When backend authentication failed due to errors other than wrong
credentials, the users were unconditionally reloaded. This caused a spike
of activity whenever authentication failed for other reasons.
Also fixed the test that checks for this to look for the correct error
message.
The new parameter allows ignoring of master servers that are external to
the monitor configuration. This allows sub-trees of the actual replication
tree to be used as fully fledged replication trees.
When a table map event is read after an alter table, the old TABLE_MAP
object contains old information. Due to this, as well as the added benefit
of making the code easier to read, the recycling of TABLE_MAP objects was
removed. In practice, there were no benefits to re-mapping the tables to a
different ID.
The Annotate_rows events were not processed which caused the following
table map event to be ignored.
Also removed a false debug assertion. The byte count can be zero and the
pointer is not guaranteed to point to anything valid.
If a CREATE TABLE statement had a quoted keyword as the name of a field,
the calculated column count and actual column counts would differ.
In addition to this, oneline comments before the end of the statement
would truncate the SQL due to the fact that the whitespace was squashed
before the comment removal was done.
If the provided config path refers to a directory it can still
be opened and an attempt to read be made. However, as reading
will fail but end-of-file not be reached, we can't rely upon
'feof()' for detecting when to bail out.
As it is a user error to provide a directory as the config path,
that will be detected and deemed an error in a subsequent commit.
Stop replicating from master if unsupported binlog events are seen.
Also report error message for unsupported events
(blr_read_events_all_events) at maxscale start-up and with
maxbinlogcheck utility
The usage of the router_options has become optional in 2.1. This means
that the binlogrouter should not fail to start if no router_options are
defined.
Also lowered the error about master.ini to a warning as it is expected to
happen on a fresh installation.
MXS-1530: check ANNOTATE_ROWS flag in connecting slave.
In MariaDB 10.2.4 replicate_annotate_row_events and
binlog_annotate_row_events have default to ON: this change checks
whether the connecting slave is not has ANNOTATE_ROWS in
blr_slave_binlog_dump(), those ANNOTATE_ROWS events can be sent or not
to the slave.
Sending an error to the client allows the connector to show more
information to the user when the DCB is closed due to a reason internal to
MaxScale.
The error message states that the connection was killed by MaxScale to
distinct it from the error sent by the server. The error number and SQL
state are still the same as both errors should be treated the same way.
The new `ssl_verify_peer_certificate` parameter controls whether the peer
certificate is verified. This allows self-signed certificates to be
properly used with MaxScale.
This builds on commit 1287b0e595a5f99026f66df7eeaef091b8ffc774 and cleans
up the original code. This fixes a bug introduced in the aforementioned
commit and cleans up the code.
The authentication code assumed that the initial request only had
authentication related data. This is not true if the client library
predicts that the authentication will succeed and it sends a query right
after it sends the authentication data.
Currently binlog server doesn't send to slaves these event types:
- MARIADB10_START_ENCRYPTION_EVENT
- IGNORABLE_EVENT
It also skips events with LOG_EVENT_IGNORABLE_F flag.
This modification allows sending events with that flag.
When servers were added to monitors that were created at runtime, the
server list serialization overwrote the original persisted configuration
of the monitor. To solve this problem, the serialization of the server
list and the monitor parameters were combined.
The total timeout for the retrying of interrupted queries can now be
configured with the `query_retry_timeout` parameter. It controls the total
timeout in seconds that the query can take.
The actual connection, read and write timeouts of the connector aren't a
good configuration value to use for abstracted queries as the time that it
takes to execute a query can be composed of both connections, reads and
writes. This is caused by the usage of MYSQL_OPT_RECONNECT that hides the
fact that the connector reconnects to the server when a query is
attempted.
The new `query_retries` parameter controls how many times an interrupted
query is retried. This retrying of interrupted queries will reduce the
rate of false positives that MaxScale monitors detect.
The stack traces weren't logged as the LOG_ALERT priority wasn't enabled
by default. As an alert is intended to be something that must leave a
trace somewhere, and as such, it must not be possible to disable it. For
this reason, it is acceptable to always log the message if the priority is
LOG_ALERT.
Added the -rdynamic linker flag so that all symbols are exported when
linking MaxScale.
As the stack trace is printed in a signal handler, the first attempt
should be to print the stack trace to the standard output. This way the
output is printed before an attempt to use malloc is made when it is
logged to the logfile.
If the authenticator option is enabled, no users are loaded and no errors
have occurred in the user loading process, the service credentials are
injected.
When the database firewall filter is used in white-list mode,
'USE <db>' should be allowed. When connecting, it is always
possible to specify the database anyway so restricting
'USE <db>' serves no purpose.
If a script variable resolves to an empty string, the replacement attempt
will fail with an out-of-memory error. The following realloc call will
fail as it requires a positive value for the new size.
The result of the authentication should be ignored but the scramble that
is calculated as a side-effect still needs to be stored. This can be done
by altering the SQL used to get the matching row to only match on the
username, not the network address.
Also expanded the test case to cover the use of bad credentials.
The new parameter allows the session to be "locked" to the master server
after a stored procedure is called. This will keep the session state
consistent if the stored procedure call modifies the state of the session.
