mirror of
https://github.com/MariaDB/server.git
synced 2025-01-16 12:02:42 +01:00
Bug#12897501 REPLICATION DOES NOT SUPPORT WINDOWS AUTH PLUG-IN
Connection of slave to master using a replication account which authenticates with an external plugin was not possible. Fixed by making sure that the CLIENT_PLUGIN_AUTH capability is set when client connects using mysql_real_connect(). Also, a plugin-dir path used by client library to locate authentication plugins is set based on the analogous server setting. This is done in connect_to_master() function before a call to mysql_real_connect().
This commit is contained in:
parent
0e034eaad3
commit
3b17a24eff
7 changed files with 113 additions and 3 deletions
|
@ -22,6 +22,11 @@
|
|||
extern uint mysql_port;
|
||||
extern char * mysql_unix_port;
|
||||
|
||||
/*
|
||||
Note: CLIENT_CAPABILITIES is also defined in sql/client_settings.h.
|
||||
When adding capabilities here, consider if they should be also added to
|
||||
the server's version.
|
||||
*/
|
||||
#define CLIENT_CAPABILITIES (CLIENT_LONG_PASSWORD | \
|
||||
CLIENT_LONG_FLAG | \
|
||||
CLIENT_TRANSACTIONS | \
|
||||
|
|
22
mysql-test/r/auth_rpl.result
Normal file
22
mysql-test/r/auth_rpl.result
Normal file
|
@ -0,0 +1,22 @@
|
|||
include/master-slave.inc
|
||||
[connection master]
|
||||
[connection slave]
|
||||
include/stop_slave.inc
|
||||
[connection master]
|
||||
CREATE USER 'plug_user' IDENTIFIED WITH 'test_plugin_server' AS 'plug_user';
|
||||
GRANT REPLICATION SLAVE ON *.* TO plug_user;
|
||||
FLUSH PRIVILEGES;
|
||||
[connection slave]
|
||||
CHANGE MASTER TO MASTER_USER= 'plug_user';
|
||||
include/start_slave.inc
|
||||
# Slave in-sync with master now.
|
||||
SELECT user, plugin, authentication_string FROM mysql.user WHERE user LIKE 'plug_user';
|
||||
user plugin authentication_string
|
||||
plug_user test_plugin_server plug_user
|
||||
# Cleanup (on slave).
|
||||
include/stop_slave.inc
|
||||
CHANGE MASTER TO MASTER_USER='root';
|
||||
DROP USER 'plug_user';
|
||||
# Cleanup (on master).
|
||||
DROP USER 'plug_user';
|
||||
include/rpl_end.inc
|
2
mysql-test/t/auth_rpl-master.opt
Normal file
2
mysql-test/t/auth_rpl-master.opt
Normal file
|
@ -0,0 +1,2 @@
|
|||
$PLUGIN_AUTH_OPT
|
||||
$PLUGIN_AUTH_LOAD
|
4
mysql-test/t/auth_rpl-slave.opt
Normal file
4
mysql-test/t/auth_rpl-slave.opt
Normal file
|
@ -0,0 +1,4 @@
|
|||
--master-retry-count=1
|
||||
$PLUGIN_AUTH_OPT
|
||||
$PLUGIN_AUTH_LOAD
|
||||
|
64
mysql-test/t/auth_rpl.test
Normal file
64
mysql-test/t/auth_rpl.test
Normal file
|
@ -0,0 +1,64 @@
|
|||
--source include/have_plugin_auth.inc
|
||||
--source include/not_embedded.inc
|
||||
--source include/master-slave.inc
|
||||
|
||||
#
|
||||
# Check that replication slave can connect to master using an account
|
||||
# which authenticates with an external authentication plugin (bug#12897501).
|
||||
|
||||
#
|
||||
# First stop the slave to guarantee that nothing is replicated.
|
||||
#
|
||||
--connection slave
|
||||
--echo [connection slave]
