2ddc20cf9e
Merge branch '2.3' into develop
2019-05-28 15:19:10 +03:00
dcdcc0e44f
Fix avrorouter build failure
...
Signed to unsigned comparison.
2019-05-28 15:18:34 +03:00
65c795164c
Merge branch '2.3' into develop
2019-05-28 14:40:45 +03:00
0462ac3d16
MXS-2483: Update documentation and release notes
...
Updated documentation on how servers with TLS are created.
2019-05-28 14:34:51 +03:00
21cdc4822b
MXS-2483: Remove runtime enabling of TLS
...
TLS can no longer be enabled at runtime via maxadmin.
2019-05-28 14:34:50 +03:00
38b57497b9
MXS-2486: Move to_string into SSLProvider
...
The functionality is more a part of the provider than the context so it
should be defined in it. It also doesn't use any parts of the SSLContext
which makes it somewhat more clear that it doesn't belong there.
2019-05-28 14:34:50 +03:00
bef8881cab
Merge branch '2.2' into 2.3
2019-05-28 14:17:43 +03:00
60d065473e
MXS-2481 Handle sqlite3 oom error
2019-05-28 12:36:21 +03:00
feae0cda17
MXS-2481 Dont log confusing things
...
At first start there will be no persistent information. No point
in logging that we will not use that information.
2019-05-28 12:36:21 +03:00
8204c5099b
MXS-2481 Ensure directory exists before creating db
2019-05-28 12:36:21 +03:00
a82841333d
Merge branch '2.3' into develop
2019-05-28 10:57:18 +03:00
dda2c1964d
Merge commit '05ed272c1627b21ff623b7fdf5a60f2ba2f4f5d0' into develop
2019-05-27 19:30:29 +03:00
d128c9a09b
MXS-2504 Kick out super-users from master server during switchover
...
The monitor queries for logged in users with super-privileges and kicks them out to
prevent writes to master. Normal users can stay since their writes are prevented by
read_only. Also, the master-status is removed from the master manually to signal to
routers that no more writes should go to master.
2019-05-27 18:11:46 +03:00
387bf0ccc2
MXS-2507: Fix avrorouter token processing
...
The token comparison function did the comparison wrong: The token needs to
be an exact match instead of a partial one.
2019-05-27 09:34:38 +03:00
05ed272c16
Fix format-truncation warnings in blr
...
The custom message must be smaller than the actual message to guarantee no
truncation takes place.
2019-05-27 03:24:05 +03:00
d5ec357731
Fix binlogrouter SSL creation
...
The SSLContext could get invalid parameters as the router unconditionally
added all the parameters.
2019-05-24 15:33:17 +03:00
3af66f3309
MXS-2483: Take SSLProvider into use
...
Servers and listeners now have a SSLProvider member variable that is used
for all SSL related tasks.
2019-05-24 15:33:17 +03:00
8a4b58d52c
MXS-2483: Move SSL configuration into SSLConfig
...
This way the configuration information can be accessed without the
SSLContext.
2019-05-24 15:33:17 +03:00
bed28db3fd
Merge branch '2.3' into develop
2019-05-24 13:55:47 +03:00
a1697e2aa6
MXS-2479 PAMBackendAuth is more tolerant of extra messages.
...
The authenticator can now receive additional questions from the server even
after the original password-query.
2019-05-24 11:31:55 +03:00
5b55864b06
MXS-2483: Store listener SSLContext in unique_ptr
...
Also removed some unnecessary checks for session->listener: The Session
constructor takes the listener as an argument.
2019-05-24 10:05:43 +03:00
bc500d2565
MXS-2483: Store server SSLContext in unique_ptr
2019-05-24 10:05:42 +03:00
3b8e28392e
MXS-2483: Make server SSL private
...
The old server_ssl member is now renamed and private. The ssl_context and
set_ssl_context methods provide access to it.
2019-05-24 10:05:42 +03:00
7eff7f8e9e
Remove unused function in mysql_common.cc
2019-05-24 10:05:15 +03:00
397fc97d07
Only count actual failures as auth failures
...
If the authentication process fails due to an inability to start a
session, it should not be counted towards the number of failed
authentication attempts.
2019-05-24 10:05:15 +03:00
bd8aa64547
MXS-2479 Accept additional messages in PAM authenticator
...
Plugins may send additional messages during authentication. These messages
often contain notifications such as password expiration dates. Both the client
and backend side authenticators now handle such messages. The messages are not
sent to the user, only the log. The requirement that only "Password: " is queried
still stands.
