From 45c47a04bdc2e0449cbaf690670b6850e0987685 Mon Sep 17 00:00:00 2001 From: Oleksandr Byelkin Date: Thu, 24 Jan 2019 10:43:27 +0100 Subject: [PATCH 01/11] MDEV-17401: LOAD DATA from very big file into MyISAM table results in EOF error and corrupt index fix of incorrect 10.3 merge --- mysys/mf_iocache.c | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/mysys/mf_iocache.c b/mysys/mf_iocache.c index 4f22921aeff..b09760cd98d 100644 --- a/mysys/mf_iocache.c +++ b/mysys/mf_iocache.c @@ -115,12 +115,15 @@ init_functions(IO_CACHE* info) DBUG_ASSERT(!(info->myflags & MY_ENCRYPT)); info->read_function = info->share ? _my_b_cache_read_r : _my_b_cache_read; info->write_function = info->share ? _my_b_cache_write_r : _my_b_cache_write; - info->myflags&= ~MY_FULL_IO; break; case TYPE_NOT_SET: DBUG_ASSERT(0); break; } + if (type == READ_CACHE || type == WRITE_CACHE || type == SEQ_READ_APPEND) + info->myflags|= MY_FULL_IO; + else + info->myflags&= ~MY_FULL_IO; } @@ -297,10 +300,6 @@ int init_io_cache(IO_CACHE *info, File file, size_t cachesize, } info->inited=info->aio_result.pending=0; #endif - if (type == READ_CACHE || type == WRITE_CACHE || type == SEQ_READ_APPEND) - info->myflags|= MY_FULL_IO; - else - info->myflags&= ~MY_FULL_IO; DBUG_RETURN(0); } /* init_io_cache */ @@ -469,8 +468,6 @@ my_bool reinit_io_cache(IO_CACHE *info, enum cache_type type, { info->read_end=info->write_pos; info->end_of_file=my_b_tell(info); - /* Ensure we will read all data */ - info->myflags|= MY_FULL_IO; /* Trigger a new seek only if we have a valid file handle. @@ -485,7 +482,6 @@ my_bool reinit_io_cache(IO_CACHE *info, enum cache_type type, info->seek_not_done=1; } info->end_of_file = ~(my_off_t) 0; - info->myflags&= ~MY_FULL_IO; } pos=info->request_pos+(seek_offset-info->pos_in_file); if (type == WRITE_CACHE) From d97db40a9f2e97ed0317559c9587c827a3f49cce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20M=C3=A4kel=C3=A4?= Date: Fri, 25 Jan 2019 12:46:23 +0200 Subject: [PATCH 02/11] MDEV-18352 Add a regression test for VARCHAR enlarging Add a simplest regression test. Specifically, I want to be sure that SYS_COLUMNS.LEN is increased. Closes #1123 --- mysql-test/suite/innodb/r/instant_varchar_enlarge.result | 9 +++++++++ mysql-test/suite/innodb/t/instant_varchar_enlarge.test | 8 ++++++++ 2 files changed, 17 insertions(+) create mode 100644 mysql-test/suite/innodb/r/instant_varchar_enlarge.result create mode 100644 mysql-test/suite/innodb/t/instant_varchar_enlarge.test diff --git a/mysql-test/suite/innodb/r/instant_varchar_enlarge.result b/mysql-test/suite/innodb/r/instant_varchar_enlarge.result new file mode 100644 index 00000000000..14f16bd4fe2 --- /dev/null +++ b/mysql-test/suite/innodb/r/instant_varchar_enlarge.result @@ -0,0 +1,9 @@ +create table t (a varchar(100)) engine=innodb; +select name, pos, mtype, prtype, len from information_schema.innodb_sys_columns where name='a'; +name pos mtype prtype len +a 0 1 524303 100 +alter table t modify a varchar(110), algorithm=inplace; +select name, pos, mtype, prtype, len from information_schema.innodb_sys_columns where name='a'; +name pos mtype prtype len +a 0 1 524303 110 +drop table t; diff --git a/mysql-test/suite/innodb/t/instant_varchar_enlarge.test b/mysql-test/suite/innodb/t/instant_varchar_enlarge.test new file mode 100644 index 00000000000..42689deca11 --- /dev/null +++ b/mysql-test/suite/innodb/t/instant_varchar_enlarge.test @@ -0,0 +1,8 @@ +--source include/have_innodb.inc + +# LEN must increase here +create table t (a varchar(100)) engine=innodb; +select name, pos, mtype, prtype, len from information_schema.innodb_sys_columns where name='a'; +alter table t modify a varchar(110), algorithm=inplace; +select name, pos, mtype, prtype, len from information_schema.innodb_sys_columns where name='a'; +drop table t; From a22dc6268b3c76503fecc15933b37d862a774ffb Mon Sep 17 00:00:00 2001 From: Julius Goryavsky Date: Fri, 25 Jan 2019 12:29:50 +0100 Subject: [PATCH 03/11] MDEV-18379: Unification of check for IPv6 Currently, the three-node mtr suite for Galera (galera_3nodes) uses a separate IPv6 availability check using the "have_ipv6.inc" file. This check duplicates a more accurate check at suite.pm level, which can be used by including the file "check_ipv6.inc". This patch removes this discrepancy between suites. In addition, one of the files in the galera_3nodes suite does not contain the option "--bind-address=::" which is needed for the test to work correctly with IPv6 (at least on some systems), since without it the server will not wait for connections on the IPv6 interface. https://jira.mariadb.org/browse/MDEV-18379 --- .../suite/galera_3nodes/include/have_ipv6.inc | 15 --------------- mysql-test/suite/galera_3nodes/r/GAL-501.result | 3 +++ mysql-test/suite/galera_3nodes/t/GAL-501.opt | 1 + mysql-test/suite/galera_3nodes/t/GAL-501.test | 2 +- .../galera_3nodes/t/galera_ipv6_mariabackup.test | 2 +- .../galera_3nodes/t/galera_ipv6_mysqldump.test | 2 +- .../suite/galera_3nodes/t/galera_ipv6_rsync.test | 2 +- 7 files changed, 8 insertions(+), 19 deletions(-) delete mode 100644 mysql-test/suite/galera_3nodes/include/have_ipv6.inc create mode 100644 mysql-test/suite/galera_3nodes/t/GAL-501.opt diff --git a/mysql-test/suite/galera_3nodes/include/have_ipv6.inc b/mysql-test/suite/galera_3nodes/include/have_ipv6.inc deleted file mode 100644 index 560cad03350..00000000000 --- a/mysql-test/suite/galera_3nodes/include/have_ipv6.inc +++ /dev/null @@ -1,15 +0,0 @@ -# Check if ipv6 is available. -# ---disable_query_log ---disable_result_log -connect (checkcon123456789,::1,root,,test); -if($mysql_errno) -{ - skip No IPv6 support; -} -connection default; -disconnect checkcon123456789; ---enable_result_log ---enable_query_log -# end check - diff --git a/mysql-test/suite/galera_3nodes/r/GAL-501.result b/mysql-test/suite/galera_3nodes/r/GAL-501.result index a2bf5f4d98c..bcf74142144 100644 --- a/mysql-test/suite/galera_3nodes/r/GAL-501.result +++ b/mysql-test/suite/galera_3nodes/r/GAL-501.result @@ -4,9 +4,12 @@ VARIABLE_VALUE LIKE '%[::1]%' SELECT VARIABLE_VALUE = 3 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_size'; VARIABLE_VALUE = 3 1 +connection node_2; SET GLOBAL wsrep_provider_options='gmcast.isolate=1'; +connection node_1; CREATE TABLE t1 (f1 INTEGER) ENGINE=InnoDB; INSERT INTO t1 VALUES (1); +connection node_2; SET GLOBAL wsrep_provider_options='gmcast.isolate=0'; SELECT COUNT(*) = 1 FROM t1; COUNT(*) = 1 diff --git a/mysql-test/suite/galera_3nodes/t/GAL-501.opt b/mysql-test/suite/galera_3nodes/t/GAL-501.opt new file mode 100644 index 00000000000..c2bb4d156af --- /dev/null +++ b/mysql-test/suite/galera_3nodes/t/GAL-501.opt @@ -0,0 +1 @@ +--bind-address=:: diff --git a/mysql-test/suite/galera_3nodes/t/GAL-501.test b/mysql-test/suite/galera_3nodes/t/GAL-501.test index 60ed5989227..a36f21630ac 100644 --- a/mysql-test/suite/galera_3nodes/t/GAL-501.test +++ b/mysql-test/suite/galera_3nodes/t/GAL-501.test @@ -5,7 +5,7 @@ # ist.recv_addr=[::1] --source include/galera_cluster.inc ---source include/have_ipv6.inc +--source include/check_ipv6.inc # Confirm that initial handshake happened over ipv6 diff --git a/mysql-test/suite/galera_3nodes/t/galera_ipv6_mariabackup.test b/mysql-test/suite/galera_3nodes/t/galera_ipv6_mariabackup.test index fdf70989d5d..8cbd8cf2454 100644 --- a/mysql-test/suite/galera_3nodes/t/galera_ipv6_mariabackup.test +++ b/mysql-test/suite/galera_3nodes/t/galera_ipv6_mariabackup.test @@ -1,5 +1,5 @@ --source include/galera_cluster.inc ---source include/have_ipv6.inc +--source include/check_ipv6.inc --source include/have_mariabackup.inc # Confirm that initial handshake happened over ipv6 diff --git a/mysql-test/suite/galera_3nodes/t/galera_ipv6_mysqldump.test b/mysql-test/suite/galera_3nodes/t/galera_ipv6_mysqldump.test index e0addcea7bc..4a6de8abb9c 100644 --- a/mysql-test/suite/galera_3nodes/t/galera_ipv6_mysqldump.test +++ b/mysql-test/suite/galera_3nodes/t/galera_ipv6_mysqldump.test @@ -1,5 +1,5 @@ --source include/galera_cluster.inc ---source include/have_ipv6.inc +--source include/check_ipv6.inc call mtr.add_suppression("WSREP: wsrep_sst_method is set to 'mysqldump' yet mysqld bind_address is set to'"); call mtr.add_suppression("Failed to load slave replication state from table mysql.gtid_slave_pos"); diff --git a/mysql-test/suite/galera_3nodes/t/galera_ipv6_rsync.test b/mysql-test/suite/galera_3nodes/t/galera_ipv6_rsync.test index 7ee209d8e72..1937eb43e13 100644 --- a/mysql-test/suite/galera_3nodes/t/galera_ipv6_rsync.test +++ b/mysql-test/suite/galera_3nodes/t/galera_ipv6_rsync.test @@ -1,5 +1,5 @@ --source include/galera_cluster.inc ---source include/have_ipv6.inc +--source include/check_ipv6.inc # Confirm that initial handshake happened over ipv6 From 31d0727a103b5f8e983bd89d0ddd0dbe2a2278f2 Mon Sep 17 00:00:00 2001 From: Eugene Kosov Date: Fri, 25 Jan 2019 15:23:57 +0200 Subject: [PATCH 04/11] MDEV-18235: Changes related to fsync() Remove fil_node_t::sync_event. I had a discussion with kernel fellows and they said it's safe to call fsync() simultaneously at least on VFS and ext4. So initially I wanted to disable check for recent Linux but than I realized code is buggy. Consider a case when one thread is inside fsync() and two others are waiting inside os_event. First thread after fsync() calls os_event_set() which is a broadcast! So two waiting threads will awake and may call fsync() at the same time. One fix is to add a notify_one() functionality to os_event but I decided to remove incorrect check completely. Note, it works for one waiting thread but not for more than one. IMO it's ok to avoid existing bugs but there is not too much sense in avoiding possible(!) bugs as this code does. fil_space_t::is_in_rotation_list(), fil_space_t::is_in_unflushed_spaces(): Replace redundant bool fields with member functions. fil_node_t::needs_flush: Replaces fil_node_t::modification_counter and fil_node_t::flush_counter. We need to know whether there _are_ some unflushed writes and we do not need to know _how many_ writes. fil_system_t::modification_counter: Remove as not needed. Even if we needed fil_node_t::modification_counter, every file could have its own counter that would be incremented on each write. fil_system_t::modification_counter is a global modification counter for all files. It was incremented on every write. But whether some file was flushed or not is an internal fil_node_t deal/state and this makes fil_system_t::modification_counter useless. Closes #1061 --- storage/innobase/fil/fil0fil.cc | 114 ++++++++++++----------------- storage/innobase/include/fil0fil.h | 25 +++---- 2 files changed, 54 insertions(+), 85 deletions(-) diff --git a/storage/innobase/fil/fil0fil.cc b/storage/innobase/fil/fil0fil.cc index ec8144ad892..604f43d7639 100644 --- a/storage/innobase/fil/fil0fil.cc +++ b/storage/innobase/fil/fil0fil.cc @@ -452,7 +452,7 @@ fil_space_is_flushed( node != NULL; node = UT_LIST_GET_NEXT(chain, node)) { - if (node->modification_counter > node->flush_counter) { + if (node->needs_flush) { ut_ad(!fil_buffering_disabled(space)); return(false); @@ -489,8 +489,6 @@ fil_node_t* fil_space_t::add(const char* name, pfs_os_file_t handle, ut_a(!is_raw || srv_start_raw_disk_in_use); - node->sync_event = os_event_create("fsync_event"); - node->is_raw_disk = is_raw; node->size = size; @@ -728,7 +726,7 @@ fil_node_close_file( ut_a(node->n_pending == 0); ut_a(node->n_pending_flushes == 0); ut_a(!node->being_extended); - ut_a(node->modification_counter == node->flush_counter + ut_a(!node->needs_flush || node->space->purpose == FIL_TYPE_TEMPORARY || srv_fast_shutdown == 2 || !srv_was_started); @@ -780,7 +778,7 @@ fil_try_to_close_file_in_LRU( node != NULL; node = UT_LIST_GET_PREV(LRU, node)) { - if (node->modification_counter == node->flush_counter + if (!node->needs_flush && node->n_pending_flushes == 0 && !node->being_extended) { @@ -800,11 +798,9 @@ fil_try_to_close_file_in_LRU( << node->n_pending_flushes; } - if (node->modification_counter != node->flush_counter) { + if (node->needs_flush) { ib::warn() << "Cannot close file " << node->name - << ", because modification count " - << node->modification_counter << - " != flush count " << node->flush_counter; + << ", because is should be flushed first"; } if (node->being_extended) { @@ -829,7 +825,7 @@ static void fil_flush_low(fil_space_t* space, bool metadata = false) /* No need to flush. User has explicitly disabled buffering. */ - ut_ad(!space->is_in_unflushed_spaces); + ut_ad(!space->is_in_unflushed_spaces()); ut_ad(fil_space_is_flushed(space)); ut_ad(space->n_pending_flushes == 0); @@ -837,8 +833,7 @@ static void fil_flush_low(fil_space_t* space, bool metadata = false) for (fil_node_t* node = UT_LIST_GET_FIRST(space->chain); node != NULL; node = UT_LIST_GET_NEXT(chain, node)) { - ut_ad(node->modification_counter - == node->flush_counter); + ut_ad(!node->needs_flush); ut_ad(node->n_pending_flushes == 0); } #endif /* UNIV_DEBUG */ @@ -853,9 +848,7 @@ static void fil_flush_low(fil_space_t* space, bool metadata = false) node != NULL; node = UT_LIST_GET_NEXT(chain, node)) { - int64_t old_mod_counter = node->modification_counter; - - if (old_mod_counter <= node->flush_counter) { + if (!node->needs_flush) { continue; } @@ -879,31 +872,10 @@ static void fil_flush_low(fil_space_t* space, bool metadata = false) goto skip_flush; } #endif /* _WIN32 */ -retry: - if (node->n_pending_flushes > 0) { - /* We want to avoid calling os_file_flush() on - the file twice at the same time, because we do - not know what bugs OS's may contain in file - i/o */ - - int64_t sig_count = os_event_reset(node->sync_event); - - mutex_exit(&fil_system->mutex); - - os_event_wait_low(node->sync_event, sig_count); - - mutex_enter(&fil_system->mutex); - - if (node->flush_counter >= old_mod_counter) { - - goto skip_flush; - } - - goto retry; - } ut_a(node->is_open()); node->n_pending_flushes++; + node->needs_flush = false; mutex_exit(&fil_system->mutex); @@ -911,18 +883,14 @@ retry: mutex_enter(&fil_system->mutex); - os_event_set(node->sync_event); - node->n_pending_flushes--; +#ifdef _WIN32 skip_flush: - if (node->flush_counter < old_mod_counter) { - node->flush_counter = old_mod_counter; - - if (space->is_in_unflushed_spaces +#endif /* _WIN32 */ + if (!node->needs_flush) { + if (space->is_in_unflushed_spaces() && fil_space_is_flushed(space)) { - space->is_in_unflushed_spaces = false; - UT_LIST_REMOVE( fil_system->unflushed_spaces, space); @@ -1216,19 +1184,16 @@ fil_node_close_to_free( /* We fool the assertion in fil_node_close_file() to think there are no unflushed modifications in the file */ - node->modification_counter = node->flush_counter; - os_event_set(node->sync_event); + node->needs_flush = false; if (fil_buffering_disabled(space)) { - ut_ad(!space->is_in_unflushed_spaces); + ut_ad(!space->is_in_unflushed_spaces()); ut_ad(fil_space_is_flushed(space)); - } else if (space->is_in_unflushed_spaces + } else if (space->is_in_unflushed_spaces() && fil_space_is_flushed(space)) { - space->is_in_unflushed_spaces = false; - UT_LIST_REMOVE(fil_system->unflushed_spaces, space); } @@ -1256,16 +1221,14 @@ fil_space_detach( HASH_DELETE(fil_space_t, name_hash, fil_system->name_hash, ut_fold_string(space->name), space); - if (space->is_in_unflushed_spaces) { + if (space->is_in_unflushed_spaces()) { ut_ad(!fil_buffering_disabled(space)); - space->is_in_unflushed_spaces = false; UT_LIST_REMOVE(fil_system->unflushed_spaces, space); } - if (space->is_in_rotation_list) { - space->is_in_rotation_list = false; + if (space->is_in_rotation_list()) { UT_LIST_REMOVE(fil_system->rotation_list, space); } @@ -1305,7 +1268,6 @@ fil_space_free_low( for (fil_node_t* node = UT_LIST_GET_FIRST(space->chain); node != NULL; ) { ut_d(space->size -= node->size); - os_event_destroy(node->sync_event); ut_free(node->name); fil_node_t* old_node = node; node = UT_LIST_GET_NEXT(chain, node); @@ -1497,7 +1459,6 @@ fil_space_create( /* Key rotation is not enabled, need to inform background encryption threads. */ UT_LIST_ADD_LAST(fil_system->rotation_list, space); - space->is_in_rotation_list = true; mutex_exit(&fil_system->mutex); mutex_enter(&fil_crypt_threads_mutex); os_event_set(fil_crypt_threads_event); @@ -4847,24 +4808,22 @@ fil_node_complete_io(fil_node_t* node, const IORequest& type) ut_ad(!srv_read_only_mode || fsp_is_system_temporary(node->space->id)); - ++fil_system->modification_counter; - - node->modification_counter = fil_system->modification_counter; - if (fil_buffering_disabled(node->space)) { /* We don't need to keep track of unflushed changes as user has explicitly disabled buffering. */ - ut_ad(!node->space->is_in_unflushed_spaces); - node->flush_counter = node->modification_counter; + ut_ad(!node->space->is_in_unflushed_spaces()); + ut_ad(node->needs_flush == false); - } else if (!node->space->is_in_unflushed_spaces) { + } else { + node->needs_flush = true; - node->space->is_in_unflushed_spaces = true; + if (!node->space->is_in_unflushed_spaces()) { - UT_LIST_ADD_FIRST( - fil_system->unflushed_spaces, node->space); + UT_LIST_ADD_FIRST(fil_system->unflushed_spaces, + node->space); + } } } @@ -6078,8 +6037,7 @@ fil_space_remove_from_keyrotation(fil_space_t* space) ut_ad(mutex_own(&fil_system->mutex)); ut_ad(space); - if (space->n_pending_ops == 0 && space->is_in_rotation_list) { - space->is_in_rotation_list = false; + if (space->n_pending_ops == 0 && space->is_in_rotation_list()) { ut_a(UT_LIST_GET_LEN(fil_system->rotation_list) > 0); UT_LIST_REMOVE(fil_system->rotation_list, space); } @@ -6223,3 +6181,21 @@ fil_space_set_punch_hole( { node->space->punch_hole = val; } + +/** Checks that this tablespace in a list of unflushed tablespaces. +@return true if in a list */ +bool fil_space_t::is_in_unflushed_spaces() const { + ut_ad(mutex_own(&fil_system->mutex)); + + return fil_system->unflushed_spaces.start == this + || unflushed_spaces.next || unflushed_spaces.prev; +} + +/** Checks that this tablespace needs key rotation. +@return true if in a rotation list */ +bool fil_space_t::is_in_rotation_list() const { + ut_ad(mutex_own(&fil_system->mutex)); + + return fil_system->rotation_list.start == this || rotation_list.next + || rotation_list.prev; +} diff --git a/storage/innobase/include/fil0fil.h b/storage/innobase/include/fil0fil.h index 162f10f08bb..7cb9f4098a4 100644 --- a/storage/innobase/include/fil0fil.h +++ b/storage/innobase/include/fil0fil.h @@ -159,15 +159,16 @@ struct fil_space_t { UT_LIST_NODE_T(fil_space_t) named_spaces; /*!< list of spaces for which MLOG_FILE_NAME records have been issued */ - bool is_in_unflushed_spaces; - /*!< true if this space is currently in - unflushed_spaces */ + /** Checks that this tablespace in a list of unflushed tablespaces. + @return true if in a list */ + bool is_in_unflushed_spaces() const; UT_LIST_NODE_T(fil_space_t) space_list; /*!< list of all spaces */ /** other tablespaces needing key rotation */ UT_LIST_NODE_T(fil_space_t) rotation_list; - /** whether this tablespace needs key rotation */ - bool is_in_rotation_list; + /** Checks that this tablespace needs key rotation. + @return true if in a rotation list */ + bool is_in_rotation_list() const; /** MariaDB encryption data */ fil_space_crypt_t* crypt_data; @@ -220,10 +221,6 @@ struct fil_node_t { char* name; /** file handle (valid if is_open) */ pfs_os_file_t handle; - /** event that groups and serializes calls to fsync; - os_event_set() and os_event_reset() are protected by - fil_system_t::mutex */ - os_event_t sync_event; /** whether the file actually is a raw device or disk partition */ bool is_raw_disk; /** size of the file in database pages (0 if not known yet); @@ -241,10 +238,8 @@ struct fil_node_t { ulint n_pending_flushes; /** whether the file is currently being extended */ bool being_extended; - /** number of writes to the file since the system was started */ - int64_t modification_counter; - /** the modification_counter of the latest flush to disk */ - int64_t flush_counter; + /** whether this file had writes after lasy fsync() */ + bool needs_flush; /** link to other files in this tablespace */ UT_LIST_NODE_T(fil_node_t) chain; /** link to the fil_system->LRU list (keeping track of open files) */ @@ -502,12 +497,10 @@ struct fil_system_t { tablespaces whose files contain unflushed writes; those spaces have at least one file node where - modification_counter > flush_counter */ + needs_flush == true */ ulint n_open; /*!< number of files currently open */ ulint max_n_open; /*!< n_open is not allowed to exceed this */ - int64_t modification_counter;/*!< when we write to a file we - increment this by one */ ulint max_assigned_id;/*!