hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
484ff06795adafa05f40cb1a686f3e2c9d2086d5
MaxScale/maxscale-system-test/masking_auto_firewall.cpp
Timofey Turenko e1fc0b8734 Squashed commit of the following: 
commit 48a0b902b67da46f1eed4afa687bdcb56b59d02f
Author: Timofey Turenko <timofey.turenko@mariadb.com>
Date:   Mon Dec 16 15:35:07 2019 +0200

    Increase timouts in the mxs173_trottle_filter test

commit 81d8083a89421a8004b8024d480ae0f35d715b86
Author: Timofey Turenko <timofey.turenko@mariadb.com>
Date:   Mon Dec 16 14:19:39 2019 +0200

    Increase timeouts in max1071_maxrow test

commit e1039c6132f0e9274b8801165f3f905ede7c9421
Author: Timofey Turenko <timofey.turenko@mariadb.com>
Date:   Mon Dec 16 00:06:53 2019 +0200

    Remove hardcoded 'home/vagrant/' from all maxscale.cnf in system tests

commit 28c8029e060afdcf5159bf802b13dcd5e484d9f1
Author: Timofey Turenko <timofey.turenko@mariadb.com>
Date:   Sun Dec 15 21:31:34 2019 +0200

    Use private IP for Galera congiguration in maxscale-system-tests

commit 66dc36cbf43a5fb92465df31e1295e82865be1fc
Author: Timofey Turenko <timofey.turenko@mariadb.com>
Date:   Sun Dec 15 09:06:28 2019 +0200

    Fix typos in fwf_*.cpp

commit 44c7a4384ddf39596c0254c955aeb6c008a00a35
Author: Timofey Turenko <timofey.turenko@mariadb.com>
Date:   Sun Dec 15 09:05:26 2019 +0200

    Fix typos in fwf_*.cpp

commit 2649017611908a8b0d27090f49722947ac31c4f4
Author: Timofey Turenko <timofey.turenko@mariadb.com>
Date:   Sun Dec 15 09:03:41 2019 +0200

    Fix typos in fwf_*.cpp

commit 5cc87658523e8496eaab17700be8a821af5b0cde
Author: Timofey Turenko <timofey.turenko@mariadb.com>
Date:   Sat Dec 14 23:54:53 2019 +0200

    Fix typo in fwf_copy_rules.cpp

commit fb1accc36cb9d79691469f63cb4535f3bc38dedd
Author: Timofey Turenko <timofey.turenko@mariadb.com>
Date:   Sat Dec 14 23:52:51 2019 +0200

    More hardcoded 'vagrant' removals

commit 77e49d474b4abe767629ff87b01f08137773d761
Author: Timofey Turenko <timofey.turenko@mariadb.com>
Date:   Sat Dec 14 23:35:09 2019 +0200

    Fix hardcoded 'vagrant' user in fwf* tests

    Several firewall filter tests has hardcoded 'vagrant' as a user name for
    access user on the VM. Changed to node->access_user.

commit ed5ab1487f37822db6a7478f76c0f3652776c389
Author: Timofey Turenko <timofey.turenko@mariadb.com>
Date:   Sat Dec 14 22:50:35 2019 +0200

    Fix IP vs IP_private

    Many tests use IP instead of IP_private which makes them failed in the
    AWS or GCloud environment.
    The same applies to get_conn_num() etc functions.

commit 0558aac23d303a675dc12d05b1766e698753b444
Author: Timofey Turenko <timofey.turenko@mariadb.com>
Date:   Thu Aug 15 12:02:01 2019 +0300

    fix IP -> IP_private for some mysqlmon* testst

commit 5d9c70970d970eb995c8774d0088bd1c54ab76fe
Author: Timofey Turenko <timofey.turenko@mariadb.com>
Date:   Sat Dec 14 20:20:51 2019 +0200

    Replace IP to IP_private in the maxscale-system-tests

commit b06cf3329af59ff100748691991213fe639f29e6
Author: Timofey Turenko <timofey.turenko@mariadb.com>
Date:   Tue Nov 19 11:52:33 2019 +0200

