Commit Graph

7770 Commits

Author SHA1 Message Date
eda547c86f MXS-1851: Add hard-coded protocol module check
This way a hard to track crash is avoided and the user knows how to fix
it.
2019-05-24 13:55:43 +03:00
a1697e2aa6 MXS-2479 PAMBackendAuth is more tolerant of extra messages.
The authenticator can now receive additional questions from the server even
after the original password-query.
2019-05-24 11:31:55 +03:00
bd8aa64547 MXS-2479 Accept additional messages in PAM authenticator
Plugins may send additional messages during authentication. These messages
often contain notifications such as password expiration dates. Both the client
and backend side authenticators now handle such messages. The messages are not
sent to the user, only the log. The requirement that only "Password: " is queried
still stands.
2019-05-23 14:14:25 +03:00
8317fec745 MXS-2496: Check for ALL PRIVILEGES grant
If a user has ALL PRIVILEGES as a global privilege, it overshadows the
SHOW DATABASES grant.
2019-05-22 09:56:35 +03:00
b294acf276 MXS-2496: Fix SHOW DATABASES grant check
The code expected that the grant was given to the actual user, not a role.
2019-05-21 13:43:51 +03:00
96a477ec89 MXS-2490: Send error to client on unknown PS handle
If a client requests an unknown binary protocol prepared statement handle,
a custom error shows the actual ID used instead of the "empty" ID of 0
that the backend sends.
2019-05-17 14:13:44 +03:00
f94355770f Merge branch '2.2' into 2.3 2019-05-17 14:10:28 +03:00
bf63698991 MXS-2464: Bring back the runtime query queue check
The code that checked that only non-empty queries are stored in the query
queue was left out when the query queue fix was backported to 2.3. Since
MXS-2464 is caused by a still unknown bug, the runtime check should help
figure out in which cases the problem occurs.
2019-05-17 13:03:03 +03:00
2cd4da32a7 MXS-2494: Fix user loading queries for MariaDB 10.1+
The queries now properly check for the plugin.
2019-05-16 10:41:04 +03:00
b80aa081fe Fix test_buffer test case 2019-05-15 12:17:10 +03:00
01c4beec10 MXS-2470 Update tail pointer in gwbuf_clone 2019-05-14 13:36:33 +03:00
600e23ae2d MXS-2470 Add unit test that reveals problem 2019-05-14 13:36:33 +03:00
b10fc196a1 Fix maxinfo/maxadmin debug assertion
Both services could write to a DCB from a worker that doesn't own it.
2019-05-10 11:23:10 +03:00
1efe3e0b20 Fix avrorouter client notifications
The notifications that tell clients about new data weren't using the
correct mechanism.
2019-05-10 09:11:39 +03:00
37bfe1cd67 Never exceed persistent connection limits
By doing the persistent connection count incrementation with CAS, value
can be guaranteed to never exceed the configured limit.
2019-05-10 09:11:39 +03:00
c72dbb6f46 MXS-2448: Fix connection counts of persistent DCBs
DCBs that were closed while they were persisted were double decremented.
2019-05-09 13:53:32 +03:00
d2e49c9591 MXS-2448: Assert that connection counts never go negative
The connections should never go below zero. It seems that at least pers_01
test suffers from this.
2019-05-09 13:06:27 +03:00
567ad9b8b8 Fix galeramon regression
The comparisons were wrong: strcasecmp returns 0 for equal strings.
2019-05-09 12:30:29 +03:00
59f2145c00 Allocate blr heartbeat buffer on correct worker
The buffer was allocated on one worker and written on another.
2019-05-09 12:30:29 +03:00
788dc429f8 Do client callback on owning worker
The callback should've been done on the worker that owns the DCB instead
of the main worker.
2019-05-09 12:30:26 +03:00
b313c6d0e7 MXS-2474 Ignore attempts to re-register a housekeeper task
It is an error to register the same task multiple times, but
for a maintenance release it is simpler and less risky to simply
ignore an attempt (that BLR does) to do that.

Allowing a task to be registered anew causes behaviour akin
to a leak.
2019-05-09 10:58:35 +03:00
a652b6bd5b Add advance(int) to mxs::Buffer iterators
This makes iterating over packets in buffers faster while still
maintaining the requirements for forward iterators. Not using operator+=
makes it clear that this is not a random access iterator.
2019-05-08 10:33:27 +03:00
0638ea736e Write slave heartbeat in correct thread
The writing should be done on the worker that owns the DCB.
2019-05-08 09:44:55 +03:00
a3cf1d22c0 MXS-2457 Streamline logging 2019-05-03 13:38:12 +03:00
279edce16e MXS-2457 Add treat_string_as_field to firewall
Necessary if the firewall should be able to block columns when
'ANSI_QUOTES' as enabled and " instead of backticks are used.

