lu [gw_read_client_event] database specified was not valid. fd %d, "
"state = MYSQL_FAILED_AUTH_DB.", pthread_self(), dcb->fd);
/** Send error 1049 to client */
message_len = 25 + MYSQL_DATABASE_MAXLEN;
fail_str = MXS_CALLOC(1, message_len + 1);
MXS_ABORT_IF_NULL(fail_str);
snprintf(fail_str, message_len, "Unknown database '%s'",
(char*)((MYSQL_session *)dcb->data)->db);
snprintf(fail_str, message_len, "Unknown database '%s'", session->db);
modutil_send_mysql_err_packet(dcb, packet_number, 0, 1049, "42000", fail_str);
break;
case MXS_AUTH_FAILED_SSL:
MXS_DEBUG("%lu [gw_read_client_event] client is "
"not SSL capable for SSL listener. fd %d, "
"state = MYSQL_FAILED_AUTH_SSL.",
pthread_self(),
dcb->fd);
"state = MYSQL_FAILED_AUTH_SSL.", pthread_self(), dcb->fd);
/** Send ERR 1045 to client */
mysql_send_auth_error(dcb,
packet_number,
0,
"Access without SSL denied");
mysql_send_auth_error(dcb, packet_number, 0, "Access without SSL denied");
break;
case MXS_AUTH_SSL_INCOMPLETE:
MXS_DEBUG("%lu [gw_read_client_event] unable to "
"complete SSL authentication. fd %d, "
"state = MYSQL_AUTH_SSL_INCOMPLETE.",
pthread_self(),
dcb->fd);
"state = MYSQL_AUTH_SSL_INCOMPLETE.", pthread_self(), dcb->fd);
/** Send ERR 1045 to client */
mysql_send_auth_error(dcb,
packet_number,
0,
mysql_send_auth_error(dcb, packet_number, 0,
"failed to complete SSL authentication");
break;
case MXS_AUTH_FAILED:
MXS_DEBUG("%lu [gw_read_client_event] authentication failed. fd %d, "
"state = MYSQL_FAILED_AUTH.",
pthread_self(),
dcb->fd);
"state = MYSQL_FAILED_AUTH.", pthread_self(), dcb->fd);
/** Send error 1045 to client */
fail_str = create_auth_fail_str((char *)((MYSQL_session *)dcb->data)->user,
dcb->remote,
(char*)((MYSQL_session *)dcb->data)->client_sha1,
(char*)((MYSQL_session *)dcb->data)->db, auth_val);
fail_str = create_auth_fail_str(session->user, dcb->remote,
session->auth_token_len > 0,
session->db, auth_val);
modutil_send_mysql_err_packet(dcb, packet_number, 0, 1045, "28000", fail_str);
break;
default:
MXS_DEBUG("%lu [gw_read_client_event] authentication failed. fd %d, "
"state unrecognized.",
pthread_self(),
dcb->fd);
"state unrecognized.", pthread_self(), dcb->fd);
/** Send error 1045 to client */
fail_str = create_auth_fail_str((char *)((MYSQL_session *)dcb->data)->user,
dcb->remote,
(char*)((MYSQL_session *)dcb->data)->client_sha1,
(char*)((MYSQL_session *)dcb->data)->db, auth_val);
fail_str = create_auth_fail_str(session->user, dcb->remote,
session->auth_token_len > 0,
session->db, auth_val);
modutil_send_mysql_err_packet(dcb, packet_number, 0, 1045, "28000", fail_str);
}
MXS_FREE(fail_str);

15
server/modules/protocol/MySQL/mysql_common.c
View File

@ -925,16 +925,17 @@ char* create_auth_failed_msg(GWBUF*readbuf,
/**
* Create a message error string to send via MySQL ERR packet.
*
* @param username the MySQL user
* @param hostaddr the client IP
* @param sha1 authentication scramble data
* @param db the MySQL db to connect to
* @param username The MySQL user
* @param hostaddr The client IP
* @param password If client provided a password
* @param db The default database the client requested
* @param errcode Authentication error code
*
* @return Pointer to the allocated string or NULL on failure
*/
char *create_auth_fail_str(char *username,
char *hostaddr,
char *sha1,
bool password,
char *db,
int errcode)
{
@ -974,7 +975,7 @@ char *create_auth_fail_str(char *username,
if (db_len > 0)
{
sprintf(errstr, ferrstr, username, hostaddr, (*sha1 == '\0' ? "NO" : "YES"), db);
sprintf(errstr, ferrstr, username, hostaddr, password ? "YES": "NO", db);
}
else if (errcode == MXS_AUTH_FAILED_SSL)
{
@ -982,7 +983,7 @@ char *create_auth_fail_str(char *username,
}
else
{
sprintf(errstr, ferrstr, username, hostaddr, (*sha1 == '\0' ? "NO" : "YES"));
sprintf(errstr, ferrstr, username, hostaddr, password ? "YES" : "NO");
}
retblock: