- 09 Aug, 2024 5 commits
-
-
Nikita Malyavin authored
PARSEC: Password Authentication using Response Signed with Elliptic Curve new authentication plugin that uses salted passwords, key derivation, extensible password storage format, and both server- and client-side scrambles. It signs the response with ed25519, but it uses stock unmodified ed25519 as provided by OpenSSL/WolfSSL/GnuTLS. Edited by: Sergei Golubchik
-
Nikita Malyavin authored
-
Nikita Malyavin authored
-
Sergei Golubchik authored
password handling as in other command-line tools
-
Oleksandr Byelkin authored
-
- 08 Aug, 2024 1 commit
-
-
Oleksandr Byelkin authored
and unsigned long long can not be used as bitfield.
-
- 07 Aug, 2024 2 commits
-
-
Yuchen Pei authored
Most other uses of ptr() are accompanied with a length, so we leave them alone.
-
Sergei Petrunia authored
-
- 06 Aug, 2024 1 commit
-
-
Oleksandr Byelkin authored
-
- 05 Aug, 2024 5 commits
-
-
Oleksandr Byelkin authored
-
Vladislav Vaintroub authored
-
Vladislav Vaintroub authored
-
Hugo Wen authored
Before this change the unix socket auth plugin returned true only when the OS socket user id matches the MariaDB user name. The authentication string was ignored. Now if an authentication string is defined with in `unix_socket` authentication rule, then the authentication string will be used to compare with the socket's user name, and the plugin will return a positive if matching. Make the plugin to fill in the @@external_user variable. This change is similar to MySQL commit of https://github.com/mysql/mysql-server/commit/6ddbc58e. However there's one difference with above commit: - For MySQL, both Unix user matches DB user name and Unix user matches the authentication string will be allowed to connect. - For MariaDB, we only allows the Unix user matches the authentication string to connect, if the authentication string is defined. This is because allowing both Unix user names has risks and couldn't handle the case that a customer only wants to allow one single Unix user to connect which doesn't matches the DB user name. If DB user is created with multiple unix_socket options for example: `create user A identified via unix_socket as 'B' or unix_socket as 'C';` Then both Unix user of B and C are accepted. Existing MTR test of `plugins.unix_socket` is not impacted. Also add a new MTR test to verify authentication with authentication string. See the MTR test cases for supported/unsupported cases. All new code of the whole pull request, including one or several files that are either new files or modified ones, are contributed under the BSD-new license. I am contributing on behalf of my employer Amazon Web Services, Inc.
-
Sergei Golubchik authored
in bintars the server is linked with wolfssl, while the connector is linked with gnutls. Thus client_ed25519.so gets gnutls dependency, unresolved symbols and it cannot be loaded into the server and gnutls symbols aren't present there. linking the plugin statically with gnutls fixes that and the test passes. but when such a plugin is loaded into the client, the client gets two copies of gnutls - they conflict and ssl doesn't work at all. let's detect this and disable the test for now.
-
- 04 Aug, 2024 4 commits
-
-
Sergei Golubchik authored
Client plugins on Debian are installed in a separate location, outside of server's plugin-dir
-
Sergei Golubchik authored
note that: * unit.conc_tls is broken in mtr * schannel now doesn't fail on invalid ca path unless --ssl-verify-server-cert is used. openssl still does.
-
Sergei Golubchik authored
-
Oleksandr Byelkin authored
-
- 03 Aug, 2024 5 commits
-
-
Oleksandr Byelkin authored
-
Oleksandr Byelkin authored
-
Oleksandr Byelkin authored
-
Oleksandr Byelkin authored
-
Oleksandr Byelkin authored
-
- 02 Aug, 2024 1 commit
-
-
Daniel Black authored
Fixes error: /usr/share/mysql/debian-start.inc.sh: line 39: /usr/bin/mariadb --defaults-file=/etc/mysql/debian.cnf: No such file or directory
-
- 31 Jul, 2024 2 commits
-
-
Brandon Nesterenko authored
The slave would try to sync_with_master_gtid.inc, but the master never actually saved its gtid position so the test would move on too quickly.
