625740e69d
MXS-2464: Fix crash on failed session command
...
If the master fails when a session command is being executed with
delayed_retry enabled, a null query would get placed into the query
queue. This change simply prevents the crash and closes the session even
though the query could be retried.
2019-05-31 14:01:15 +03:00
9481992bb9
Fix dbfwfilter release mode build failure
...
GCC 9 complained about null format strings even though the argument given
was never null.
2019-05-31 14:01:15 +03:00
ee7e63a611
MXS-2464: Assert that responses are expected
...
A query should not be queued if no responses are expected. The code that
executes queued queries should be dead code and this assertion would catch
it.
2019-05-31 14:01:14 +03:00
1012b95544
Merge branch '2.2' into 2.3
2019-05-31 12:40:15 +03:00
de3c5721e9
MXS-2513 Deprecate firewall and masking filters
2019-05-31 11:53:36 +03:00
81254953d1
MXS-2520: Allow master reconnection on reads
...
If only the master is available and a reconnection must take place, it
must be allowed to happen in all cases.
2019-05-29 18:46:33 +03:00
3b60bf00e1
Merge branch '2.3' into develop
2019-05-29 18:41:50 +03:00
442d8bed9a
MXS-2479 Add username and host to PAM authenticator log messages
2019-05-29 17:32:27 +03:00
114e095e1b
MXS-2525: Fix non-plugin authentication
...
Older clients assume the plugin used for authentication is
mysql_native_password. If the client doesn't request plugin
authentication, don't treat it as an error.
2019-05-29 12:41:53 +03:00
2ddc20cf9e
Merge branch '2.3' into develop
2019-05-28 15:19:10 +03:00
dcdcc0e44f
Fix avrorouter build failure
...
Signed to unsigned comparison.
2019-05-28 15:18:34 +03:00
65c795164c
Merge branch '2.3' into develop
2019-05-28 14:40:45 +03:00
0462ac3d16
MXS-2483: Update documentation and release notes
...
Updated documentation on how servers with TLS are created.
2019-05-28 14:34:51 +03:00
21cdc4822b
MXS-2483: Remove runtime enabling of TLS
...
TLS can no longer be enabled at runtime via maxadmin.
2019-05-28 14:34:50 +03:00
38b57497b9
MXS-2486: Move to_string into SSLProvider
...
The functionality is more a part of the provider than the context so it
should be defined in it. It also doesn't use any parts of the SSLContext
which makes it somewhat more clear that it doesn't belong there.
2019-05-28 14:34:50 +03:00
bef8881cab
Merge branch '2.2' into 2.3
2019-05-28 14:17:43 +03:00
60d065473e
MXS-2481 Handle sqlite3 oom error
2019-05-28 12:36:21 +03:00
feae0cda17
MXS-2481 Dont log confusing things
...
At first start there will be no persistent information. No point
in logging that we will not use that information.
2019-05-28 12:36:21 +03:00
8204c5099b
MXS-2481 Ensure directory exists before creating db
2019-05-28 12:36:21 +03:00
a82841333d
Merge branch '2.3' into develop
2019-05-28 10:57:18 +03:00
dda2c1964d
Merge commit '05ed272c1627b21ff623b7fdf5a60f2ba2f4f5d0' into develop
2019-05-27 19:30:29 +03:00
d128c9a09b
MXS-2504 Kick out super-users from master server during switchover
...
The monitor queries for logged in users with super-privileges and kicks them out to
prevent writes to master. Normal users can stay since their writes are prevented by
read_only. Also, the master-status is removed from the master manually to signal to
routers that no more writes should go to master.
2019-05-27 18:11:46 +03:00
387bf0ccc2
MXS-2507: Fix avrorouter token processing
...
The token comparison function did the comparison wrong: The token needs to
be an exact match instead of a partial one.
2019-05-27 09:34:38 +03:00
05ed272c16
Fix format-truncation warnings in blr
...
The custom message must be smaller than the actual message to guarantee no
truncation takes place.
2019-05-27 03:24:05 +03:00
d5ec357731
Fix binlogrouter SSL creation
...
The SSLContext could get invalid parameters as the router unconditionally
added all the parameters.
2019-05-24 15:33:17 +03:00
3af66f3309
MXS-2483: Take SSLProvider into use
...
Servers and listeners now have a SSLProvider member variable that is used
for all SSL related tasks.
2019-05-24 15:33:17 +03:00
8a4b58d52c
MXS-2483: Move SSL configuration into SSLConfig
...
