1berry/MariaDB-server
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

5.6-compatibility, per-host connect error counter is reset only after the

Browse Source 
successful connection, not when a client reply packet is received
(that still might be invalid).

(test case was merged with perfschema 5.6.17)
This commit is contained in:
Sergei Golubchik 2014-05-07 16:13:00 +02:00
parent a83a4136ff
commit 08f3280235
4 changed files with 4 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
sql/sql_acl.cc
View File

@ -10841,7 +10841,6 @@ struct MPVIO_EXT :public MYSQL_PLUGIN_VIO
uint pkt_len;
} cached_server_packet;
int packets_read, packets_written; ///< counters for send/received packets
uint connect_errors; ///< if there were connect errors for this host
bool make_it_fail;
/** when plugin returns a failure this tells us what really happened */
enum { SUCCESS, FAILURE, RESTART } status;
@ -11392,9 +11391,6 @@ static ulong parse_client_handshake_packet(MPVIO_EXT *mpvio,
*/
DBUG_ASSERT(net->read_pos[pkt_len] == 0);
if (mpvio->connect_errors)
reset_host_connect_errors(thd->main_security_ctx.ip);
ulong client_capabilities= uint2korr(net->read_pos);
if (client_capabilities & CLIENT_PROTOCOL_41)
{
@ -11972,8 +11968,6 @@ static int do_auth_once(THD *thd, const LEX_STRING *auth_plugin_name,
Perform the handshake, authorize the client and update thd sctx variables.
@param thd thread handle
@param connect_errors number of previous failed connect attemps
from this host
@param com_change_user_pkt_len size of the COM_CHANGE_USER packet
(without the first, command, byte) or 0
if it's not a COM_CHANGE_USER (that is, if
@ -11982,8 +11976,7 @@ static int do_auth_once(THD *thd, const LEX_STRING *auth_plugin_name,
@retval 0 success, thd is updated.
@retval 1 error
*/
bool acl_authenticate(THD *thd, uint connect_errors,
uint com_change_user_pkt_len)
bool acl_authenticate(THD *thd, uint com_change_user_pkt_len)
{
int res= CR_OK;
MPVIO_EXT mpvio;
@ -11997,7 +11990,6 @@ bool acl_authenticate(THD *thd, uint connect_errors,
mpvio.write_packet= server_mpvio_write_packet;
mpvio.info= server_mpvio_info;
mpvio.thd= thd;
mpvio.connect_errors= connect_errors;
mpvio.status= MPVIO_EXT::FAILURE;
mpvio.make_it_fail= false;
mpvio.auth_info.host_or_ip= thd->security_ctx->host_or_ip;

2
sql/sql_acl.h
View File

@ -202,7 +202,7 @@ my_bool acl_reload(THD *thd);
void acl_free(bool end=0);
ulong acl_get(const char *host, const char *ip,
const char *user, const char *db, my_bool db_is_pattern);
bool acl_authenticate(THD *thd, uint connect_errors, uint com_change_user_pkt_len);
bool acl_authenticate(THD *thd, uint com_change_user_pkt_len);
bool acl_getroot(Security_context *sctx, char *user, char *host,
char *ip, char *db);
bool acl_check_host(const char *host, const char *ip);

2
sql/sql_connect.cc
View File

@ -1067,7 +1067,7 @@ static int check_connection(THD *thd)
return 1; /* The error is set by alloc(). */
}
auth_rc= acl_authenticate(thd, connect_errors, 0);
auth_rc= acl_authenticate(thd, 0);
if (auth_rc == 0 && connect_errors != 0)
{
/*

2
sql/sql_parse.cc
View File

@ -1224,7 +1224,7 @@ bool dispatch_command(enum enum_server_command command, THD *thd,
auth_rc= 1;
}
else
auth_rc= acl_authenticate(thd, 0, packet_length);
auth_rc= acl_authenticate(thd, packet_length);
mysql_audit_notify_connection_change_user(thd);
if (auth_rc)