/**
* Add the service user to the service->users
* via mysql_users_alloc and add_mysql_users_with_host_ipv4
* User is added for '%' and 'localhost' hosts
*
* @param service The service for this router
* @return 0 on success, 1 on failure
*/
static int
maxinfo_add_mysql_user(SERVICE *service) {
char *dpwd = NULL;
char *newpasswd = NULL;
char *service_user = NULL;
char *service_passwd = NULL;
if (serviceGetUser(service, &service_user, &service_passwd) == 0) {
MXS_ERROR("maxinfo: failed to get service user details");
return 1;
}
dpwd = decryptPassword(service->credentials.authdata);
if (!dpwd) {
MXS_ERROR("maxinfo: decrypt password failed for service user %s",
service_user);
return 1;
}
service->users = (void *)mysql_users_alloc();
newpasswd = create_hex_sha1_sha1_passwd(dpwd);
if (!newpasswd) {
MXS_ERROR("maxinfo: create hex_sha1_sha1_password failed for service user %s",
service_user);
users_free(service->users);
service->users = NULL;
return 1;
}
/* add service user for % and localhost */
(void)add_mysql_users_with_host_ipv4(service->users, service->credentials.name, "%", newpasswd, "Y", "");
(void)add_mysql_users_with_host_ipv4(service->users, service->credentials.name, "localhost", newpasswd, "Y", "");
free(newpasswd);
free(dpwd);
return 0;
}
/**
* Load the user/passwd form mysql.user table into the service users' hashtable
* environment.
*
* @param service The current service
* @param users The users table into which to load the users
* @return -1 on any error or the number of users inserted (0 means no users at all)
*/
static int
getUsers(SERVICE *service, struct users *users)
{
MYSQL *con = NULL;
MYSQL_ROW row;
MYSQL_RES *result = NULL;
int num_fields = 0;
char *service_user = NULL;
char *service_passwd = NULL;
char *dpwd;
int total_users = 0;
SERVER *server;
char *users_query;
unsigned char hash[SHA_DIGEST_LENGTH]="";
char *users_data = NULL;
int nusers = 0;
int users_data_row_len = MYSQL_USER_MAXLEN + MYSQL_HOST_MAXLEN + MYSQL_PASSWORD_LEN;
struct sockaddr_in serv_addr;
MYSQL_USER_HOST key;
/* enable_root for MySQL protocol module means load the root user credentials from backend databases */
if(service->enable_root) {
users_query = LOAD_MYSQL_USERS_QUERY " ORDER BY HOST DESC";
} else {
users_query = LOAD_MYSQL_USERS_QUERY USERS_QUERY_NO_ROOT " ORDER BY HOST DESC";
}
serviceGetUser(service, &service_user, &service_passwd);
/** multi-thread environment requires that thread init succeeds. */
if (mysql_thread_init()) {
LOGIF(LE, (skygw_log_write_flush(
LOGFILE_ERROR,
"Error : mysql_thread_init failed.")));
return -1;
}
con = mysql_init(NULL);
if (con == NULL) {
LOGIF(LE, (skygw_log_write_flush(
LOGFILE_ERROR,
"Error : mysql_init: %s",
mysql_error(con))));
return -1;
}
if (mysql_options(con, MYSQL_OPT_USE_REMOTE_CONNECTION, NULL)) {
LOGIF(LE, (skygw_log_write_flush(
LOGFILE_ERROR,
"Error : failed to set external connection. "
"It is needed for backend server connections. "
"Exiting.")));
return -1;
}
/*
* Attempt to connect to each database in the service in turn until
* we find one that we can connect to or until we run out of databases
* to try
*/
server = service->databases;
dpwd = decryptPassword(service_passwd);
while (server != NULL && mysql_real_connect(con,
server->name,
service_user,
dpwd,
NULL,
server->port,
NULL,
0) == NULL)
{
server = server->nextdb;
}
free(dpwd);
if (server == NULL)
{
LOGIF(LE, (skygw_log_write_flush(