This way the configuration information can be accessed without the
SSLContext.
2019-05-24 15:33:17 +03:00
bed28db3fd
Merge branch '2.3' into develop
2019-05-24 13:55:47 +03:00
a1697e2aa6
MXS-2479 PAMBackendAuth is more tolerant of extra messages.
...
The authenticator can now receive additional questions from the server even
after the original password-query.
2019-05-24 11:31:55 +03:00
5b55864b06
MXS-2483: Store listener SSLContext in unique_ptr
...
Also removed some unnecessary checks for session->listener: The Session
constructor takes the listener as an argument.
2019-05-24 10:05:43 +03:00
bc500d2565
MXS-2483: Store server SSLContext in unique_ptr
2019-05-24 10:05:42 +03:00
3b8e28392e
MXS-2483: Make server SSL private
...
The old server_ssl member is now renamed and private. The ssl_context and
set_ssl_context methods provide access to it.
2019-05-24 10:05:42 +03:00
7eff7f8e9e
Remove unused function in mysql_common.cc
2019-05-24 10:05:15 +03:00
397fc97d07
Only count actual failures as auth failures
...
If the authentication process fails due to an inability to start a
session, it should not be counted towards the number of failed
authentication attempts.
2019-05-24 10:05:15 +03:00
bd8aa64547
MXS-2479 Accept additional messages in PAM authenticator
...
Plugins may send additional messages during authentication. These messages
often contain notifications such as password expiration dates. Both the client
and backend side authenticators now handle such messages. The messages are not
sent to the user, only the log. The requirement that only "Password: " is queried
still stands.
2019-05-23 14:14:25 +03:00
f8688a7285
Merge branch '2.3' into develop
2019-05-22 15:57:46 +03:00
17fa1ce616
Fix galeramon regression
...
The comparisons were done wrong: strcasecmp returns 0 for equal strings.
2019-05-22 10:02:48 +03:00
e545e2ac5c
Merge branch '2.3' into develop
2019-05-22 10:02:27 +03:00
8317fec745
MXS-2496: Check for ALL PRIVILEGES grant
...
If a user has ALL PRIVILEGES as a global privilege, it overshadows the
SHOW DATABASES grant.
2019-05-22 09:56:35 +03:00
7893c120a9
MXS-2477 Change schemarouter ignore_databases parameters to ignore_tables
...
With the table level sharding parameter is used to ignore tables not
databases.
2019-05-21 13:48:17 +03:00
b294acf276
MXS-2496: Fix SHOW DATABASES grant check
...
The code expected that the grant was given to the actual user, not a role.
2019-05-21 13:43:51 +03:00
0c19d1ea03
Fix debug assertion in mysql_backend
...
The backend read function used a NULL GWBUF with gwbuf_length.
2019-05-21 13:15:20 +03:00
d0153f6ce3
clustrixmonitor: Add missing include
2019-05-21 12:50:10 +03:00
cf46004bd8
Make the servers-array in Monitor private
...
This prevents derived classes from modifying the array directly,
which would be unsafe.
2019-05-21 10:58:24 +03:00
76399200f4
Fix assertion on client SSL read
...
When SSL is enabled, the protocol seems to get zero byte reads which
result in a null GWBUF being passed to gwbuf_length.
2019-05-20 15:46:52 +03:00
e5a49a2f7b
MXS-2483: Take SSLContext into use in binlogrouter
2019-05-20 15:45:19 +03:00
82add11e86
MXS-2483: Take SSLContext into use
...
SSLContext is now used everywhere except the binlogrouter which still
allocates the contexts itself. Fixing the binlogrouter's misuse of
internal structures is a rather large undertaking and for this reason the
SSLContext will be taken into use there in a separate commit.
2019-05-20 15:45:18 +03:00
1197bd40db
MXS-2483: Move unwanted SSL code to mysql_client.cc
...
The code was only used by mysql_client.cc and should therefore be located
in it.
2019-05-20 15:45:18 +03:00
cab336ed89
MXS-2483: Rename SSL_LISTENER to mxs::SSLContext
2019-05-20 15:45:18 +03:00
650230455a
MXS-2169 Allow unsafe failover when 'enforce_simple_topology' is on
...
If gtid of master is unknown (as is typical when master is down when MaxScale
starts) the domain id is guessed from the slaves instead. This is usually
safe.
2019-05-20 10:43:54 +03:00
