When a listener is created at runtime or SSL is being enabled for an
already created listener, the ssl_verify_peer_certificate parameter can
now be defined.
Backported the minimal set of changes required to build 2.1 with GCC
8. The format-truncation and format-overflow warnings are disabled instead
of fixed in 2.1 to remove duplication of effort that was already done in
2.2 (the commit doesn't cherry-pick cleanly).
The default database was not extracted correctly as the length of the
user's name did not include the null terminator. Also the comparison for
database name length used the smaller than operator instead of the correct
larger than operator.
When the connection pool is inspected, both the client username and IP
must match. This causes the pool to be partitioned by username and IP,
prevening unintentional sharing of connections between different users.
Also, the list of release notes have been removed from the upgrading
document. The referral to the ChangeLog remains. That way, the list
of release notes need not be maintained in several places.
The test appears to hang when the `SET sql_log_bin = 0` statement is
executed. Removing this seems to fix it and is OK as that's not what the
test aims to check.
Disabling the session cache prevents errors from being generated as the
default OpenSSL configuration is to enable session caching but with an
uninitialized context ID. In addition to preventing the errors, it
prevents the possible security problems implicated by the definition a
"static" context ID.
ENGINE is a keyword but not a reserved word, so it must
silently convert into an identifier if it is used in a
context where it cannot be used as a keyword.
The test should stop MaxScale when it is fixing the replication to prevent
the triggering of the standalone master detection.
Also removed leading spaces from the messages and fixed a possible crash with a
NULL value given to `ssh_node`.
If local address has been specified, then all connections created
using mxs_mysql_real_connect() will use that same local address as
well.
A system test has not been created as our VMs do not have more than
one usable IP-address. Locally it has been verified to work as
expected.
AdressSanitizer is a lightweight memory error detector that instruments at
compile time instead of at execution time. This allows serious memory
errors to be detected without the cost of slowing down the whole program
that often happens when Valgrind is used. It is also easier to enable for
test runs as it is a simple compiler flag.
This is a cherry-pick of fb9b027842a7b65c4826455cd34d88e2f5f28e79 from the
2.2 branch.
When MaxScale is starting, the loading of the listeners can take a while
if there are a large number of services and users to load. To signal this
to the user, progress messages should be logged after every service is
started.
