Commit 19f0b96d authored by Julius Goryavsky's avatar Julius Goryavsky

MDEV-27682: bundled wsrep_notify.sh causes mariadbd to freeze during start

This commit adds automation that will reduce the possibility
of user errors when customizing wsrep_notify.sh (in particular
caused by user-specified parameters). Now all leading and trailing
spaces are removed from the user-specified parameters and automatic
port and host address substitution has been added to scripts, as
well as automatic password substitution to the client command line,
only if it is specified in the wsrep_notify.sh and not as empty
strings. Also added support for automatic substitution of the all
SSL-related parameters and improved parsing for ipv6 addresses
(to allow "[...]" notation for ipv6 addresses). Also added a
test to check if the wsrep notify script will works with SSL.
parent c0817dac
...@@ -22,4 +22,3 @@ eval SET PASSWORD FOR testuser1@'$IPv6' = PASSWORD ('9876'); ...@@ -22,4 +22,3 @@ eval SET PASSWORD FOR testuser1@'$IPv6' = PASSWORD ('9876');
--replace_result ::1 localhost --replace_result ::1 localhost
SELECT USER(); SELECT USER();
eval DROP USER testuser1@'$IPv6'; eval DROP USER testuser1@'$IPv6';
...@@ -4,11 +4,31 @@ ...@@ -4,11 +4,31 @@
# It will create 'wsrep' schema and two tables in it: 'membeship' and 'status' # It will create 'wsrep' schema and two tables in it: 'membeship' and 'status'
# and fill them on every membership or node status change. # and fill them on every membership or node status change.
# #
# Edit parameters below to specify the address and login to server. # Edit parameters below to specify the address and login to server:
#
USER=root USER=root
PSWD=
#
# If these parameters are not set, then the values
# passed by the server are taken:
#
HOST=127.0.0.1 HOST=127.0.0.1
PORT=$NODE_MYPORT_1 PORT=$NODE_MYPORT_1
#
# Edit parameters below to specify SSL parameters:
#
ssl_key=
ssl_cert=
ssl_ca=
ssl_capath=
ssl_cipher=
ssl_crl=
ssl_crlpath=
ssl_verify_server_cert=0
#
# Client executable path:
#
CLIENT="$EXE_MYSQL"
SCHEMA="mtr_wsrep_notify" SCHEMA="mtr_wsrep_notify"
MEMB_TABLE="$SCHEMA.membership" MEMB_TABLE="$SCHEMA.membership"
...@@ -19,7 +39,7 @@ SET wsrep_on=0; ...@@ -19,7 +39,7 @@ SET wsrep_on=0;
CREATE SCHEMA IF NOT EXISTS $SCHEMA; CREATE SCHEMA IF NOT EXISTS $SCHEMA;
CREATE TABLE IF NOT EXISTS $MEMB_TABLE ( CREATE TABLE IF NOT EXISTS $MEMB_TABLE (
idx INT, idx INT,
uuid CHAR(40), /* node UUID */ uuid CHAR(40), /* node UUID */
name VARCHAR(32), /* node name */ name VARCHAR(32), /* node name */
addr VARCHAR(256) /* node address */ addr VARCHAR(256) /* node address */
) ENGINE=MEMORY; ) ENGINE=MEMORY;
...@@ -40,7 +60,7 @@ configuration_change() ...@@ -40,7 +60,7 @@ configuration_change()
local idx=0 local idx=0
for NODE in $(echo $MEMBERS | sed s/,/\ /g) for NODE in $(echo "$MEMBERS" | sed s/,/\ /g)
do do
echo "INSERT INTO $MEMB_TABLE VALUES ( $idx, " echo "INSERT INTO $MEMB_TABLE VALUES ( $idx, "
