Client authentication problems are easier to solve when the client IP is logged
in case a failed authentication attempt is made. This will also make it easier
to detect possible security problems.
The client side authentication assumed that it was processing contiguous memory.
This caused the authentication to fail when packets were received in multiple
parts. Transforming the buffer chain into one contiguous buffer fixes this problem.
Due to an include conflict between /usr/include/poll.h and
maxscale/server/include/poll.h the latter was moved to
maxscale/server/include/maxscale/poll.h.
Once 1.4 is out, all maxscale header files will be moved to that
same sub-directory. That will prevent include conflicts and also
make it easy to see which include files belong to maxscale and
which do not.
The caller DCB was used instead of the session client DCB. This caused
a crash when a backend DCB was getting the shared data since those DCBs
have a NULL data pointer.
This is the first change in an attempt to arrange the linking so that
more errors are detected at link-time.
- All files in server/core but for gateway.c are linked to one shared
library called maxscale-common.
- The files log_manager/log_manager.cc and utils/skygw_utils.cc are
built into maxscale-common as well.
- MaxScale itself consists now only of gateway.c and is linked with
maxscale-common.
- All plugins link with maxscale-common.
- All executables link in addition with {EMBEDDED_LIB}.
After this change, the change (MXS-517) where query_classifier is the
only component that uses ${EMBEDDED_LIB} and the rest mysqlclient can
be made much cleaner.
After a few additional steps, all shared libraries can be linked with
the linker flags "-Wl,-z,defs", which directs the linker to resolve
all symbols. That will require that all shared libraries list all the
libraries they need, but will at the same time ensure that any
missing symbols are detected at link-time and not at run-time.
It was possible that a backend server was doing authentication while the client
closed the session. The more connections the router created the more likely it
was. This caused unnecessary reloading of the database users and confusing error
messages.
With the implemented fix, there are additional checks for the session state
before the users are reloaded or error messages are logged.
The soname version numbers were missing from all the library targets
properties which caused ldconfig to warn about non-symlink libraries
being installed.
The earlier log file based approach for enabling and disabling
messages has now been completely replaced with the syslog priority
based approach.
Similarly as with log files before it is now possible to enable
and disable a log priority for a particular session, even though
it apparently has not been used much.
The local test-programs of the logging has got minimal attention
only to make them compile. They should get an overhaul as they did
not work before either.
Since localtime is not thread-safe it should not be used in multithreaded
contexts. For this reason all calls to localtime were changed to localtime_r
in code where concurrency issues were possible.
Internal tests were left unchanged because they aren't multithreaded.
The error message did not provide any useful information and was most of the
time a false positive due to EPOLL_RDHUP events calling the hangup function
of the DCB.
The log manager variables lm_enabled_log_files_bitmask, log_ses_count
and tls_log_info that earlier were declared separately in every
c-file are now declared in the log_manager.h header.
