From d8986fd6c3b69d2970e66684e1d00dd603fc9ab7 Mon Sep 17 00:00:00 2001 From: Michael Widenius Date: Mon, 25 Mar 2013 11:13:42 +0200 Subject: Speed up connection time: -Change my_rnd() slightly to make it safer if two threads use it at the same time. -Avoid some sprintf and strmov in vio. -Changed thread_count to be automaticly incremented (instead of under LOCK_thread_count). -Thread cache now uses LOCK_thread_cache instead of LOCK_thread_count. -Moved delete thd out from LOCK_thread_count. -Save some mysql_cond_broadcast(&COND_thread_count) calls. -Removed call to getsockname() during connect. -Initialize random generator without locks. Other things: -Fixed test cases that depends on changes for LOCK_grant -Added thread_safe_decrement32() and thread_safe_increment32() -Removed sql_rnd_with_mutex() and get_thread_running() -In check_table_access() don't lock LOCK_grant if we can resolve the grant with user or db level grants (the normal case). -Don't use a lock for setting THD->query_id. -Fixed bug where thd->set_query_id() could be set to same value by multiple threads. Thanks to Yoshinori Matsunobu for the benchmark of connection speed and to Domas Mituzas for the inspiration for many of the fixes. include/violite.h: Change desc to a string pointer mysql-test/suite/perfschema/r/all_instances.result: Added new mutex mysql-test/suite/perfschema/t/func_mutex.test: Test for LOCK_system_variables_hash instead of LOCK_grant, as LOCK_grant is not anymore always taken for SELECT's. mysys/my_gethwaddr.c: More DBUG mysys/my_rnd.c: Change my_rnd() slightly to make it safer if two threads use it at the same time. sql/event_scheduler.cc: Changed thread_count to be automically incremented Moved some safe things out from LOCK_thread_count. Simplify deleting of THD for running thread. sql/mysqld.cc: Changed thread_count to be automically incremented Thread cache now uses LOCK_thread_cache instead of LOCK_thread_count Added delete_running_thd() Moved delete thd out from LOCK_thread_count More DBUG Only call mysql_cond_broadcast(&COND_thread_count) if thread_count is 0 Removed call to getsockname() (old not anymore needed check) sql/mysqld.h: Removed sql_rnd_with_mutex() (not needed anymore) Removed not used function get_thread_running() Added thread_safe_decrement32() and thread_safe_increment32() Simplified dec_thread_running() and inc_thread_running() next_query_id() should return the original value for global_query_id, not the next one. (Bug introduced with MySQL 5.5 merge). sql/sql_acl.cc: In check_table_access() don't lock LOCK_grant if we can resolve the grant with user or db level grants (the normal case). sql/sql_class.cc: Removed thd_lock_thread_count() and thd_unlock_thread_count() Initialize random generator without locks Don't use a lock for setting THD->query_id. (This is only accessed by thread owning the THD) sql/sql_class.h: Don't use a lock for setting THD->query_id. sql/sql_insert.cc: Changed thread_count to be automically incremented sql/sql_parse.cc: Changed thread_count to be automically incremented Fixed bug where thd->set_query_id() could be set to same value by multiple threads. vio/vio.c: Don't generate 'desc' with sprintf/strmov. Assign a pointer instead. (Good enough as this is just for debugging) --- sql/sql_acl.cc | 37 ++++++++++++++++++++++++------------- 1 file changed, 24 insertions(+), 13 deletions(-) (limited to 'sql/sql_acl.cc') diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index 2f854251ce5..25b54abf983 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -4530,12 +4530,16 @@ end: @see check_access @see check_table_access - @note This functions assumes that either number of tables to be inspected + @note + This functions assumes that either number of tables to be inspected by it is limited explicitly (i.e. is is not UINT_MAX) or table list used and thd->lex->query_tables_own_last value correspond to each other (the latter should be either 0 or point to next_global member of one of elements of this table list). + We delay locking of LOCK_grant until we really need it as we assume that + most privileges be resolved with user or db level accesses. + @return Access status @retval FALSE Access granted; But column privileges might need to be checked. @@ -4552,6 +4556,8 @@ bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables, Security_context *sctx= thd->security_ctx; uint i; ulong orig_want_access= want_access; + my_bool locked= 0; + GRANT_TABLE *grant_table; DBUG_ENTER("check_grant"); DBUG_ASSERT(number > 0); @@ -4575,11 +4581,9 @@ bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables, */ tl->grant.orig_want_privilege= (want_access & ~SHOW_VIEW_ACL); } + number= i; - mysql_rwlock_rdlock(&LOCK_grant); - for (tl= tables; - tl && number-- && tl != first_not_own_table; - tl= tl->next_global) + for (tl= tables; number-- ; tl= tl->next_global) { sctx = test(tl->security_ctx) ? tl->security_ctx : thd->security_ctx; @@ -4632,13 +4636,18 @@ bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables, } continue; } - GRANT_TABLE *grant_table= table_hash_search(sctx->host, sctx->ip, - tl->get_db_name(), - sctx->priv_user, - tl->get_table_name(), - FALSE); - if (!grant_table) + if (!locked) + { + locked= 1; + mysql_rwlock_rdlock(&LOCK_grant); + } + + if (!