8a4b58d52c
MXS-2483: Move SSL configuration into SSLConfig
...
This way the configuration information can be accessed without the
SSLContext.
2019-05-24 15:33:17 +03:00
075ad1cfb3
Fix JSON representation of Listener parameters
...
The parameters were still hard-coded and not generated from the actual
parameters.
2019-05-24 15:33:17 +03:00
47ebcdcc02
Sort server relationships
...
As server relationships are unordered, sorting them guarantees a certain
order. This fixes the MaxCtrl cluster diff test failure.
Also formatted monitor.cc sources: the indentation seems to be off.
2019-05-24 15:33:17 +03:00
bed28db3fd
Merge branch '2.3' into develop
2019-05-24 13:55:47 +03:00
eda547c86f
MXS-1851: Add hard-coded protocol module check
...
This way a hard to track crash is avoided and the user knows how to fix
it.
2019-05-24 13:55:43 +03:00
a1697e2aa6
MXS-2479 PAMBackendAuth is more tolerant of extra messages.
...
The authenticator can now receive additional questions from the server even
after the original password-query.
2019-05-24 11:31:55 +03:00
4e2d350838
MXS-2483: Return std::unique_ptr from SSLContext::create
...
Smart pointers are far nicer than raw pointers.
2019-05-24 10:05:43 +03:00
5b55864b06
MXS-2483: Store listener SSLContext in unique_ptr
...
Also removed some unnecessary checks for session->listener: The Session
constructor takes the listener as an argument.
2019-05-24 10:05:43 +03:00
bc500d2565
MXS-2483: Store server SSLContext in unique_ptr
2019-05-24 10:05:42 +03:00
9c6ec5e6c9
MXS-2483: Re-configuring SSL for servers is an error
...
Since listeners cannot be reconfigured, we can accept this limitation and
impose it on the servers as well. This keeps the behavior consistent and
removes the need to resolve the deletion issue (for the time being).
2019-05-24 10:05:42 +03:00
3b8e28392e
MXS-2483: Make server SSL private
...
The old server_ssl member is now renamed and private. The ssl_context and
set_ssl_context methods provide access to it.
2019-05-24 10:05:42 +03:00
f79e8b108c
Log end of bug601 verbosely
...
The test appears to fail to connect to MaxScale due to unavailability of
connections. Theoretically, the improvement in accept speed due to
SO_REUSEPORT additions could explain the faster exhaustion of available
sockets.
2019-05-24 10:05:16 +03:00
e72abe3643
Fix object names in mxs2450_change_user_crash
2019-05-24 10:05:16 +03:00
9d80b42dc6
Fix mxs2300_history_pruning config
...
Names with whitespace are no longer supported.
2019-05-24 10:05:16 +03:00
c57764a84f
Fix no_password
...
The test used freed memory.
2019-05-24 10:05:16 +03:00
7eff7f8e9e
Remove unused function in mysql_common.cc
2019-05-24 10:05:15 +03:00
397fc97d07
Only count actual failures as auth failures
...
If the authentication process fails due to an inability to start a
session, it should not be counted towards the number of failed
authentication attempts.
2019-05-24 10:05:15 +03:00
add488366b
Log message on when a host is blocked
...
To make it easier to detect when a host was blocked due to too many
authentication failures, a log message is now logged.
2019-05-24 10:05:15 +03:00
cb1e7b14b4
Remove debugcli from test configurations
...
The module has been removed in 2.4.
2019-05-24 10:05:15 +03:00
bd8aa64547
MXS-2479 Accept additional messages in PAM authenticator
...
Plugins may send additional messages during authentication. These messages
often contain notifications such as password expiration dates. Both the client
and backend side authenticators now handle such messages. The messages are not
sent to the user, only the log. The requirement that only "Password: " is queried
still stands.
2019-05-23 14:14:25 +03:00
e0c5791a6e
Merge branch 'develop' of github.com:mariadb-corporation/MaxScale into develop
2019-05-23 11:29:32 +03:00
f8688a7285
Merge branch '2.3' into develop
2019-05-22 15:57:46 +03:00
64935573b2
Add virtual functions check_replication() and start_replication() for Clustrix
...
Implementations of check_replication() and start_replication() for Clustrix allows to use fix_replication()
also for Clustrix nodes without checking it.
Also several attempts to check nodes after restart are added - to wait for nodes if they are not running
right after server daemon restart
2019-05-22 15:39:25 +03:00
b6b0a69440
Fix parameter option overlap
...
All duration parameters behaved as if they were deprecated due to the bits
overlapping.
2019-05-22 12:25:06 +03:00
17fa1ce616
Fix galeramon regression
...
