The HTTPD protocol mistakenly assumed that the `authenticator` parameter
of a listener would be NULL if the default authenticator is used.
Recent changes modified it so that the value is never NULL and
`NullAuthDeny` would be used for protocols which did not implement the
auth_default entry point.
When a DESCRIBE <table> or a SHOW COLUMNS IN <table> query is done, the
actual query is performed on tables in the information_schema
database. This might be what actually happens on the backend server but
this information is not really useful when we need to know which database
the query targets.
By passing the actual table names instead of the underlying table names,
the schemarouter is able to detect where these statements should be
routed.
Common capabilities are now defined in routing.h. The common
capabilities can be defined using bits 0 - 15.
Router capabilities are defined using bits 16-31 and filter
capabilities (should there ever be such) using bits 32-47.
So, to find out the capabilities of a service you only need to
OR the capabilities of the router and all filters together.
For instance, if a single filter needs statement based routing,
then that is what is done.
The release notes now mention that the caching is done by the
authenticators, not by the core. It also mentions that only MySQLAuth
implements this functionality.
Added notes to binlogrouter documentation about the changes to the loading
and storing of users.
Cleaned up MySQL-Authenticator document to make it a bit easier to read.
Doing the checksum matching after memory is allocated and all the work is
done is not very efficient. A simpler solution is to always replace the
users when we reload them.
Replacing the users every time the service users are reloaded will not
cause a degradation in performance because the previous implementation
already does all the extra work but then just discards it.
A faster solution would be to first query the server and request some sort
of a checksum based on the result set the users query would
create. Currently, this can be done inside a stored procedure but it is
not very convenient for the average user. Another option would be to
generate a long string with GROUP_CONCAT but it is highly likely that some
internal buffer limit is hit before the complete value is calculated.
The path that was given as the option for the cache directory wasn't
properly checked for terminating forward slashes. Due to this, the cache
file was created with the wrong name.
The dbusers.c was a MySQL protocol specific file which was used directly
by some of the modules.
Added a new return value for the loadusers authenticator entry point which
allows fatal failures to occur when users are loaded. Currently this is
only taken into notice when the service is first started. If a listener
later returns a fatal error, it is only logged but the service stays in
operation.
Moved the MySQLAuth authenticator sources and the tests that relate to
this module into a subdirectory in the authenticator
directory. Eventually, all authenticators could have a subdirectory of
their own.
The MySQL authenticator now injects the service user into the list of
allowed users if loading of database users fails. This allows the removal
of common code in the binlogrouter and maxinfo modules.
This tracks only what is explicitly set. That is, if autocommit
has been set true then, even if a transaction is started, autocommit
will not be set false.
That is, a user of the session autocommit and transaction states
need to be aware of their semantics. If a transaction is active,
then the state of autocommit is irrelevant.
When a MySQL SSL connection is made, the first packet from the client will
contain the SSLRequest packet. This packet is a truncated normal auth
packet and the real auth packet will be sent after SSL has been
established.
The MySQLClient protocol should read the client information for SSL
connections after SSL has been established.
When a client without SSL connected to a listener which requires SSL, the
error message always used the package sequence number 3 even if the
response was the second packet.
Also fixed debug assertions which failed when non-SSL connections were
created to SSL listeners.
Now more information about a transaction start is provided. When
a transaction start statement is parsed, the type of the statement
with be QUERY_TYPE_BEGIN_TRX anded with QUERY_TYPE_READ or
QUERY_TYPE_WRITE if the transaction was explicitly started as READ
ONLY or READ WRITE.
Now also BEGIN WORK and [COMMIT|ROLLBACK] WORK are recognized.
"AND CHAIN" will still need to be recognized.
- Since the capabilities are a bitmask, it is better if an unsigned
integral type is used.
- Since the function is part of an ABI, it is better if an explicit
size is used.
- 64-bits so that there also is room for independent filter
capabilities.
The MySQLAuth authenticator can now store the cached credentials in a
custom location. This is intended for the binlogrouter, which currently
uses a different location for the user cache.
The MySQL authentication modules now have their own document in the
Authenticators directory. Right now this document only describes the
general details of the MySQL authentication and the new option.
The default character set should be copied from the server so that
MaxScale appears to be the same. This fixes problems where utf8mb4
couldn't be taken into use because MaxScale would always send latin1 as
the server charset.
Added find_package module for CMake which locates the Jansson libraries
and headers. This will make dependency checking easier and prevents build
failures due to missing dependencies.
The maxavro requires some special libraries which aren't always
available. For this reason, the maxavro library shouldn't be build unless
all libraries are available.
The client protocol module now extracts the information that is relevant
for all modules. Currently this information consists of the client
capabilities, character set, username and default database.
The GSSAPI client side authenticator now loads a list of users that are,
for the time being, logged at info level. The next step is to store this
information in the listener's user hashtable.
In a subsequent change, the includes of server/core/*.c will be
cleaned up, and if there is a common set of include files, needed
by most, then a server/core/maxscale/core.h that includes those
will be introduced.
MAX_BUFFER_SIZE, which is used for limiting the amount of the data
read from a socket renamed to MXS_MAX_NW_READ_BUFFER_SIZE and moved
from gw.h to limits.h.
Consider removing altogether. Difficult to justify since non-blocking
reads are used and the amount of available data is known.
When a master server is set into read-only mode, it can be treated as an
always up-to-date slave. This gives us a somewhat graceful way to prevent
writes to a master.
Usually setting the master into read-only mode is done before a change in
the replication topology to prevent stray writes arriving on the
master. MaxScale should respect the read-only mode and not send any writes
to a server that's in read-only mode.
When the readwritesplit can't locate the master server when it's checking
the list of available servers, it logs an error if the original master
reference isn't in a valid state. This error should only be logged if the
server is in use but in an unexpected state.
Gw.h contained a fair amount of obsolete function declarations,
duplicate declarations of functions declared in utils.h and
declarations of functions that conceptually are similar to those
in utils.h.
The obsolete and duplicate ones were removed and all but one of
the remaining moved to utils.h. Correspondingly the implementation
was moved from gw_utils.c to utils.c.
The one remaining function - gw_daemonize() - is not really worthy
of a file of its own, so that is to be moved to gateway.c after which
gw_utils.c can be removed.
Gw.h still contains defines that are duplicated in
maxscale/protocol/mysql.h. The ones in gw.h are to be removed. It
appears that the entire gw.h will disappear.
The general purpose stuff in skygw_utils.h was moved to utils.h
and the corresponding implementation from skygw_utils.cc to utils.c.
Includes updated accordingly.
Skygw_utils.h is now only used by log_manager and by mlist, which
is only used by log_manager. Consequently, skygw_utils.h was moved
to server/maxscale.
Utils.h needs a separate overhaul.
Made the packet sequence number handling automatic so that it always uses
the correct one.
All functions now have documentation in them. Cleaned up code and added
comments to GSSAPI code.