LOGFILE_ERROR,
"Error : Unable to get user data from backend database "
"for service %s. Missing server information.",
service->name)));
mysql_close(con);
return -1;
}
if (mysql_query(con, MYSQL_USERS_COUNT)) {
LOGIF(LE, (skygw_log_write_flush(
LOGFILE_ERROR,
"Error : Loading users for service %s encountered "
"error: %s.",
service->name,
mysql_error(con))));
mysql_close(con);
return -1;
}
result = mysql_store_result(con);
if (result == NULL) {
LOGIF(LE, (skygw_log_write_flush(
LOGFILE_ERROR,
"Error : Loading users for service %s encountered "
"error: %s.",
service->name,
mysql_error(con))));
mysql_close(con);
return -1;
}
num_fields = mysql_num_fields(result);
row = mysql_fetch_row(result);
nusers = atoi(row[0]);
mysql_free_result(result);
if (!nusers) {
LOGIF(LE, (skygw_log_write_flush(
LOGFILE_ERROR,
"Error : Counting users for service %s returned 0",
service->name)));
mysql_close(con);
return -1;
}
if (mysql_query(con, users_query)) {
LOGIF(LE, (skygw_log_write_flush(
LOGFILE_ERROR,
"Error : Loading users for service %s encountered "
"error: %s.",
service->name,
mysql_error(con))));
mysql_close(con);
return -1;
}
result = mysql_store_result(con);
if (result == NULL) {
LOGIF(LE, (skygw_log_write_flush(
LOGFILE_ERROR,
"Error : Loading users for service %s encountered "
"error: %s.",
service->name,
mysql_error(con))));
mysql_close(con);
return -1;
}
num_fields = mysql_num_fields(result);
users_data = (char *)malloc(nusers * (users_data_row_len * sizeof(char)) + 1);
if(users_data == NULL)
return -1;
while ((row = mysql_fetch_row(result))) {
/**
* Four fields should be returned.
* user and passwd+1 (escaping the first byte that is '*') are
* added to hashtable.
*/
char ret_ip[INET_ADDRSTRLEN + 1]="";
const char *rc;
/* prepare the user@host data struct */
memset(&serv_addr, 0, sizeof(serv_addr));
memset(&key, 0, sizeof(key));
/* if host == '%', 0 is passed */
if (setipaddress(&serv_addr.sin_addr, strcmp(row[1], "%") ? row[1] : "0.0.0.0")) {
key.user = strdup(row[0]);
if(key.user == NULL) {
LOGIF(LE, (skygw_log_write_flush(
LOGFILE_ERROR,
"%lu [getUsers()] strdup() failed for user %s",
pthread_self(),
row[0])));
continue;
}
memcpy(&key.ipv4, &serv_addr, sizeof(serv_addr));
rc = inet_ntop(AF_INET, &(serv_addr).sin_addr, ret_ip, INET_ADDRSTRLEN);
/* add user@host as key and passwd as value in the MySQL users hash table */
if (mysql_users_add(users, &key, strlen(row[2]) ? row[2]+1 : row[2])) {
LOGIF(LD, (skygw_log_write_flush(
LOGFILE_DEBUG,
"%lu [mysql_users_add()] Added user %s@%s(%s)",
pthread_self(),
row[0],
row[1],
rc == NULL ? "NULL" : ret_ip)));
/* Append data in the memory area for SHA1 digest */
strncat(users_data, row[3], users_data_row_len);
total_users++;
} else {
LOGIF(LE, (skygw_log_write_flush(
LOGFILE_ERROR,
"%lu [mysql_users_add()] Failed adding user %s@%s(%s)",
pthread_self(),
row[0],
row[1],
rc == NULL ? "NULL" : ret_ip)));
continue;
}
} else {
/* setipaddress() failed, skip user add and log this*/
LOGIF(LE, (skygw_log_write_flush(
LOGFILE_ERROR,
"%lu [getUsers()] setipaddress failed: user %s@%s not added",
pthread_self(),
row[0],
row[1])));
}
}
/* compute SHA1 digest for users' data */
SHA1((const unsigned char *) users_data, strlen(users_data), hash);
memcpy(users->cksum, hash, SHA_DIGEST_LENGTH);
free(users_data);
mysql_free_result(result);
mysql_close(con);
mysql_thread_end();
return total_users;
}
