MDEV-13362: implement --require_secure_transport option

Currently, if a user wants to require TLS for every connection made
over the network, then every user account on the system needs to be
created with "REQUIRE SSL" or one of the other TLS options.

Implementing a require_secure_transport system varuable (which,
in particular, can be set using the --require_secure_transport=ON
command line option) in the MariaDB Server would make it a lot
easier to require TLS (or other secure transport) system-wide.

This patch implements this new system variable, adds the ability
to set it with SQL statements, from the command line and from the
configuration file, and also contains improvements for mtr that allow
the user to establish non-secure TCP/IP connections (for example,
to verify the operation of the new option).
This commit is contained in:
Julius Goryavsky 2020-03-02 23:46:07 +01:00
parent 9d7ed94f6a
commit 28fabc86db
14 changed files with 205 additions and 62 deletions

View file

@ -5893,13 +5893,21 @@ do_handle_error:
*/
enum use_ssl
{
USE_SSL_FORBIDDEN = -1,
USE_SSL_IF_POSSIBLE,
USE_SSL_REQUIRED
};
void do_connect(struct st_command *command)
{
uint protocol= opt_protocol;
int con_port= opt_port;
char *con_options;
char *ssl_cipher __attribute__((unused))= 0;
my_bool con_ssl= 0, con_compress= 0;
my_bool con_pipe= 0;
enum use_ssl con_ssl= USE_SSL_IF_POSSIBLE;
my_bool con_compress= 0;
int read_timeout= 0;
int write_timeout= 0;
int connect_timeout= 0;
@ -5981,16 +5989,38 @@ void do_connect(struct st_command *command)
end++;
length= (size_t) (end - con_options);
if (length == 3 && !strncmp(con_options, "SSL", 3))
con_ssl= 1;
con_ssl= USE_SSL_REQUIRED;
else if (length == 5 && !strncmp(con_options, "NOSSL", 5))
con_ssl= USE_SSL_FORBIDDEN;
else if (!strncmp(con_options, "SSL-CIPHER=", 11))
{
con_ssl= 1;
con_ssl= USE_SSL_REQUIRED;
ssl_cipher=con_options + 11;
}
else if (length == 8 && !strncmp(con_options, "COMPRESS", 8))
con_compress= 1;
else if (length == 3 && !strncmp(con_options, "TCP", 3))
protocol= MYSQL_PROTOCOL_TCP;
else if (length == 7 && !strncmp(con_options, "DEFAULT", 7))
protocol= MYSQL_PROTOCOL_DEFAULT;
else if (length == 4 && !strncmp(con_options, "PIPE", 4))
con_pipe= 1;
{
#ifdef _WIN32
protocol= MYSQL_PROTOCOL_PIPE;
#endif
}
else if (length == 6 && !strncmp(con_options, "SOCKET", 6))
{
#ifndef _WIN32
protocol= MYSQL_PROTOCOL_SOCKET;
#endif
}
else if (length == 6 && !strncmp(con_options, "MEMORY", 6))
{
#ifdef _WIN32
protocol= MYSQL_PROTOCOL_MEMORY;
#endif
}
else if (strncasecmp(con_options, "read_timeout=",
sizeof("read_timeout=")-1) == 0)
{
@ -6051,14 +6081,13 @@ void do_connect(struct st_command *command)
if (opt_charsets_dir)
mysql_options(con_slot->mysql, MYSQL_SET_CHARSET_DIR,
opt_charsets_dir);
#if defined(HAVE_OPENSSL) && !defined(EMBEDDED_LIBRARY)
if (opt_use_ssl)
con_ssl= 1;
#endif
if (con_ssl)
{
#if defined(HAVE_OPENSSL) && !defined(EMBEDDED_LIBRARY)
if (con_ssl == USE_SSL_IF_POSSIBLE && opt_use_ssl)
con_ssl= USE_SSL_REQUIRED;
if (con_ssl == USE_SSL_REQUIRED)
{
mysql_ssl_set(con_slot->mysql, opt_ssl_key, opt_ssl_cert, opt_ssl_ca,
opt_ssl_capath, ssl_cipher ? ssl_cipher : opt_ssl_cipher);
mysql_options(con_slot->mysql, MYSQL_OPT_SSL_CRL, opt_ssl_crl);
@ -6069,19 +6098,12 @@ void do_connect(struct st_command *command)
opt_ssl_verify_server_cert= !strcmp(ds_host.str, "localhost");
mysql_options(con_slot->mysql, MYSQL_OPT_SSL_VERIFY_SERVER_CERT,
&opt_ssl_verify_server_cert);
#endif
#endif
}
if (con_pipe)
{
#ifdef _WIN32
opt_protocol= MYSQL_PROTOCOL_PIPE;
#endif
}
if (opt_protocol)
mysql_options(con_slot->mysql, MYSQL_OPT_PROTOCOL, (char*) &opt_protocol);
if (protocol)
mysql_options(con_slot->mysql, MYSQL_OPT_PROTOCOL, (char*) &protocol);
if (read_timeout)
{

