hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

MXS-1762: Compare client IP when choosing a connection

Browse Source 
When the connection pool is inspected, both the client username and IP
must match. This causes the pool to be partitioned by username and IP,
prevening unintentional sharing of connections between different users.
This commit is contained in:
Markus Mäkelä
2018-04-08 20:34:41 +03:00
parent d07d9d59df
commit cddf132d23
3 changed files with 19 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
server/core/dcb.c
View File

@ -617,7 +617,8 @@ dcb_connect(SERVER *server, MXS_SESSION *session, const char *protocol)
{
MXS_DEBUG("%lu [dcb_connect] Looking for persistent connection DCB "
"user %s protocol %s\n", pthread_self(), user, protocol);
dcb = server_get_persistent(server, user, protocol, session->client_dcb->thread.id);
dcb = server_get_persistent(server, user, session->client_dcb->remote,
protocol, session->client_dcb->thread.id);
if (dcb)
{
/**
@ -664,6 +665,11 @@ dcb_connect(SERVER *server, MXS_SESSION *session, const char *protocol)
memcpy(&(dcb->func), funcs, sizeof(MXS_PROTOCOL));
dcb->protoname = MXS_STRDUP_A(protocol);
if (session->client_dcb->remote)
{
dcb->remote = MXS_STRDUP_A(session->client_dcb->remote);
}
const char *authenticator = server->authenticator ?
server->authenticator : dcb->func.auth_default ?
dcb->func.auth_default() : "NullAuthDeny";