6625c1296b 
					 
					
						
						
							
							Format authenticator and protocol modules  
						
						
						
						
					 
					
						2019-05-10 10:31:12 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						74634abc80 
					 
					
						
						
							
							MXS-1662 Move PAM authentication function into maxbase  
						
						... 
						
						
						
						The same code can be used for REST-API authentication. 
						
						
					 
					
						2019-04-09 14:41:40 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						afe41c38ed 
					 
					
						
						
							
							Merge branch '2.3' into develop  
						
						
						
						
					 
					
						2019-02-20 10:33:14 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						48a6ab503e 
					 
					
						
						
							
							MXS-2292 PAM authenticator detects anonymous users with defined hosts  
						
						... 
						
						
						
						This allows anonymous user mapping from well-defined hosts. 
						
						
					 
					
						2019-02-19 10:40:23 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						1fed465fdb 
					 
					
						
						
							
							MXS-2246 Remove duplicate info in SERVICE and Service  
						
						... 
						
						
						
						Both of them contained fields for the service and router names.
Now the names are in SERVICE and they must be accessed via member
function. 
						
						
					 
					
						2019-02-14 15:24:10 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						684ec3288b 
					 
					
						
						
							
							Rename and cleanup authenticator.h  
						
						
						
						
					 
					
						2019-01-14 15:07:33 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f0f9c21d1c 
					 
					
						
						
							
							Merge branch '2.3' into develop  
						
						
						
						
					 
					
						2019-01-07 10:54:42 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						40485d746c 
					 
					
						
						
							
							MXS-2220 Change server name to constant string  
						
						
						
						
					 
					
						2019-01-03 12:13:15 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						26da72a41f 
					 
					
						
						
							
							Merge branch '2.2' into 2.3  
						
						
						
						
					 
					
						2019-01-03 09:23:16 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						04dd05b262 
					 
					
						
						
							
							MXS-2231: Move TLS handshake code into MariaDBClient  
						
						... 
						
						
						
						The code is now in the correct place and TLS connections with all
authenticators should now work. 
						
						
					 
					
						2019-01-02 19:29:41 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						c0c9a9858d 
					 
					
						
						
							
							MXS-2197 Rename maxscale/log.h to maxscale/log.hh  
						
						... 
						
						
						
						In files either include maxscale/log.hh or remove include entirelly
as maxscale/ccdefs.hh includes it. 
						
						
					 
					
						2018-12-10 12:58:17 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						9f721f725e 
					 
					
						
						
							
							MXS-2205 Convert maxscale/protocol/mysql.h to .hh  
						
						
						
						
					 
					
						2018-12-05 11:12:20 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						ad12ff6d06 
					 
					
						
						
							
							MXS-2196: Rename dcb.h to dcb.hh  
						
						
						
						
					 
					
						2018-12-04 11:50:43 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						a10b6c2e89 
					 
					
						
						
							
							MXS-2196: Take Listener into use  
						
						
						
						
					 
					
						2018-12-04 11:39:52 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						39f668ff3c 
					 
					
						
						
							
							MXS-2196: Rename SERV_LISTENER to Listener  
						
						
						
						
					 
					
						2018-12-04 11:39:52 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						3e5818fcb6 
					 
					
						
						
							
							MXS-2205 Convert mysql_utils.h to .hh  
						
						
						
						
					 
					
						2018-12-03 14:05:21 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						77585bdb8c 
					 
					
						
						
							
							MXS-2197: Make config.h and service.h C++ headers  
						
						... 
						
						
						
						This is the first step into converting the other headers into C++. 
						
						
					 
					
						2018-11-30 12:15:57 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						75ea1b6ea1 
					 
					
						
						
							
							Fix formatting of new(std::nothrow)  
						
						... 
						
						
						
						The code previously formatted everything as `new( std::nothrow)`. 
						
						
					 
					
						2018-10-04 21:50:44 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						71ffef5708 
					 
					
						
						
							
							Partially revert 4ba011266843857bbd3201e5b925a47e88e1808f  
						
						... 
						