View file

@ -1082,6 +1082,10 @@ The following specify which files/extra groups are read (specified before remain
not sure, leave this option unset
--report-user=name The account user name of the slave to be reported to the
master during slave registration
--require-secure-transport
When this option is enabled, connections attempted using
insecure transport will be rejected. Secure transports
are SSL/TLS, Unix sockets or named pipes.
--rowid-merge-buff-size=#
The size of the buffers used [NOT] IN evaluation via
partial matching
@ -1734,6 +1738,7 @@ report-host (No default value)
report-password (No default value)
report-port 0
report-user (No default value)
require-secure-transport FALSE
rowid-merge-buff-size 8388608
rpl-semi-sync-master-enabled FALSE
rpl-semi-sync-master-timeout 10000

View file

@ -0,0 +1 @@
--require-secure-transport=0

View file

@ -0,0 +1,8 @@
CREATE TABLE t1 (t int(1));
SET GLOBAL require_secure_transport=ON;
ERROR 28000: Access denied for user 'root'@'localhost' (using password: NO)
connection default;
SET GLOBAL require_secure_transport=OFF;
disconnect without_ssl;
connection default;
DROP TABLE t1;

View file

@ -0,0 +1,15 @@
-- source include/have_ssl_communication.inc
CREATE TABLE t1 (t int(1));
SET GLOBAL require_secure_transport=ON;
--disable_query_log
--error ER_ACCESS_DENIED_ERROR
connect without_ssl,localhost,root,,,,,TCP NOSSL;
--enable_query_log
connection default;
SET GLOBAL require_secure_transport=OFF;
--disable_query_log
connect without_ssl,localhost,root,,,,,TCP NOSSL;
--enable_query_log
disconnect without_ssl;
connection default;
DROP TABLE t1;