# Don't forget to properly quote string values # Don't forget to properly quote string values
...@@ -59,17 +79,44 @@ status_update() ...@@ -59,17 +79,44 @@ status_update()
echo "SET wsrep_on=0; BEGIN; UPDATE $STATUS_TABLE SET status='$STATUS'; COMMIT;" echo "SET wsrep_on=0; BEGIN; UPDATE $STATUS_TABLE SET status='$STATUS'; COMMIT;"
} }
trim_string()
{
if [ -n "${BASH_VERSION:-}" ]; then
local pattern="[![:space:]${2:-}]"
local x="${1#*$pattern}"
local z=${#1}
x=${#x}
if [ $x -ne $z ]; then
local y="${1%$pattern*}"
y=${#y}
x=$(( z-x-1 ))
y=$(( y-x+1 ))
printf '%s' "${1:$x:$y}"
else
printf ''
fi
else
local pattern="[[:space:]${2:-}]"
echo "$1" | sed -E "s/^$pattern+|$pattern+\$//g"
fi
}
COM=status_update # not a configuration change by default COM=status_update # not a configuration change by default
while [ $# -gt 0 ] STATUS=""
do CLUSTER_UUID=""
PRIMARY="0"
INDEX=""
MEMBERS=""
while [ $# -gt 0 ]; do
case $1 in case $1 in
--status) --status)
STATUS=$2 STATUS=$(trim_string "$2")
shift shift
;; ;;
--uuid) --uuid)
CLUSTER_UUID=$2 CLUSTER_UUID=$(trim_string "$2")
shift shift
;; ;;
--primary) --primary)
...@@ -78,22 +125,71 @@ do ...@@ -78,22 +125,71 @@ do
shift shift
;; ;;
--index) --index)
INDEX=$2 INDEX=$(trim_string "$2")
shift shift
;; ;;
--members) --members)
MEMBERS=$2 MEMBERS=$(trim_string "$2")
shift shift
;; ;;
esac esac
shift shift
done done
# Undefined means node is shutting down USER=$(trim_string "$USER")
if [ "$STATUS" != "Undefined" ] PSWD=$(trim_string "$PSWD")
HOST=$(trim_string "$HOST")
PORT=$(trim_string "$PORT")
case "$HOST" in
\[*)
HOST="${HOST##\[}"
HOST=$(trim_string "${HOST%%\]}")
;;
esac
if [ -z "$HOST" ]; then
HOST="${NOTIFY_HOST:-}"
fi
if [ -z "$PORT" ]; then
PORT="${NOTIFY_PORT:-}"
fi
ssl_key=$(trim_string "$ssl_key");
ssl_cert=$(trim_string "$ssl_cert");
ssl_ca=$(trim_string "$ssl_ca");
ssl_capath=$(trim_string "$ssl_capath");
ssl_cipher=$(trim_string "$ssl_cipher");
ssl_crl=$(trim_string "$ssl_crl");
ssl_crlpath=$(trim_string "$ssl_crlpath");
ssl_verify_server_cert=$(trim_string "$ssl_verify_server_cert");
SSL_PARAM=""
if [ -n "$ssl_key" -o -n "$ssl_cert" -o \
-n "$ssl_ca" -o -n "$ssl_capath" -o \
-n "$ssl_cipher" ]
then then
$COM | mysql -B -u$USER -h$HOST -P$PORT SSL_PARAM=' --ssl'
[ -n "$ssl_key" ] && SSL_PARAM="$SSL_PARAM --ssl-key='$ssl_key'"
[ -n "$ssl_cert" ] && SSL_PARAM="$SSL_PARAM --ssl-cert='$ssl_cert'"
[ -n "$ssl_ca" ] && SSL_PARAM="$SSL_PARAM --ssl-ca='$ssl_ca'"
[ -n "$ssl_capath" ] && SSL_PARAM="$SSL_PARAM --ssl-capath='$ssl_capath'"
[ -n "$ssl_cipher" ] && SSL_PARAM="$SSL_PARAM --ssl-cipher='$ssl_cipher'"
[ -n "$ssl_crl" ] && SSL_PARAM="$SSL_PARAM --ssl-crl='$ssl_crl'"
[ -n "$ssl_crlpath" ] && SSL_PARAM="$SSL_PARAM --ssl-crlpath='$ssl_crlpath'"
if [ -n "$ssl_verify_server_cert" ]; then
if [ $ssl_verify_server_cert -ne 0 ]; then
SSL_PARAM+=' --ssl-verify-server-cert'