						
						
						Add back leading operator enforcement. 
						
						
					 
					
						2018-09-20 15:57:30 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						d11c78ad80 
					 
					
						
						
							
							Format all sources with Uncrustify  
						
						... 
						
						
						
						Formatted all sources and manually tuned some files to make the code look
neater. 
						
						
					 
					
						2018-09-10 13:22:49 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						c447e5cf15 
					 
					
						
						
							
							Uncrustify maxscale  
						
						... 
						
						
						
						See script directory for method. The script to run in the top level
MaxScale directory is called maxscale-uncrustify.sh, which uses
another script, list-src, from the same directory (so you need to set
your PATH). The uncrustify version was 0.66. 
						
						
					 
					
						2018-09-09 22:26:19 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						3f53eddbde 
					 
					
						
						
							
							MXS-2020 Replace ss[_info]_dassert with mxb_assert[_message]  
						
						
						
						
					 
					
						2018-08-22 11:34:59 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						24ab3c099c 
					 
					
						
						
							
							Move top of the file  "#pragma once" to after the following comment (swap them). If the comment is a BPL update it to the latest one  
						
						
						
						
					 
					
						2018-08-21 13:13:15 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						cf0aeed516 
					 
					
						
						
							
							MXS-2014 Rename log_manager.h to log.h  
						
						... 
						
						
						
						There's nothing resembling a manager anymore. 
						
						
					 
					
						2018-08-17 10:59:37 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f14380243b 
					 
					
						
						
							
							Rename cppdefs.hh to ccdefs.hh  
						
						... 
						
						
						
						For obvious reasons; the c++ suffix is .cc and not .cpp 
						
						
					 
					
						2018-08-10 07:50:18 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						b20decfe1c 
					 
					
						
						
							
							MXS-1929: Output const strings from serviceGetUser  
						
						... 
						
						
						
						The values aren't meant to be modified by the caller. 
						
						
					 
					
						2018-08-06 21:20:29 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						00c107e051 
					 
					
						
						
							
							Resolve authenticator symbols at compile time  
						
						... 
						
						
						
						Resolving the symbols at compile time prevents runtime problems. 
						
						
					 
					
						2018-07-31 09:41:13 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						cc0299aee6 
					 
					
						
						
							
							Update change date of 2.3  
						
						
						
						
					 
					
						2018-06-25 10:07:52 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						d0c74b5c8f 
					 
					
						
						
							
							MXS-421 Log event in case of authentication failure  
						
						... 
						
						
						
						- CDC authenticator
- MySQL authenticator
- PAM authenticator 
						
						
					 
					
						2018-06-18 11:32:50 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						4b988d99a1 
					 
					
						
						
							
							Print error descriptions when a PAM function fails  
						
						
						
						
					 
					
						2018-05-14 12:35:54 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						eba6c0c596 
					 
					
						
						
							
							MXS-1842 Compile all authenticators as C++  
						
						... 
						
						
						
						Minimal changes, only what is needed to compile. 
						
						
					 
					
						2018-05-03 10:07:43 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						5d010ff712 
					 
					
						
						
							
							Cleanup SERVER struct  
						
						... 
						
						
						
						Removed one unused field. Rearranged others, clarified comments. 
						
						
					 
					
						2018-04-27 10:48:56 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						cb0ac44e1f 
					 
					
						
						
							
							MXS-1758 Support anonymous user with proxy grant for PAM  
						
						... 
						
						
						
						This allows using user group mapping with PAM authenticator. 
						
						
					 
					
						2018-04-24 15:22:01 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						aa260cf6cf 
					 
					
						
						
							
							MXS-1716 Reduce the amount of duplicate elements in users db for PAM  
						
						... 
						
						
						
						The database-level query now only takes rows with either a global
select privileges or non-null database privileges. The table-level
query only accepts non-null databases and no global privileges,
as users with global select are added by the previous section. 
						
						
					 
					
						2018-03-19 15:09:36 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						04666b4b31 
					 
					
						
						
							
							MXS-1716 Add diagnostic functions to PAM Authenticator  
						
						... 
						