View file

@ -1246,8 +1246,8 @@
VARIABLE_COMMENT When reading rows in sorted order after a sort, the rows are read through this buffer to avoid a disk seeks
NUMERIC_MIN_VALUE 1
NUMERIC_MAX_VALUE 2147483647
@@ -2995,10 +2995,10 @@
COMMAND_LINE_ARGUMENT REQUIRED
@@ -2905,10 +2905,10 @@
COMMAND_LINE_ARGUMENT OPTIONAL
VARIABLE_NAME ROWID_MERGE_BUFF_SIZE
VARIABLE_SCOPE SESSION
-VARIABLE_TYPE BIGINT UNSIGNED
@ -1259,7 +1259,7 @@
NUMERIC_BLOCK_SIZE 1
ENUM_VALUE_LIST NULL
READ_ONLY NO
@@ -3035,7 +3035,7 @@
@@ -2945,7 +2945,7 @@
COMMAND_LINE_ARGUMENT REQUIRED
VARIABLE_NAME SERVER_ID
VARIABLE_SCOPE SESSION
@ -1268,7 +1268,7 @@
VARIABLE_COMMENT Uniquely identifies the server instance in the community of replication partners
NUMERIC_MIN_VALUE 1
NUMERIC_MAX_VALUE 4294967295
@@ -3105,7 +3105,7 @@
@@ -3015,7 +3015,7 @@
COMMAND_LINE_ARGUMENT OPTIONAL
VARIABLE_NAME SLAVE_MAX_ALLOWED_PACKET
VARIABLE_SCOPE GLOBAL
@ -1277,7 +1277,7 @@
VARIABLE_COMMENT The maximum packet length to sent successfully from the master to slave.
NUMERIC_MIN_VALUE 1024
NUMERIC_MAX_VALUE 1073741824
@@ -3115,7 +3115,7 @@
@@ -3025,7 +3025,7 @@
COMMAND_LINE_ARGUMENT REQUIRED
VARIABLE_NAME SLOW_LAUNCH_TIME
VARIABLE_SCOPE GLOBAL
@ -1286,7 +1286,7 @@
VARIABLE_COMMENT If creating the thread takes longer than this value (in seconds), the Slow_launch_threads counter will be incremented
NUMERIC_MIN_VALUE 0
NUMERIC_MAX_VALUE 31536000
@@ -3158,7 +3158,7 @@
@@ -3068,7 +3068,7 @@
VARIABLE_TYPE BIGINT UNSIGNED
VARIABLE_COMMENT Each thread that needs to do a sort allocates a buffer of this size
NUMERIC_MIN_VALUE 1024
@ -1295,7 +1295,7 @@
NUMERIC_BLOCK_SIZE 1
ENUM_VALUE_LIST NULL
READ_ONLY NO
@@ -3365,7 +3365,7 @@
@@ -3275,7 +3275,7 @@
COMMAND_LINE_ARGUMENT NULL
VARIABLE_NAME STORED_PROGRAM_CACHE
VARIABLE_SCOPE GLOBAL
@ -1304,7 +1304,7 @@
VARIABLE_COMMENT The soft upper limit for number of cached stored routines for one connection.
NUMERIC_MIN_VALUE 0
NUMERIC_MAX_VALUE 524288
@@ -3445,7 +3445,7 @@
@@ -3355,7 +3355,7 @@
COMMAND_LINE_ARGUMENT NULL
VARIABLE_NAME TABLE_DEFINITION_CACHE
VARIABLE_SCOPE GLOBAL
@ -1313,7 +1313,7 @@
VARIABLE_COMMENT The number of cached table definitions
NUMERIC_MIN_VALUE 400
NUMERIC_MAX_VALUE 2097152
@@ -3455,7 +3455,7 @@
@@ -3365,7 +3365,7 @@
COMMAND_LINE_ARGUMENT REQUIRED
VARIABLE_NAME TABLE_OPEN_CACHE
VARIABLE_SCOPE GLOBAL
@ -1322,7 +1322,7 @@
VARIABLE_COMMENT The number of cached open tables
NUMERIC_MIN_VALUE 10
NUMERIC_MAX_VALUE 1048576
@@ -3515,7 +3515,7 @@
@@ -3425,7 +3425,7 @@
COMMAND_LINE_ARGUMENT OPTIONAL
VARIABLE_NAME THREAD_CACHE_SIZE
VARIABLE_SCOPE GLOBAL
@ -1331,7 +1331,7 @@
VARIABLE_COMMENT How many threads we should keep in a cache for reuse. These are freed after 5 minutes of idle time
NUMERIC_MIN_VALUE 0
NUMERIC_MAX_VALUE 16384
@@ -3598,7 +3598,7 @@
@@ -3508,7 +3508,7 @@
VARIABLE_TYPE BIGINT UNSIGNED
VARIABLE_COMMENT Max size for data for an internal temporary on-disk MyISAM or Aria table.
NUMERIC_MIN_VALUE 1024
@ -1340,7 +1340,7 @@
NUMERIC_BLOCK_SIZE 1
ENUM_VALUE_LIST NULL
READ_ONLY NO
@@ -3608,7 +3608,7 @@
@@ -3518,7 +3518,7 @@
VARIABLE_TYPE BIGINT UNSIGNED
VARIABLE_COMMENT If an internal in-memory temporary table exceeds this size, MariaDB will automatically convert it to an on-disk MyISAM or Aria table. Same as tmp_table_size.
NUMERIC_MIN_VALUE 0
@ -1349,7 +1349,7 @@
NUMERIC_BLOCK_SIZE 1
ENUM_VALUE_LIST NULL
READ_ONLY NO
@@ -3618,14 +3618,14 @@
@@ -3528,14 +3528,14 @@
VARIABLE_TYPE BIGINT UNSIGNED
VARIABLE_COMMENT Alias for tmp_memory_table_size. If an internal in-memory temporary table exceeds this size, MariaDB will automatically convert it to an on-disk MyISAM or Aria table.
NUMERIC_MIN_VALUE 0
@ -1366,7 +1366,7 @@
VARIABLE_COMMENT Allocation block size for transactions to be stored in binary log
NUMERIC_MIN_VALUE 1024
NUMERIC_MAX_VALUE 134217728
@@ -3635,7 +3635,7 @@
@@ -3545,7 +3545,7 @@
COMMAND_LINE_ARGUMENT REQUIRED
VARIABLE_NAME TRANSACTION_PREALLOC_SIZE
VARIABLE_SCOPE SESSION
@ -1375,7 +1375,7 @@
VARIABLE_COMMENT Persistent buffer for transactions to be stored in binary log
NUMERIC_MIN_VALUE 1024
NUMERIC_MAX_VALUE 134217728
@@ -3775,7 +3775,7 @@
@@ -3685,7 +3685,7 @@
COMMAND_LINE_ARGUMENT NULL
VARIABLE_NAME WAIT_TIMEOUT
VARIABLE_SCOPE SESSION
@ -1384,7 +1384,7 @@
VARIABLE_COMMENT The number of seconds the server waits for activity on a connection before closing it
NUMERIC_MIN_VALUE 1
NUMERIC_MAX_VALUE 31536000
@@ -3802,7 +3802,7 @@
@@ -3712,7 +3712,7 @@
VARIABLE_NAME LOG_TC_SIZE
GLOBAL_VALUE_ORIGIN AUTO
VARIABLE_SCOPE GLOBAL

