Redesign logic of SSL connections to work with status in client DCB instead of in the protocol. This eases the way to moving SSL logic out of a specific protocol (currently MySQL) so as to be available across any protocol. Also, some simplification.

2016-02-03 08:54:55 +00:00
parent 05fa498dc0
commit 971d1d5de2
4 changed files with 106 additions and 233 deletions
--- a/server/modules/include/mysql_client_server_protocol.h
+++ b/server/modules/include/mysql_client_server_protocol.h
@ -96,13 +96,19 @@ struct dcb;
 #define MYSQL_FAILED_AUTH_SSL 3

 typedef enum {
-        MYSQL_ALLOC,
+        MYSQL_ALLOC,                        /* Initial state of protocol auth state */
+        /* The following are used only for backend connections */
        MYSQL_PENDING_CONNECT,
        MYSQL_CONNECTED,
+        /* The following can be used for either client or backend */
+        /* The comments have only been checked for client use at present */
        MYSQL_AUTH_SENT,
-        MYSQL_AUTH_RECV,
-        MYSQL_AUTH_FAILED,
+        MYSQL_AUTH_RECV,                    /* This is only ever a transient value */
+        MYSQL_AUTH_FAILED,                  /* Once this is set, the connection */
+                                            /* will be ended, so this is transient */
+        /* The following is used only for backend connections */
        MYSQL_HANDSHAKE_FAILED,
+        /* The following are obsolete and will be removed */
        MYSQL_AUTH_SSL_REQ, /*< client requested SSL but SSL_accept hasn't beed called */
        MYSQL_AUTH_SSL_HANDSHAKE_DONE, /*< SSL handshake has been fully completed */
        MYSQL_AUTH_SSL_HANDSHAKE_FAILED, /*< SSL handshake failed for any reason */
@ -232,38 +238,38 @@ typedef enum mysql_server_cmd {
        MYSQL_COM_INIT_DB,
        MYSQL_COM_QUERY,
        MYSQL_COM_FIELD_LIST,
-        MYSQL_COM_CREATE_DB, 
+        MYSQL_COM_CREATE_DB,
        MYSQL_COM_DROP_DB,
-        MYSQL_COM_REFRESH, 
-        MYSQL_COM_SHUTDOWN, 
+        MYSQL_COM_REFRESH,
+        MYSQL_COM_SHUTDOWN,
        MYSQL_COM_STATISTICS,
-        MYSQL_COM_PROCESS_INFO, 
-        MYSQL_COM_CONNECT, 
-        MYSQL_COM_PROCESS_KILL, 
-        MYSQL_COM_DEBUG, 
+        MYSQL_COM_PROCESS_INFO,
+        MYSQL_COM_CONNECT,
+        MYSQL_COM_PROCESS_KILL,
+        MYSQL_COM_DEBUG,
        MYSQL_COM_PING,
-        MYSQL_COM_TIME, 
-        MYSQL_COM_DELAYED_INSERT, 
-        MYSQL_COM_CHANGE_USER, 
+        MYSQL_COM_TIME,
+        MYSQL_COM_DELAYED_INSERT,
+        MYSQL_COM_CHANGE_USER,
        MYSQL_COM_BINLOG_DUMP,
-        MYSQL_COM_TABLE_DUMP, 
-        MYSQL_COM_CONNECT_OUT, 
+        MYSQL_COM_TABLE_DUMP,
+        MYSQL_COM_CONNECT_OUT,
        MYSQL_COM_REGISTER_SLAVE,
-        MYSQL_COM_STMT_PREPARE, 
-        MYSQL_COM_STMT_EXECUTE, 
-        MYSQL_COM_STMT_SEND_LONG_DATA, 
+        MYSQL_COM_STMT_PREPARE,
+        MYSQL_COM_STMT_EXECUTE,
+        MYSQL_COM_STMT_SEND_LONG_DATA,
        MYSQL_COM_STMT_CLOSE,
-        MYSQL_COM_STMT_RESET, 
-        MYSQL_COM_SET_OPTION, 
-        MYSQL_COM_STMT_FETCH, 
+        MYSQL_COM_STMT_RESET,
+        MYSQL_COM_SET_OPTION,
+        MYSQL_COM_STMT_FETCH,
        MYSQL_COM_DAEMON,
        MYSQL_COM_END /*< Must be the last */
 } mysql_server_cmd_t;


-/** 
+/**
 * List of server commands, and number of response packets are stored here.
- * server_command_t is used in MySQLProtocol structure, so for each DCB there is 
+ * server_command_t is used in MySQLProtocol structure, so for each DCB there is
 * one MySQLProtocol and one server command list.
 */
 typedef struct server_command_st {
@ -275,8 +281,8 @@ typedef struct server_command_st {

 /**
 * MySQL Protocol specific state data.
- * 
- * Protocol carries information from client side to backend side, such as 
+ *
+ * Protocol carries information from client side to backend side, such as
 * MySQL session command information and history of earlier session commands.
 */
 typedef struct {
@ -286,7 +292,7 @@ typedef struct {
        int                 fd;                           /*< The socket descriptor */
        struct dcb          *owner_dcb;                   /*< The DCB of the socket
        * we are running on */
-        SPINLOCK            protocol_lock;              
+        SPINLOCK            protocol_lock;
        server_command_t    protocol_command;             /*< session command list */
        server_command_t*   protocol_cmd_history;         /*< session command history */
        mysql_auth_state_t  protocol_auth_state;          /*< Authentication status */
@ -346,7 +352,7 @@ int mysql_send_custom_error (
        const char* mysql_message);

 GWBUF* mysql_create_custom_error(
-        int packet_number, 
+        int packet_number,
        int affected_rows,
        const char* msg);

@ -411,9 +417,9 @@ void protocol_archive_srv_command(MySQLProtocol* p);


 void init_response_status (
-        GWBUF* buf, 
-        mysql_server_cmd_t cmd, 
-        int* npackets, 
+        GWBUF* buf,
+        mysql_server_cmd_t cmd,
+        int* npackets,
        ssize_t* nbytes);

 #endif /** _MYSQL_PROTOCOL_H */