< maximum space id in the existing tables, or assigned during the time mysqld has been up; at an InnoDB From 0e1f7f5c4a7eb90f345f2c2da6b4d7ce0b4056c4 Mon Sep 17 00:00:00 2001 From: Eugene Kosov Date: Fri, 25 Jan 2019 12:04:28 +0300 Subject: [PATCH 05/11] MDEV-18057 Assertion `(node->state == 5) || (node->state == 6)' failed in row_upd_sec_step upon DELETE after UPDATE failed due to FK violation The idea of the fix: reset state from previous query. row_upd_clust_step(): reset cached index before updating a clustered index Closes #1133 --- mysql-test/suite/versioning/r/foreign.result | 9 +++++++++ mysql-test/suite/versioning/t/foreign.test | 14 ++++++++++++++ storage/innobase/row/row0upd.cc | 1 + 3 files changed, 24 insertions(+) diff --git a/mysql-test/suite/versioning/r/foreign.result b/mysql-test/suite/versioning/r/foreign.result index edf5632f027..a7a84f539bf 100644 --- a/mysql-test/suite/versioning/r/foreign.result +++ b/mysql-test/suite/versioning/r/foreign.result @@ -290,3 +290,12 @@ select count(*) from subchild; count(*) 0 drop table subchild, child, parent; +CREATE TABLE t1 (f1 INT, KEY(f1)) ENGINE=InnoDB; +CREATE TABLE t2 (f2 INT, FOREIGN KEY (f2) REFERENCES t1 (f1)) ENGINE=InnoDB WITH SYSTEM VERSIONING; +SET FOREIGN_KEY_CHECKS= OFF; +INSERT IGNORE INTO t2 VALUES (1); +SET FOREIGN_KEY_CHECKS= ON; +UPDATE t2 SET f2= 2; +ERROR 23000: Cannot add or update a child row: a foreign key constraint fails (`test`.`t2`, CONSTRAINT `t2_ibfk_1` FOREIGN KEY (`f2`) REFERENCES `t1` (`f1`)) +DELETE FROM t2; +DROP TABLE t2, t1; diff --git a/mysql-test/suite/versioning/t/foreign.test b/mysql-test/suite/versioning/t/foreign.test index 566d481c2a8..075f15a216c 100644 --- a/mysql-test/suite/versioning/t/foreign.test +++ b/mysql-test/suite/versioning/t/foreign.test @@ -317,4 +317,18 @@ select count(*) from subchild; drop table subchild, child, parent; +CREATE TABLE t1 (f1 INT, KEY(f1)) ENGINE=InnoDB; +CREATE TABLE t2 (f2 INT, FOREIGN KEY (f2) REFERENCES t1 (f1)) ENGINE=InnoDB WITH SYSTEM VERSIONING; + +SET FOREIGN_KEY_CHECKS= OFF; +INSERT IGNORE INTO t2 VALUES (1); + +SET FOREIGN_KEY_CHECKS= ON; +--error ER_NO_REFERENCED_ROW_2 +UPDATE t2 SET f2= 2; +DELETE FROM t2; + +DROP TABLE t2, t1; + + --source suite/versioning/common_finish.inc diff --git a/storage/innobase/row/row0upd.cc b/storage/innobase/row/row0upd.cc index 93a5d80035a..f9cb174088f 100644 --- a/storage/innobase/row/row0upd.cc +++ b/storage/innobase/row/row0upd.cc @@ -3200,6 +3200,7 @@ row_upd_clust_step( if (node->cmpl_info & UPD_NODE_NO_ORD_CHANGE) { + node->index = NULL; err = row_upd_clust_rec( flags, node, index, offsets, &heap, thr, &mtr); goto exit_func; From 74f184aff253076781b7057ddba5e6460dfd467f Mon Sep 17 00:00:00 2001 From: Sergei Golubchik Date: Thu, 24 Jan 2019 20:18:55 +0100 Subject: [PATCH 06/11] Fix tests not to fail with OpenSSL 1.1.1 with TLSv1.3 --- mysql-test/r/openssl_1.result | 72 ++++++------------- mysql-test/r/ssl.result | 5 -- mysql-test/r/ssl_cipher.result | 63 +++++++++++++++-- mysql-test/suite.pm | 4 +- mysql-test/t/openssl_1.test | 93 ++++-------------------- mysql-test/t/ssl.test | 5 -- mysql-test/t/ssl_cert_verify.test | 2 +- mysql-test/t/ssl_cipher-master.opt | 1 - mysql-test/t/ssl_cipher.test | 110 +++++++++++++++++++++++++---- 9 files changed, 192 insertions(+), 163 deletions(-) delete mode 100644 mysql-test/t/ssl_cipher-master.opt diff --git a/mysql-test/r/openssl_1.result b/mysql-test/r/openssl_1.result index 5495f8ffd34..24c4cc69f5d 100644 --- a/mysql-test/r/openssl_1.result +++ b/mysql-test/r/openssl_1.result @@ -4,52 +4,38 @@ drop table if exists t1; create table t1(f1 int); insert into t1 values (5); grant select on test.* to ssl_user1@localhost require SSL; -grant select on test.* to ssl_user2@localhost require cipher "AES256-SHA"; -grant select on test.* to ssl_user3@localhost require cipher "AES256-SHA" AND SUBJECT "/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client"; -grant select on test.* to ssl_user4@localhost require cipher "AES256-SHA" AND SUBJECT "/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client" ISSUER "/CN=cacert/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB"; -grant select on test.* to ssl_user5@localhost require cipher "AES256-SHA" AND SUBJECT "xxx"; +grant select on test.* to ssl_user3@localhost require SUBJECT "/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client"; +grant select on test.* to ssl_user4@localhost require SUBJECT "/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client" ISSUER "/CN=cacert/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB"; +grant select on test.* to ssl_user5@localhost require SUBJECT "xxx"; flush privileges; -connect con1,localhost,ssl_user1,,,,,SSL-CIPHER=AES256-SHA; -connect(localhost,ssl_user2,,test,MASTER_PORT,MASTER_SOCKET); -connect con2,localhost,ssl_user2,,,,,SSL-CIPHER=AES128-SHA; -ERROR 28000: Access denied for user 'ssl_user2'@'localhost' (using password: NO) -connect con2,localhost,ssl_user2,,,,,SSL-CIPHER=AES256-SHA; -connect con3,localhost,ssl_user3,,,,,SSL-CIPHER=AES256-SHA; -connect con4,localhost,ssl_user4,,,,,SSL-CIPHER=AES256-SHA; +connect con1,localhost,ssl_user1,,,,,SSL; +connect con3,localhost,ssl_user3,,,,,SSL; +connect con4,localhost,ssl_user4,,,,,SSL; connect(localhost,ssl_user5,,test,MASTER_PORT,MASTER_SOCKET); -connect con5,localhost,ssl_user5,,,,,SSL-CIPHER=AES256-SHA; +connect con5,localhost,ssl_user5,,,,,SSL; ERROR 28000: Access denied for user 'ssl_user5'@'localhost' (using password: NO) connection con1; -SHOW STATUS LIKE 'Ssl_cipher'; -Variable_name Value -Ssl_cipher AES256-SHA +SELECT VARIABLE_VALUE <> '' AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'; +have_ssl +1 select * from t1; f1 5 delete from t1; ERROR 42000: DELETE command denied to user 'ssl_user1'@'localhost' for table 't1' -connection con2; -SHOW STATUS LIKE 'Ssl_cipher'; -Variable_name Value -Ssl_cipher AES256-SHA -select * from t1; -f1 -5 -delete from t1; -ERROR 42000: DELETE command denied to user 'ssl_user2'@'localhost' for table 't1' connection con3; -SHOW STATUS LIKE 'Ssl_cipher'; -Variable_name Value -Ssl_cipher AES256-SHA +SELECT VARIABLE_VALUE <> '' AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'; +have_ssl +1 select * from t1; f1 5 delete from t1; ERROR 42000: DELETE command denied to user 'ssl_user3'@'localhost' for table 't1' connection con4; -SHOW STATUS LIKE 'Ssl_cipher'; -Variable_name Value -Ssl_cipher AES256-SHA +SELECT VARIABLE_VALUE <> '' AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'; +have_ssl +1 select * from t1; f1 5 @@ -57,20 +43,15 @@ delete from t1; ERROR 42000: DELETE command denied to user 'ssl_user4'@'localhost' for table 't1' connection default; disconnect con1; -disconnect con2; disconnect con3; disconnect con4; -drop user ssl_user1@localhost, ssl_user2@localhost, -ssl_user3@localhost, ssl_user4@localhost, ssl_user5@localhost; +drop user ssl_user1@localhost, ssl_user3@localhost, ssl_user4@localhost, ssl_user5@localhost; drop table t1; mysqltest: Could not open connection 'default': 2026 SSL connection error: xxxx mysqltest: Could not open connection 'default': 2026 SSL connection error: xxxx mysqltest: Could not open connection 'default': 2026 SSL connection error: xxxx mysqltest: Could not open connection 'default': 2026 SSL connection error: xxxx mysqltest: Could not open connection 'default': 2026 SSL connection error: xxxx -SHOW STATUS LIKE 'Ssl_cipher'; -Variable_name Value -Ssl_cipher AES256-SHA have_ssl 1 End of 5.0 tests @@ -94,13 +75,7 @@ SSL_ACCEPTS # SSL_CALLBACK_CACHE_HITS # DROP TABLE thread_status; SET GLOBAL event_scheduler=0; -SHOW STATUS LIKE 'Ssl_cipher'; -Variable_name Value -Ssl_cipher AES128-SHA -SHOW STATUS LIKE 'Ssl_cipher'; -Variable_name Value -Ssl_cipher AES128-SHA -mysqltest: Could not open connection 'default': 2026 SSL connection error: xxxxCREATE TABLE t1(a int); +CREATE TABLE t1(a int); INSERT INTO t1 VALUES (1), (2); /*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */; @@ -204,19 +179,12 @@ UNLOCK TABLES; /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */; /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */; -mysqldump: Got error: 2026: SSL connection error: xxxx +mysqldump: Got error: 2026: "SSL connection error: xxxx DROP TABLE t1; -Variable_name Value -Ssl_cipher AES256-SHA -Variable_name Value -Ssl_cipher AES128-SHA -select 'is still running; no cipher request crashed the server' as result from dual; -result -is still running; no cipher request crashed the server GRANT SELECT ON test.* TO bug42158@localhost REQUIRE X509; FLUSH PRIVILEGES; connect con1,localhost,bug42158,,,,,SSL; -SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'; +SELECT VARIABLE_VALUE <> '' AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'; have_ssl 1 disconnect con1; diff --git a/mysql-test/r/ssl.result b/mysql-test/r/ssl.result index 5de9e5174d8..bd2d650acc5 100644 --- a/mysql-test/r/ssl.result +++ b/mysql-test/r/ssl.result @@ -2175,8 +2175,3 @@ still connected? still connected? connection default; disconnect ssl_con; -create user mysqltest_1@localhost; -grant usage on mysqltest.* to mysqltest_1@localhost require cipher "AES256-SHA"; -Variable_name Value -Ssl_cipher AES256-SHA -drop user mysqltest_1@localhost; diff --git a/mysql-test/r/ssl_cipher.result b/mysql-test/r/ssl_cipher.result index 79998dfca80..266c9f9322a 100644 --- a/mysql-test/r/ssl_cipher.result +++ b/mysql-test/r/ssl_cipher.result @@ -1,6 +1,61 @@ -# -# BUG#11760210 - SSL_CIPHER_LIST NOT SET OR RETURNED FOR "SHOW STATUS LIKE 'SSL_CIPHER_LIST'" -# +create user ssl_user1@localhost require SSL; +create user ssl_user2@localhost require cipher 'AES256-SHA'; +create user ssl_user3@localhost require cipher 'AES256-SHA' AND SUBJECT '/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client'; +create user ssl_user4@localhost require cipher 'AES256-SHA' AND SUBJECT '/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client' ISSUER '/CN=cacert/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB'; +create user ssl_user5@localhost require cipher 'AES256-SHA' AND SUBJECT 'xxx'; +connect con1,localhost,ssl_user1,,,,,SSL-CIPHER=AES256-SHA; +connect(localhost,ssl_user2,,test,MASTER_PORT,MASTER_SOCKET); +connect con2,localhost,ssl_user2,,,,,SSL-CIPHER=AES128-SHA; +ERROR 28000: Access denied for user 'ssl_user2'@'localhost' (using password: NO) +connect con2,localhost,ssl_user2,,,,,SSL-CIPHER=AES256-SHA; +connect con3,localhost,ssl_user3,,,,,SSL-CIPHER=AES256-SHA; +connect con4,localhost,ssl_user4,,,,,SSL-CIPHER=AES256-SHA; +connect(localhost,ssl_user5,,test,MASTER_PORT,MASTER_SOCKET); +connect con5,localhost,ssl_user5,,,,,SSL-CIPHER=AES256-SHA; +ERROR 28000: Access denied for user 'ssl_user5'@'localhost' (using password: NO) +connection con1; +SHOW STATUS LIKE 'Ssl_cipher'; +Variable_name Value +Ssl_cipher AES256-SHA +disconnect con1; +connection con2; +SHOW STATUS LIKE 'Ssl_cipher'; +Variable_name Value +Ssl_cipher AES256-SHA +disconnect con2; +connection con3; +SHOW STATUS LIKE 'Ssl_cipher'; +Variable_name Value +Ssl_cipher AES256-SHA +disconnect con3; +connection con4; +SHOW STATUS LIKE 'Ssl_cipher'; +Variable_name Value +Ssl_cipher AES256-SHA +disconnect con4; +connection default; +drop user ssl_user1@localhost, ssl_user2@localhost, ssl_user3@localhost, ssl_user4@localhost, ssl_user5@localhost; +SHOW STATUS LIKE 'Ssl_cipher'; +Variable_name Value +Ssl_cipher AES256-SHA +SHOW STATUS LIKE 'Ssl_cipher'; +Variable_name Value +Ssl_cipher AES128-SHA +SHOW STATUS LIKE 'Ssl_cipher'; +Variable_name Value +Ssl_cipher AES128-SHA +mysqltest: Could not open connection 'default': 2026 SSL connection error: xxxxVariable_name Value +Ssl_cipher AES256-SHA +Variable_name Value +Ssl_cipher AES128-SHA +select 'is still running; no cipher request crashed the server' as result from dual; +result +is still running; no cipher request crashed the server +create user mysqltest_1@localhost; +grant usage on mysqltest.* to mysqltest_1@localhost require cipher "AES256-SHA"; +Variable_name Value +Ssl_cipher AES256-SHA +drop user mysqltest_1@localhost; connect ssl_con,localhost,root,,,,,SSL; SHOW STATUS LIKE 'Ssl_cipher'; Variable_name Value @@ -8,5 +63,5 @@ Ssl_cipher AES128-SHA SHOW STATUS LIKE 'Ssl_cipher_list'; Variable_name Value Ssl_cipher_list AES128-SHA -connection default; disconnect ssl_con; +connection default; diff --git a/mysql-test/suite.pm b/mysql-test/suite.pm index 30e50671496..3849e4ef886 100644 --- a/mysql-test/suite.pm +++ b/mysql-test/suite.pm @@ -70,9 +70,9 @@ sub skip_combinations { } $skip{'include/check_ipv6.inc'} = 'No IPv6' unless ipv6_ok(); - $skip{'t/openssl_6975.test'} = 'no or too old openssl' + $skip{'t/openssl_6975.test'} = 'no or wrong openssl version' unless $::mysqld_variables{'version-ssl-library'} =~ /OpenSSL (\S+)/ - and $1 ge "1.0.1d"; + and $1 ge "1.0.1d" and $1 lt "1.1.1"; $skip{'t/ssl_7937.combinations'} = [ 'x509v3' ] unless $::mysqld_variables{'version-ssl-library'} =~ /OpenSSL (\S+)/ diff --git a/mysql-test/t/openssl_1.test b/mysql-test/t/openssl_1.test index 35bb7aca085..e88b3c2c442 100644 --- a/mysql-test/t/openssl_1.test +++ b/mysql-test/t/openssl_1.test @@ -16,58 +16,45 @@ create table t1(f1 int); insert into t1 values (5); grant select on test.* to ssl_user1@localhost require SSL; -grant select on test.* to ssl_user2@localhost require cipher "AES256-SHA"; -grant select on test.* to ssl_user3@localhost require cipher "AES256-SHA" AND SUBJECT "/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client"; -grant select on test.* to ssl_user4@localhost require cipher "AES256-SHA" AND SUBJECT "/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client" ISSUER "/CN=cacert/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB"; -grant select on test.* to ssl_user5@localhost require cipher "AES256-SHA" AND SUBJECT "xxx"; +grant select on test.* to ssl_user3@localhost require SUBJECT "/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client"; +grant select on test.* to ssl_user4@localhost require SUBJECT "/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client" ISSUER "/CN=cacert/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB"; +grant select on test.