View file

@ -2993,6 +2993,16 @@ NUMERIC_BLOCK_SIZE 1
ENUM_VALUE_LIST NULL
READ_ONLY NO
COMMAND_LINE_ARGUMENT REQUIRED
VARIABLE_NAME REQUIRE_SECURE_TRANSPORT
VARIABLE_SCOPE GLOBAL
VARIABLE_TYPE BOOLEAN
VARIABLE_COMMENT When this option is enabled, connections attempted using insecure transport will be rejected. Secure transports are SSL/TLS, Unix sockets or named pipes.
NUMERIC_MIN_VALUE NULL
NUMERIC_MAX_VALUE NULL
NUMERIC_BLOCK_SIZE NULL
ENUM_VALUE_LIST OFF,ON
READ_ONLY NO
COMMAND_LINE_ARGUMENT OPTIONAL
VARIABLE_NAME ROWID_MERGE_BUFF_SIZE
VARIABLE_SCOPE SESSION
VARIABLE_TYPE BIGINT UNSIGNED

View file

@ -1254,8 +1254,8 @@
VARIABLE_COMMENT When reading rows in sorted order after a sort, the rows are read through this buffer to avoid a disk seeks
NUMERIC_MIN_VALUE 1
NUMERIC_MAX_VALUE 2147483647
@@ -3355,10 +3355,10 @@
COMMAND_LINE_ARGUMENT REQUIRED
@@ -3265,10 +3265,10 @@
COMMAND_LINE_ARGUMENT OPTIONAL
VARIABLE_NAME ROWID_MERGE_BUFF_SIZE
VARIABLE_SCOPE SESSION
-VARIABLE_TYPE BIGINT UNSIGNED
@ -1267,7 +1267,7 @@
NUMERIC_BLOCK_SIZE 1
ENUM_VALUE_LIST NULL
READ_ONLY NO
@@ -3375,20 +3375,20 @@
@@ -3285,20 +3285,20 @@
COMMAND_LINE_ARGUMENT OPTIONAL
VARIABLE_NAME RPL_SEMI_SYNC_MASTER_TIMEOUT
VARIABLE_SCOPE GLOBAL
@ -1292,7 +1292,7 @@
NUMERIC_BLOCK_SIZE 1
ENUM_VALUE_LIST NULL
READ_ONLY NO
@@ -3445,10 +3445,10 @@
@@ -3355,10 +3355,10 @@
COMMAND_LINE_ARGUMENT OPTIONAL
VARIABLE_NAME RPL_SEMI_SYNC_SLAVE_TRACE_LEVEL
VARIABLE_SCOPE GLOBAL
@ -1305,7 +1305,7 @@
NUMERIC_BLOCK_SIZE 1
ENUM_VALUE_LIST NULL
READ_ONLY NO
@@ -3485,7 +3485,7 @@
@@ -3395,7 +3395,7 @@
COMMAND_LINE_ARGUMENT REQUIRED
VARIABLE_NAME SERVER_ID
VARIABLE_SCOPE SESSION
@ -1314,7 +1314,7 @@
VARIABLE_COMMENT Uniquely identifies the server instance in the community of replication partners
NUMERIC_MIN_VALUE 1
NUMERIC_MAX_VALUE 4294967295
@@ -3625,7 +3625,7 @@
@@ -3535,7 +3535,7 @@
COMMAND_LINE_ARGUMENT REQUIRED
VARIABLE_NAME SLAVE_DOMAIN_PARALLEL_THREADS
VARIABLE_SCOPE GLOBAL
@ -1323,7 +1323,7 @@
VARIABLE_COMMENT Maximum number of parallel threads to use on slave for events in a single replication domain. When using multiple domains, this can be used to limit a single domain from grabbing all threads and thus stalling other domains. The default of 0 means to allow a domain to grab as many threads as it wants, up to the value of slave_parallel_threads.
NUMERIC_MIN_VALUE 0
NUMERIC_MAX_VALUE 16383
@@ -3655,7 +3655,7 @@
@@ -3565,7 +3565,7 @@
COMMAND_LINE_ARGUMENT REQUIRED
VARIABLE_NAME SLAVE_MAX_ALLOWED_PACKET
VARIABLE_SCOPE GLOBAL
@ -1332,7 +1332,7 @@
VARIABLE_COMMENT The maximum packet length to sent successfully from the master to slave.
NUMERIC_MIN_VALUE 1024
NUMERIC_MAX_VALUE 1073741824
@@ -3675,7 +3675,7 @@