The comparisons were done wrong: strcasecmp returns 0 for equal strings.
2019-05-22 10:02:48 +03:00
85a0cdf46c
Fix runtime listener creation
...
The "default" special keywords weren't removed.
2019-05-22 10:02:48 +03:00
e545e2ac5c
Merge branch '2.3' into develop
2019-05-22 10:02:27 +03:00
8317fec745
MXS-2496: Check for ALL PRIVILEGES grant
...
If a user has ALL PRIVILEGES as a global privilege, it overshadows the
SHOW DATABASES grant.
2019-05-22 09:56:35 +03:00
365efb9d3a
Ignore SIGHUP termination in ssh_node
...
Sometimes the command appears to complete and terminate with a SIGHUP
instead of the proper return value.
2019-05-22 09:56:35 +03:00
af92fef510
MXS-2477 Update schemarouter documentation
2019-05-21 13:57:32 +03:00
7893c120a9
MXS-2477 Change schemarouter ignore_databases parameters to ignore_tables
...
With the table level sharding parameter is used to ignore tables not
databases.
2019-05-21 13:48:17 +03:00
b294acf276
MXS-2496: Fix SHOW DATABASES grant check
...
The code expected that the grant was given to the actual user, not a role.
2019-05-21 13:43:51 +03:00
b04415d8da
Fix use of gwbuf_length in mxs::Buffer
...
Backend should use empty() instead of length() to see if the buffer is
empty. The length of a buffer should always be valid to call, even on
empty buffers.
2019-05-21 13:15:20 +03:00
0c19d1ea03
Fix debug assertion in mysql_backend
...
The backend read function used a NULL GWBUF with gwbuf_length.
2019-05-21 13:15:20 +03:00
c4fff21909
Fix gwbuf_apped assertion on writeq drain
...
The DCB writeq would be the tail pointer and it would be NULL.
2019-05-21 13:15:20 +03:00
6667dbed18
Add missing HEAVY label to big tests
2019-05-21 13:15:20 +03:00
d0153f6ce3
clustrixmonitor: Add missing include
2019-05-21 12:50:10 +03:00
0af1f6e690
Merge branch '2.3' into develop
2019-05-21 11:18:40 +03:00
cf46004bd8
Make the servers-array in Monitor private
...
This prevents derived classes from modifying the array directly,
which would be unsafe.
2019-05-21 10:58:24 +03:00
6317a86c69
MXS-2495 No nulls for GWBUF_IS_CONTIGUOUS()
...
The macro GWBUF_IS_CONTIGOUS() and the actual implementation
gwbuf_is_contiguous() can only be called with a non-NULL pointer.
2019-05-21 10:52:34 +03:00
68ad51bc52
MXS-2483: Address review comments
2019-05-20 15:46:53 +03:00
08bb5d009d
MXS-2483: Make some SSLContext methods const
...
The serialization and opening of a new SSL session can be const.
2019-05-20 15:46:53 +03:00
76399200f4
Fix assertion on client SSL read
...
When SSL is enabled, the protocol seems to get zero byte reads which
result in a null GWBUF being passed to gwbuf_length.
2019-05-20 15:46:52 +03:00
e5a49a2f7b
MXS-2483: Take SSLContext into use in binlogrouter
2019-05-20 15:45:19 +03:00
c78e907da0
MXS-2483: Minor SSL usage cleanup
...
Changed getter function return values to std::string, converted
MXS_CONFIG_PARAMETER::set_from_list to take std::strings instead of const
char pointers.
2019-05-20 15:45:19 +03:00
82add11e86
MXS-2483: Take SSLContext into use
...
SSLContext is now used everywhere except the binlogrouter which still
allocates the contexts itself. Fixing the binlogrouter's misuse of
internal structures is a rather large undertaking and for this reason the
SSLContext will be taken into use there in a separate commit.
2019-05-20 15:45:18 +03:00
73796be9d6
MXS-2483: Make SSLContext a C++ class
...
The class now encapsulates all the functionality that is related to
setting up a SSL context.
2019-05-20 15:45:18 +03:00
c21558315b
Fix debug assertion with SSL connections
...
The code assumed gwbuf_length would accept null buffers.
2019-05-20 15:45:18 +03:00
1197bd40db
MXS-2483: Move unwanted SSL code to mysql_client.cc
...
The code was only used by mysql_client.cc and should therefore be located
in it.
2019-05-20 15:45:18 +03:00
cab336ed89
MXS-2483: Rename SSL_LISTENER to mxs::SSLContext
2019-05-20 15:45:18 +03:00
