The re-authentication done in MaxScale caused multiple error packets to be
sent for the same COM_CHANGE_USER. In addition to this, the failure of
authentication did not terminate the client connection.
The change in behavior requires the test case to be changed as well.
If a connection is killed but the backend DCBs have not yet received their
thread IDs, the connections can be forcibly closed. This removes the
possibility of stale connections caused by an unfortunately timed KILL
query to a session that has partially connected to some servers.
To support a wider range of client connectors, MaxScale should respond
with an AuthSwitchRequest packet to all COM_CHANGE_USER commands. Only
MariaDB connectors understand the OK packet as the only response to a
COM_CHANGE_USER but all connectors understand the AuthSwitchRequest
packet.
The mysql_create_standard_error function accepted a packet number as a
parameter but did not use it as the actual packet number. As the value it
used happened to coincide with 50% of the use-cases, it went unnoticed.
The remaining 50% occurred when a KILL command was executed with an
unknown connection ID.
The COM_STMT_FETCH command will create a response. This was a
readwritesplit-specific interpretation of the command and it was wrong.
Also record the currently executed command event for session commands.
The current command needs to be updated before the queries are actually
routed. This allows the KILL command detection and processing to correctly
work.
With the configuration entry
dump_last_statements=[never|on_close|on_error]
you can now specify when and if to dump the last statements
of of a session.
With the configuration entry
retain_last_statements=<unsigned>
or the debug flag '--debug=retain-last-statements=<unsigned>',
MaxScale will store the specified number of last statements
for each session. By calling
session_dump_statements(session);
MaxScale will dump the last statements as NOTICE messages.
For debugging purposes.
When backend SSL connections were created, the connection creation was
done twice. This was due to the lacking detection of an already
established SSL connection.
If a DCB is closed before a response to the handshake packet is received,
the DCB's session will point to the dummy session. In this case no error
should be written to the DCB.
This is a cherry-pick of commit f53e112bf49766f1cc55516c2d7ee571461d483f
from the 2.2 branch.
The tests are now built by default. This should make it easier for users
to verify that they have a working MaxScale.
Also made the building of test_parse_kill conditional like the rest of the
tests.
By always starting the session shutdown process by stopping the client
DCB, the manipulation of the session state can be removed from the backend
protocol modules and replaced with a fake hangup event.
Delivering this event via the core allows the actual dcb_close call on the
client DCB to be done only when the client DCB is being handled by a
worker.
Directly closing the client DCB in the backend protocol modules is not
correct anymore as the state of the session doesn't change when the client
DCB is closed. By propagating the shutdown of the session with a fake
hangup to the client DCB, the closing of the DCB is done only once.
Added debug assertions that make sure all DCBs are closed only
once. Removed redundant code in the backend protocol error handling code.
If a DCB is closed before a response to the handshake packet is received,
the DCB's session will point to the dummy session. In this case no error
should be written to the DCB.
Make all modules lowercase and make module loading case
insensitive. Further, make command invocation case insensitive,
as far as the module name is conserned.
If a shallow copy of the buffer is made, any modifications that are made
to the data after it has been queued will affect the queued query of the
LocalClient.
A copy-on-write mechanism would save the relatively expensive process of
copying the data but since the LocalClient is not often used, it is not
the most critical performance problem.
The service for a dummy session will be NULL. If authentication fails for
a dummy session, then no service level actions should be taken.
Only the binlogrouter can trigger authentication failure with a dummy
session as it creates connections before the service itself has started.
The readqueue should never be explicitly assigned and should only ever be
appended to. This guarantees that the packets are read and processed in
the correct order.
Also removed an unused function that deals with the readqueue
manipulation.
When packets were routed individually, the qualification for the
persistent pool was done before the current command was updated. In
addition to this, the previous commit doesn't seem like it can even build.
The statement tracking was given the same buffer multiple times when a
large packet was spread across multiple buffers when a router with
RCAP_TYPE_STMT_INPUT was present.
The command tracking packet processing is redundant for routers that
require RCAP_TYPE_STMT as the same processing is done later when the
buffer is split into packets and routed. By using the split packets, the
protocol module can simplify the command tracking by a great deal for most
routers.
When backend authentication failed due to errors other than wrong
credentials, the users were unconditionally reloaded. This caused a spike
of activity whenever authentication failed for other reasons.
Also fixed the test that checks for this to look for the correct error
message.
The internal header directory conflicted with in-source builds causing a
build failure. This is fixed by renaming the internal header directory to
something other than maxscale.
The renaming pointed out a few problems in a couple of source files that
appeared to include internal headers when the headers were in fact public
headers.
Fixed maxctrl in-source builds by making the copying of the sources
optional.
Sending an error to the client allows the connector to show more
information to the user when the DCB is closed due to a reason internal to
MaxScale.
The error message states that the connection was killed by MaxScale to
distinct it from the error sent by the server. The error number and SQL
state are still the same as both errors should be treated the same way.
This builds on commit 1287b0e595a5f99026f66df7eeaef091b8ffc774 and cleans
up the original code. This fixes a bug introduced in the aforementioned
commit and cleans up the code.
The authentication code assumed that the initial request only had
authentication related data. This is not true if the client library
predicts that the authentication will succeed and it sends a query right
after it sends the authentication data.
The authentication phase expects full packets. If the packets aren't
complete a debug assertion would get hit. To detect this, the result of
the extracted buffer needs to be checked.
