hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
14,131 Commits 1 Branch 0 Tags
fdfbf3e1330192c07a53dbde10f7c713e96615e6
Commit Graph

79 Commits

Author SHA1 Message Date
Johan Wikman
fdfbf3e133 Update 2.4.3 change date 2019-11-05 12:21:00 +02:00
Johan Wikman
861e27eb00 Merge branch '2.3' into 2.4 2019-10-29 14:04:31 +02:00
Johan Wikman
df6c56e7ca Update 2.3.13 Change Date 2019-10-29 12:51:31 +02:00
Esa Korhonen
6edbd52324 MXS-2642 Do not re-test a pam-service for a given user 
Because of how the user-data was read, the same service name could be
found multiple times if the user-search query matched multiple rows. Now
the service names are read to a set, which ignores duplicates. The same
service may be attempted again if the authentication fails and user-data
is fetched again.
 2019-09-04 17:31:10 +03:00
Esa Korhonen
45ed3e085f Merge branch '2.3' into 2.4 2019-08-14 17:40:30 +03:00
Esa Korhonen
72ce2d2bc1 MXS-2633 Fix PAM authentication support with server version 10.4 
The new server pam plugin does not always send the first password prompt with the
AuthSwitchRequest-packet. In this case the server expects the client (MaxScale) to
just send the password immediately. MaxScale now checks the length of the packet,
sending the password if the packet is short. This works with both old and new server
versions.
 2019-08-13 17:15:45 +03:00
Esa Korhonen
0996b9217a MXS-2544 Check roles in PAM authenticator 
Also re-adds anonymous user support.
 2019-07-16 11:36:11 +03:00
Esa Korhonen
d0e18b165a MXS-2544 Use separate sqlite tables for user authentication data 
The data is now split into three tables similar to the server.
 2019-07-16 10:59:15 +03:00
Esa Korhonen
f752f139ba MXS-2544 Add utility class for handling SQLite 
Preparation and cleanup for adding more data to handle user roles in PAM
authenticator.
 2019-07-16 10:58:47 +03:00
Marko
e45dcb6d8a Merge branch '2.3' into 2.4 2019-07-05 10:39:03 +03:00
Marko
edbbafc2e9 MXS-2502 Fix access denied when connecting to 'information_schema' 2019-07-05 10:37:31 +03:00
Esa Korhonen
5dca53f877 Merge branch '2.4.0' into 2.4 2019-06-28 17:58:01 +03:00
Esa Korhonen
3b39d42d3b Merge branch '2.3' into 2.4 2019-06-27 18:56:25 +03:00
Esa Korhonen
166d26ff13 Avoid using SQLITE_OPEN_URI 
Centos6 uses a very old version of SQLite without support for URI filenames.
PAM authenticator must use a file-based database.

