hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added an option for optimization of wildcard grants to individual grants. The default behavior now checks first for specific grants to a database the wildcard grants.

Browse Source
This commit is contained in:
Markus Makela
2015-04-15 06:51:52 +03:00
parent 786f34cf49
commit d16e4fe134
5 changed files with 62 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
server/core/config.c
View File

@ -309,6 +309,7 @@ int error_count = 0;
char *enable_root_user;
char *connection_timeout;
char *auth_all_servers;
char *optimize_wildcard;
char *strip_db_esc;
char *weightby;
char *version_string;
@ -330,6 +331,11 @@ int error_count = 0;
obj->parameters,
"connection_timeout");
optimize_wildcard =
config_get_value(
obj->parameters,
"optimize_wildcard");
auth_all_servers =
config_get_value(
obj->parameters,
@ -407,6 +413,10 @@ int error_count = 0;
serviceAuthAllServers(obj->element,
config_truth_value(auth_all_servers));
if(optimize_wildcard)
serviceOptimizeWildcard(obj->element,
config_truth_value(optimize_wildcard));
if(strip_db_esc)
serviceStripDbEsc(obj->element,
config_truth_value(strip_db_esc));
@ -1426,6 +1436,7 @@ SERVER *server;
char *connection_timeout;
char* auth_all_servers;
char* optimize_wildcard;
char* strip_db_esc;
char* max_slave_conn_str;
char* max_slave_rlag_str;
@ -1441,6 +1452,7 @@ SERVER *server;
"passwd");
auth_all_servers = config_get_value(obj->parameters, "auth_all_servers");
optimize_wildcard = config_get_value(obj->parameters, "optimize_wildcard");
strip_db_esc = config_get_value(obj->parameters, "strip_db_esc");
version_string = config_get_value(obj->parameters, "version_string");
allow_localhost_match_wildcard_host = config_get_value(obj->parameters, "localhost_match_wildcard_host");
@ -1464,9 +1476,11 @@ SERVER *server;
if(auth_all_servers)
serviceAuthAllServers(service, atoi(auth_all_servers));
serviceAuthAllServers(service, config_truth_value(auth_all_servers));
if(optimize_wildcard)
serviceOptimizeWildcard(service, config_truth_value(optimize_wildcard));
if(strip_db_esc)
serviceStripDbEsc(service, atoi(strip_db_esc));
serviceStripDbEsc(service, config_truth_value(strip_db_esc));
if (allow_localhost_match_wildcard_host)
serviceEnableLocalhostMatchWildcardHost(
@ -1575,6 +1589,7 @@ SERVER *server;
char *connection_timeout;
char *allow_localhost_match_wildcard_host;
char *auth_all_servers;
char *optimize_wildcard;
char *strip_db_esc;
enable_root_user =
@ -1587,6 +1602,9 @@ SERVER *server;
auth_all_servers =
config_get_value(obj->parameters,
"auth_all_servers");
optimize_wildcard =
config_get_value(obj->parameters,
"optimize_wildcard");
strip_db_esc =
config_get_value(obj->parameters,
"strip_db_esc");
@ -1837,6 +1855,7 @@ static char *service_params[] =
"enable_root_user",
"connection_timeout",
"auth_all_servers",
"optimize_wildcard",
"strip_db_esc",
"localhost_match_wildcard_host",
"max_slave_connections",

4
server/core/dbusers.c
View File

@ -970,7 +970,7 @@ getAllUsers(SERVICE *service, USERS *users)
}
}
if(havedb && wildcard_db_grant(dbnm))
if(service->optimize_wildcard && havedb && wildcard_db_grant(dbnm))
{
rc = add_wildcard_users(users, row[0], row[1], password, row[4], dbnm, service->resources);
skygw_log_write(LOGFILE_DEBUG|LOGFILE_TRACE,"%s: Converted '%s' to %d individual database grants.",service->name,dbnm,rc);
@ -1454,7 +1454,7 @@ getUsers(SERVICE *service, USERS *users)
if (db_grants) {
/* we have dbgrants, store them */
if(wildcard_db_grant(row[5]))
if(service->optimize_wildcard && wildcard_db_grant(row[5]))
{
rc = add_wildcard_users(users, row[0], row[1], password, row[4], row[5], service->resources);
skygw_log_write(LOGFILE_DEBUG|LOGFILE_TRACE,"%s: Converted '%s' to %d individual database grants.",service->name,row[5],rc);

24
server/core/service.c
View File

@ -823,7 +823,7 @@ serviceEnableRootUser(SERVICE *service, int action)
* Enable/Disable loading the user data from only one server or all of them
*
* @param service The service we are setting the data for
* @param action 1 for root enable, 0 for disable access
* @param action 1 for all servers, 0 for single server
* @return 0 on failure
*/
@ -838,6 +838,28 @@ serviceAuthAllServers(SERVICE *service, int action)
return 1;
}
/**
* Enable/Disable optimization of wildcard database grats
*
* @param service The service we are setting the data for
* @param action 1 for optimized, 0 for normal grants
* @return 0 on failure
*/
int
serviceOptimizeWildcard(SERVICE *service, int action)
{
if (action != 0 && action != 1)
return 0;
service->optimize_wildcard = action;
if(action)
{
LOGIF(LM,(skygw_log_write(LOGFILE_MESSAGE,"[%s] Optimizing wildcard database grants.",service->name)));
}
return 1;
}
/**
* Whether to strip escape characters from the name of the database the client
* is connecting to.

2
server/include/service.h
View File

@ -141,6 +141,7 @@ typedef struct service {
bool strip_db_esc; /*< Remove the '\' characters from database names
* when querying them from the server. MySQL Workbench seems
* to escape at least the underscore character. */
bool optimize_wildcard; /*< Convert wildcard grants to individual database grants */
SPINLOCK
users_table_spin; /**< The spinlock for users data refresh */
SERVICE_REFRESH_RATE
@ -184,6 +185,7 @@ extern char *serviceGetWeightingParameter(SERVICE *);
extern int serviceEnableLocalhostMatchWildcardHost(SERVICE *, int);
int serviceStripDbEsc(SERVICE* service, int action);
int serviceAuthAllServers(SERVICE *service, int action);
int serviceOptimizeWildcard(SERVICE *service, int action);
extern void service_update(SERVICE *, char *, char *, char *);
extern int service_refresh_users(SERVICE *);
extern void printService(SERVICE *);

12
server/modules/protocol/mysql_common.c
View File

@ -1525,6 +1525,18 @@ int gw_find_mysql_user_password_sha1(char *username, uint8_t *gateway_password,
user_password = mysql_users_fetch(service->users, &key);
if (user_password)
{
break;
}
/** See if ANYDB == Y */
if(key.resource)
{
key.resource = NULL;
continue;
}
if (!user_password) {
/*
* user@% not found.