fi
fi
fi
# Undefined means node is shutting down
if [ "$STATUS" != 'Undefined' ]; then
"$COM" | eval "$CLIENT" -B "-u'$USER'"${PSWD:+" -p'$PSWD'"}\
"-h'$HOST'" "-P$PORT"$SSL_PARAM
fi fi
exit 0 exit 0
#
#!/bin/sh -eu
# This is a simple example of wsrep notification script (wsrep_notify_cmd).
# It will create 'wsrep' schema and two tables in it: 'membeship' and 'status'
# and fill them on every membership or node status change.
#
# Edit parameters below to specify the address and login to server:
#
USER=root
PSWD=
#
# If these parameters are not set, then the values
# passed by the server are taken:
#
HOST=127.0.0.1
PORT=$NODE_MYPORT_1
#
# Edit parameters below to specify SSL parameters:
#
ssl_cert="$MYSQL_TEST_DIR/std_data/client-cert.pem"
ssl_key="$MYSQL_TEST_DIR/std_data/client-key.pem"
ssl_ca="$MYSQL_TEST_DIR/std_data/cacert.pem"
ssl_capath=
ssl_cipher=
ssl_crl=
ssl_crlpath=
ssl_verify_server_cert=0
#
# Client executable path:
#
CLIENT="$EXE_MYSQL"
SCHEMA="mtr_wsrep_notify"
MEMB_TABLE="$SCHEMA.membership"
STATUS_TABLE="$SCHEMA.status"
BEGIN="
SET wsrep_on=0;
CREATE SCHEMA IF NOT EXISTS $SCHEMA;
CREATE TABLE IF NOT EXISTS $MEMB_TABLE (
idx INT,
uuid CHAR(40), /* node UUID */
name VARCHAR(32), /* node name */
addr VARCHAR(256) /* node address */
) ENGINE=MEMORY;
CREATE TABLE IF NOT EXISTS $STATUS_TABLE (
size INT, /* component size */
idx INT, /* this node index */
status CHAR(16), /* this node status */
uuid CHAR(40), /* cluster UUID */
prim BOOLEAN /* if component is primary */
) ENGINE=MEMORY;
BEGIN;
"
END="COMMIT;"
configuration_change()
{
echo "$BEGIN;"
local idx=0
for NODE in $(echo "$MEMBERS" | sed s/,/\ /g)
do
echo "INSERT INTO $MEMB_TABLE VALUES ( $idx, "
# Don't forget to properly quote string values
echo "'$NODE'" | sed s/\\//\',\'/g
echo ");"
idx=$(( $idx + 1 ))
done
echo "INSERT INTO $STATUS_TABLE VALUES($idx, $INDEX, '$STATUS', '$CLUSTER_UUID', $PRIMARY);"
echo "$END"
}
status_update()
{
echo "SET wsrep_on=0; BEGIN; UPDATE $STATUS_TABLE SET status='$STATUS'; COMMIT;"
}
trim_string()
{
if [ -n "${BASH_VERSION:-}" ]; then
local pattern="[![:space:]${2:-}]"
local x="${1#*$pattern}"
local z=${#1}
x=${#x}
if [ $x -ne $z ]; then
local y="${1%$pattern*}"
y=${#y}
x=$(( z-x-1 ))
y=$(( y-x+1 ))
printf '%s' "${1:$x:$y}"
else
printf ''
fi
else
local pattern="[[:space:]${2:-}]"
echo "$1" | sed -E "s/^$pattern+|$pattern+\$//g"
fi
}
COM=status_update # not a configuration change by default
STATUS=""
CLUSTER_UUID=""
PRIMARY="0"
INDEX=""
MEMBERS=""
while [ $# -gt 0 ]; do
case $1 in
--status)
STATUS=$(trim_string "$2")
shift
;;
--uuid)
CLUSTER_UUID=$(trim_string "$2")
shift
;;
--primary)
[ "$2" = "yes" ] && PRIMARY="1" || PRIMARY="0"
COM=configuration_change
shift
;;
--index)
INDEX=$(trim_string "$2")
shift
;;
--members)
MEMBERS=$(trim_string "$2")
shift
;;
esac
shift
done
