From d9efa6dad06734e512067d1430907e8cbb955944 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20Canna=C3=B2?= Date: Wed, 13 Jul 2016 23:41:14 +0000 Subject: [PATCH] Allows Monitor user to be used in mysql_users Fixes issue #603. mysql-monitor_username is not stored anymore in GloMyAuth --- lib/MySQL_Protocol.cpp | 21 ++++++++++++++++++++- lib/MySQL_Thread.cpp | 11 ++++++----- lib/ProxySQL_Admin.cpp | 13 +++++++------ 3 files changed, 33 insertions(+), 12 deletions(-) diff --git a/lib/MySQL_Protocol.cpp b/lib/MySQL_Protocol.cpp index 9c638b48a..ef9decbc3 100644 --- a/lib/MySQL_Protocol.cpp +++ b/lib/MySQL_Protocol.cpp @@ -1312,7 +1312,26 @@ bool MySQL_Protocol::process_pkt_handshake_response(unsigned char *pkt, unsigned (*myds)->sess->session_fast_forward=fast_forward; (*myds)->sess->user_max_connections=max_connections; if (password==NULL) { - ret=false; + // this is a workaround for bug #603 + if ((*myds)->sess->admin==true) { + if (strcmp((const char *)user,mysql_thread___monitor_username)==0) { + proxy_scramble(reply, (*myds)->myconn->scramble_buff, mysql_thread___monitor_password); + if (memcmp(reply, pass, SHA_DIGEST_LENGTH)==0) { + (*myds)->sess->default_hostgroup=STATS_HOSTGROUP; + (*myds)->sess->default_schema=strdup((char *)"main"); // just the pointer is passed + (*myds)->sess->schema_locked=false; + (*myds)->sess->transaction_persistent=false; + (*myds)->sess->session_fast_forward=false; + (*myds)->sess->user_max_connections=0; + password=l_strdup(mysql_thread___monitor_password); + ret=true; + } + } else { + ret=false; + } + } else { + ret=false; + } } else { if (pass_len==0 && strlen(password)==0) { ret=true; diff --git a/lib/MySQL_Thread.cpp b/lib/MySQL_Thread.cpp index 959b0efc6..14eb42733 100644 --- a/lib/MySQL_Thread.cpp +++ b/lib/MySQL_Thread.cpp @@ -2030,11 +2030,12 @@ void MySQL_Thread::refresh_variables() { if (mysql_thread___monitor_password) free(mysql_thread___monitor_password); mysql_thread___monitor_password=GloMTH->get_variable_string((char *)"monitor_password"); - if (mysql_thread___monitor_username && mysql_thread___monitor_password) { - if (GloMyAuth) { // this check if required if GloMyAuth doesn't exist yet - GloMyAuth->add(mysql_thread___monitor_username,mysql_thread___monitor_password,USERNAME_FRONTEND,0,STATS_HOSTGROUP,(char *)"main",0,0,0,1000); - } - } + // Removing this code due to bug #603 +// if (mysql_thread___monitor_username && mysql_thread___monitor_password) { +// if (GloMyAuth) { // this check if required if GloMyAuth doesn't exist yet +// GloMyAuth->add(mysql_thread___monitor_username,mysql_thread___monitor_password,USERNAME_FRONTEND,0,STATS_HOSTGROUP,(char *)"main",0,0,0,1000); +// } +// } // SSL proxy to server if (mysql_thread___ssl_p2s_ca) free(mysql_thread___ssl_p2s_ca); diff --git a/lib/ProxySQL_Admin.cpp b/lib/ProxySQL_Admin.cpp index 57e38da8d..1143e6aa1 100644 --- a/lib/ProxySQL_Admin.cpp +++ b/lib/ProxySQL_Admin.cpp @@ -2932,12 +2932,13 @@ bool ProxySQL_Admin::set_variable(char *name, char *value) { // this is the pub size_t vallen=strlen(value); if (!strcasecmp(name,"admin_credentials")) { - // always (re)add monitor user - if (mysql_thread___monitor_username && mysql_thread___monitor_password) { - if (GloMyAuth) { // this check if required if GloMyAuth doesn't exist yet - GloMyAuth->add(mysql_thread___monitor_username,mysql_thread___monitor_password,USERNAME_FRONTEND,0,STATS_HOSTGROUP,(char *)"main",0,0,0,1000); - } - } + // Removing this code due to bug #603 +// // always (re)add monitor user +// if (mysql_thread___monitor_username && mysql_thread___monitor_password) { +// if (GloMyAuth) { // this check if required if GloMyAuth doesn't exist yet +// GloMyAuth->add(mysql_thread___monitor_username,mysql_thread___monitor_password,USERNAME_FRONTEND,0,STATS_HOSTGROUP,(char *)"main",0,0,0,1000); +// } +// } if (vallen) { bool update_creds=false; if ((variables.admin_credentials==NULL) || strcasecmp(variables.admin_credentials,value) ) update_creds=true;