2019-05-23 14:14:25 +03:00
f8688a7285
Merge branch '2.3' into develop
2019-05-22 15:57:46 +03:00
17fa1ce616
Fix galeramon regression
...
The comparisons were done wrong: strcasecmp returns 0 for equal strings.
2019-05-22 10:02:48 +03:00
e545e2ac5c
Merge branch '2.3' into develop
2019-05-22 10:02:27 +03:00
8317fec745
MXS-2496: Check for ALL PRIVILEGES grant
...
If a user has ALL PRIVILEGES as a global privilege, it overshadows the
SHOW DATABASES grant.
2019-05-22 09:56:35 +03:00
7893c120a9
MXS-2477 Change schemarouter ignore_databases parameters to ignore_tables
...
With the table level sharding parameter is used to ignore tables not
databases.
2019-05-21 13:48:17 +03:00
b294acf276
MXS-2496: Fix SHOW DATABASES grant check
...
The code expected that the grant was given to the actual user, not a role.
2019-05-21 13:43:51 +03:00
0c19d1ea03
Fix debug assertion in mysql_backend
...
The backend read function used a NULL GWBUF with gwbuf_length.
2019-05-21 13:15:20 +03:00
d0153f6ce3
clustrixmonitor: Add missing include
2019-05-21 12:50:10 +03:00
cf46004bd8
Make the servers-array in Monitor private
...
This prevents derived classes from modifying the array directly,
which would be unsafe.
2019-05-21 10:58:24 +03:00
76399200f4
Fix assertion on client SSL read
...
When SSL is enabled, the protocol seems to get zero byte reads which
result in a null GWBUF being passed to gwbuf_length.
2019-05-20 15:46:52 +03:00
e5a49a2f7b
MXS-2483: Take SSLContext into use in binlogrouter
2019-05-20 15:45:19 +03:00
82add11e86
MXS-2483: Take SSLContext into use
...
SSLContext is now used everywhere except the binlogrouter which still
allocates the contexts itself. Fixing the binlogrouter's misuse of
internal structures is a rather large undertaking and for this reason the
SSLContext will be taken into use there in a separate commit.
2019-05-20 15:45:18 +03:00
1197bd40db
MXS-2483: Move unwanted SSL code to mysql_client.cc
...
The code was only used by mysql_client.cc and should therefore be located
in it.
2019-05-20 15:45:18 +03:00
cab336ed89
MXS-2483: Rename SSL_LISTENER to mxs::SSLContext
2019-05-20 15:45:18 +03:00
650230455a
MXS-2169 Allow unsafe failover when 'enforce_simple_topology' is on
...
If gtid of master is unknown (as is typical when master is down when MaxScale
starts) the domain id is guessed from the slaves instead. This is usually
safe.
2019-05-20 10:43:54 +03:00
0f714e9ad4
MXS-2495 Cleanup GWBUF interface
...
All GWBUF macros that address a single link in a chain are now
simple wrappers for equivalent gwbuf_link-functions.
Next step is to drop the macros and replace their use with calls
to the functions.
2019-05-20 09:57:37 +03:00
d1affba34d
MXS-2480 Add log message about opened SQLite database
2019-05-20 09:11:58 +03:00
004e8e638f
MXS-2480 Fix creating of the in memory sqlite3 databases in PAMAuth
...
SQLITE_OPEN_URI flag was missing causing the databases to be created in
disk instead of in memory. Also added info level log message from created
database in clustrixmonitor.
2019-05-20 09:11:58 +03:00
5828061321
Merge branch '2.3' into develop
2019-05-17 14:39:30 +03:00
96a477ec89
MXS-2490: Send error to client on unknown PS handle
...
If a client requests an unknown binary protocol prepared statement handle,
a custom error shows the actual ID used instead of the "empty" ID of 0
that the backend sends.
2019-05-17 14:13:44 +03:00
f94355770f
Merge branch '2.2' into 2.3
2019-05-17 14:10:28 +03:00
4ee30f5c52
MXS-2169 Allow a downed server to be selected as topology master
...
This is required for the case when MaxScale is started when the master is
already down.
2019-05-17 13:46:33 +03:00
d2f3e56d0a
MXS-2169 Add 'enforce_simple_topology'-setting
...
Does not add any functionality yet.
2019-05-17 13:46:33 +03:00
c801789ff3
Cleanup monitor running state
2019-05-17 13:34:48 +03:00