|
||||
--source include/stop_slave.inc
|
||||
#
|
||||
# Create an replication account on the master.
|
||||
#
|
||||
--connection master
|
||||
--echo [connection master]
|
||||
CREATE USER 'plug_user' IDENTIFIED WITH 'test_plugin_server' AS 'plug_user';
|
||||
GRANT REPLICATION SLAVE ON *.* TO plug_user;
|
||||
FLUSH PRIVILEGES;
|
||||
|
||||
#
|
||||
# Now go to slave and change the replication user.
|
||||
#
|
||||
--connection slave
|
||||
--echo [connection slave]
|
||||
--let $master_user= query_get_value(SHOW SLAVE STATUS, Master_User, 1)
|
||||
CHANGE MASTER TO MASTER_USER= 'plug_user';
|
||||
|
||||
#
|
||||
# Start slave with new replication account - this should trigger connection
|
||||
# to the master server.
|
||||
#
|
||||
--source include/start_slave.inc
|
||||
|
||||
# Replicate all statements executed on master, in this case,
|
||||
# (creation of the plug_user account).
|
||||
#
|
||||
--connection master
|
||||
--sync_slave_with_master
|
||||
--echo # Slave in-sync with master now.
|
||||
|
||||
SELECT user, plugin, authentication_string FROM mysql.user WHERE user LIKE 'plug_user';
|
||||
|
||||
#
|
||||
# Now we can stop the slave and clean up.
|
||||
#
|
||||
# Note: it is important that slave is stopped at this
|
||||
# moment - otherwise master's cleanup statements
|
||||
# would be replicated on slave!
|
||||
#
|
||||
--echo # Cleanup (on slave).
|
||||
--source include/stop_slave.inc
|
||||
eval CHANGE MASTER TO MASTER_USER='$master_user';
|
||||
DROP USER 'plug_user';
|
||||
|
||||
--echo # Cleanup (on master).
|
||||
--connection master
|
||||
DROP USER 'plug_user';
|
||||
|
||||
--let $rpl_only_running_threads= 1
|
||||
--source include/rpl_end.inc
|
|
@ -23,9 +23,18 @@
|
|||
#include <thr_alarm.h>
|
||||
#include <sql_common.h>
|
||||
|
||||
#define CLIENT_CAPABILITIES (CLIENT_LONG_PASSWORD | CLIENT_LONG_FLAG | \
|
||||
CLIENT_SECURE_CONNECTION | CLIENT_TRANSACTIONS | \
|
||||
CLIENT_PROTOCOL_41 | CLIENT_SECURE_CONNECTION)
|
||||
/*
|
||||
Note: CLIENT_CAPABILITIES is also defined in libmysql/client_settings.h.
|
||||
When adding capabilities here, consider if they should be also added to
|
||||
the libmysql version.
|
||||
*/
|
||||
#define CLIENT_CAPABILITIES (CLIENT_LONG_PASSWORD | \
|
||||
CLIENT_LONG_FLAG | \
|
||||
CLIENT_SECURE_CONNECTION | \
|
||||
CLIENT_TRANSACTIONS | \
|
||||
CLIENT_PROTOCOL_41 | \
|
||||
CLIENT_SECURE_CONNECTION | \
|
||||
CLIENT_PLUGIN_AUTH)
|
||||
|
||||
#define read_user_name(A) {}
|
||||
#undef HAVE_SMEM
|
||||
|
|
|
@ -4204,6 +4204,10 @@ static int connect_to_master(THD* thd, MYSQL* mysql, Master_info* mi,
|
|||
/* This one is not strictly needed but we have it here for completeness */
|
||||
mysql_options(mysql, MYSQL_SET_CHARSET_DIR, (char *) charsets_dir);
|
||||
|
||||
/* Set MYSQL_PLUGIN_DIR in case master asks for an external authentication plugin */
|
||||
if (opt_plugin_dir_ptr && *opt_plugin_dir_ptr)
|
||||
mysql_options(mysql, MYSQL_PLUGIN_DIR, opt_plugin_dir_ptr);
|
||||
|
||||
while (!(slave_was_killed = io_slave_killed(thd,mi)) &&
|
||||
(reconnect ? mysql_reconnect(mysql) != 0 :
|
||||
mysql_real_connect(mysql, mi->host, mi->user, mi->password, 0,
|
||||
|
|
Loading…
Reference in a new issue