diff options
| author | Alexey Yurchenko <ayurchen@gmail.com> | 2015-06-06 01:08:41 +0300 |
|---|---|---|
| committer | Nirbhay Choubey <nirbhay@mariadb.com> | 2015-09-09 22:29:03 -0400 |
| commit | 86ee30cea95b4a3c8b34398e75e4fc62d0501616 (patch) | |
| tree | 62b43cc16417537c889584356b48ae50030ba46a | |
| parent | 197e9d2559907b97905f7d1536b481bba2e9ffe3 (diff) | |
| download | mariadb-git-86ee30cea95b4a3c8b34398e75e4fc62d0501616.tar.gz | |
Refs codership/mysql-wsrep#141: this commit
1. Passes wsrep_sst_auth_value to SST scripts via WSREP_SST_OPT_AUTH envronmental variable, so it never appears on the command line
2. In mysqldump and xtrabackup* SST scripts which rely on MySQL authentication, instead of passing password on the command line, SST script sets MYSQL_PWD environment variable, so that password also never appears on the mysqldump/innobackupex command line.
| -rw-r--r-- | scripts/wsrep_sst_common.sh | 4 | ||||
| -rw-r--r-- | scripts/wsrep_sst_mysqldump.sh | 11 | ||||
| -rw-r--r-- | sql/wsrep_utils.cc | 5 |
3 files changed, 16 insertions, 4 deletions
diff --git a/scripts/wsrep_sst_common.sh b/scripts/wsrep_sst_common.sh index 0aa338510e0..f7cd9e91849 100644 --- a/scripts/wsrep_sst_common.sh +++ b/scripts/wsrep_sst_common.sh @@ -143,8 +143,8 @@ readonly WSREP_SST_OPT_AUTH if ! wsrep_auth_not_set then readonly AUTH_VEC=(${WSREP_SST_OPT_AUTH//:/ }) - WSREP_SST_OPT_USER="${AUTH_VEC[0]:-}" - WSREP_SST_OPT_PSWD="${AUTH_VEC[1]:-}" + [ -n "${AUTH_VEC[0]}" ] && WSREP_SST_OPT_USER="${AUTH_VEC[0]}" + [ -n "${AUTH_VEC[1]}" ] && WSREP_SST_OPT_PSWD="${AUTH_VEC[1]}" fi readonly WSREP_SST_OPT_USER readonly WSREP_SST_OPT_PSWD diff --git a/scripts/wsrep_sst_mysqldump.sh b/scripts/wsrep_sst_mysqldump.sh index 9a061f89e43..7a5695851d4 100644 --- a/scripts/wsrep_sst_mysqldump.sh +++ b/scripts/wsrep_sst_mysqldump.sh @@ -76,6 +76,17 @@ fi # word, it is arguably more secure than passing password on the command line. [ -n "$WSREP_SST_OPT_PSWD" ] && export MYSQL_PWD="$WSREP_SST_OPT_PSWD" +# Refs https://github.com/codership/mysql-wsrep/issues/141 +# Passing password in MYSQL_PWD environment variable is considered +# "extremely insecure" by MySQL Guidelines for Password Security +# (https://dev.mysql.com/doc/refman/5.6/en/password-security-user.html) +# that is even less secure than passing it on a command line! It is doubtful: +# the whole command line is easily observable by any unprivileged user via ps, +# whereas (at least on Linux) unprivileged user can't see process environment +# that he does not own. So while it may be not secure in the NSA sense of the +# word, it is arguably more secure than passing password on the command line. +[ -n "$WSREP_SST_OPT_PSWD" ] && export MYSQL_PWD="$WSREP_SST_OPT_PSWD" + STOP_WSREP="SET wsrep_on=OFF;" # mysqldump cannot restore CSV tables, fix this issue diff --git a/sql/wsrep_utils.cc b/sql/wsrep_utils.cc index 719e8e6b473..b6b50ae7443 100644 --- a/sql/wsrep_utils.cc +++ b/sql/wsrep_utils.cc @@ -165,9 +165,10 @@ env::append(const char* val) ++len_; env_[len_] = NULL; } - else errno_ = errno; } - else errno_ = errno; + + /* if either realloc() or strdup() failed, errno had been set */ + errno_ = errno; return errno_; } |