* to ssl_user5@localhost require SUBJECT "xxx"; flush privileges; -connect (con1,localhost,ssl_user1,,,,,SSL-CIPHER=AES256-SHA); +connect (con1,localhost,ssl_user1,,,,,SSL); +--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT +connect (con3,localhost,ssl_user3,,,,,SSL); +connect (con4,localhost,ssl_user4,,,,,SSL); --replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT --error ER_ACCESS_DENIED_ERROR -connect (con2,localhost,ssl_user2,,,,,SSL-CIPHER=AES128-SHA); -connect (con2,localhost,ssl_user2,,,,,SSL-CIPHER=AES256-SHA); -connect (con3,localhost,ssl_user3,,,,,SSL-CIPHER=AES256-SHA); -connect (con4,localhost,ssl_user4,,,,,SSL-CIPHER=AES256-SHA); ---replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT ---error ER_ACCESS_DENIED_ERROR -connect (con5,localhost,ssl_user5,,,,,SSL-CIPHER=AES256-SHA); +connect (con5,localhost,ssl_user5,,,,,SSL); connection con1; # Check ssl turned on -SHOW STATUS LIKE 'Ssl_cipher'; -select * from t1; ---error ER_TABLEACCESS_DENIED_ERROR -delete from t1; - -connection con2; -# Check ssl turned on -SHOW STATUS LIKE 'Ssl_cipher'; +SELECT VARIABLE_VALUE <> '' AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'; select * from t1; --error ER_TABLEACCESS_DENIED_ERROR delete from t1; connection con3; # Check ssl turned on -SHOW STATUS LIKE 'Ssl_cipher'; +SELECT VARIABLE_VALUE <> '' AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'; select * from t1; --error ER_TABLEACCESS_DENIED_ERROR delete from t1; connection con4; # Check ssl turned on -SHOW STATUS LIKE 'Ssl_cipher'; +SELECT VARIABLE_VALUE <> '' AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'; select * from t1; --error ER_TABLEACCESS_DENIED_ERROR delete from t1; connection default; disconnect con1; -disconnect con2; disconnect con3; disconnect con4; -drop user ssl_user1@localhost, ssl_user2@localhost, -ssl_user3@localhost, ssl_user4@localhost, ssl_user5@localhost; +drop user ssl_user1@localhost, ssl_user3@localhost, ssl_user4@localhost, ssl_user5@localhost; drop table t1; @@ -120,14 +107,6 @@ drop table t1; --exec $MYSQL_TEST --ssl-cert= --max-connect-retries=1 < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1 --echo -# -# Bug#21611 Slave can't connect when master-ssl-cipher specified -# - Apparently selecting a cipher doesn't work at all -# - Use a cipher that both yaSSL and OpenSSL supports -# ---exec echo "SHOW STATUS LIKE 'Ssl_cipher'; exit;" > $MYSQLTEST_VARDIR/tmp/test.sql ---exec $MYSQL_TEST --ssl-cipher=AES256-SHA < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1 - # # Bug#25309 SSL connections without CA certificate broken since MySQL 5.0.23 # @@ -135,7 +114,7 @@ drop table t1; # verification of servers certificate by setting both ca certificate # and ca path to NULL # ---exec $MYSQL --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem -e "SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'" 2>&1 +--exec $MYSQL --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem -e "SELECT VARIABLE_VALUE <> '' AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'" 2>&1 --echo End of 5.0 tests # @@ -176,25 +155,6 @@ SELECT variable_name, variable_value FROM thread_status; DROP TABLE thread_status; SET GLOBAL event_scheduler=0; -# -# Test to connect using a list of ciphers -# ---exec echo "SHOW STATUS LIKE 'Ssl_cipher'; exit;" > $MYSQLTEST_VARDIR/tmp/test.sql ---exec $MYSQL_TEST --ssl-cipher=UNKNOWN-CIPHER:AES128-SHA < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1 - - -# Test to connect using a specifi cipher -# ---exec echo "SHOW STATUS LIKE 'Ssl_cipher'; exit;" > $MYSQLTEST_VARDIR/tmp/test.sql ---exec $MYSQL_TEST --ssl-cipher=AES128-SHA < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1 - -# Test to connect using an unknown cipher -# ---exec echo "SHOW STATUS LIKE 'Ssl_cipher'; exit" > $MYSQLTEST_VARDIR/tmp/test.sql ---replace_regex /2026 SSL connection error.*/2026 SSL connection error: xxxx/ ---error 1 ---exec $MYSQL_TEST --ssl-cipher=UNKNOWN-CIPHER < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1 - # # Bug#27669 mysqldump: SSL connection error when trying to connect # @@ -211,36 +171,13 @@ INSERT INTO t1 VALUES (1), (2); # With wrong parameters --replace_result $MYSQL_TEST_DIR MYSQL_TEST_DIR mysqldump.exe mysqldump ---replace_regex /\"SSL connection error.*/SSL connection error: xxxx/ +--replace_regex /SSL connection error.*/SSL connection error: xxxx/ --error 2 --exec $MYSQL_DUMP --skip-create-options --skip-comments --ssl --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem test 2>&1 --echo DROP TABLE t1; --remove_file $MYSQLTEST_VARDIR/tmp/test.sql -# -# Bug#39172 Asking for DH+non-RSA key with server set to use other key caused -# YaSSL to crash the server. -# - -# Common ciphers to openssl and yassl ---exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=AES256-SHA ---exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=AES128-SHA ---disable_query_log ---disable_result_log - -# Below here caused crashes. ################ ---error 1,0 ---exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl-cipher';" --ssl-cipher=NOT----EXIST -# These probably exist but the server's keys can't be used to accept these kinds of connections. ---error 1,0 ---exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl-cipher';" --ssl-cipher=AES128-RMD - -# If this gives a result, then the bug is fixed. ---enable_result_log ---enable_query_log -select 'is still running; no cipher request crashed the server' as result from dual; - # # Bug#42158: leak: SSL_get_peer_certificate() doesn't have matching X509_free() # @@ -248,7 +185,7 @@ select 'is still running; no cipher request crashed the server' as result from d GRANT SELECT ON test.* TO bug42158@localhost REQUIRE X509; FLUSH PRIVILEGES; connect(con1,localhost,bug42158,,,,,SSL); -SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'; +SELECT VARIABLE_VALUE <> '' AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'; disconnect con1; connection default; DROP USER bug42158@localhost; diff --git a/mysql-test/t/ssl.test b/mysql-test/t/ssl.test index f2ac288db7a..67db668a1c2 100644 --- a/mysql-test/t/ssl.test +++ b/mysql-test/t/ssl.test @@ -32,10 +32,5 @@ select 'still connected?'; connection default; disconnect ssl_con; -create user mysqltest_1@localhost; -grant usage on mysqltest.