Commit Graph

299 Commits

Author SHA1 Message Date
f65c890287 MXS-2049: Forward client credentials to backend server
Instead of requesting another set of credentials, the client credentials
are simply forwarded to the backend MariaDB server.
2018-10-02 09:44:01 +03:00
9278da1f54 MXS-2067: Remove spinlock.h
Removed the spinlock.h header and replaced with plain pthread types and
functions.
2018-09-28 12:18:24 +03:00
e5a0b4e9bb Merge branch '2.2' into develop 2018-09-21 14:18:15 +03:00
60915f847f MXS-2064: Log workaround for grant problems with MariaDB 10.2.10
When the 10.2 users query is executed with a MariaDB server older than
10.2.11, the query will fail due to inadequate grants on the 'users' table
generated as a part of the CTE. To work around the issue, a SELECT grant
on the whole mysql database is required. Logging the server where the
query fails also helps resolve the problem by pointing out where the grant
needs to be added.
2018-09-21 11:14:45 +03:00
71ffef5708 Partially revert 4ba011266843857bbd3201e5b925a47e88e1808f
Add back leading operator enforcement.
2018-09-20 15:57:30 +03:00
d8d0b1a29c Merge branch '2.2' into develop 2018-09-20 12:21:53 +03:00
8c2f6aafcc MXS-2060: Load users from only valid servers
Users should only be loaded from a server if it is running and not in
maintenance.
2018-09-19 20:32:39 +03:00
7ec2f77708 Merge branch '2.2' into develop 2018-09-12 23:18:08 +03:00
fd176c4122 Merge branch '2.2' into develop 2018-09-11 12:57:19 +03:00
889877c0ab MXS-1947: Add support for composite roles
Added support for composite roles for 10.2 and newer versions. As
recursive CTEs are required to extract the role mappings, composite roles
aren't supported on 10.1.
2018-09-10 21:47:47 +03:00
d11c78ad80 Format all sources with Uncrustify
Formatted all sources and manually tuned some files to make the code look
neater.
2018-09-10 13:22:49 +03:00
c447e5cf15 Uncrustify maxscale
See script directory for method. The script to run in the top level
MaxScale directory is called maxscale-uncrustify.sh, which uses
another script, list-src, from the same directory (so you need to set
your PATH). The uncrustify version was 0.66.
2018-09-09 22:26:19 +03:00
8b653133a7 Add shutdown detection
The maxscale_is_shutting_down function is used to detect when MaxScale
should stop. This fixes a race condition in the code where the workers has
not yet been initialized but a termination signal has been received. It
also replaces the misuse of the service_should_stop variable with a proper
function.
2018-08-29 11:06:11 +03:00
3f53eddbde MXS-2020 Replace ss[_info]_dassert with mxb_assert[_message] 2018-08-22 11:34:59 +03:00
b1e405442f MXS-2020 Replace ss_debug with MXB_AT_DEBUG 2018-08-22 11:34:06 +03:00
24ab3c099c Move top of the file "#pragma once" to after the following comment (swap them). If the comment is a BPL update it to the latest one 2018-08-21 13:13:15 +03:00
d428292ec0 Add workaround to building tests without all dependencies
The system tests can be build even if not all of the dependencies for
MaxScale are met.
2018-08-20 13:56:58 +03:00
cf0aeed516 MXS-2014 Rename log_manager.h to log.h
There's nothing resembling a manager anymore.
2018-08-17 10:59:37 +03:00
ae43e4f0f2 MXS-2013 Remove all CHK_-macros 2018-08-15 09:28:04 +03:00
8fd1648217 MXS-2013 Remove skygw_chk_t 2018-08-15 09:28:04 +03:00
9538dbb37f MXS-1929: Take serialization helpers into use in service
The service configuration serialization now uses the helper functions from
config.hh. This fixes the failing test mxs1731_old_persisted_config and
improves the readability of persisted configuration files.

Converted parameters into booleans that were used like booleans. This
forced the removal of the automatic enabling of
localhost_match_wildcard_host but since it has been enable by default,
this change should have no practical effects.

In addition to the clarification of the persisted configurations, this
change will limit the negative side-effects of changing a configuration
value in the main configuration file after a runtime modification has been
made. If a value has not been modified at runtime, changes to it in the
main configuration will take effect.

