If set to true and if any of the other blocking related parameters
is true, then a statement that cannot be fully parsed will be blocked.
Default is true.
- Check textual prepared statements for use of columns to be masked
in conjunction with functions.
- Check binary prepared statements for use of columns to be masked
in conjunction with functions.
- Prevent creation of textual prepared statement from variable.
As the masking filter must reject statements that use columns to be
masked as arguments to functions, a statement that cannot be fully
parsed must be rejected. Unless a statement can be fully parsed we
cannot know whether such usage occurs.
By always setting the position of the next event, the replication cannot
break if the slave server has to reconnect after receiving an event that
was generated by the binlogfilter.
The code used a rather questionable method for parsing SQL statements
instead of using the query classifier for detecting transaction start and
stop events.
Clean up, comments and enhancements. StopWatch lap() didn't mean lap-time, but elapsed time. Changed meaning to lap-time and added split() for split-time.
Replaced SPINLOCK with std::mutex where possible, leaving out the more
complex cases. The big offenders remaining are the binlogrouter and the
gateway.cc OpenSSL locks.
Removed unused code, ordered function definitions that declarations aren't
needed, changed functions to pass pointers to the event body instead of
the start of the protocol packet.
Added `match` and `exclude` functionality. This allows versatile filtering
without a large investment of development time by leveraging the benefits
of PCRE2 regular expressions.
Also cleaned up the filter and removed the single table matching and
active parameter that were obsoleted by the regular expression parameters.
See script directory for method. The script to run in the top level
MaxScale directory is called maxscale-uncrustify.sh, which uses
another script, list-src, from the same directory (so you need to set
your PATH). The uncrustify version was 0.66.
NamedServerFilter now uses struct sockaddr_in6 to store the source
parameter. If ipv4 addresses are used they are mapped to ipv6 struct,
this allows the usage of both ipv4 and ipv6.
This commit also includes some small refactoring and removing some code
that was not needed anymore.
qc_thread_init() must now explicitly be called in every thread
and not just in other threads but the one where qc_process_init()
is called.
This change was caused by QC_INIT_SELF initialization actually
being performed in query_classifier.cc. Before this change, there
actually was a leak in the routing worker running in the main
thread, the query classification cache was created twice.
Reducint the time the load testing runs for seems to reduce the volume by
the same amount. Given that unit tests are good for catching obvious
mistakes, the test should still be adequate.
In default case MaxScale uses ipv6 for all addresses also mapping ipv4
connections to ipv6. This caused NamedServerFilter to never match these
addresses to the ones defined in source parameter in ipv4 form.
These ipv6-mapped addresses are now transformed to ipv4 so they can be
checked against source parameter list.
Source parameter in NamedServerFilter can now contain a list of source
addresses seperated by comma. This parameter is parsed into a list of ip
addresses and checked against incoming client connections.
