max rows filter first implementation
Resultsets with more than max_resultset_rows
will be skipped and empty result set is returned to client.
Not yet tested with multi_statements
[MaxRows]
type=filter
module=maxrows
max_resultset_rows=10
debug=15
Now that a filter can express that the transaction state is tracked,
the cache implementation can be simplified. We do not need to cater
for the case that a "too short" or "too long" a packet would be
delivered.
Further, since the autocommit mode and transaction state of the session
are tracked, the filter can cache data when it is safe to do so. In
practice that means when either AUTOCOMMIT is ON and no explicit
transaction is active or when a READ ONLY transaction is active,
irrespective of the autocommit state.
In principle it would be possible to tentatively cache data during
a transaction, and if the transaction is committed successfully
flush the tentatively cached data to the actual cache, but that will
be for another day.
The transaction state only reflects explicitly started transactions.
Thus, by looking at the autocommit mode and the transaction state a
component can figure out whether the current statement will be committed
or not.
The transaction state must be updated after a buffer has been split
into buffer containing individual packets.
NOTE: The actual updating of the transaction state and the autocommit
mode is currently wrong, but will be updated in a subsequent change.
The authentication checks make sure that a user has all the required
grants to access the database. This prevents the creation of unnecessary
backend connections reducing the overall load on the database.
Doing preliminary authentication in MaxScale enables the creation of more
informative error messages.
Some of the tests depended on a working installation where modules are all
located at the default paths. These tests now explicitly set the module
directory which fixes the immediate problem.
Disabled the starting of services in the service test as this will fail
with real modules. The dummy internal modules aren't build and should be
removed in a later commit. In general, it might be better to do service
level testing outside the internal test suite.
The HTTPD protocol mistakenly assumed that the `authenticator` parameter
of a listener would be NULL if the default authenticator is used.
Recent changes modified it so that the value is never NULL and
`NullAuthDeny` would be used for protocols which did not implement the
auth_default entry point.
Common capabilities are now defined in routing.h. The common
capabilities can be defined using bits 0 - 15.
Router capabilities are defined using bits 16-31 and filter
capabilities (should there ever be such) using bits 32-47.
So, to find out the capabilities of a service you only need to
OR the capabilities of the router and all filters together.
For instance, if a single filter needs statement based routing,
then that is what is done.
Doing the checksum matching after memory is allocated and all the work is
done is not very efficient. A simpler solution is to always replace the
users when we reload them.
Replacing the users every time the service users are reloaded will not
cause a degradation in performance because the previous implementation
already does all the extra work but then just discards it.
A faster solution would be to first query the server and request some sort
of a checksum based on the result set the users query would
create. Currently, this can be done inside a stored procedure but it is
not very convenient for the average user. Another option would be to
generate a long string with GROUP_CONCAT but it is highly likely that some
internal buffer limit is hit before the complete value is calculated.
The path that was given as the option for the cache directory wasn't
properly checked for terminating forward slashes. Due to this, the cache
file was created with the wrong name.
The dbusers.c was a MySQL protocol specific file which was used directly
by some of the modules.
Added a new return value for the loadusers authenticator entry point which
allows fatal failures to occur when users are loaded. Currently this is
only taken into notice when the service is first started. If a listener
later returns a fatal error, it is only logged but the service stays in
operation.
Moved the MySQLAuth authenticator sources and the tests that relate to
this module into a subdirectory in the authenticator
directory. Eventually, all authenticators could have a subdirectory of
their own.
The MySQL authenticator now injects the service user into the list of
allowed users if loading of database users fails. This allows the removal
of common code in the binlogrouter and maxinfo modules.
This tracks only what is explicitly set. That is, if autocommit
has been set true then, even if a transaction is started, autocommit
will not be set false.
That is, a user of the session autocommit and transaction states
need to be aware of their semantics. If a transaction is active,
then the state of autocommit is irrelevant.
When a MySQL SSL connection is made, the first packet from the client will
contain the SSLRequest packet. This packet is a truncated normal auth
packet and the real auth packet will be sent after SSL has been
established.
The MySQLClient protocol should read the client information for SSL
connections after SSL has been established.
When a client without SSL connected to a listener which requires SSL, the
error message always used the package sequence number 3 even if the
response was the second packet.
Also fixed debug assertions which failed when non-SSL connections were
created to SSL listeners.
- Since the capabilities are a bitmask, it is better if an unsigned
integral type is used.
- Since the function is part of an ABI, it is better if an explicit
size is used.
- 64-bits so that there also is room for independent filter
capabilities.
The MySQLAuth authenticator can now store the cached credentials in a
custom location. This is intended for the binlogrouter, which currently
uses a different location for the user cache.
The MySQL authentication modules now have their own document in the
Authenticators directory. Right now this document only describes the
general details of the MySQL authentication and the new option.
Added find_package module for CMake which locates the Jansson libraries
and headers. This will make dependency checking easier and prevents build
failures due to missing dependencies.
The client protocol module now extracts the information that is relevant
for all modules. Currently this information consists of the client
capabilities, character set, username and default database.
The GSSAPI client side authenticator now loads a list of users that are,
for the time being, logged at info level. The next step is to store this
information in the listener's user hashtable.
In a subsequent change, the includes of server/core/*.c will be
cleaned up, and if there is a common set of include files, needed
by most, then a server/core/maxscale/core.h that includes those
will be introduced.
MAX_BUFFER_SIZE, which is used for limiting the amount of the data
read from a socket renamed to MXS_MAX_NW_READ_BUFFER_SIZE and moved
from gw.h to limits.h.
Consider removing altogether. Difficult to justify since non-blocking
reads are used and the amount of available data is known.
When a master server is set into read-only mode, it can be treated as an
always up-to-date slave. This gives us a somewhat graceful way to prevent
writes to a master.
Usually setting the master into read-only mode is done before a change in
the replication topology to prevent stray writes arriving on the
master. MaxScale should respect the read-only mode and not send any writes
to a server that's in read-only mode.
The general purpose stuff in skygw_utils.h was moved to utils.h
and the corresponding implementation from skygw_utils.cc to utils.c.
Includes updated accordingly.
Skygw_utils.h is now only used by log_manager and by mlist, which
is only used by log_manager. Consequently, skygw_utils.h was moved
to server/maxscale.
Utils.h needs a separate overhaul.
Made the packet sequence number handling automatic so that it always uses
the correct one.
All functions now have documentation in them. Cleaned up code and added
comments to GSSAPI code.
- STRERROR_BUFLEN moved to cdefs.h and renamed to MXS_STRERROR_BUFLEN.
Better would be to provide a 'const char* mxs_strerror(int errno)'
that would have a thread specific buffer for the error message.
- MIN and MAX also moved to defs.h as MXS_MIN and MXS_MAX.
- Now only mlist.h of the headers depend upon skygw_utils.h.
- All now include maxscale/cdefs.h as the very first file.
- MXS_[BEGIN|END]_DECLS added to all C-headers.
Strictly speaking not necessary for private headers, but
does not hurt either.
- Include guards moved to the very top of the file.
- #pragma once added.
Duplicate declarations of functions declared in maxscale/users.h
and maxscale/gw.h removed and corresponding includes added instead.
Unimplemented declaration removed.
Further cleanup will be needed to ensure that functions etc. are
declared in the right place.