Without this, the following

    > set @@sql_mode='ANSI_QUOTES';
    > select "ssn" from person;

will not be blocked if the database firewall has been configured
to block the column ssn.
2019-05-03 13:38:12 +03:00
5833c39a8a MXS-2457 Disable query classifier cache in masking
As the canonicalization is also not aware of 'ANSI_QUOTES', the
cache must be disabled if the masking filter has
'treat_string_arg_as_field' enabled.
2019-05-03 13:38:12 +03:00
fe5160a714 MXS-2457 Add 'treat_string_arg_as_field' to DB Firewall 2019-05-03 13:38:12 +03:00
3a5a8b13b9 MXS-2457 Treat string args as fields
The masking filter will now consider all string arguments to
functions to be fields. This in order to prevent bypassing of
the masking with

    > set @@sql_mode='ANSI_QUOTES';
    > select concat("ssn") from masking;

This may lead to false positives, but no can do.
2019-05-03 13:38:12 +03:00
f09d46c8e6 MXS-2457 Allow string arguments to be treated as fields
Before this change, the masking could be bypassed simply by

    > set @@sql_mode='ANSI_QUOTES';
    > select concat("ssn") from person;

The reason is that as the query classifier is not aware of whether
'ANSI_QUOTES' is on or not, it will not know that what above appears
to be the string "ssn", actually is the field name `ssn`. Consequently,
the select will not be blocked and the result returned in cleartext.

It's now possible to instruct the query classifier to report all string
arguments of functions as fields, which will prevent the above. However,
it will also mean that there may be false positives.
2019-05-03 13:38:12 +03:00
0d61522586 Fix test_adminusers
The test did not remove old inet user password files.
2019-05-02 12:53:42 +03:00
dd188962cd MXS-2427 Check all hints when routing
Now considers other routing hints if first one fails. The order is inverted compared
to e.g. namedserver filter settings because of how routing hints are stored. If all hints
are unsuccessful, route to any slave.
2019-04-29 16:49:32 +03:00
07ea6bd9ba MXS-2450: Don't discard history if it's disabled
If the session command history is not enabled, it shouldn't be discarded
when a COM_CHANGE_USER is executed.
2019-04-25 11:49:01 +03:00
7a5f11b752 Fix wrong check for wsrep_ready
wsrep_ready was check for ON/YES/1/true, but it has to be checked for OFF/NO/0/false as we are removing nodes, not joining.
2019-04-25 07:45:09 +03:00
9f7a7e473e Enable galeramon to track wsrep_desync, wsrep_ready, wsrep_sst_donor_rejects_queries and wsrep_reject_queries 2019-04-25 07:45:09 +03:00
ba79028a46 Add debug assertions into the core
The assertions make sure DCB writes and reads are only done by the thread
that owns them.
2019-04-23 11:46:38 +03:00
a8639c3226 Merge branch '2.3.6' into 2.3 2019-04-23 11:20:09 +03:00
03dc969cf2 Fix use-after-free in LocalClient
If the DCB was closed before the handshake for the LocalCliet connection
was received, the gw_decode_mysql_server_handshake would use the closed
DCB to log the connection ID. Clearing out the pointer prevents it.
2019-04-17 16:33:27 +03:00
3e04922565 MXS-2415: Fix client callbacks in arvorouter
The DCB callbacks shouldn't be used to send more events as they cause the
callback to be called recursively. The recursive calls caused rows to be
sent before the schemas for the rows were sent. Queuing the events via the
worker mechanism prevents this.
2019-04-17 16:07:05 +03:00
61f728c05a MXS-2433: Reduce default query classifier cache size
Reduced the default cache size from 40% to 15%. Most cases don't benefit
from that much memory and the defaults have caused problems in live
environments.
2019-04-17 16:07:04 +03:00
d13e6e56ee MXS-2433: Never cache multi-packet queries
If a query spans more than a single packet, it will never be successfully
classified due to the fact that the complete SQL is never available to the
query classifier. For this reason, it is pointless to cache them.
2019-04-17 16:07:04 +03:00
a4c6f3542a MXS-2315: Tokenized CS version extraction
The STL regex implementations have proven to be unreliable on older
systems and replacing the regex with hand-written code for version
extraction is less prone to break.
2019-04-17 11:17:33 +03:00
fb785d1afc Merge branch '2.3.6' into 2.3 2019-04-17 11:17:13 +03:00
d3bfe0a712 Fix handling of large result packets
The RWBackend didn't know to skip the tail end of large packets.
2019-04-17 11:16:16 +03:00
2ca9337da1 Merge branch '2.2' into 2.3 2019-04-16 16:34:57 +03:00
5ba305c2c1 MXS-2426 Do not permanently disable automatic cluster operations when they fail
Only disabled for "failcount" monitor ticks. Also turns some related log
messages to notices.
2019-04-16 11:26:34 +03:00
f8a22d0ac0 MXS-2344 Add setting for enabling SSL for replication
If the monitor setting "replication_master_ssl" is set to on, any CHANGE MASTER TO-command
will have MASTER_SSL=1. If set to off or unset, MASTER_SSL is left unchanged to match existing
behaviour.
2019-04-15 19:15:45 +03:00
bd54efbb3f Fix skip_encoded_int
A single byte integer wasn't skipped.
2019-04-15 12:18:30 +03:00
f6bd9fefa4 Move assertion after error message
Logging the internal state before the assertion makes it easier to figure
out why the assertion failed in the first place.
2019-04-15 12:07:48 +03:00
b3399dccc4 Remove useless templates from RWBackend functions
There's no need for templates as the code is only used with one
type. Changed the code to use std::advance as that might avoid a copy of
the iterator.
2019-04-12 16:31:43 +03:00
1652b18a7b Fix whitespace in canonicalized queries
Trailing whitespace was not removed and whitespace wasn't normalized to
spaces.
2019-04-12 09:18:07 +03:00