(grant_table= table_hash_search(sctx->host, sctx->ip, + tl->get_db_name(), + sctx->priv_user, + tl->get_table_name(), + FALSE))) { want_access &= ~tl->grant.privilege; goto err; // No grants @@ -4665,11 +4674,13 @@ bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables, goto err; // impossible } } - mysql_rwlock_unlock(&LOCK_grant); + if (locked) + mysql_rwlock_unlock(&LOCK_grant); DBUG_RETURN(FALSE); err: - mysql_rwlock_unlock(&LOCK_grant); + if (locked) + mysql_rwlock_unlock(&LOCK_grant); if (!no_errors) // Not a silent skip of table { char command[128]; -- cgit v1.2.1 From 102a7a2a763dc5f2da8dd1f9ca9a53664c5aad6a Mon Sep 17 00:00:00 2001 From: Sergei Golubchik Date: Tue, 26 Mar 2013 19:17:26 +0100 Subject: MDEV-4307 Support at least 48 utf8 characters in username in server and PAM Extend plugin auth api to support up to 512 bytes in the user names. Use the API versioning to support old auth plugins too! --- sql/sql_acl.cc | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) (limited to 'sql/sql_acl.cc') diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index 04d797b3ba1..d1cdf35bb5a 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -52,6 +52,8 @@ #include "sql_db.h" #include "sql_array.h" +#include "sql_plugin_compat.h" + bool mysql_user_table_is_in_short_password_format= false; static const @@ -9027,7 +9029,20 @@ static int do_auth_once(THD *thd, const LEX_STRING *auth_plugin_name, if (plugin) { st_mysql_auth *auth= (st_mysql_auth *) plugin_decl(plugin)->info; - res= auth->authenticate_user(mpvio, &mpvio->auth_info); + switch (auth->interface_version) { + case 0x0200: + res= auth->authenticate_user(mpvio, &mpvio->auth_info); + break; + case 0x0100: + { + MYSQL_SERVER_AUTH_INFO_0x0100 compat; + compat.downgrade(&mpvio->auth_info); + res= auth->authenticate_user(mpvio, (MYSQL_SERVER_AUTH_INFO *)&compat); + compat.upgrade(&mpvio->auth_info); + } + break; + default: DBUG_ASSERT(0); + } if (unlock_plugin) plugin_unlock(thd, plugin); @@ -9078,8 +9093,6 @@ bool acl_authenticate(THD *thd, uint connect_errors, : COM_CONNECT; DBUG_ENTER("acl_authenticate"); - compile_time_assert(MYSQL_USERNAME_LENGTH == USERNAME_LENGTH); - bzero(&mpvio, sizeof(mpvio)); mpvio.read_packet= server_mpvio_read_packet; mpvio.write_packet= server_mpvio_write_packet; -- cgit v1.2.1 From a6fa724b7f7826d238952713a10bc4e52df1237f Mon Sep 17 00:00:00 2001 From: Sergei Golubchik Date: Sun, 7 Apr 2013 14:36:53 +0200 Subject: split THD::make_lex_string() in two --- sql/sql_acl.cc | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) (limited to 'sql/sql_acl.cc') diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index f6b3a7adeb7..56dec73bac5 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -7034,10 +7034,8 @@ bool sp_grant_privileges(THD *thd, const char *sp_db, const char *sp_name, tables->db= (char*)sp_db; tables->table_name= tables->alias= (char*)sp_name; - thd->make_lex_string(&combo->user, - combo->user.str, strlen(combo->user.str), 0); - thd->make_lex_string(&combo->host, - combo->host.str, strlen(combo->host.str), 0); + thd->make_lex_string(&combo->user, combo->user.str, strlen(combo->user.str)); + thd->make_lex_string(&combo->host, combo->host.str, strlen(combo->host.str)); combo->password= empty_lex_str; combo->plugin= empty_lex_str; @@ -8263,7 +8261,7 @@ static bool parse_com_change_user_packet(MPVIO_EXT *mpvio, uint packet_length) thd->user_connect= 0; strmake(sctx->priv_user, sctx->user, USERNAME_LENGTH); - if (thd->make_lex_string(&mpvio->db, db_buff, db_len, 0) == 0) + if (thd->make_lex_string(&mpvio->db, db_buff, db_len) == 0) DBUG_RETURN(1); /* The error is set by make_lex_string(). */ /* @@ -8489,7 +8487,7 @@ static ulong parse_client_handshake_packet(MPVIO_EXT *mpvio, Security_context *sctx= thd->security_ctx; - if (thd->make_lex_string(&mpvio->db, db, db_len, 0) == 0) + if (thd->make_lex_string(&mpvio->db, db, db_len) == 0) return packet_error; /* The error is set by make_lex_string(). */ my_free(sctx->user); if (!(sctx->user= my_strndup(user, user_len, MYF(MY_WME)))) -- cgit v1.2.1 From c50ee6c23dbeb090963580754bec2f0a96ac0557 Mon Sep 17 00:00:00 2001 From: Sergei Golubchik Date: Tue, 9 Apr 2013 23:27:52 +0200 Subject: MDEV-4088 Replication 10.0 -> 5.5 fails --- sql/sql_acl.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'sql/sql_acl.cc') diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index 56dec73bac5..d9470094c63 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -7957,7 +7957,7 @@ static bool send_server_handshake_packet(MPVIO_EXT *mpvio, data_len= SCRAMBLE_LENGTH; } - end= strnmov(end, server_version, SERVER_VERSION_LENGTH) + 1; + end= strxnmov(end, SERVER_VERSION_LENGTH, RPL_VERSION_HACK, server_version, NullS) + 1; int4store((uchar*) end, mpvio->thd->thread_id); end+= 4; -- cgit v1.2.1