Under heavy load some of the basic network operations could fail which led
to some of the allocated memory to leak.
Also the backend protocol never freed the current protocol command if it
was not completed. This would happen if a user executed a session command
as the first command but backend authentication would fail.
The authentication code did not initialize one of the buffers used to
calculate the password hashes. This resulted in the use of uninitialized
memory when the user provided no password.
If a Galera cluster drops down to a single node, the last node would not
be considered valid. During the failure of the second to last node, the
master would also temporarily lose the master status.
The behavior was changed to always keep the cluster UUID until the cluster
size drops down to zero. This guarantees that the same cluster is used as
long as possible.
If the client sends two different sets of capability bits during the
authentication phase of an SSL enabled connection, both sets need to be
combined. This prevents capabilities from degrading mid-connection which
is the case when Oracle Connector/J drops the SSL capability bit
mid-authentication.
If the service doesn't require collection of complete packets, the user
reauthentication done with COM_CHANGE_USER would be skipped. This caused
the change_user test to fail.
By temporarily switching to full packet collection mode for the duration
of the COM_CHANGE_USER, we avoid duplicating the code for the streaming
router types.
When the connection to the master is broken, the session is not configured
to use the read-only modes and the monitor can still connect to the
server, the connection will be closed and and error is sent to the
client. To leave some trace of this problem in the MaxScale logs, a
message should always be logged when a network error occurs.
The NULL values were not stored as NULL Avro values due to the fact that
the file format has no native NULL-ness for the basic types. To solve
this, all values must be stored as a union that contains the actual type
as well as the null type.
Unions were not implemented in the maxavro library but implementing means
simply recursing one level down.
If the query statement is wrongly treated as a table creation statement it
could cause a crash. To handle this, unknown SQL is now reported and the
processing is stopped early. This does not solve the root cause of the
problem but makes it possible to detect it in the future.
* Update galeramon.c
support wsrep_sst_method "xtrabackup-v2" for available_when_donor maxscale option
* reformat line to fit <=110 chars / support xtrabackup-v2 sst method
The admin files are now created with 640 permissions and automatically
created directories now properly set the permissions for the group as
well. All files and directories created by avrorouter and binlogrouter
also now correctly limit the read and write permissions only to the owner
and the group.
If a 10.2.11 or older server without a grant on all mysql tables is found,
the authenticator now falls back to the 10.1 behavior that uses subqueries
instead of CTEs. This is a more user friendly way of working around
MDEV-13453 that causes the problem as all functionality except the support
for composite roles is retained.
If the password field in mysql.user is empty, it is possible that the
actual password is stored in the authentication_string field. Most of the
time this happens due to MDEV-16774 which causes the password to be stored
in the authentication_string field.
Also added a test case that verifies the problem and that it is fixed by
this commit.
Instead of looking at the server version, the actual error message should
be inspected. This guarantees that the correct error message is logged
even with custom builds.
The intention was to send the lowest backend version string automatically
to the client instead of the default handshake version. This did not work
as the service version string was used instead of the server version.
When a connection to a server is lost and the session command history is
disabled, the session will continue as long as at least one connection is
open. Previously the open connection calculation used the same code that
was used when a new session was created which only inspected the
configured server count instead of the actual open connection count.
The table creation was not detected as the function used to extract the
table name did not return the fully qualified names. Even if it did return
a fully qualified name, it wouldn't have been correctly processed.
When a read-only transaction fails due to a connection error, no message
would be logged. Also added an info level message for the case when a
backend connection would get closed before the session is in the correct
state and a debug assertion that the router session should never be closed
when the handleError method is called.
If the log file is successfully opened, both stdout and stderr are
redirected to it. This helps catch ASAN reports without having to read the
system journal files.
As the output is redirected to a file, some of the output was made visible
only in non-daemon mode. This helps keep the log file clean and readable.
The client connections had the Nagle algorithm enabled which could cause
bad performance with smaller workloads. The common network configuration
code in utils.cc, currently used by the backend connections, sets it
properly.
The debug assertion is wrong as the code was changed to prioritize hints
over the router target selection. Also removed the superficial check for
master, slave and relay master states as they are implied by the fact that
the connection is in use.
The collection of resultsets needs to be disabled by default when a
response is received to cover the cases where an error is returned.
The collection of results should also not be set for queries that do not
generate any responses.
When the 10.2 users query is executed with a MariaDB server older than
10.2.11, the query will fail due to inadequate grants on the 'users' table
generated as a part of the CTE. To work around the issue, a SELECT grant
on the whole mysql database is required. Logging the server where the
query fails also helps resolve the problem by pointing out where the grant
needs to be added.
When the setting up of filters for a session fails, the DCB is closed and
the client DCB's session pointer is set to NULL. This needs to be checked
in the schemarouter before the `m_client->session` pointer is used.
The act of setting the session pointer to NULL should not be necessary as
the session is freed once the reference count drops down to zero. Due to
the fact that changing this would require moderate changes in session code
means that it should not be done in a patch release as the risks are too
high.
This is somewhat questionable, as the slaves won't be able to really
replicate from the new master. However, not doing this causes the wrong
master to be selected after failover unless the new master has a majority
of slaves under it.
Added support for composite roles for 10.2 and newer versions. As
recursive CTEs are required to extract the role mappings, composite roles
aren't supported on 10.1.