Commit cherry-picked to 2.4.0 from 2.3.
 2019-06-27 15:18:49 +03:00
Esa Korhonen
d8790fa3e7 Merge branch '2.2' into 2.3 2019-06-27 14:20:42 +03:00
Esa Korhonen
b4289224de Avoid using SQLITE_OPEN_URI 
Centos6 uses a very old version of SQLite without support for URI filenames.
PAM authenticator must use a file-based database.
 2019-06-27 13:59:05 +03:00
Johan Wikman
0ba779d5a2 Update 2.4.0 Change Date 2019-06-25 10:11:55 +03:00
Johan Wikman
2ab9aa9a94 Update 2.4.0 Change Date 2019-06-25 09:19:55 +03:00
Esa Korhonen
cf866a6a57 Merge branch '2.2' into 2.3 2019-06-14 10:49:51 +03:00
Esa Korhonen
acfaae9d46 MXS-2480 Use in-memory-database in PAM authenticator 
This was already fixed in develop, but the fix is both small and useful
so should be backported.
 2019-06-13 17:47:08 +03:00
Esa Korhonen
4efa9dbeea Remove maxscale/alloc.h 
The remaining contents were moved to maxbase/alloc.h.
 2019-06-10 14:11:25 +03:00
Esa Korhonen
3b60bf00e1 Merge branch '2.3' into develop 2019-05-29 18:41:50 +03:00
Esa Korhonen
442d8bed9a MXS-2479 Add username and host to PAM authenticator log messages 2019-05-29 17:32:27 +03:00
Markus Mäkelä
3af66f3309 MXS-2483: Take SSLProvider into use 
Servers and listeners now have a SSLProvider member variable that is used
for all SSL related tasks.
 2019-05-24 15:33:17 +03:00
Markus Mäkelä
8a4b58d52c MXS-2483: Move SSL configuration into SSLConfig 
This way the configuration information can be accessed without the
SSLContext.
 2019-05-24 15:33:17 +03:00
Esa Korhonen
bed28db3fd Merge branch '2.3' into develop 2019-05-24 13:55:47 +03:00
Esa Korhonen
a1697e2aa6 MXS-2479 PAMBackendAuth is more tolerant of extra messages. 
The authenticator can now receive additional questions from the server even
after the original password-query.
 2019-05-24 11:31:55 +03:00
Markus Mäkelä
3b8e28392e MXS-2483: Make server SSL private 
The old server_ssl member is now renamed and private. The ssl_context and
set_ssl_context methods provide access to it.
 2019-05-24 10:05:42 +03:00
Esa Korhonen
bd8aa64547 MXS-2479 Accept additional messages in PAM authenticator 
Plugins may send additional messages during authentication. These messages
often contain notifications such as password expiration dates. Both the client
and backend side authenticators now handle such messages. The messages are not
sent to the user, only the log. The requirement that only "Password: " is queried
still stands.
 2019-05-23 14:14:25 +03:00
Marko
004e8e638f MXS-2480 Fix creating of the in memory sqlite3 databases in PAMAuth 
SQLITE_OPEN_URI flag was missing causing the databases to be created in
disk instead of in memory. Also added info level log message from created
database in clustrixmonitor.
 2019-05-20 09:11:58 +03:00
Markus Mäkelä
6625c1296b Format authenticator and protocol modules 2019-05-10 10:31:12 +03:00
Esa Korhonen
74634abc80 MXS-1662 Move PAM authentication function into maxbase 
The same code can be used for REST-API authentication.
 2019-04-09 14:41:40 +03:00
Esa Korhonen
afe41c38ed Merge branch '2.3' into develop 2019-02-20 10:33:14 +02:00
Esa Korhonen
48a6ab503e MXS-2292 PAM authenticator detects anonymous users with defined hosts 
This allows anonymous user mapping from well-defined hosts.
 2019-02-19 10:40:23 +02:00
Johan Wikman
1fed465fdb MXS-2246 Remove duplicate info in SERVICE and Service 
Both of them contained fields for the service and router names.
Now the names are in SERVICE and they must be accessed via member
function.
 2019-02-14 15:24:10 +02:00
Esa Korhonen
3b55893a20 Combine maxscale/buffer.h with maxscale/buffer.hh 2019-01-17 12:37:40 +02:00
Esa Korhonen
684ec3288b Rename and cleanup authenticator.h 2019-01-14 15:07:33 +02:00
Markus Mäkelä
f0f9c21d1c Merge branch '2.3' into develop 2019-01-07 10:54:42 +02:00
Esa Korhonen
40485d746c MXS-2220 Change server name to constant string 2019-01-03 12:13:15 +02:00
Markus Mäkelä
26da72a41f Merge branch '2.2' into 2.3 2019-01-03 09:23:16 +02:00
Markus Mäkelä
04dd05b262 MXS-2231: Move TLS handshake code into MariaDBClient 
The code is now in the correct place and TLS connections with all
authenticators should now work.
 2019-01-02 19:29:41 +02:00
Johan Wikman
c0c9a9858d MXS-2197 Rename maxscale/log.h to maxscale/log.hh 
In files either include maxscale/log.hh or remove include entirelly
as maxscale/ccdefs.hh includes it.
 2018-12-10 12:58:17 +02:00
Esa Korhonen
9f721f725e MXS-2205 Convert maxscale/protocol/mysql.h to .hh 2018-12-05 11:12:20 +02:00
Markus Mäkelä
ad12ff6d06 MXS-2196: Rename dcb.h to dcb.hh 2018-12-04 11:50:43 +02:00
Markus Mäkelä
a10b6c2e89 MXS-2196: Take Listener into use 2018-12-04 11:39:52 +02:00
Markus Mäkelä
39f668ff3c MXS-2196: Rename SERV_LISTENER to Listener 2018-12-04 11:39:52 +02:00
Esa Korhonen
d9ae298102 MXS-2205 Combine maxscale/server.h with maxscale/server.hh 
The server-struct is still used in several .h-files.
 2018-12-03 16:47:27 +02:00
Esa Korhonen
3e5818fcb6 MXS-2205 Convert mysql_utils.h to .hh 2018-12-03 14:05:21 +02:00
Markus Mäkelä
77585bdb8c MXS-2197: Make config.h and service.h C++ headers 
This is the first step into converting the other headers into C++.
 2018-11-30 12:15:57 +02:00
Markus Mäkelä
75ea1b6ea1 Fix formatting of new(std::nothrow) 
The code previously formatted everything as `new( std::nothrow)`.
 2018-10-04 21:50:44 +03:00