database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-07-30 16:24:05 +03:00
Code Activity

MDEV-13641 host errors are not reset after successful connection.

Browse Source 
Fixed thd_set_peer_addr() to propagate host error count from
ip_to_hostname() to check_connection(), which tests this count to clear
errors affter successful authentication.
This commit is contained in:
Vladislav Vaintroub
2017-08-25 16:14:03 +00:00
parent 77c41fa725
commit 578b2b05b8
3 changed files with 37 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
sql/net_serv.cc
View File

@ -882,8 +882,10 @@ static handle_proxy_header_result handle_proxy_header(NET *net)
/* proxy header indicates LOCAL connection, no action necessary */ /* proxy header indicates LOCAL connection, no action necessary */
return RETRY; return RETRY;
/* Change peer address in THD and ACL structures.*/ /* Change peer address in THD and ACL structures.*/
uint host_errors;
return (handle_proxy_header_result)thd_set_peer_addr(thd, return (handle_proxy_header_result)thd_set_peer_addr(thd,
&(peer_info.peer_addr), NULL, peer_info.port, false); &(peer_info.peer_addr), NULL, peer_info.port,
false, &host_errors);
#endif #endif
} }

35
sql/sql_connect.cc
View File

@ -837,10 +837,34 @@ bool init_new_connection_handler_thread()
return 0; return 0;
} }
int thd_set_peer_addr(THD *thd, sockaddr_storage *addr, const char *ip,uint port, bool check_proxy_networks) /**
Set client address during authentication.
Initializes THD::main_security_ctx and THD::peer_port.
Optionally does ip to hostname translation.
@param thd current THD handle
@param addr peer address (can be NULL, if 'ip' is set)
@param ip peer address as string (can be NULL if 'addr' is set)
@param port peer port
@param check_proxy_networks if true, and host is in
'proxy_protocol_networks' list, skip
"host not privileged" check
@param[out] host_errors - number of connect
errors for this host
@retval 0 ok, 1 error
*/
int thd_set_peer_addr(THD *thd,
sockaddr_storage *addr,
const char *ip,
uint port,
bool check_proxy_networks,
uint *host_errors)
{ {
uint connect_errors; *host_errors= 0;
thd->peer_port = port;
thd->peer_port= port;
char ip_string[128]; char ip_string[128];
if (!ip) if (!ip)
@ -886,7 +910,7 @@ int thd_set_peer_addr(THD *thd, sockaddr_storage *addr, const char *ip,uint port
rc = ip_to_hostname(addr, rc = ip_to_hostname(addr,
thd->main_security_ctx.ip, thd->main_security_ctx.ip,
&thd->main_security_ctx.host, &thd->main_security_ctx.host,
&connect_errors); host_errors);
/* Cut very long hostnames to avoid possible overflows */ /* Cut very long hostnames to avoid possible overflows */
if (thd->main_security_ctx.host) if (thd->main_security_ctx.host)
@ -1027,7 +1051,8 @@ static int check_connection(THD *thd)
return 1; return 1;
} }
if (thd_set_peer_addr(thd, &net->vio->remote, ip, peer_port, true)) if (thd_set_peer_addr(thd, &net->vio->remote, ip, peer_port,
true, &connect_errors))
return 1; return 1;
} }
else /* Hostname given means that the connection was on a socket */ else /* Hostname given means that the connection was on a socket */

5
sql/sql_connect.h
View File

@ -85,7 +85,10 @@ bool thd_init_client_charset(THD *thd, uint cs_number);
bool setup_connection_thread_globals(THD *thd); bool setup_connection_thread_globals(THD *thd);
bool thd_prepare_connection(THD *thd); bool thd_prepare_connection(THD *thd);
bool thd_is_connection_alive(THD *thd); bool thd_is_connection_alive(THD *thd);
int thd_set_peer_addr(THD *thd, sockaddr_storage *addr, const char *ip, uint port, bool check_proxy_networks); int thd_set_peer_addr(THD *thd, sockaddr_storage *addr,
const char *ip, uint port,
bool check_proxy_networks,
uint *host_errors);
bool login_connection(THD *thd); bool login_connection(THD *thd);
void prepare_new_connection_state(THD* thd); void prepare_new_connection_state(THD* thd);