From 95b22b96fbbfe9bc079ee9848124fa303afad367 Mon Sep 17 00:00:00 2001 From: Rahim Kanji Date: Thu, 8 Jun 2023 16:38:19 +0500 Subject: [PATCH] Added SSL connection support in kill_query_thread --- include/MySQL_Session.h | 5 ++-- lib/MySQL_HostGroups_Manager.cpp | 2 +- lib/MySQL_Session.cpp | 42 ++++++++++++++++++++------------ 3 files changed, 31 insertions(+), 18 deletions(-) diff --git a/include/MySQL_Session.h b/include/MySQL_Session.h index 424d7d694..dda1304e3 100644 --- a/include/MySQL_Session.h +++ b/include/MySQL_Session.h @@ -373,9 +373,10 @@ public: unsigned long id; int kill_type; unsigned int hid; + int use_ssl; - KillArgs(char* u, char* p, char* h, unsigned int P, unsigned int _hdi, unsigned long i, int kt, MySQL_Thread* _mt); - KillArgs(char *u, char *p, char *h, unsigned int P, unsigned int _hdi, unsigned long i, int kt, MySQL_Thread *_mt, char *ip); + KillArgs(char* u, char* p, char* h, unsigned int P, unsigned int _hid, unsigned long i, int kt, int _use_ssl, MySQL_Thread* _mt); + KillArgs(char *u, char *p, char *h, unsigned int P, unsigned int _hid, unsigned long i, int kt, int _use_ssl, MySQL_Thread* _mt, char *ip); ~KillArgs(); const char* get_host_address() const; diff --git a/lib/MySQL_HostGroups_Manager.cpp b/lib/MySQL_HostGroups_Manager.cpp index 862a479aa..22c13d639 100644 --- a/lib/MySQL_HostGroups_Manager.cpp +++ b/lib/MySQL_HostGroups_Manager.cpp @@ -3378,7 +3378,7 @@ void MySQL_HostGroups_Manager::destroy_MyConn_from_pool(MySQL_Connection *c, boo auth_password=ui->password; } } - KillArgs *ka = new KillArgs(ui->username, auth_password, c->parent->address, c->parent->port, c->parent->myhgc->hid, c->mysql->thread_id, KILL_CONNECTION, NULL, c->connected_host_details.ip); + KillArgs *ka = new KillArgs(ui->username, auth_password, c->parent->address, c->parent->port, c->parent->myhgc->hid, c->mysql->thread_id, KILL_CONNECTION, c->parent->use_ssl, NULL, c->connected_host_details.ip); pthread_attr_t attr; pthread_attr_init(&attr); pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_DETACHED); diff --git a/lib/MySQL_Session.cpp b/lib/MySQL_Session.cpp index e9cd3043a..7d044c4e4 100644 --- a/lib/MySQL_Session.cpp +++ b/lib/MySQL_Session.cpp @@ -173,9 +173,8 @@ bool Session_Regex::match(char *m) { rc=RE2::PartialMatch(m,*(RE2 *)re); return rc; } - -KillArgs::KillArgs(char* u, char* p, char* h, unsigned int P, unsigned int _hid, unsigned long i, int kt, MySQL_Thread* _mt) : - KillArgs(u, p, h, P, _hid, i, kt, _mt, NULL) { +KillArgs::KillArgs(char* u, char* p, char* h, unsigned int P, unsigned int _hid, unsigned long i, int kt, int _use_ssl, MySQL_Thread* _mt) : + KillArgs(u, p, h, P, _hid, i, kt, _use_ssl, _mt, NULL) { // resolving DNS if available in Cache if (h && P) { const std::string& ip = MySQL_Monitor::dns_lookup(h, false); @@ -185,8 +184,7 @@ KillArgs::KillArgs(char* u, char* p, char* h, unsigned int P, unsigned int _hid, } } } - -KillArgs::KillArgs(char *u, char *p, char *h, unsigned int P, unsigned int _hid, unsigned