USER=$(trim_string "$USER")
PSWD=$(trim_string "$PSWD")
HOST=$(trim_string "$HOST")
PORT=$(trim_string "$PORT")
case "$HOST" in
\[*)
HOST="${HOST##\[}"
HOST=$(trim_string "${HOST%%\]}")
;;
esac
if [ -z "$HOST" ]; then
HOST="${NOTIFY_HOST:-}"
fi
if [ -z "$PORT" ]; then
PORT="${NOTIFY_PORT:-}"
fi
ssl_key=$(trim_string "$ssl_key");
ssl_cert=$(trim_string "$ssl_cert");
ssl_ca=$(trim_string "$ssl_ca");
ssl_capath=$(trim_string "$ssl_capath");
ssl_cipher=$(trim_string "$ssl_cipher");
ssl_crl=$(trim_string "$ssl_crl");
ssl_crlpath=$(trim_string "$ssl_crlpath");
ssl_verify_server_cert=$(trim_string "$ssl_verify_server_cert");
SSL_PARAM=""
if [ -n "$ssl_key" -o -n "$ssl_cert" -o \
-n "$ssl_ca" -o -n "$ssl_capath" -o \
-n "$ssl_cipher" ]
then
SSL_PARAM=' --ssl'
[ -n "$ssl_key" ] && SSL_PARAM="$SSL_PARAM --ssl-key='$ssl_key'"
[ -n "$ssl_cert" ] && SSL_PARAM="$SSL_PARAM --ssl-cert='$ssl_cert'"
[ -n "$ssl_ca" ] && SSL_PARAM="$SSL_PARAM --ssl-ca='$ssl_ca'"
[ -n "$ssl_capath" ] && SSL_PARAM="$SSL_PARAM --ssl-capath='$ssl_capath'"
[ -n "$ssl_cipher" ] && SSL_PARAM="$SSL_PARAM --ssl-cipher='$ssl_cipher'"
[ -n "$ssl_crl" ] && SSL_PARAM="$SSL_PARAM --ssl-crl='$ssl_crl'"
[ -n "$ssl_crlpath" ] && SSL_PARAM="$SSL_PARAM --ssl-crlpath='$ssl_crlpath'"
if [ -n "$ssl_verify_server_cert" ]; then
if [ $ssl_verify_server_cert -ne 0 ]; then
SSL_PARAM+=' --ssl-verify-server-cert'
fi
fi
fi
# Undefined means node is shutting down
if [ "$STATUS" != 'Undefined' ]; then
"$COM" | eval "$CLIENT" -B "-u'$USER'"${PSWD:+" -p'$PSWD'"}\
"-h'$HOST'" "-P$PORT"$SSL_PARAM
fi
exit 0
connection node_1;
SELECT COUNT(DISTINCT uuid) AS EXPECT_2 FROM mtr_wsrep_notify.membership;
EXPECT_2
2
SELECT MAX(size) AS EXPECT_2 FROM mtr_wsrep_notify.status;
EXPECT_2
2
SELECT COUNT(DISTINCT idx) AS EXPECT_2 FROM mtr_wsrep_notify.status;
EXPECT_2
2
DROP SCHEMA mtr_wsrep_notify;
--wsrep_notify_cmd=$MYSQL_TEST_DIR/std_data/wsrep_notify_ssl.sh --wsrep-sync-wait=0
!include ../galera_2nodes.cnf
[mysqld]
ssl-cert=@ENV.MYSQL_TEST_DIR/std_data/server-cert.pem
ssl-key=@ENV.MYSQL_TEST_DIR/std_data/server-key.pem
ssl-ca=@ENV.MYSQL_TEST_DIR/std_data/cacert.pem
bind-address=::
[mysqld.1]
wsrep_provider_options='base_port=@mysqld.1.#galera_port;gmcast.listen_addr=tcp://[::]:@mysqld.1.#galera_port;ist.recv_addr=[::1]:@mysqld.1.#ist_port;gcache.size=1;pc.ignore_sb=true'
wsrep_node_incoming_address='[::1]:@mysqld.1.port'
wsrep_node_address=::1
wsrep_sst_receive_address='[::1]:@mysqld.1.#sst_port'
[mysqld.2]
wsrep_cluster_address='gcomm://[::1]:@mysqld.1.#galera_port'
wsrep_provider_options='base_port=@mysqld.2.#galera_port;gmcast.listen_addr=tcp://[::]:@mysqld.2.#galera_port;ist.recv_addr=[::1]:@mysqld.2.#ist_port;gcache.size=1;pc.ignore_sb=true'
wsrep_node_address=::1
wsrep_node_incoming_address='[::1]:@mysqld.2.port'
wsrep_sst_receive_address='[::1]:@mysqld.2.#sst_port'