@@ -3585,7 +3585,7 @@
COMMAND_LINE_ARGUMENT REQUIRED
VARIABLE_NAME SLAVE_PARALLEL_MAX_QUEUED
VARIABLE_SCOPE GLOBAL
@ -1341,7 +1341,7 @@
VARIABLE_COMMENT Limit on how much memory SQL threads should use per parallel replication thread when reading ahead in the relay log looking for opportunities for parallel replication. Only used when --slave-parallel-threads > 0.
NUMERIC_MIN_VALUE 0
NUMERIC_MAX_VALUE 2147483647
@@ -3695,7 +3695,7 @@
@@ -3605,7 +3605,7 @@
COMMAND_LINE_ARGUMENT NULL
VARIABLE_NAME SLAVE_PARALLEL_THREADS
VARIABLE_SCOPE GLOBAL
@ -1350,7 +1350,7 @@
VARIABLE_COMMENT If non-zero, number of threads to spawn to apply in parallel events on the slave that were group-committed on the master or were logged with GTID in different replication domains. Note that these threads are in addition to the IO and SQL threads, which are always created by a replication slave
NUMERIC_MIN_VALUE 0
NUMERIC_MAX_VALUE 16383
@@ -3705,7 +3705,7 @@
@@ -3615,7 +3615,7 @@
COMMAND_LINE_ARGUMENT REQUIRED
VARIABLE_NAME SLAVE_PARALLEL_WORKERS
VARIABLE_SCOPE GLOBAL
@ -1359,7 +1359,7 @@
VARIABLE_COMMENT Alias for slave_parallel_threads
NUMERIC_MIN_VALUE 0
NUMERIC_MAX_VALUE 16383
@@ -3745,7 +3745,7 @@
@@ -3655,7 +3655,7 @@
COMMAND_LINE_ARGUMENT OPTIONAL
VARIABLE_NAME SLAVE_TRANSACTION_RETRIES
VARIABLE_SCOPE GLOBAL
@ -1368,7 +1368,7 @@
VARIABLE_COMMENT Number of times the slave SQL thread will retry a transaction in case it failed with a deadlock, elapsed lock wait timeout or listed in slave_transaction_retry_errors, before giving up and stopping
NUMERIC_MIN_VALUE 0
NUMERIC_MAX_VALUE 4294967295
@@ -3765,7 +3765,7 @@
@@ -3675,7 +3675,7 @@
COMMAND_LINE_ARGUMENT REQUIRED
VARIABLE_NAME SLAVE_TRANSACTION_RETRY_INTERVAL
VARIABLE_SCOPE GLOBAL
@ -1377,7 +1377,7 @@
VARIABLE_COMMENT Interval of the slave SQL thread will retry a transaction in case it failed with a deadlock or elapsed lock wait timeout or listed in slave_transaction_retry_errors
NUMERIC_MIN_VALUE 0
NUMERIC_MAX_VALUE 3600
@@ -3785,7 +3785,7 @@
@@ -3695,7 +3695,7 @@
COMMAND_LINE_ARGUMENT REQUIRED
VARIABLE_NAME SLOW_LAUNCH_TIME
VARIABLE_SCOPE GLOBAL
@ -1386,7 +1386,7 @@
VARIABLE_COMMENT If creating the thread takes longer than this value (in seconds), the Slow_launch_threads counter will be incremented
NUMERIC_MIN_VALUE 0
NUMERIC_MAX_VALUE 31536000
@@ -3828,7 +3828,7 @@
@@ -3738,7 +3738,7 @@
VARIABLE_TYPE BIGINT UNSIGNED
VARIABLE_COMMENT Each thread that needs to do a sort allocates a buffer of this size
NUMERIC_MIN_VALUE 1024
@ -1395,7 +1395,7 @@
NUMERIC_BLOCK_SIZE 1
ENUM_VALUE_LIST NULL
READ_ONLY NO
@@ -4045,7 +4045,7 @@
@@ -3955,7 +3955,7 @@
COMMAND_LINE_ARGUMENT NULL
VARIABLE_NAME STORED_PROGRAM_CACHE
VARIABLE_SCOPE GLOBAL
