Servers in MaxScale can encrypt the connections without client keys and
certificates. As keys and certificates are no longer required, the CA
certificate must always be initialized.
When a listener is created at runtime or SSL is being enabled for an
already created listener, the ssl_verify_peer_certificate parameter can
now be defined.
Backported the minimal set of changes required to build 2.1 with GCC
8. The format-truncation and format-overflow warnings are disabled instead
of fixed in 2.1 to remove duplication of effort that was already done in
2.2 (the commit doesn't cherry-pick cleanly).
The default database was not extracted correctly as the length of the
user's name did not include the null terminator. Also the comparison for
database name length used the smaller than operator instead of the correct
larger than operator.
If a DCB is closed before a response to the handshake packet is received,
the DCB's session will point to the dummy session. In this case no error
should be written to the DCB.
This is a cherry-pick of commit f53e112bf49766f1cc55516c2d7ee571461d483f
from the 2.2 branch.
If the avrorouter is being build and the required libraries are not found,
the configuration process should fail. Adding the command to bypass this
into the error message should make it easier to disable this part if it is
not needed.
The message now states the impliciations of missing permissions. If the
MaxScale user does not have the permissions to view all databases, it will
only see its own databases.
A linefeed is whitespace, so given the rules
"\n"+ return '\n'
{SPACE} ;
a line consisting of space followed by a linefeed, will be matched
as space and not as a linefeed and hence will cause the parser to
barf.
MySQLAuth requires the SHOW DATABASES privilege to see all the databases
so it should be checked that the current user has the permission. A
missing permission will cause errors that are hard to resolve.
When the IO thread of a relay master is stopped, the knowledge that it is
not a real master but a relay master is lost. To prevent this loss of
information, the master server's server_id value should always be stored
if it is available.
If a server is removed from a service, readconnroute will not verify that
the server it is connected to is still the same root master. This fixes
the regression of MXS-1418.
This is used only in case of everything else fails and this lookup
is not unlikely to fail if the client comes from some machine on
an internal network.
The token skipping function did not check for a period or an opening
parenthesis when parsing the test. Also fixed a debug assertion when only
NULL values were inserted.
Used the correct value in table_create_alloc and remove unused
parameter. Use the pre-calculated end pointer when looking for events.
Always use the column count of the TABLE_MAP event as all mismatches are
detected earlier.
The parser checks whether the FIRST or AFTER keywords are used and, if
AFTER is used, extracts the relevant column name.
Added a test case that checks that the parsing works and detects the
correct column names.
The list of users that is used for authentication shoudl only consist of
users that do not use an explicit authentication plugin. This way
authentication fails before any connections to the backend servers are
done.
The warning that a schema already exists is obsolete as mapped tables are
now always opened instead of being reused. This causes the schema checks
to be done for each mapped table.
When an assertion fails due to an overflow of the event buffer, all
processed values for that event are dumped.
This commit also enables the assertions even for non-debug builds which
should speed up the elimination process for bugs in the avrorouter. The
overhead of doing this is minimal as the output is already gathered for
the INFO level logging.
The `purge` command can be used to reset the conversion
process. Currently, executing the `purge` module command and restarting
MaxScale is the only correct way to reset the conversion process.
Added more debug assertions to JSON serialization of the Avro schema. Also
checked that the column count for the TABLE_CREATE object matches that of
the TABLE_MAP object.
A subset of the checks done at connection creation time need to be done at
query routing time. This guarantees that the connection is closed if the
server no longer qualifies as a valid candidate.
Added teset case that checks that a change in the replication topology
correctly breaks the connection.
When the unit tests were run without installing the libraries in their
final locations, the loading of the modules would fail. Using locations
relative to the build directory allows unit testing without having to
install the libraries.
The check for the current master backend did not see if the backend was
actually in use. This would be the case when the backend would be
originally in use but would be later disabled.
The value is now stored as a hexadecimal value instead of a decimal
value. This also lifts the enum size restriction on more than 8 values
(which was incorrectly documented as 255 values).