-
Thirunarayanan Balathandayuthapani authored
Problem: ======== - After the commit ada1074b (MDEV-14398) fil_crypt_set_encrypt_tables() iterates through all tablespaces to fill the default_encrypt tables list. This was a trigger to encrypt or decrypt when key rotation age is set to 0. But import tablespace does call fil_crypt_set_encrypt_tables() unnecessarily. The motivation for the call is to signal the encryption threads. Fix: ==== ha_innobase::discard_or_import_tablespace: Remove the fil_crypt_set_encrypt_tables() and add the import tablespace to the default encrypt list if necessary
-
- 30 Jul, 2024 7 commits
-
-
Andrew Hutchings authored
This test ran `show status like '%Created_tmp%'`. This captures `Created_tmp_files` as well as the intended `Created_tmp_tables`. In 11.5, the former got moved to `FLUSH GLOBAL`, so when testing, the result can now be random. This fix makes the test just use `Created_tmp_tables`.
-
Hugo Wen authored
Commit a8a75ba2 causes the MariaDB server to crash, usually with signal 11, at random code locations due to invalid pointer values during any table operation. This issue occurs when the server is built with -O3 and other customized compiler flags. For example, the command `use db1;` causes server to crash in the `check_table_access` function at line sql_parse.cc:7080 because `tables->correspondent_table` is an invalid pointer value of 0x1. The crashes are due to undefined behavior from using uninitialized variables. The problematic commit a8a75ba2 introduces code that allocates memory and sets it to 0 using thd->calloc before initializing it with a placement new operation. This process depends on setting memory to 0 to initialize member variables not explicitly set in the constructor. However, the compiler can optimize out the memset/bfill, leading to uninitialized values and unpredictable issues. Once a constructor function initializes an object, any uninitialized variables within that object are subject to undefined behavior. The state of memory before the constructor runs, whether it involves memset or was used for other purposes, is irrelevant after the placement new operation. This behavior can be demonstrated with this [test](https://gcc.godbolt.org/z/5n87z1raG) I wrote to examine the assembly code. The code in MariaDB can be abstracted to the following, though it has many layers wrapped around it and more complex logic, causing slight differences in optimization in the MariaDB build. To summarize, on x86, the memset in the following code is optimized out with both -O2 and -O3 in GCC 13, and is only preserved in the much older GCC 4.9. struct S { int i; // uninitialized in consturctor S() {}; }; int bar() { void *buf = malloc(sizeof(S)); memset(buf, 0, sizeof(S)); // optimized out S* s = new(buf) S; return s->i; } With GCC13 -O3: bar(): sub rsp, 8 mov edi, 4 call malloc mov eax, DWORD PTR [rax] add rsp, 8 ret With GCC4.9 -O3 bar(): sub rsp, 8 mov edi, 4 call malloc mov DWORD PTR [rax], 0 xor eax, eax add rsp, 8 ret Now we ensure the constructor initializes variables correctly by running the reset() function in the constructor to perform the memset/bfill(0) operation. After applying the fix, the crash is gone. All new code of the whole pull request, including one or several files that are either new files or modified ones, are contributed under the BSD-new license. I am contributing on behalf of my employer Amazon Web Services.
-
Sergei Petrunia authored
Remove an assert added by fix for MDEV-34417. BNL-H join can be used with prefix keys. This happens when there are real prefix indexes on the equi-join columns (although it probably doesn't make a lot of sense). Anyway, remove the assert. The code receives properly truncated key values for hashing/comparison so it can handle them just fine.
