diff options
author | Julius Goryavsky <julius.goryavsky@mariadb.com> | 2022-10-04 13:15:52 +0200 |
---|---|---|
committer | Julius Goryavsky <julius.goryavsky@mariadb.com> | 2022-10-04 13:16:17 +0200 |
commit | 19f0b96d53dec47d7b8680c44997afba2ed7431e (patch) | |
tree | fcc39a14868c118497c0d336f7b3541c6395fd43 /support-files | |
parent | c0817dac99c28698dfc2b548d89acf1fb41dc32e (diff) | |
download | mariadb-git-19f0b96d53dec47d7b8680c44997afba2ed7431e.tar.gz |
MDEV-27682: bundled wsrep_notify.sh causes mariadbd to freeze during start
This commit adds automation that will reduce the possibility
of user errors when customizing wsrep_notify.sh (in particular
caused by user-specified parameters). Now all leading and trailing
spaces are removed from the user-specified parameters and automatic
port and host address substitution has been added to scripts, as
well as automatic password substitution to the client command line,
only if it is specified in the wsrep_notify.sh and not as empty
strings. Also added support for automatic substitution of the all
SSL-related parameters and improved parsing for ipv6 addresses
(to allow "[...]" notation for ipv6 addresses). Also added a
test to check if the wsrep notify script will works with SSL.
Diffstat (limited to 'support-files')
-rwxr-xr-x[-rw-r--r--] | support-files/wsrep_notify.sh | 123 |
1 files changed, 108 insertions, 15 deletions
diff --git a/support-files/wsrep_notify.sh b/support-files/wsrep_notify.sh index bdbe3d12a39..87ba11342c5 100644..100755 --- a/support-files/wsrep_notify.sh +++ b/support-files/wsrep_notify.sh @@ -4,12 +4,31 @@ # It will create 'wsrep' schema and two tables in it: 'membeship' and 'status' # and fill them on every membership or node status change. # -# Edit parameters below to specify the address and login to server. - +# Edit parameters below to specify the address and login to server: +# USER=root PSWD=rootpass +# +# If these parameters are not set, then the values +# passed by the server are taken: +# HOST=127.0.0.1 PORT=3306 +# +# Edit parameters below to specify SSL parameters: +# +ssl_key= +ssl_cert= +ssl_ca= +ssl_capath= +ssl_cipher= +ssl_crl= +ssl_crlpath= +ssl_verify_server_cert=0 +# +# Client executable path: +# +CLIENT="mysql" SCHEMA="wsrep" MEMB_TABLE="$SCHEMA.membership" @@ -32,8 +51,6 @@ CREATE TABLE $STATUS_TABLE ( prim BOOLEAN /* if component is primary */ ) ENGINE=MEMORY; BEGIN; -DELETE FROM $MEMB_TABLE; -DELETE FROM $STATUS_TABLE; " END="COMMIT;" @@ -43,7 +60,7 @@ configuration_change() local idx=0 - for NODE in $(echo $MEMBERS | sed s/,/\ /g) + for NODE in $(echo "$MEMBERS" | sed s/,/\ /g) do echo "INSERT INTO $MEMB_TABLE VALUES ( $idx, " # Don't forget to properly quote string values @@ -62,17 +79,44 @@ status_update() echo "SET wsrep_on=0; BEGIN; UPDATE $STATUS_TABLE SET status='$STATUS'; COMMIT;" } +trim_string() +{ + if [ -n "${BASH_VERSION:-}" ]; then + local pattern="[![:space:]${2:-}]" + local x="${1#*$pattern}" + local z=${#1} + x=${#x} + if [ $x -ne $z ]; then + local y="${1%$pattern*}" + y=${#y} + x=$(( z-x-1 )) + y=$(( y-x+1 )) + printf '%s' "${1:$x:$y}" + else + printf '' + fi + else + local pattern="[[:space:]${2:-}]" + echo "$1" | sed -E "s/^$pattern+|$pattern+\$//g" + fi +} + COM=status_update # not a configuration change by default -while [ $# -gt 0 ] -do +STATUS="" +CLUSTER_UUID="" +PRIMARY="0" +INDEX="" +MEMBERS="" + +while [ $# -gt 0 ]; do case $1 in --status) - STATUS=$2 + STATUS=$(trim_string "$2") shift ;; --uuid) - CLUSTER_UUID=$2 + CLUSTER_UUID=$(trim_string "$2") shift ;; --primary) @@ -81,22 +125,71 @@ do shift ;; --index) - INDEX=$2 + INDEX=$(trim_string "$2") shift ;; --members) - MEMBERS=$2 + MEMBERS=$(trim_string "$2") shift ;; esac shift done -# Undefined means node is shutting down -if [ "$STATUS" != "Undefined" ] +USER=$(trim_string "$USER") +PSWD=$(trim_string "$PSWD") + +HOST=$(trim_string "$HOST") +PORT=$(trim_string "$PORT") + +case "$HOST" in +\[*) + HOST="${HOST##\[}" + HOST=$(trim_string "${HOST%%\]}") + ;; +esac + +if [ -z "$HOST" ]; then + HOST="${NOTIFY_HOST:-}" +fi +if [ -z "$PORT" ]; then + PORT="${NOTIFY_PORT:-}" +fi + +ssl_key=$(trim_string "$ssl_key"); +ssl_cert=$(trim_string "$ssl_cert"); +ssl_ca=$(trim_string "$ssl_ca"); +ssl_capath=$(trim_string "$ssl_capath"); +ssl_cipher=$(trim_string "$ssl_cipher"); +ssl_crl=$(trim_string "$ssl_crl"); +ssl_crlpath=$(trim_string "$ssl_crlpath"); +ssl_verify_server_cert=$(trim_string "$ssl_verify_server_cert"); + +SSL_PARAM="" + +if [ -n "$ssl_key" -o -n "$ssl_cert" -o \ + -n "$ssl_ca" -o -n "$ssl_capath" -o \ + -n "$ssl_cipher" ] then - $COM | mysql -B -u$USER -p$PSWD -h$HOST -P$PORT + SSL_PARAM=' --ssl' + [ -n "$ssl_key" ] && SSL_PARAM="$SSL_PARAM --ssl-key='$ssl_key'" + [ -n "$ssl_cert" ] && SSL_PARAM="$SSL_PARAM --ssl-cert='$ssl_cert'" + [ -n "$ssl_ca" ] && SSL_PARAM="$SSL_PARAM --ssl-ca='$ssl_ca'" + [ -n "$ssl_capath" ] && SSL_PARAM="$SSL_PARAM --ssl-capath='$ssl_capath'" + [ -n "$ssl_cipher" ] && SSL_PARAM="$SSL_PARAM --ssl-cipher='$ssl_cipher'" + [ -n "$ssl_crl" ] && SSL_PARAM="$SSL_PARAM --ssl-crl='$ssl_crl'" + [ -n "$ssl_crlpath" ] && SSL_PARAM="$SSL_PARAM --ssl-crlpath='$ssl_crlpath'" + if [ -n "$ssl_verify_server_cert" ]; then + if [ $ssl_verify_server_cert -ne 0 ]; then + SSL_PARAM+=' --ssl-verify-server-cert' + fi + fi +fi + +# Undefined means node is shutting down +if [ "$STATUS" != 'Undefined' ]; then + "$COM" | eval "$CLIENT" -B "-u'$USER'"${PSWD:+" -p'$PSWD'"}\ + "-h'$HOST'" "-P$PORT"$SSL_PARAM fi exit 0 -# |