#
# Test wsrep_notify_cmd. We use a version of the support-files/wsrep_notify.sh script that writes
# notifications into a table.
#
--source include/galera_cluster.inc
--source include/have_ssl_communication.inc
--source include/check_ipv6.inc
--source include/force_restart.inc
--connection node_1
--let $wait_condition = SELECT COUNT(DISTINCT uuid) = 2 FROM mtr_wsrep_notify.membership;
--source include/wait_condition.inc
SELECT COUNT(DISTINCT uuid) AS EXPECT_2 FROM mtr_wsrep_notify.membership;
SELECT MAX(size) AS EXPECT_2 FROM mtr_wsrep_notify.status;
SELECT COUNT(DISTINCT idx) AS EXPECT_2 FROM mtr_wsrep_notify.status;
# CLEANUP
DROP SCHEMA mtr_wsrep_notify;
...@@ -4,12 +4,31 @@ ...@@ -4,12 +4,31 @@
# It will create 'wsrep' schema and two tables in it: 'membeship' and 'status' # It will create 'wsrep' schema and two tables in it: 'membeship' and 'status'
# and fill them on every membership or node status change. # and fill them on every membership or node status change.
# #
# Edit parameters below to specify the address and login to server. # Edit parameters below to specify the address and login to server:
#
USER=root USER=root
PSWD=rootpass PSWD=rootpass
#
# If these parameters are not set, then the values
# passed by the server are taken:
#
HOST=127.0.0.1 HOST=127.0.0.1
PORT=3306 PORT=3306
#
# Edit parameters below to specify SSL parameters:
#
ssl_key=
ssl_cert=
ssl_ca=
ssl_capath=
ssl_cipher=
ssl_crl=
ssl_crlpath=
ssl_verify_server_cert=0
#
# Client executable path:
#
CLIENT="mysql"
SCHEMA="wsrep" SCHEMA="wsrep"
MEMB_TABLE="$SCHEMA.membership" MEMB_TABLE="$SCHEMA.membership"
...@@ -32,8 +51,6 @@ CREATE TABLE $STATUS_TABLE ( ...@@ -32,8 +51,6 @@ CREATE TABLE $STATUS_TABLE (
prim BOOLEAN /* if component is primary */ prim BOOLEAN /* if component is primary */
) ENGINE=MEMORY; ) ENGINE=MEMORY;
BEGIN; BEGIN;
DELETE FROM $MEMB_TABLE;
DELETE FROM $STATUS_TABLE;
" "
END="COMMIT;" END="COMMIT;"
...@@ -43,7 +60,7 @@ configuration_change() ...@@ -43,7 +60,7 @@ configuration_change()
local idx=0 local idx=0
for NODE in $(echo $MEMBERS | sed s/,/\ /g) for NODE in $(echo "$MEMBERS" | sed s/,/\ /g)
do do
echo "INSERT INTO $MEMB_TABLE VALUES ( $idx, " echo "INSERT INTO $MEMB_TABLE VALUES ( $idx, "
# Don't forget to properly quote string values # Don't forget to properly quote string values
...@@ -62,17 +79,44 @@ status_update() ...@@ -62,17 +79,44 @@ status_update()
echo "SET wsrep_on=0; BEGIN; UPDATE $STATUS_TABLE SET status='$STATUS'; COMMIT;" echo "SET wsrep_on=0; BEGIN; UPDATE $STATUS_TABLE SET status='$STATUS'; COMMIT;"
} }
trim_string()
{
if [ -n "${BASH_VERSION:-}" ]; then
local pattern="[![:space:]${2:-}]"
local x="${1#*$pattern}"