@ -1404,7 +1404,7 @@
VARIABLE_COMMENT The soft upper limit for number of cached stored routines for one connection.
NUMERIC_MIN_VALUE 0
NUMERIC_MAX_VALUE 524288
@@ -4145,7 +4145,7 @@
@@ -4055,7 +4055,7 @@
COMMAND_LINE_ARGUMENT NULL
VARIABLE_NAME TABLE_DEFINITION_CACHE
VARIABLE_SCOPE GLOBAL
@ -1413,7 +1413,7 @@
VARIABLE_COMMENT The number of cached table definitions
NUMERIC_MIN_VALUE 400
NUMERIC_MAX_VALUE 2097152
@@ -4155,7 +4155,7 @@
@@ -4065,7 +4065,7 @@
COMMAND_LINE_ARGUMENT REQUIRED
VARIABLE_NAME TABLE_OPEN_CACHE
VARIABLE_SCOPE GLOBAL
@ -1422,7 +1422,7 @@
VARIABLE_COMMENT The number of cached open tables
NUMERIC_MIN_VALUE 10
NUMERIC_MAX_VALUE 1048576
@@ -4215,7 +4215,7 @@
@@ -4125,7 +4125,7 @@
COMMAND_LINE_ARGUMENT OPTIONAL
VARIABLE_NAME THREAD_CACHE_SIZE
VARIABLE_SCOPE GLOBAL
@ -1431,7 +1431,7 @@
VARIABLE_COMMENT How many threads we should keep in a cache for reuse. These are freed after 5 minutes of idle time
NUMERIC_MIN_VALUE 0
NUMERIC_MAX_VALUE 16384
@@ -4388,7 +4388,7 @@
@@ -4298,7 +4298,7 @@
VARIABLE_TYPE BIGINT UNSIGNED
VARIABLE_COMMENT Max size for data for an internal temporary on-disk MyISAM or Aria table.
NUMERIC_MIN_VALUE 1024
@ -1440,7 +1440,7 @@
NUMERIC_BLOCK_SIZE 1
ENUM_VALUE_LIST NULL
READ_ONLY NO
@@ -4398,7 +4398,7 @@
@@ -4308,7 +4308,7 @@
VARIABLE_TYPE BIGINT UNSIGNED
VARIABLE_COMMENT If an internal in-memory temporary table exceeds this size, MariaDB will automatically convert it to an on-disk MyISAM or Aria table. Same as tmp_table_size.
NUMERIC_MIN_VALUE 0
@ -1449,7 +1449,7 @@
NUMERIC_BLOCK_SIZE 1
ENUM_VALUE_LIST NULL
READ_ONLY NO
@@ -4408,14 +4408,14 @@
@@ -4318,14 +4318,14 @@
VARIABLE_TYPE BIGINT UNSIGNED
VARIABLE_COMMENT Alias for tmp_memory_table_size. If an internal in-memory temporary table exceeds this size, MariaDB will automatically convert it to an on-disk MyISAM or Aria table.
NUMERIC_MIN_VALUE 0
@ -1466,7 +1466,7 @@
VARIABLE_COMMENT Allocation block size for transactions to be stored in binary log
NUMERIC_MIN_VALUE 1024
NUMERIC_MAX_VALUE 134217728
@@ -4425,7 +4425,7 @@
@@ -4335,7 +4335,7 @@
COMMAND_LINE_ARGUMENT REQUIRED
VARIABLE_NAME TRANSACTION_PREALLOC_SIZE
VARIABLE_SCOPE SESSION
@ -1475,7 +1475,7 @@
VARIABLE_COMMENT Persistent buffer for transactions to be stored in binary log
NUMERIC_MIN_VALUE 1024
NUMERIC_MAX_VALUE 134217728
@@ -4565,7 +4565,7 @@
@@ -4475,7 +4475,7 @@
COMMAND_LINE_ARGUMENT NULL
VARIABLE_NAME WAIT_TIMEOUT
VARIABLE_SCOPE SESSION
@ -1484,7 +1484,7 @@
VARIABLE_COMMENT The number of seconds the server waits for activity on a connection before closing it
NUMERIC_MIN_VALUE 1
NUMERIC_MAX_VALUE 31536000
@@ -4592,7 +4592,7 @@
@@ -4502,7 +4502,7 @@
VARIABLE_NAME LOG_TC_SIZE
GLOBAL_VALUE_ORIGIN AUTO
VARIABLE_SCOPE GLOBAL

View file

@ -3353,6 +3353,16 @@ NUMERIC_BLOCK_SIZE NULL
ENUM_VALUE_LIST NULL
READ_ONLY YES
COMMAND_LINE_ARGUMENT REQUIRED
VARIABLE_NAME REQUIRE_SECURE_TRANSPORT
VARIABLE_SCOPE GLOBAL
VARIABLE_TYPE BOOLEAN
VARIABLE_COMMENT When this option is enabled, connections attempted using insecure transport will be rejected. Secure transports are SSL/TLS, Unix sockets or named pipes.
NUMERIC_MIN_VALUE NULL
NUMERIC_MAX_VALUE NULL
NUMERIC_BLOCK_SIZE NULL
ENUM_VALUE_LIST OFF,ON
READ_ONLY NO
COMMAND_LINE_ARGUMENT OPTIONAL
VARIABLE_NAME ROWID_MERGE_BUFF_SIZE
VARIABLE_SCOPE SESSION
VARIABLE_TYPE BIGINT UNSIGNED

View file

@ -418,6 +418,7 @@ my_bool use_temp_pool, relay_log_purge;
my_bool relay_log_recovery;
my_bool opt_sync_frm, opt_allow_suspicious_udfs;
my_bool opt_secure_auth= 0;
my_bool opt_require_secure_transport= 0;
char* opt_secure_file_priv;
my_bool lower_case_file_system= 0;
my_bool opt_large_pages= 0;
@ -4548,6 +4549,21 @@ void ssl_acceptor_stats_update(int sslaccept_ret)
static void init_ssl()
{
/*
Not need to check require_secure_transport on the Linux,
because it always has Unix domain sockets that are secure:
*/
#ifdef _WIN32
if (opt_require_secure_transport &&
!opt_use_ssl &&
!opt_enable_named_pipe &&
!opt_bootstrap)
{
sql_print_error("Server is started with --require-secure-transport=ON "
"but no secure transport (SSL or PIPE) are configured.");
unireg_abort(1);
}
#endif
#if defined(HAVE_OPENSSL) && !defined(EMBEDDED_LIBRARY)
if (opt_use_ssl)
{