* to mysqltest_1@localhost require cipher "AES256-SHA"; ---exec $MYSQL -umysqltest_1 --ssl-cipher=AES256-SHA -e "show status like 'ssl_cipher'" 2>&1 -drop user mysqltest_1@localhost; - # Wait till all disconnects are completed --source include/wait_until_count_sessions.inc diff --git a/mysql-test/t/ssl_cert_verify.test b/mysql-test/t/ssl_cert_verify.test index 83f621b7ca9..51b1612e45b 100644 --- a/mysql-test/t/ssl_cert_verify.test +++ b/mysql-test/t/ssl_cert_verify.test @@ -30,7 +30,7 @@ let $ssl_verify_pass_path = --ssl --ssl-ca=$MYSQL_TEST_DIR/std_data/ca-cert-veri --enable_reconnect --source include/wait_until_connected_again.inc ---replace_result TLSv1.2 TLS_VERSION TLSv1.1 TLS_VERSION TLSv1 TLS_VERSION +--replace_result TLSv1.3 TLS_VERSION TLSv1.2 TLS_VERSION TLSv1.1 TLS_VERSION TLSv1 TLS_VERSION --exec $MYSQL --protocol=tcp --ssl-ca=$MYSQL_TEST_DIR/std_data/ca-cert-verify.pem --ssl-verify-server-cert -e "SHOW STATUS like 'Ssl_version'" --echo # restart server using restart diff --git a/mysql-test/t/ssl_cipher-master.opt b/mysql-test/t/ssl_cipher-master.opt deleted file mode 100644 index d750c46ba5c..00000000000 --- a/mysql-test/t/ssl_cipher-master.opt +++ /dev/null @@ -1 +0,0 @@ ---loose-ssl-cipher=AES128-SHA diff --git a/mysql-test/t/ssl_cipher.test b/mysql-test/t/ssl_cipher.test index cf249343324..27854654a9f 100644 --- a/mysql-test/t/ssl_cipher.test +++ b/mysql-test/t/ssl_cipher.test @@ -1,23 +1,103 @@ -# Turn on ssl between the client and server -# and run a number of tests +# +# Various tests that require setting of a specific ssl_cipher +# which currently doesn't work in OpenSSL 1.1.1 +# +--source include/have_ssl_communication.inc ---echo # ---echo # BUG#11760210 - SSL_CIPHER_LIST NOT SET OR RETURNED FOR "SHOW STATUS LIKE 'SSL_CIPHER_LIST'" ---echo # +if (`select @@version_ssl_library like 'OpenSSL 1.1.1%'`) { + skip OpenSSL 1.1.1; +} --- source include/have_ssl_communication.inc +create user ssl_user1@localhost require SSL; +create user ssl_user2@localhost require cipher 'AES256-SHA'; +create user ssl_user3@localhost require cipher 'AES256-SHA' AND SUBJECT '/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client'; +create user ssl_user4@localhost require cipher 'AES256-SHA' AND SUBJECT '/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client' ISSUER '/CN=cacert/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB'; +create user ssl_user5@localhost require cipher 'AES256-SHA' AND SUBJECT 'xxx'; -# Save the initial number of concurrent sessions ---source include/count_sessions.inc +connect (con1,localhost,ssl_user1,,,,,SSL-CIPHER=AES256-SHA); +--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT +--error ER_ACCESS_DENIED_ERROR +connect (con2,localhost,ssl_user2,,,,,SSL-CIPHER=AES128-SHA); +connect (con2,localhost,ssl_user2,,,,,SSL-CIPHER=AES256-SHA); +connect (con3,localhost,ssl_user3,,,,,SSL-CIPHER=AES256-SHA); +connect (con4,localhost,ssl_user4,,,,,SSL-CIPHER=AES256-SHA); +--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT +--error ER_ACCESS_DENIED_ERROR +connect (con5,localhost,ssl_user5,,,,,SSL-CIPHER=AES256-SHA); +connection con1; +SHOW STATUS LIKE 'Ssl_cipher'; +disconnect con1; +connection con2; +SHOW STATUS LIKE 'Ssl_cipher'; +disconnect con2; +connection con3; +SHOW STATUS LIKE 'Ssl_cipher'; +disconnect con3; +connection con4; +SHOW STATUS LIKE 'Ssl_cipher'; +disconnect con4; +connection default; +drop user ssl_user1@localhost, ssl_user2@localhost, ssl_user3@localhost, ssl_user4@localhost, ssl_user5@localhost; + +# +# Bug#21611 Slave can't connect when master-ssl-cipher specified +# - Apparently selecting a cipher doesn't work at all +# - Use a cipher that both yaSSL and OpenSSL supports +# +--write_file $MYSQLTEST_VARDIR/tmp/test.sql +SHOW STATUS LIKE 'Ssl_cipher'; +EOF +--exec $MYSQL_TEST --ssl-cipher=AES256-SHA < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1 +# Test to connect using a list of ciphers +--exec $MYSQL_TEST --ssl-cipher=UNKNOWN-CIPHER:AES128-SHA < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1 +# Test to connect using a specifi cipher +--exec $MYSQL_TEST --ssl-cipher=AES128-SHA < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1 +# Test to connect using an unknown cipher +--replace_regex /2026 SSL connection error.*/2026 SSL connection error: xxxx/ +--error 1 +--exec $MYSQL_TEST --ssl-cipher=UNKNOWN-CIPHER < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1 +--remove_file $MYSQLTEST_VARDIR/tmp/test.sql + +# +# Bug#39172 Asking for DH+non-RSA key with server set to use other key caused +# YaSSL to crash the server. +# + +# Common ciphers to openssl and yassl +--exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=AES256-SHA +--exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=AES128-SHA +--disable_query_log +--disable_result_log + +# Below here caused crashes. ################ +--error 0,1 +--exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl-cipher';" --ssl-cipher=NOT----EXIST +# These probably exist but the server's keys can't be used to accept these kinds of connections. +--error 0,1 +--exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl-cipher';" --ssl-cipher=AES128-RMD + +# If this gives a result, then the bug is fixed. +--enable_result_log +--enable_query_log +select 'is still running; no cipher request crashed the server' as result from dual; + +# +# MDEV-10054 Secure login fails when CIPHER is required +# +create user mysqltest_1@localhost; +grant usage on mysqltest.* to mysqltest_1@localhost require cipher "AES256-SHA"; +--exec $MYSQL -umysqltest_1 --ssl-cipher=AES256-SHA -e "show status like 'ssl_cipher'" 2>&1 +drop user mysqltest_1@localhost; + +# +# BUG#11760210 - SSL_CIPHER_LIST NOT SET OR RETURNED FOR "SHOW STATUS LIKE 'SSL_CIPHER_LIST'" +# it was a bug in yaSSL, fixed in d2e36e4258bb +# +let $restart_parameters=--ssl-cipher=AES128-SHA; +source include/restart_mysqld.inc; connect (ssl_con,localhost,root,,,,,SSL); - -# Check Cipher Name and Cipher List SHOW STATUS LIKE 'Ssl_cipher'; SHOW STATUS LIKE 'Ssl_cipher_list'; - -connection default; disconnect ssl_con; - -# Wait till all disconnects are completed ---source include/wait_until_count_sessions.inc +connection default; From d4515d1305162b2b5a920412d01dd075d3e42f33 Mon Sep 17 00:00:00 2001 From: Sergei Golubchik Date: Fri, 25 Jan 2019 14:05:54 +0100 Subject: [PATCH 07/11] Deb: don't edit control file from inside rules file It's too late. Might work or not (and on buster it doesn't). --- debian/autobake-deb.sh | 5 +++++ debian/rules | 5 ----- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/debian/autobake-deb.sh b/debian/autobake-deb.sh index b569df9118f..ac2f1395dcd 100755 --- a/debian/autobake-deb.sh +++ b/debian/autobake-deb.sh @@ -89,6 +89,11 @@ then sed '/Package: mariadb-plugin-aws-key-management-10.2/,+12d' -i debian/control fi +# Don't build cassandra package if thrift is not installed +if [[ ! -f /usr/local/include/thrift/Thrift.h && ! -f /usr/include/thrift/Thrift.h ]] +then + sed '/Package: mariadb-plugin-cassandra/,/^$/d' -i debian/control +fi # Adjust changelog, add new version echo "Incrementing changelog and starting build scripts" diff --git a/debian/rules b/debian/rules index e526e012172..3b1952ad2b9 100755 --- a/debian/rules +++ b/debian/rules @@ -120,11 +120,6 @@ ifneq ($(ARCH), amd64) sed -i -e "/Package: mariadb-plugin-tokudb/,+16d" debian/control endif - # If libthrift-dev was available (manually installed, as it is - # not in Debian) and ha_cassandra.so was thus built, create package, - # otherwise skip it. - [ -f $(BUILDDIR)/storage/cassandra/ha_cassandra.so ] || sed -i -e "/Package: mariadb-plugin-cassandra/,+18d" debian/control - # Copy systemd files to a location available for dh_installinit cp $(BUILDDIR)/support-files/mariadb.service debian/mariadb-server-10.2.mariadb.service cp $(BUILDDIR)/support-files/mariadb@.service debian/mariadb-server-10.2.mariadb@.service From 3fb6d2587d6498c50c82aac77062d95ad5f2237a Mon Sep 17 00:00:00 2001 From: Sergei Golubchik Date: Fri, 25 Jan 2019 19:26:39 +0100 Subject: [PATCH 08/11] Don't run tests that check privileges in --embedded --- mysql-test/suite/funcs_1/t/is_check_constraint.test | 1 + 1 file changed, 1 insertion(+) diff --git a/mysql-test/suite/funcs_1/t/is_check_constraint.test b/mysql-test/suite/funcs_1/t/is_check_constraint.test index 116ac3f4ab1..30a72d02b34 100644 --- a/mysql-test/suite/funcs_1/t/is_check_constraint.test +++ b/mysql-test/suite/funcs_1/t/is_check_constraint.test @@ -1,4 +1,5 @@ --source include/have_innodb.inc +--source include/not_embedded.inc --echo # --echo # MDEV-17323: Backport INFORMATION_SCHEMA.CHECK_CONSTRAINTS to 10.2 --echo # From e99e6f29e98df8762305c0f7c1caebc728cfc6dc Mon Sep 17 00:00:00 2001 From: Sergei Golubchik Date: Sat, 5 Jan 2019 11:49:35 +0100 Subject: [PATCH 09/11] cleanup: trg2bit() helper --- sql/log_event.cc | 9 ++++----- sql/sql_lex.cc | 23 +++++++---------------- sql/sql_trigger.cc | 6 ++---- sql/sql_trigger.h | 3 +++ 4 files changed, 16 insertions(+), 25 deletions(-) diff --git a/sql/log_event.cc b/sql/log_event.cc index f16abb13003..ffcb1f9dfa2 100644 --- a/sql/log_event.cc +++ b/sql/log_event.cc @@ -13445,9 +13445,8 @@ err: #if defined(MYSQL_SERVER) && defined(HAVE_REPLICATION) uint8 Write_rows_log_event::get_trg_event_map() { - return (static_cast (1 << static_cast(TRG_EVENT_INSERT)) | - static_cast (1 << static_cast(TRG_EVENT_UPDATE)) | - static_cast (1 << static_cast(TRG_EVENT_DELETE))); + return trg2bit(TRG_EVENT_INSERT) | trg2bit(TRG_EVENT_UPDATE) | + trg2bit(TRG_EVENT_DELETE); } #endif @@ -14154,7 +14153,7 @@ err: #if defined(MYSQL_SERVER) && defined(HAVE_REPLICATION) uint8 Delete_rows_log_event::get_trg_event_map() { - return static_cast (1 << static_cast(TRG_EVENT_DELETE)); + return trg2bit(TRG_EVENT_DELETE); } #endif @@ -14429,7 +14428,7 @@ err: #if defined(MYSQL_SERVER) && defined(HAVE_REPLICATION) uint8 Update_rows_log_event::get_trg_event_map() { - return static_cast (1 << static_cast(TRG_EVENT_UPDATE)); + return trg2bit(TRG_EVENT_UPDATE); } #endif diff --git a/sql/sql_lex.cc b/sql/sql_lex.cc index 40d5e53c7a0..ca4876413b6 100644 --- a/sql/sql_lex.cc +++ b/sql/sql_lex.cc @@ -3473,12 +3473,8 @@ void LEX::set_trg_event_type_for_tables() On a LOCK TABLE, all triggers must be pre-loaded for this TABLE_LIST when opening an associated TABLE. */ - new_trg_event_map= static_cast - (1 << static_cast(TRG_EVENT_INSERT)) | - static_cast - (1 << static_cast(TRG_EVENT_UPDATE)) | - static_cast - (1 << static_cast(TRG_EVENT_DELETE)); + new_trg_event_map= trg2bit(TRG_EVENT_INSERT) | trg2bit(TRG_EVENT_UPDATE) | + trg2bit(TRG_EVENT_DELETE); break; /* Basic INSERT. If there is an additional ON DUPLIATE KEY UPDATE @@ -3509,20 +3505,17 @@ void LEX::set_trg_event_type_for_tables() */ case SQLCOM_CREATE_TABLE: case SQLCOM_CREATE_SEQUENCE: - new_trg_event_map|= static_cast - (1 << static_cast(TRG_EVENT_INSERT)); + new_trg_event_map|= trg2bit(TRG_EVENT_INSERT); break; /* Basic update and multi-update */ case SQLCOM_UPDATE: /* fall through */ case SQLCOM_UPDATE_MULTI: - new_trg_event_map|= static_cast - (1 << static_cast(TRG_EVENT_UPDATE)); + new_trg_event_map|= trg2bit(TRG_EVENT_UPDATE); break; /* Basic delete and multi-delete */ case SQLCOM_DELETE: /* fall through */ case SQLCOM_DELETE_MULTI: - new_trg_event_map|= static_cast - (1 << static_cast(TRG_EVENT_DELETE)); + new_trg_event_map|= trg2bit(TRG_EVENT_DELETE); break; default: break; @@ -3530,12 +3523,10 @@ void LEX::set_trg_event_type_for_tables() switch (duplicates) { case DUP_UPDATE: - new_trg_event_map|= static_cast - (1 << static_cast(TRG_EVENT_UPDATE)); + new_trg_event_map|= trg2bit(TRG_EVENT_UPDATE); break; case DUP_REPLACE: - new_trg_event_map|= static_cast - (1 << static_cast(TRG_EVENT_DELETE)); + new_trg_event_map|= trg2bit(TRG_EVENT_DELETE); break; case DUP_ERROR: default: diff --git a/sql/sql_trigger.cc b/sql/sql_trigger.cc index dde93dc6ed6..d03807c63d5 100644 --- a/sql/sql_trigger.cc +++ b/sql/sql_trigger.cc @@ -2192,8 +2192,7 @@ bool Table_triggers_list::process_triggers(THD *thd, This trigger must have been processed by the pre-locking algorithm. */ - DBUG_ASSERT(trigger_table->pos_in_table_list->trg_event_map & - static_cast(1 << static_cast(event))); + DBUG_ASSERT(trigger_table->pos_in_table_list->trg_event_map & trg2bit(event)); thd->reset_sub_statement_state(&statement_state, SUB_STMT_TRIGGER); @@ -2245,8 +2244,7 @@ add_tables_and_routines_for_triggers(THD *thd, for (int i= 0; i < (int)TRG_EVENT_MAX; i++) { - if (table_list->trg_event_map & - static_cast(1 << static_cast(i))) + if (table_list->trg_event_map & trg2bit(static_cast(i))) { for (int j= 0; j < (int)TRG_ACTION_MAX; j++) { diff --git a/sql/sql_trigger.h b/sql/sql_trigger.h index 0fddb94fde1..9cd6c61891a 100644 --- a/sql/sql_trigger.h +++ b/sql/sql_trigger.h @@ -38,6 +38,9 @@ enum trg_event_type TRG_EVENT_MAX }; +static inline uint8 trg2bit(enum trg_event_type trg) +{ return static_cast(1 << static_cast(trg)); } + #include "table.h" /* GRANT_INFO */ /* From 7334f9717d107f8f12af1fb94d1bcfe7f724f0eb Mon Sep 17 00:00:00 2001 From: Honza Horak Date: Wed, 9 Jan 2019 15:05:02 +0100 Subject: [PATCH 10/11] Do not import commands library as it is not used Closes #1080 --- storage/rocksdb/myrocks_hotbackup.py | 1 - 1 file changed, 1 deletion(-) diff --git a/storage/rocksdb/myrocks_hotbackup.py b/storage/rocksdb/myrocks_hotbackup.py index 69c75b7cbfd..906ba814776 100755 --- a/storage/rocksdb/myrocks_hotbackup.py +++ b/storage/rocksdb/myrocks_hotbackup.py @@ -8,7 +8,6 @@ import os import stat import sys import re -import commands import subprocess import logging import logging.handlers From a4ab66c8f86d79a1b6bf8aadbe0282e2c71c55a8 Mon Sep 17 00:00:00 2001 From: Sergei Golubchik Date: Wed, 9 Jan 2019 23:10:16 +0100 Subject: [PATCH 11/11] Make the PYTHON_SHEBANG value configurable and gitignore myrocks_hotbackup (as it's now generated) Closes #1081 --- .gitignore | 1 + CMakeLists.txt | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 859551d62a0..6f093a3612b 100644 --- a/.gitignore +++ b/.gitignore @@ -189,6 +189,7 @@ storage/myisam/myisampack storage/myisam/rt_test storage/myisam/sp_test storage/rocksdb/ldb +storage/rocksdb/myrocks_hotbackup storage/rocksdb/mysql_ldb storage/rocksdb/sst_dump storage/rocksdb/rdb_source_revision.h diff --git a/CMakeLists.txt b/CMakeLists.txt index a7c419e127e..9f839616159 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -334,7 +334,8 @@ MYSQL_CHECK_SSL() MYSQL_CHECK_READLINE() SET(MALLOC_LIBRARY "system") -SET(PYTHON_SHEBANG "/usr/bin/env python") +SET(PYTHON_SHEBANG "/usr/bin/env python" CACHE STRING "python shebang") +MARK_AS_ADVANCED(PYTHON_SHEBANG) CHECK_PCRE()