    Remove spaces from value which were read from *_network_config

    MDBCI can put spaces around values in the *_network_config file which
    can cause ssh connection failures in the tests. To fix it removing all
    spaces from all values which were read from *_network_config

commit b3904f019847ef1db9d4ec9714ad9ef869fa0b01
Author: Timofey Turenko <timofey.turenko@mariadb.com>
Date:   Thu Dec 12 23:36:31 2019 +0200

    Increate default timeout for all system tests
2019-12-16 15:41:52 +02:00

208 lines
7.0 KiB
C++
Raw Blame History

/*
* Copyright (c) 2016 MariaDB Corporation Ab
*
* Use of this software is governed by the Business Source License included
* in the LICENSE.TXT file and at www.mariadb.com/bsl11.
*
* Change Date: 2023-10-29
*
* On the date above, in accordance with the Business Source License, use
* of this software will be governed by version 2 or later of the General
* Public License.
*/
#include <iostream>
#include "testconnections.h"
using namespace std;
namespace
{
void init(TestConnections& test)
{
MYSQL* pMysql = test.maxscales->conn_rwsplit[0];
test.try_query(pMysql, "DROP TABLE IF EXISTS masking_auto_firewall");
test.try_query(pMysql, "CREATE TABLE masking_auto_firewall (a TEXT, b TEXT)");
test.try_query(pMysql, "INSERT INTO masking_auto_firewall VALUES ('hello', 'world')");
}
enum class Expect
{
FAILURE,
SUCCESS
};
void test_one(TestConnections& test, const char* zQuery, Expect expect)
{
MYSQL* pMysql = test.maxscales->conn_rwsplit[0];
const char* zExpect = (expect == Expect::SUCCESS ? "SHOULD" : "should NOT");
test.tprintf("Executing '%s', %s succeed.", zQuery, zExpect);
int rv = execute_query_silent(pMysql, zQuery);
if (expect == Expect::SUCCESS)
{
test.add_result(rv, "Could NOT execute query '%s'.", zQuery);
}
else
{
test.add_result(rv == 0, "COULD execute query '%s'.", zQuery);
}
}
void test_one_ps(TestConnections& test, const char* zQuery, Expect expect)
{
MYSQL* pMysql = test.maxscales->conn_rwsplit[0];
MYSQL_STMT* pPs = mysql_stmt_init(pMysql);
int rv = mysql_stmt_prepare(pPs, zQuery, strlen(zQuery));
if (expect == Expect::SUCCESS)
{
test.add_result(rv, "Could NOT prepare statement.");
}
else
{
test.add_result(rv == 0, "COULD prepare statement.");
}
mysql_stmt_close(pPs);
}
void run(TestConnections& test)
{
MYSQL* pMysql = test.maxscales->conn_rwsplit[0];
int rv;
// This SHOULD go through, a is simply masked.
test_one(test, "SELECT a, b FROM masking_auto_firewall", Expect::SUCCESS);
// This should NOT go through as a function is used with a masked column.
test_one(test, "SELECT LENGTH(a), b FROM masking_auto_firewall", Expect::FAILURE);
// This should NOT go through as a function is used with a masked column (that happens to be uppercase).
test_one(test, "SELECT LENGTH(A), b FROM masking_auto_firewall", Expect::FAILURE);
// This SHOULD go through as a function is NOT used with a masked column
// in a prepared statement.
test_one(test, "PREPARE ps1 FROM 'SELECT a, LENGTH(b) FROM masking_auto_firewall'", Expect::SUCCESS);
// This should NOT go through as a function is used with a masked column
// in a prepared statement.
test_one(test, "PREPARE ps2 FROM 'SELECT LENGTH(a), b FROM masking_auto_firewall'", Expect::FAILURE);
rv = execute_query_silent(pMysql, "set @a = 'SELECT LENGTH(a), b FROM masking_auto_firewall'");
test.add_result(rv, "Could NOT set variable.");
// This should NOT go through as a prepared statement is prepared from a variable.
test_one(test, "PREPARE ps3 FROM @a", Expect::FAILURE);