-
Thirunarayanan Balathandayuthapani authored
During InnoDB root page split, InnoDB does the following 1) First move the root records to the new page(p1) 2) Empty the root, insert the node pointer to the root page 3) Split the new page and make it as child nodes. 4) Finds the split record, allocate another new page(p2) to the index 5) InnoDB stores the record(ret) predecessor to the supremum record of the page (p2). 6) In page_copy_rec_list_start(), move the records from p1 to p2 upto the split record 6) Given table is a compressed row format page, InnoDB attempts to compress the page p2 and failed (due to innodb_compression_level = 0) 7) Since the compression fails, InnoDB gets the number of preceding records(ret_pos) of a record (ret) on the page (p2) 8) Page (p2) is a new page, ret points to infimum record. ret_pos can be 0. InnoDB have wrong condition that ret_pos shouldn't be 0 and returns corruption. InnoDB has similar wrong check in page_copy_rec_list_end()
-
Marko Mäkelä authored
In commit bf0b82d2 (MDEV-33515) the function log_t::init_lsn_lock() was removed. This was fine on those platforms where InnoDB uses futex-based mutexes (Linux, FreeBSD, OpenBSD, NetBSD, DragonflyBSD). Dave Gosselin debugged this on Apple macOS and submitted a fix where pthread_mutex_wrapper::pthread_mutex_wrapper() would invoke init(). We do not really need that; we only need to invoke lsn_lock.init() like we used to do before commit bf0b82d2. This should be a no-op for the futex based mutexes, which intentionally rely on zero initialization. The missing pthread_mutex_init() call would cause race conditions and corruption of log_sys.buf because multiple threads could apparently hold log_sys.lsn_lock concurrently in log_t::append_prepare(). The error would be caught by a debug assertion in log_t::write_buf(), or in non-debug builds by the fact that the server cannot be restarted due to an apparently missing FILE_CHECKPOINT record (because it had been written to wrong offset in log_sys.buf). The failure in log_t::append_prepare() was caught on Microsoft Windows after enabling SUX_LOCK_GENERIC and therefore forcing the use of pthread_mutex_wrapper for the log_sys.lsn_lock. It appears to be fine to omit the pthread_mutex_init() call on GNU/Linux. log_t::create(): Invoke lsn_lock.init(). log_t::close(): Invoke lsn_lock.destroy(). To better catch this kind of issues in the future by simply defining SUX_LOCK_GENERIC on any platform, a separate debug instrumentation patch will be applied to the 10.6 branch later. Reviewed by: Debarun Banerjee
-
Thirunarayanan Balathandayuthapani authored
- commit 85db5347 (MDEV-33400) retains the instantness in the table definition after discard tablespace. So there is no need to assign n_core_null_bytes during instant table preparation unless they are not initialized.
-
Thirunarayanan Balathandayuthapani authored
- During copy algorithm, InnoDB should use bulk insert operation for row by row insert operation. By doing this, copy algorithm can effectively build indexes. This optimization is disabled for temporary table, versioning table and table which has foreign key relation. Introduced the variable innodb_alter_copy_bulk to allow the bulk insert operation for copy alter operation inside InnoDB. This is enabled by default ha_innobase::extra(): HA_EXTRA_END_ALTER_COPY mode tries to apply the buffered bulk insert operation, updates the non-persistent table stats. row_merge_bulk_t::write_to_index(): Update stat_n_rows after applying the bulk insert operation row_ins_clust_index_entry_low(): In case of copy algorithm, switch to bulk insert operation. copy_data_error_ignore(): Handles the error while copying the data from source to target file.
-
- 29 Jul, 2024 5 commits
-
-
Rex authored
Statements affected by this bug need all the following to be true 1) a derived table table or view whose specification contains a set operation at the top level. 2) a grouping operator (group by/having) operating on a column alias other than in the first select of the union/intersect 3) an outer condition that will be pushed into all selects in this union/intersect, either into the where or having clause When pushing a condition into all selects of a unit with more than one select, pushdown_cond_for_derived() renames items so we can re-use the condition being pushed. These names need to be saved and reset for correct name resolution on second execution of prepared statements. Reviewed by Igor Babaev (igor@mariadb.com)
-
Monty authored
(With trivial fixes by sergey@mariadb.com) Added option fix_innodb_cardinality to optimizer_adjust_secondary_key_costs Using fix_innodb_cardinality disables the 'divide by 2' of rec_per_key_int in InnoDB that in effect doubles the Cardinality for secondary keys. This has the biggest effect for indexes where a few rows has the same key value. Using this may also cause table scans for very small tables (which in some cases may be better than an index scan). The user visible effect is that 'SHOW INDEX FROM table_name' will for InnoDB show the true Cardinality (and not 2x the real value). It will also allow the optimizer to chose a better index in some cases as the division by 2 could have a bad effect for tables with 2-5 identical values per key. A few notes about using fix_innodb_cardinality: - It has direct affect for SHOW INDEX FROM table_name. SHOW INDEX will also update the statistics in table share. - The effect of fix_innodb_cardinality for query plans or EXPLAIN is only visible after first open of the table. This is why one must do a flush tables or use SHOW INDEX for the option to take effect. - Using fix_innodb_cardinality can thus affect all user in their query plans if they are using the same tables. Because of this, it is strongly recommended that one uses optimizer_adjust_secondary_key_costs=fix_innodb_cardinality mainly in configuration files to not cause issues for other users.