View file

@ -134,6 +134,7 @@ extern my_bool read_only, opt_readonly;
extern MYSQL_PLUGIN_IMPORT my_bool lower_case_file_system;
extern my_bool opt_enable_named_pipe, opt_sync_frm, opt_allow_suspicious_udfs;
extern my_bool opt_secure_auth;
extern my_bool opt_require_secure_transport;
extern const char *current_dbug_option;
extern char* opt_secure_file_priv;
extern char* opt_secure_backup_file_priv;
@ -762,6 +763,7 @@ extern mysql_cond_t COND_manager;
extern mysql_cond_t COND_slave_background;
extern Atomic_counter<uint32_t> thread_count;
extern my_bool opt_use_ssl;
extern char *opt_ssl_ca, *opt_ssl_capath, *opt_ssl_cert, *opt_ssl_cipher,
*opt_ssl_key, *opt_ssl_crl, *opt_ssl_crlpath;
extern ulonglong tls_version;

View file

@ -7948,3 +7948,5 @@ ER_GALERA_REPLICATION_NOT_SUPPORTED
ER_LOAD_INFILE_CAPABILITY_DISABLED
eng "The used command is not allowed because the MariaDB server or client has disabled the local infile capability"
rum "Comanda folosită nu este permisă deoarece clientul sau serverul MariaDB a dezactivat această capabilitate"
ER_NO_SECURE_TRANSPORTS_CONFIGURED
eng "No secure transports are configured, unable to set --require_secure_transport=ON"

View file

@ -13732,8 +13732,8 @@ static void server_mpvio_info(MYSQL_PLUGIN_VIO *vio,
static bool acl_check_ssl(THD *thd, const ACL_USER *acl_user)
{
#ifdef HAVE_OPENSSL
Vio *vio= thd->net.vio;
#ifdef HAVE_OPENSSL
SSL *ssl= (SSL *) vio->ssl_arg;
X509 *cert;
#endif
@ -13747,6 +13747,24 @@ static bool acl_check_ssl(THD *thd, const ACL_USER *acl_user)
switch (acl_user->ssl_type) {
case SSL_TYPE_NOT_SPECIFIED: // Impossible
case SSL_TYPE_NONE: // SSL is not required
if (opt_require_secure_transport)
{
enum enum_vio_type type= vio_type(vio);
#ifdef HAVE_OPENSSL
return type != VIO_TYPE_SSL &&
#ifndef _WIN32
type != VIO_TYPE_SOCKET;
#else
type != VIO_TYPE_NAMEDPIPE;
#endif
#else
#ifndef _WIN32
return type != VIO_TYPE_SOCKET;
#else
return type != VIO_TYPE_NAMEDPIPE;
#endif
#endif
}
return 0;
#ifdef HAVE_OPENSSL
case SSL_TYPE_ANY: // Any kind of SSL is ok

View file

@ -3101,6 +3101,40 @@ static Sys_var_mybool Sys_secure_auth(
GLOBAL_VAR(opt_secure_auth), CMD_LINE(OPT_ARG),
DEFAULT(TRUE));
static bool check_require_secure_transport(sys_var *self, THD *thd, set_var *var)
{
#ifndef _WIN32
/*
Always allow require_secure_transport to be enabled on
Linux, because it always has Unix domain sockets that are secure:
*/
return false;
#else
/*
Check SSL is enabled before turning require_secure_transport ON,
otherwise no connections will be allowed on Windows:
*/
if (!var->save_result.ulonglong_value)
return false;
if (opt_use_ssl || opt_enable_named_pipe)
return false;
/* reject if SSL is disabled: */
my_error(ER_NO_SECURE_TRANSPORTS_CONFIGURED, MYF(0));
return true;
#endif
}
static Sys_var_mybool Sys_require_secure_transport(
"require_secure_transport",
"When this option is enabled, connections attempted using insecure "
"transport will be rejected. Secure transports are SSL/TLS, "
"Unix sockets or named pipes.",
GLOBAL_VAR(opt_require_secure_transport),
CMD_LINE(OPT_ARG),
DEFAULT(FALSE),
NO_MUTEX_GUARD, NOT_IN_BINLOG,
ON_CHECK(check_require_secure_transport), ON_UPDATE(0));
static Sys_var_charptr Sys_secure_file_priv(
"secure_file_priv",
"Limit LOAD DATA, SELECT ... OUTFILE, and LOAD_FILE() to files "