From 78292047a4747ccd9210ba36a185a1dbe825de89 Mon Sep 17 00:00:00 2001 From: Alexey Botchkov Date: Mon, 28 Dec 2020 15:12:32 +0400 Subject: MDEV-19442 server_audit plugin doesn't consider proxy users in server_audit_excl_users/server_audit_incl_users. Check the proxy user just as the connection user against the incl_users_list and excl_users_list. --- plugin/server_audit/server_audit.c | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) (limited to 'plugin') diff --git a/plugin/server_audit/server_audit.c b/plugin/server_audit/server_audit.c index fe8bf4478fc..ebb2c6c0a05 100644 --- a/plugin/server_audit/server_audit.c +++ b/plugin/server_audit/server_audit.c @@ -1578,22 +1578,27 @@ no_password: -static int do_log_user(const char *name, int take_lock) +static int do_log_user(const char *name, int len, + const char *proxy, int proxy_len, int take_lock) { - size_t len; int result; if (!name) return 0; - len= strlen(name); if (take_lock) flogger_mutex_lock(&lock_operations); if (incl_user_coll.n_users) - result= coll_search(&incl_user_coll, name, len) != 0; + { + result= coll_search(&incl_user_coll, name, len) != 0 || + (proxy && coll_search(&incl_user_coll, proxy, proxy_len) != 0); + } else if (excl_user_coll.n_users) - result= coll_search(&excl_user_coll, name, len) == 0; + { + result= coll_search(&excl_user_coll, name, len) == 0 && + (proxy && coll_search(&excl_user_coll, proxy, proxy_len) == 0); + } else result= 1; @@ -2134,7 +2139,9 @@ void auditing(MYSQL_THD thd, unsigned int event_class, const void *ev) } if (event_class == MYSQL_AUDIT_GENERAL_CLASS && FILTER(EVENT_QUERY) && - cn && (cn->log_always || do_log_user(cn->user, 1))) + cn && (cn->log_always || do_log_user(cn->user, cn->user_length, + cn->proxy, cn->proxy_length, + 1))) { const struct mysql_event_general *event = (const struct mysql_event_general *) ev; @@ -2154,7 +2161,8 @@ void auditing(MYSQL_THD thd, unsigned int event_class, const void *ev) { const struct mysql_event_table *event = (const struct mysql_event_table *) ev; - if (do_log_user(event->user, 1)) + if (do_log_user(event->user, SAFE_STRLEN(event->user), + cn->proxy, cn->proxy_length, 1)) { switch (event->event_subclass) { -- cgit v1.2.1 From f319c4265f0ae18e2703adaff951a6a6c87bcace Mon Sep 17 00:00:00 2001 From: Andrei Elkin Date: Wed, 6 Jan 2021 19:55:55 +0200 Subject: MDEV-19442 add-on fixing windows build. --- plugin/server_audit/server_audit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'plugin') diff --git a/plugin/server_audit/server_audit.c b/plugin/server_audit/server_audit.c index ebb2c6c0a05..47878e2e667 100644 --- a/plugin/server_audit/server_audit.c +++ b/plugin/server_audit/server_audit.c @@ -2161,7 +2161,7 @@ void auditing(MYSQL_THD thd, unsigned int event_class, const void *ev) { const struct mysql_event_table *event = (const struct mysql_event_table *) ev; - if (do_log_user(event->user, SAFE_STRLEN(event->user), + if (do_log_user(event->user, (int) SAFE_STRLEN(event->user), cn->proxy, cn->proxy_length, 1)) { switch (event->event_subclass) -- cgit v1.2.1 From e25623e78a3efde05e30070dc7362f8dc0d8c459 Mon Sep 17 00:00:00 2001 From: Nikita Malyavin Date: Tue, 29 Dec 2020 13:38:16 +1000 Subject: MDEV-17556 Assertion `bitmap_is_set_all(&table->s->all_set)' failed The assertion failed in handler::ha_reset upon SELECT under READ UNCOMMITTED from table with index on virtual column. This was the debug-only failure, though the problem is mush wider: * MY_BITMAP is a structure containing my_bitmap_map, the latter is a raw bitmap. * read_set, write_set and vcol_set of TABLE are the pointers to MY_BITMAP * The rest of MY_BITMAPs are stored in TABLE and TABLE_SHARE * The pointers to the stored MY_BITMAPs, like orig_read_set etc, and sometimes all_set and tmp_set, are assigned to the pointers. * Sometimes tmp_use_all_columns is used to substitute the raw bitmap directly with all_set.bitmap * Sometimes even bitmaps are directly modified, like in TABLE::update_virtual_field(): bitmap_clear_all(&tmp_set) is called. The last three bullets in the list, when used together (which is mostly always) make the program flow cumbersome and impossible to follow, notwithstanding the errors they cause, like this MDEV-17556, where tmp_set pointer was assigned to read_set, write_set and vcol_set, then its bitmap was substituted with all_set.bitmap by dbug_tmp_use_all_columns() call, and then bitmap_clear_all(&tmp_set) was applied to all this. To untangle this knot, the rule should be applied: * Never substitute bitmaps! This patch is about this. orig_*, all_set bitmaps are never substituted already. This patch changes the following function prototypes: * tmp_use_all_columns, dbug_tmp_use_all_columns to accept MY_BITMAP** and to return MY_BITMAP * instead of my_bitmap_map* * tmp_restore_column_map, dbug_tmp_restore_column_maps to accept MY_BITMAP* instead of my_bitmap_map* These functions now will substitute read_set/write_set/vcol_set directly, and won't touch underlying bitmaps. --- plugin/feedback/sender_thread.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'plugin') diff --git a/plugin/feedback/sender_thread.cc b/plugin/feedback/sender_thread.cc index 3210c1c9e41..55a7306e7c3 100644 --- a/plugin/feedback/sender_thread.cc +++ b/plugin/feedback/sender_thread.cc @@ -47,7 +47,7 @@ static int table_to_string(TABLE *table, String *result) res= table->file->ha_rnd_init(1); - dbug_tmp_use_all_columns(table, table->read_set); + dbug_tmp_use_all_columns(table, &table->read_set); while(!res && !table->file->ha_rnd_next(table->record[0])) { -- cgit v1.2.1