Commit Graph

28 Commits

Author SHA1 Message Date
95fd61b8dc Fix listener search functions
The functions that searched for listeners compared both sockets and
addresses in the same function. This made its use error prone and caused
false positives in some cases.
2019-05-06 19:55:31 +03:00
6caa8e55b0 MXS-2414: Send error when host is blocked
If a connection attempt is not accepted due to the host being blocked, the
protocol can now return an error message that is sent to the client. Only
mariadb_client implements this as it is the only one who calls the auth
failure methods in the first place.
2019-04-30 14:49:35 +03:00
cf86b0cb7e MXS-2414: Prototype connection attempt throttling
The RateLimit class stores authentication failure data mapped by the
client IP addresses. The authentication failures are limited
per thread. The limits are still hard-coded and at least the number of
failures should be made configurable.

The simplest, most maintainable and acceptably efficient implementation
for DDoS protection is a thread-local unordered_map. The unwanted
side-effect of "scaling" of the number of allowed authentication failures
is unlikely to be problematic in most use-cases.

As the blocking of a host is only temporary, the behavior differs from the
one in the MariaDB server. This allows the number of failures to be set to
a much lower value negating some of the problems caused by the relatively
simple implementation.
2019-04-30 14:49:35 +03:00
ea14331d18 Move DCB owner selection into Listener
The code that selects which worker to assign the DCB to is now completely
in the Listener class. This removes the need to change the ownership of a
DCB after it has been allocated.
2019-04-26 13:18:37 +03:00
510cae2fe0 Allocate DCB on owning thread
The DCB is now fully allocated on the thread that owns it. This guarantees
that the owner is always correct when it is used.

The code in poll_add_dcb still manipulates which worker the DCB is
allocated. This needs to be removed and the detection of special needs
(maxadmin, maxinfo) must be moved into the listener.
2019-04-26 11:40:30 +03:00
388e952c5f MXS-1951: Fix port conflict detection
With the addition of SO_REUSEPORT support, it is no longer possible to
rely on the network stack to prevent multiple listeners from listening on
the same port. Without explicitly checking for the ports it would be
possible for two listeners from two different services to listen on the
same port in which case the service would be almost randomly chosen.
2019-03-28 16:34:12 +02:00
df3b501563 MXS-1951: Add SO_REUSEPORT support
If SO_REUSEPORT is available and the kernel supports it, listeners will
now listen on separate file descriptors. This removes the need for
cross-worker communication when in normal operation which should make
MaxScale scale better.
2019-03-28 16:34:12 +02:00
5c7846da3f MXS-1951: Make listener fd worker-local
By storing the file descriptor inside a worker-local variable, it is
possible to handle both unique file descriptors (created with
SO_REUSEPORT) and shared file descriptors with the same code. The way in
which the file descriptor is stored in the rworker_local object determines
the way the listener behaves.
2019-03-28 16:34:12 +02:00
27cc247e47 MXS-1951: Clean up listener creation
The old values that were encoded into a string wasn't necessary as the
data is already present in a processed form in the member variables.
2019-03-28 16:34:12 +02:00
f1dcc4ac98 MXS-2304 Remove config_get_value()
Replaced with other functions.
2019-02-18 11:34:15 +02:00
45bfbbdd9e Convert maxscale/protocol.h to .hh 2019-01-15 17:26:26 +02:00
b0663f0b29 Convert maxscale/ssl.h to .hh 2019-01-15 17:12:32 +02:00
3df38bc887 MXS-2196: Make client DCB creation private to Listener
The functions that the Listener uses are now private functions. Also moved
the function documentation into the headers.
2018-12-04 11:50:43 +02:00
6cf672195a MXS-2196: Move dcb_accept into listener.cc
Moved the code into listener.cc as it's the only place where it is
used. Placed the DCB callback assignment into the DCB constructor as it
depended on static functions that were in dcb.cc.
2018-12-04 11:50:43 +02:00
b3fbc6aa3d MXS-2196: Remove DCB from Listener
Replaced the DCB with a single file descriptor that the listener listens
on and which is added to all of the workers. The Listener also extends the
MXB_POLL_DATA which allows it to handle epoll events.

Moved the code that creates the listening socket into listener.cc where it
belongs and did a minor cleanup of it.
2018-12-04 11:50:43 +02:00
45827dd433 MXS-2196: Store listener reference in DCB
By storing the reference in the DCB, the two-way dependency between the
listeners and services is severed. Now the services have no direct link to
listeners and after the destruction of a listener it will be freed once
all connections through it have closed.

Due to the fact that a listener itself has a DCB that must point to a
valid listener, a self-reference is stored in the listener DCB. This is
extremely confusing and is only here to keep the code functional until the
DCB part of the listener can be factored out.
2018-12-04 11:50:43 +02:00
e365b97c6e MXS-2196: Rename struct dcb to struct DCB
Renamed the DCB struct and removed the typedef.
2018-12-04 11:50:43 +02:00
5a79dbfb53 MXS-2196: Track listener state
The listener now tracks its own the state instead of using the session
state.
2018-12-04 11:39:53 +02:00
ccc91df0c7 MXS-2196: Pass Listener into dcb_accept
Modified the functions to use a listener instead of a DCB in the accepting
process. This removes some of the dependenices that the listeners have on
the DCB system.
2018-12-04 11:39:53 +02:00
9c679edea6 MXS-2196: Preload DCB entry points in Listener
By loading the entry points required by a DCB when the Listener is
created, the extra cost of finding the module is removed. It also
simplifies DCB creation by removing the possibility of all failures to
load modules at DCB creation time.
2018-12-04 11:39:53 +02:00
c858f7f080 MXS-2196: Use smart pointers for lifetime management
The listeners no longer internally track whether they are active or
not. All of the heavy lifting is now done by std::shared_ptr.
2018-12-04 11:39:53 +02:00
ae3763da92 MXS-2196: Replace listener_alloc with Listener::create 2018-12-04 11:39:52 +02:00
39f668ff3c MXS-2196: Rename SERV_LISTENER to Listener 2018-12-04 11:39:52 +02:00
8c847ec10d MXS-2196: Move listener functionality into member functions
Moved most of the listener related processing inside the SERV_LISTENER (to
be renamed into Listener) class.
2018-12-04 11:39:52 +02:00
1c7d5f07c3 MXS-2196: Replace raw pointers with SListener references
Replaced raw pointers in function parameter with const SListener
references. This removes the need to pass raw pointers as arguments and
all access is done via smart pointers.
2018-12-04 11:39:51 +02:00
5247c152c2 MXS-2196: Replace listener iterator
The iteration of listeners is now done via the global list of
listeners. This removes the need to have a service before a listener is
accessed which also reflects how the actual configuration is laid out. It
also guarantees that any results returned by the find functions will be
valid as long as the results are used.
2018-12-04 11:39:51 +02:00
6f9b9f5e95 MXS-2196: Store listeners in a global list
The listeners are now stored in their own list which allows them to be a
component separate from the service. The next step is to remove the
listener iterator functionality and replace it with its STL counterpart.
2018-12-04 11:39:51 +02:00
01e9f71af1 MXS-2197: Make SERV_LISTENER a C++ class
The class is still mostly the same as the old C version but it now uses
std::string instead of char pointers. Changed configuration default values
so that the parameters passed to the listener allocation are always valid.
2018-11-30 12:15:57 +02:00