-
Marko Mäkelä authored
We need to work around deficiencies of Valgrind, and apparently the previous work-around attempts (such as d247d649) do not work anymore, definitely not on recent clang-based compilers. MemorySanitizer should be fine; unfortunately we set HAVE_valgrind for it as well.
-
Marko Mäkelä authored
In commit 2f6df937 we fixed an observed case of the bug by removing some code related to the no longer needed BTR_MODIFY_PREV mode. In commit 73ad436e an alternative fix was applied that also fixes the BTR_SEARCH_PREV case. Let us clean up some implicit references to BTR_MODIFY_PREV that were missed in 2f6df937. btr_pcur_move_backward_from_page(): Assume that the latch mode was BTR_SEARCH_LEAF. btr_pcur_move_to_prev(): Assert that the latch mode is BTR_SEARCH_LEAF. This function is mostly invoked in row0sel.cc for read operations, as well as in row0merge.cc for reading from the clustered index. All callers indeed use a cursor in the BTR_SEARCH_LEAF mode.
-
Marko Mäkelä authored
It is not sufficient to check that the CPU supports the necessary instructions. Also the operating system (or virtual machine hypervisor) must enable all the AVX registers to be saved and restored on a context switch. Because clang 8 does not support the compiler intrinsic _xgetbv() we will require clang 9 or later for enabling the use of VPCLMULQDQ and the related AVX512 features.
-
- 27 Jul, 2024 1 commit
-
-
Daniel Black authored
Correct compatibility with view-protocol. Thanks Lena Startseva
-
- 25 Jul, 2024 1 commit
-
-
Monty authored
MDEV-33856: Alternative Replication Lag Representation via Received/Executed Master Binlog Event Timestamps This commit adds 3 new status variables to 'show all slaves status': - Master_last_event_time ; timestamp of the last event read from the master by the IO thread. - Slave_last_event_time ; Master timestamp of the last event committed on the slave. - Master_Slave_time_diff: The difference of the above two timestamps. All the above variables are NULL until the slave has started and the slave has read one query event from the master that changes data. - Added information_schema.slave_status, which allows us to remove: - show_master_info(), show_master_info_get_fields(), send_show_master_info_data(), show_all_master_info() - class Sql_cmd_show_slave_status. - Protocol::store(I_List<i_string_pair>* str_list) as it is not used anymore. - Changed old SHOW SLAVE STATUS and SHOW ALL SLAVES STATUS to use the SELECT code path, as all other SHOW ... STATUS commands. Other things: - Xid_log_time is set to time of commit to allow slave that reads the binary log to calculate Master_last_event_time and Slave_last_event_time. This is needed as there is not 'exec_time' for row events. - Fixed that Load_log_event calculates exec_time identically to Query_event. - Updated RESET SLAVE to reset Master/Slave_last_event_time - Updated SQL thread's update on first transaction read-in to only update Slave_last_event_time on group events. - Fixed possible (unlikely) bugs in sql_show.cc ...old_format() functions if allocation of 'field' would fail. Reviewed By: Brandon Nesterenko <brandon.nesterenko@mariadb.com> Kristian Nielsen <knielsen@knielsen-hq.org>
-