local z=${#1}
x=${#x}
if [ $x -ne $z ]; then
local y="${1%$pattern*}"
y=${#y}
x=$(( z-x-1 ))
y=$(( y-x+1 ))
printf '%s' "${1:$x:$y}"
else
printf ''
fi
else
local pattern="[[:space:]${2:-}]"
echo "$1" | sed -E "s/^$pattern+|$pattern+\$//g"
fi
}
COM=status_update # not a configuration change by default COM=status_update # not a configuration change by default
while [ $# -gt 0 ] STATUS=""
do CLUSTER_UUID=""
PRIMARY="0"
INDEX=""
MEMBERS=""
while [ $# -gt 0 ]; do
case $1 in case $1 in
--status) --status)
STATUS=$2 STATUS=$(trim_string "$2")
shift shift
;; ;;
--uuid) --uuid)
CLUSTER_UUID=$2 CLUSTER_UUID=$(trim_string "$2")
shift shift
;; ;;
--primary) --primary)
...@@ -81,22 +125,71 @@ do ...@@ -81,22 +125,71 @@ do
shift shift
;; ;;
--index) --index)
INDEX=$2 INDEX=$(trim_string "$2")
shift shift
;; ;;
--members) --members)
MEMBERS=$2 MEMBERS=$(trim_string "$2")
shift shift
;; ;;
esac esac
shift shift
done done
# Undefined means node is shutting down USER=$(trim_string "$USER")
if [ "$STATUS" != "Undefined" ] PSWD=$(trim_string "$PSWD")
HOST=$(trim_string "$HOST")
PORT=$(trim_string "$PORT")
case "$HOST" in
\[*)
HOST="${HOST##\[}"
HOST=$(trim_string "${HOST%%\]}")
;;
esac
if [ -z "$HOST" ]; then
HOST="${NOTIFY_HOST:-}"
fi
if [ -z "$PORT" ]; then
PORT="${NOTIFY_PORT:-}"
fi
ssl_key=$(trim_string "$ssl_key");
ssl_cert=$(trim_string "$ssl_cert");
ssl_ca=$(trim_string "$ssl_ca");
ssl_capath=$(trim_string "$ssl_capath");
ssl_cipher=$(trim_string "$ssl_cipher");
ssl_crl=$(trim_string "$ssl_crl");
ssl_crlpath=$(trim_string "$ssl_crlpath");
ssl_verify_server_cert=$(trim_string "$ssl_verify_server_cert");
SSL_PARAM=""
if [ -n "$ssl_key" -o -n "$ssl_cert" -o \
-n "$ssl_ca" -o -n "$ssl_capath" -o \
-n "$ssl_cipher" ]
then then
$COM | mysql -B -u$USER -p$PSWD -h$HOST -P$PORT SSL_PARAM=' --ssl'
[ -n "$ssl_key" ] && SSL_PARAM="$SSL_PARAM --ssl-key='$ssl_key'"
[ -n "$ssl_cert" ] && SSL_PARAM="$SSL_PARAM --ssl-cert='$ssl_cert'"
[ -n "$ssl_ca" ] && SSL_PARAM="$SSL_PARAM --ssl-ca='$ssl_ca'"
[ -n "$ssl_capath" ] && SSL_PARAM="$SSL_PARAM --ssl-capath='$ssl_capath'"
[ -n "$ssl_cipher" ] && SSL_PARAM="$SSL_PARAM --ssl-cipher='$ssl_cipher'"
[ -n "$ssl_crl" ] && SSL_PARAM="$SSL_PARAM --ssl-crl='$ssl_crl'"
[ -n "$ssl_crlpath" ] && SSL_PARAM="$SSL_PARAM --ssl-crlpath='$ssl_crlpath'"
if [ -n "$ssl_verify_server_cert" ]; then
if [ $ssl_verify_server_cert -ne 0 ]; then
SSL_PARAM+=' --ssl-verify-server-cert'
fi
fi
fi
# Undefined means node is shutting down
if [ "$STATUS" != 'Undefined' ]; then
"$COM" | eval "$CLIENT" -B "-u'$USER'"${PSWD:+" -p'$PSWD'"}\
"-h'$HOST'" "-P$PORT"$SSL_PARAM
fi fi
exit 0 exit 0
#
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment