Allows Monitor user to be used in mysql_users

Fixes issue #603. mysql-monitor_username is not stored anymore in GloMyAuth
10 years ago · d9efa6dad0
parent 13c9fe0ebb
commit d9efa6dad0
3 changed files with 33 additions and 12 deletions
--- a/lib/MySQL_Protocol.cpp
+++ b/lib/MySQL_Protocol.cpp
@ -1312,7 +1312,26 @@ bool MySQL_Protocol::process_pkt_handshake_response(unsigned char *pkt, unsigned
 	(*myds)->sess->session_fast_forward=fast_forward;
 	(*myds)->sess->user_max_connections=max_connections;
 	if (password==NULL) {
-		ret=false;
+		// this is a workaround for bug #603
+		if ((*myds)->sess->admin==true) {
+			if (strcmp((const char *)user,mysql_thread___monitor_username)==0) {
+				proxy_scramble(reply, (*myds)->myconn->scramble_buff, mysql_thread___monitor_password);
+				if (memcmp(reply, pass, SHA_DIGEST_LENGTH)==0) {
+					(*myds)->sess->default_hostgroup=STATS_HOSTGROUP;
+					(*myds)->sess->default_schema=strdup((char *)"main"); // just the pointer is passed
+					(*myds)->sess->schema_locked=false;
+					(*myds)->sess->transaction_persistent=false;
+					(*myds)->sess->session_fast_forward=false;
+					(*myds)->sess->user_max_connections=0;
+					password=l_strdup(mysql_thread___monitor_password);
+				ret=true;
+				}
+			} else {
+				ret=false;
+			}
+		} else {
+			ret=false;
+		}
 	} else {
 		if (pass_len==0 && strlen(password)==0) {
 			ret=true;
--- a/lib/MySQL_Thread.cpp
+++ b/lib/MySQL_Thread.cpp
@ -2030,11 +2030,12 @@ void MySQL_Thread::refresh_variables() {
 	if (mysql_thread___monitor_password) free(mysql_thread___monitor_password);
 	mysql_thread___monitor_password=GloMTH->get_variable_string((char *)"monitor_password");

-	if (mysql_thread___monitor_username && mysql_thread___monitor_password) {
-		if (GloMyAuth) { // this check if required if GloMyAuth doesn't exist yet
-			GloMyAuth->add(mysql_thread___monitor_username,mysql_thread___monitor_password,USERNAME_FRONTEND,0,STATS_HOSTGROUP,(char *)"main",0,0,0,1000);
-		}
-	}
+	// Removing this code due to bug #603
+//	if (mysql_thread___monitor_username && mysql_thread___monitor_password) {
+//		if (GloMyAuth) { // this check if required if GloMyAuth doesn't exist yet
+//			GloMyAuth->add(mysql_thread___monitor_username,mysql_thread___monitor_password,USERNAME_FRONTEND,0,STATS_HOSTGROUP,(char *)"main",0,0,0,1000);
+//		}
+//	}

 	// SSL proxy to server
 	if (mysql_thread___ssl_p2s_ca) free(mysql_thread___ssl_p2s_ca);
--- a/lib/ProxySQL_Admin.cpp
+++ b/lib/ProxySQL_Admin.cpp
@ -2932,12 +2932,13 @@ bool ProxySQL_Admin::set_variable(char *name, char *value) {  // this is the pub
 	size_t vallen=strlen(value);

 	if (!strcasecmp(name,"admin_credentials")) {
-		// always (re)add monitor user
-		if (mysql_thread___monitor_username && mysql_thread___monitor_password) {
-			if (GloMyAuth) { // this check if required if GloMyAuth doesn't exist yet
-				GloMyAuth->add(mysql_thread___monitor_username,mysql_thread___monitor_password,USERNAME_FRONTEND,0,STATS_HOSTGROUP,(char *)"main",0,0,0,1000);
-			}
-		}
+		// Removing this code due to bug #603
+//		// always (re)add monitor user
+//		if (mysql_thread___monitor_username && mysql_thread___monitor_password) {
+//			if (GloMyAuth) { // this check if required if GloMyAuth doesn't exist yet
+//				GloMyAuth->add(mysql_thread___monitor_username,mysql_thread___monitor_password,USERNAME_FRONTEND,0,STATS_HOSTGROUP,(char *)"main",0,0,0,1000);
+//			}
+//		}
 		if (vallen) {
 			bool update_creds=false;
 			if ((variables.admin_credentials==NULL) || strcasecmp(variables.admin_credentials,value) ) update_creds=true;