						
						
						The functions print the user information. Normal version just prints
user@host, the json-version prints the whole array. 
						
						
					 
					
						2018-03-19 11:02:14 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						e918810a4f 
					 
					
						
						
							
							MXS-1604: PAMAuth Use "mysql" as default service name, fix authentication data updating  
						
						... 
						
						
						
						If a user has an empty service name, use "mysql" as default.
Authentication data was only updated inside get_pam_user_services() if no service
was found. It was possible that the PAM service changed but the old service
would be used for authenticating, causing a false negative.
Now, the auth data is updated outside the function if authentication fails for
any reason. The new service data is compared to the old and if equal, password
check is not attempted again. This gives a false negative only if user password
has changed after the previous attempt.
Also, fixed some comments. 
						
						
					 
					
						2018-01-26 11:00:04 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f6f34ad7e5 
					 
					
						
						
							
							Fix debug build failure on CentOS 6  
						
						... 
						
						
						
						The build failed due to a comparison between signed and unsigned integers. 
						
						
					 
					
						2018-01-15 16:14:50 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						c45a8abc20 
					 
					
						
						
							
							Use SQLITE_OPEN_NOMUTEX for session specific sqlite3 handles in PAM auth  
						
						
						
						
					 
					
						2018-01-04 10:55:52 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						224f918845 
					 
					
						
						
							
							MXS-1592 Make all modules lowercase  
						
						... 
						
						
						
						Make all modules lowercase and make module loading case
insensitive. Further, make command invocation case insensitive,
as far as the module name is conserned. 
						
						
					 
					
						2018-01-03 14:57:18 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						895d950da0 
					 
					
						
						
							
							Format all source files with Astyle  
						
						... 
						
						
						
						Formatted all source files Astyle. 
						
						
					 
					
						2017-09-28 07:04:21 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						3936c71e11 
					 
					
						
						
							
							Add missing includes  
						
						
						
						
					 
					
						2017-09-19 15:46:13 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						2784858495 
					 
					
						
						
							
							A few PAM cleanups  
						
						... 
						
						
						
						Print header found message only if libraries also found.
Change header guards to pragma once.
Check return value of store_client_password(). 
						
						
					 
					
						2017-08-16 13:47:29 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						7ba0533cc8 
					 
					
						
						
							
							Authenticator API extract-entrypoint returns bool  
						
						... 
						
						
						
						Extraction either succeeds or fails, it does not need to return
defined integer values. 
						
						
					 
					
						2017-08-09 17:28:58 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						ed05d24a9a 
					 
					
						
						
							
							Move SSL-code in mysql_auth.c and pam_client_session.cc to  
						
						... 
						
						
						
						a separate function in ssl.cc
Removes some duplicate code. 
						
						
					 
					
						2017-08-07 12:22:59 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						8ef8ee6600 
					 
					
						
						
							
							Add client-to-MaxScale SSL support to PAM authenticator  
						
						... 
						
						
						
						Only client-side SSL is supported for now. 
						
						
					 
					
						2017-08-07 12:22:59 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						7488129afc 
					 
					
						
						
							
							PAM code cleanup & refactor  
						
						... 
						
						
						
						Divided functionality into classes, fixed comments +
various other cleanup. BackenAuth no longer increments
sequence on sending password. SQLite busy timeout shortened
to 1 second. 
						
						
					 
					
						2017-08-07 12:22:59 +03:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f916b74c2e 
					 
					
						
						
							
							Add first version of PAM authenticator plugin  
						
						... 
						
						
						
						This includes the client and backend authenticators. Currently,
only a simple password-based scheme with the SQL-client "dialog" plugin
is supported. In this mode, the server sends the first PAM message
with the AuthSwitchRequest packet and the client responds with the
password. No further authentication messages are supported. If the
connection is not encrypted, the password is sent in plaintext. The
client password is used as is for logging in to backends. 
						
						
					 
					
						2017-08-07 12:22:59 +03:00