// This SHOULD succeed as a function is NOT used with a masked column
// in a binary prepared statement.
test_one_ps(test, "SELECT a, LENGTH(b) FROM masking_auto_firewall", Expect::SUCCESS);
// This should NOT succeed as a function is used with a masked column
// in a binary prepared statement.
test_one_ps(test, "SELECT LENGTH(a), b FROM masking_auto_firewall", Expect::FAILURE);
// This should NOT succeed as a masked column is used in a statement
// defining a variable.
test_one(test, "set @a = (SELECT a, b FROM masking_auto_firewall)", Expect::FAILURE);
// This SHOULD succeed as a masked column is not used in the statment.
test_one(test, "select 1 UNION select b FROM masking_auto_firewall", Expect::SUCCESS);
// This should NOT succeed as a masked column is used in the statment.
test_one(test, "select 1 UNION select a FROM masking_auto_firewall", Expect::FAILURE);
// This should NOT succeed as '*' is used in the statment.
test_one(test, "select 1 UNION select * FROM masking_auto_firewall", Expect::FAILURE);
// This SHOULD succeed as a masked column is not used in the statment.
test_one(test, "select * FROM (select b from masking_auto_firewall) tbl", Expect::SUCCESS);
// This SHOULD succeed as a masked column is not used in the statment.
test_one(test, "select * FROM (select a as b from masking_auto_firewall) tbl", Expect::FAILURE);
// This SHOULD succeed as '*' is used in the statment.
test_one(test, "select * FROM (select * from masking_auto_firewall) tbl", Expect::FAILURE);
}
void run_ansi_quotes(TestConnections& test)
{
// This SHOULD go through as we have 'treat_string_arg_as_field=false"
test_one(test, "select concat(\"a\") from masking_auto_firewall", Expect::SUCCESS);
Connection c = test.maxscales->rwsplit();
c.connect();
test.expect(c.query("SET @@SQL_MODE = CONCAT(@@SQL_MODE, ',ANSI_QUOTES')"),
"Could not turn on 'ANSI_QUOTES'");
// This SHOULD still go through as we still have 'treat_string_arg_as_field=false"
test_one(test, "select concat(\"a\") from masking_auto_firewall", Expect::SUCCESS);
// Let's turn on 'treat_string_arg_as_field=true'
test.maxscales->ssh_node(0,
"sed -i -e "
"'s/treat_string_arg_as_field=false/treat_string_arg_as_field=true/' "
"/etc/maxscale.cnf",
true);
// and restart MaxScale
test.maxscales->restart();
// This should NOT go through as we have 'treat_string_arg_as_field=true" and ANSI_QUOTES.
test_one(test, "select concat(\"a\") from masking_auto_firewall", Expect::FAILURE);
// Have to reconnect as we restarted MaxScale.
c.connect();
test.expect(c.query("SET @@SQL_MODE = REPLACE(@@SQL_MODE, 'ANSI_QUOTES', '')"),
"Could not turn off 'ANSI_QUOTES'");
}
}
int main(int argc, char* argv[])
{
TestConnections::skip_maxscale_start(true);
TestConnections test(argc, argv);
std::string json_file("/masking_auto_firewall.json");
std::string from = test_dir + json_file;
std::string to = std::string(test.maxscales->access_homedir[0]) + json_file;
if (test.maxscales->copy_to_node(0, from.c_str(), to.c_str()) == 0)
{
if (test.maxscales->start() == 0)
{
sleep(2);
test.maxscales->wait_for_monitor();
if (test.maxscales->connect_rwsplit() == 0)
{
init(test);
run(test);
run_ansi_quotes(test);
}
else
{
test.expect(false, "Could not connect to RWS.");
}
}
else
{
test.expect(false, "Could not start MaxScale.");
}
}
else
{
test.expect(false, "Could not copy masking file to MaxScale node.");
}
return test.global_result;
}
Reference in New Issue View Git Blame Copy Permalink