Previously, a runtime modification prevented all further manual changes to
the configuration file. Although in theory this sounds good, in practice
this does very little to improve the situation: The only reliable way to
change a parameter after a runtime modification is to do it via the REST
API (or MaxAdmin).
2018-08-14 21:51:58 +03:00
f14380243b Rename cppdefs.hh to ccdefs.hh
For obvious reasons; the c++ suffix is .cc and not .cpp
2018-08-10 07:50:18 +03:00
b20decfe1c MXS-1929: Output const strings from serviceGetUser
The values aren't meant to be modified by the caller.
2018-08-06 21:20:29 +03:00
359f61c73b Improve shutdown signal safeness
The signal handler no longer acquires the service list lock which removes
a number of deadlock possibilities from the shutdown process. Instead, a
global shutdown flag is set that serves the same purpose as the individual
service shutdown flags did.
2018-08-01 16:48:05 +03:00
00c107e051 Resolve authenticator symbols at compile time
Resolving the symbols at compile time prevents runtime problems.
2018-07-31 09:41:13 +03:00
fbce38878b Turn server status macros to functions 2018-07-25 11:19:47 +03:00
bfd3d2975d Merge branch '2.2' into develop 2018-07-06 14:56:19 +03:00
f44d305a46 MXS-1949: Fix user injection warning
If a service has no active servers and users are injected, a warning would
be logged. This is a misleading warning if the service has no servers and
should only be logged if the failure to load any users is an unexpected
situation.
2018-07-05 12:49:46 +03:00
2e88ce4132 Merge branch '2.2' into develop 2018-07-04 22:01:01 +03:00
3f9a204116 Log unknown users and wrong passwords separately
If authentication fails due to a wrong password, a different error message
is logged. This should help resolve problems with user management.
2018-07-04 13:51:09 +03:00
44ef4912e8 Merge branch '2.2' into develop 2018-07-03 21:13:41 +03:00
ed068f4d93 Expand authentication failure log message
If the authentication failure was due to a missing database, this extra
information can be logged. This will help cases where users are using
databases that do not exist.
2018-07-03 02:08:24 +03:00
cc0299aee6 Update change date of 2.3 2018-06-25 10:07:52 +03:00
75ddfe4c14 Merge branch '2.2' into develop 2018-06-21 14:02:00 +03:00
0f61c4b6a4 MXS-872: Also check that mysql.user.default_role exists
The column is used so it should be checked that it exists. Also
altered the SQL to use statements that do not return resultsets.
2018-06-21 14:00:29 +03:00
396f5d96c2 Merge branch '2.2' into develop 2018-06-20 14:43:03 +03:00
14e03613a0 MXS-872: Use the new query only when privileges are OK
If the service user does not have adequate grants to the mysql tables, the
legacy query is used. This prevents an upgrade failure when the user was
lacking the new privileges.
2018-06-20 14:41:56 +03:00
6278f27ab6 Merge branch '2.2' into develop 2018-06-20 10:26:29 +03:00
b018781764 MXS-872: Add support for roles
The users query for the MySQLAuth now handles users with default roles.
2018-06-19 12:52:00 +03:00
d0c74b5c8f MXS-421 Log event in case of authentication failure
- CDC authenticator
- MySQL authenticator
- PAM authenticator
2018-06-18 11:32:50 +03:00
1c9e03ec9c Merge commit '18f51eba795f70c35faa2c6767bfda72213e8aae' into develop 2018-06-15 14:40:22 +03:00
18f51eba79 Disable SQLite journal
The SQLite journal is not needed since the databases are created in-memory
and are thread-specific.
2018-06-15 11:16:27 +03:00
2e8c19f6be Merge branch '2.2' into develop 2018-05-21 10:06:20 +03:00
7af9a500ac MXS-1853: Treat MySQL 8.0 as 5.7 in authenticators
Using the MySQL 5.7 syntax is required to get the authenticators to work
with 8.0.
2018-05-21 09:50:44 +03:00
7e9062f20f Merge branch '2.2' into develop 2018-05-16 09:31:13 +03:00
521cce7c17 Refresh users on failed reauthentication
If the reauthentication of a client that is performing a COM_CHANGE_USER
fails, the users need to be reloaded. Without the reloading, the
reauthentication will fail if new users were added after the last loading
of users.
2018-05-15 10:15:32 +03:00
4b988d99a1 Print error descriptions when a PAM function fails 2018-05-14 12:35:54 +03:00
75eded4b89 Merge branch '2.2' into develop 2018-05-14 11:24:09 +03:00
ec4569497e Merge branch '2.1' into 2.2 2018-05-14 10:14:16 +03:00
7d784001df MXS-1628: Respond with correct error to malformed packets
If the client sent a malformed authentication response packet, MaxScale
would interpret that as failed authentication.
2018-05-10 22:24:39 +03:00