long i, int kt, MySQL_Thread *_mt, char *ip) { +KillArgs::KillArgs(char* u, char* p, char* h, unsigned int P, unsigned int _hid, unsigned long i, int kt, int _use_ssl, MySQL_Thread *_mt, char *ip) { username=strdup(u); password=strdup(p); hostname=strdup(h); @@ -197,6 +195,7 @@ KillArgs::KillArgs(char *u, char *p, char *h, unsigned int P, unsigned int _hid, hid=_hid; id=i; kill_type=kt; + use_ssl=_use_ssl; mt=_mt; } @@ -217,14 +216,27 @@ const char* KillArgs::get_host_address() const { return host_address; } -void * kill_query_thread(void *arg) { +void* kill_query_thread(void *arg) { KillArgs *ka=(KillArgs *)arg; - MYSQL *mysql; - MySQL_Thread * thread = ka->mt; - mysql=mysql_init(NULL); + std::unique_ptr mysql_thr(new MySQL_Thread()); + mysql_thr->curtime=monotonic_time(); + mysql_thr->refresh_variables(); + MYSQL *mysql=mysql_init(NULL); mysql_options4(mysql, MYSQL_OPT_CONNECT_ATTR_ADD, "program_name", "proxysql_killer"); mysql_options4(mysql, MYSQL_OPT_CONNECT_ATTR_ADD, "_server_host", ka->hostname); - //mysql_options(mysql, MARIADB_OPT_SSL_KEYLOG_CALLBACK, (void*)proxysql_keylog_write_line_callback); + + if (ka->use_ssl && ka->port) { + mysql_ssl_set(mysql, + mysql_thread___ssl_p2s_key, + mysql_thread___ssl_p2s_cert, + mysql_thread___ssl_p2s_ca, + mysql_thread___ssl_p2s_capath, + mysql_thread___ssl_p2s_cipher); + mysql_options(mysql, MYSQL_OPT_SSL_CRL, mysql_thread___ssl_p2s_crl); + mysql_options(mysql, MYSQL_OPT_SSL_CRLPATH, mysql_thread___ssl_p2s_crlpath); + mysql_options(mysql, MARIADB_OPT_SSL_KEYLOG_CALLBACK, (void*)proxysql_keylog_write_line_callback); + } + if (!mysql) { goto __exit_kill_query_thread; } @@ -233,14 +245,14 @@ void * kill_query_thread(void *arg) { switch (ka->kill_type) { case KILL_QUERY: proxy_warning("KILL QUERY %lu on %s:%d\n", ka->id, ka->hostname, ka->port); - if (thread) { - thread->status_variables.stvar[st_var_killed_queries]++; + if (ka->mt) { + ka->mt->status_variables.stvar[st_var_killed_queries]++; } break; case KILL_CONNECTION: proxy_warning("KILL CONNECTION %lu on %s:%d\n", ka->id, ka->hostname, ka->port); - if (thread) { - thread->status_variables.stvar[st_var_killed_connections]++; + if (ka->mt) { + ka->mt->status_variables.stvar[st_var_killed_connections]++; } break; default: @@ -1779,7 +1791,7 @@ void MySQL_Session::handler_again___new_thread_to_kill_connection() { } } - KillArgs *ka = new KillArgs(ui->username, auth_password, myds->myconn->parent->address, myds->myconn->parent->port, myds->myconn->parent->myhgc->hid, myds->myconn->mysql->thread_id, KILL_QUERY, thread, myds->myconn->connected_host_details.ip); + KillArgs *ka = new KillArgs(ui->username, auth_password, myds->myconn->parent->address, myds->myconn->parent->port, myds->myconn->parent->myhgc->hid, myds->myconn->mysql->thread_id, KILL_QUERY, myds->myconn->parent->use_ssl, thread, myds->myconn->connected_host_details.ip); pthread_attr_t attr; pthread_attr_init(&attr); pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_DETACHED);