summaryrefslogtreecommitdiff
path: root/vio
Commit message (Collapse)AuthorAgeFilesLines
* Merge 10.4 into 10.5Marko Mäkelä2020-08-013-9/+27
|\
| * Merge 10.3 into 10.4Marko Mäkelä2020-07-313-9/+27
| |\
| | * MDEV-21101 unexpected wait_timeout with pool-of-threadsVladislav Vaintroub2020-07-303-9/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Due to restricted size of the threadpool, execution of client queries can be delayed (queued) for a while. This delay was interpreted as client inactivity, and connection is closed, if client idle time + queue time exceeds wait_timeout. But users did not expect queue time to be included into wait_timeout. This patch changes the behavior. We don't close connection anymore, if there is some unread data present on connection, even if wait_timeout is exceeded. Unread data means that client was not idle, it sent a query, which we did not have time to process yet.
* | | Merge 10.4 into 10.5Marko Mäkelä2020-06-181-2/+2
|\ \ \ | |/ /
| * | MDEV-22917 wolfssl might crash at startup when both SSL and encryption ↵Vladislav Vaintroub2020-06-171-2/+2
| | | | | | | | | | | | | | | | | | plugin are enabled Make sure to initialize SSL early enough, when encryption plugins is loaded
* | | Merge 10.4 into 10.5Marko Mäkelä2020-05-051-1/+1
|\ \ \ | |/ /
| * | Merge 10.3 into 10.4Marko Mäkelä2020-05-051-1/+1
| |\ \ | | |/
| | * Merge branch '10.2' into 10.3Oleksandr Byelkin2020-05-041-1/+1
| | |\
| | | * Merge branch '10.1' into 10.2Oleksandr Byelkin2020-05-021-1/+1
| | | |\
| | | | * vio: typo on sock{et}_errno in commentDaniel Black2020-04-291-1/+1
| | | | |
| | | * | Fix warning when compiling with OpenSSL.Vladislav Vaintroub2019-09-091-1/+1
| | | | |
| * | | | Do not compile socket IO code in WolfSSLVladislav Vaintroub2019-07-281-0/+4
| | | | | | | | | | | | | | | | | | | | We use own IO callbacks from server code anyway.
* | | | | perfschema socket instrumentation related changesSergei Golubchik2020-03-101-0/+20
| | | | |
* | | | | perfschema memory related instrumentation changesSergei Golubchik2020-03-103-4/+32
| | | | |
* | | | | Fixed issues when running mtr with --valgrindMonty2019-08-231-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Note that some issues was also fixed in 10.2 and 10.4. I also fixed them here to be able to continue with making 10.5 valgrind safe again - Disable connection threads warnings when doing shutdown
* | | | | Do not compile socket IO code in WolfSSLVladislav Vaintroub2019-07-041-0/+4
|/ / / / | | | | | | | | | | | | We use own IO callbacks from server code anyway.
* | | | MDEV-14101 Provide an option to select TLS protocol versionGeorg Richter2019-06-171-7/+53
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Server and command line tools now support option --tls_version to specify the TLS version between client and server. Valid values are TLSv1.0, TLSv1.1, TLSv1.2, TLSv1.3 or a combination of them. E.g. --tls_version=TLSv1.3 --tls_version=TLSv1.2,TLSv1.3 In case there is a gap between versions, the lowest version will be used: --tls_version=TLSv1.1,TLSv1.3 -> Only TLSv1.1 will be available. If the used TLS library doesn't support the specified TLS version, it will use the default configuration. Limitations: SSLv3 is not supported. The default configuration doesn't support TLSv1.0 anymore. TLSv1.3 protocol currently is only supported by OpenSSL 1.1.0 (client and server) and GnuTLS 3.6.5 (client only). Overview of TLS implementations and protocols Server: +-----------+-----------------------------------------+ | Library | Supported TLS versions | +-----------+-----------------------------------------+ | WolfSSL | TLSv1.1, TLSv1,2 | +-----------+-----------------------------------------+ | OpenSSL | (TLSv1.0), TLSv1.1, TLSv1,2, TLSv1.3 | +-----------+-----------------------------------------+ | LibreSSL | (TLSv1.0), TLSv1.1, TLSv1,2, TLSv1.3 | +-----------+-----------------------------------------+ Client (MariaDB Connector/C) +-----------+-----------------------------------------+ | Library | Supported TLS versions | +-----------+-----------------------------------------+ | GnuTLS | (TLSv1.0), TLSv1.1, TLSv1.2, TLSv1.3 | +-----------+-----------------------------------------+ | Schannel | (TLSv1.0), TLSv1.1, TLSv1.2 | +-----------+-----------------------------------------+ | OpenSSL | (TLSv1.0), TLSv1.1, TLSv1,2, TLSv1.3 | +-----------+-----------------------------------------+ | LibreSSL | (TLSv1.0), TLSv1.1, TLSv1,2, TLSv1.3 | +-----------+-----------------------------------------+
* | | | MDEV-18531 : Use WolfSSL instead of YaSSL as "bundled" SSL/encryption libraryVladislav Vaintroub2019-05-223-52/+36
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Add new submodule for WolfSSL - Build and use wolfssl and wolfcrypt instead of yassl/taocrypt - Use HAVE_WOLFSSL instead of HAVE_YASSL - Increase MY_AES_CTX_SIZE, to avoid compile time asserts in my_crypt.cc (sizeof(EVP_CIPHER_CTX) is larger on WolfSSL)
* | | | Merge branch '10.3' into 10.4Oleksandr Byelkin2019-05-1913-13/+13
|\ \ \ \ | |/ / /
| * | | Merge 10.2 into 10.3Marko Mäkelä2019-05-1414-14/+14
| |\ \ \ | | |/ /
| | * | Merge 10.1 into 10.2Marko Mäkelä2019-05-1314-14/+14
| | |\ \ | | | |/
| | | * Merge branch '5.5' into 10.1Vicențiu Ciorbaru2019-05-1114-14/+14
| | | |\
| | | | * Update FSF AddressVicențiu Ciorbaru2019-05-1112-12/+12
| | | | | | | | | | | | | | | | | | | | * Update wrong zip-code
* | | | | MDEV-17926 FederatedX TODO is obsoleteSergei Golubchik2018-12-121-3/+0
| | | | |
* | | | | Merge 10.3 into 10.4mariadb-10.4.0Marko Mäkelä2018-11-081-7/+3
|\ \ \ \ \ | |/ / / /
| * | | | Merge 10.2 into 10.3Marko Mäkelä2018-11-071-7/+3
| |\ \ \ \ | | |/ / /
| | * | | MDEV-14781 - threadpool slowdown with slow ssl handshake.Vladislav Vaintroub2018-11-071-7/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix is not to use blocking socket IO during SSL handshake. With non-blocking socket IO, threadpool is able to utilize the wait notification callbacks, that vio_io_wait() is calling whenever socket would block.
* | | | | Small refactoring in vio.Vladislav Vaintroub2018-10-051-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - remove function prototype for shared memory (no more used), and VIO members that are unused - Do not call DisconnectNamedPipe on pipe handle. CloseHandle() is enough.
* | | | | Merge 10.3 into 10.4Marko Mäkelä2018-09-111-1/+1
|\ \ \ \ \ | |/ / / /
| * | | | Windows : fix broken build with OpenSSLVladislav Vaintroub2018-09-081-1/+1
| | | | |
* | | | | MDEV-16536 Remove shared memory transportVladislav Vaintroub2018-08-205-293/+9
| | | | |
* | | | | MDEV-16277 - fix tcp_nodelay test.Vladislav Vaintroub2018-08-121-1/+2
| | | | | | | | | | | | | | | | | | | | Do not attempt to set TCP_NODELAY on Unix domain socket.
* | | | | MDEV-16277 tcp_nodelay session variable to enable / disable Nagle algorithmVladislav Vaintroub2018-08-111-13/+28
|/ / / /
* | | | Merge branch '10.2' into 10.3Sergei Golubchik2018-06-301-0/+1
|\ \ \ \ | |/ / /
| * | | MDEV-15596 10.2 doesn't work with openssl 1.1.1Georg Richter2018-06-211-0/+1
| | | |
* | | | Make possible to use clang on Windows (clang-cl)Vladislav Vaintroub2018-02-201-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | -DWITH_ASAN can be used as well now, on x64 Fix many clang-cl warnings.
* | | | MDEV-15091 : Windows, 64bit: reenable and fix warning C4267 (conversion from ↵Vladislav Vaintroub2018-02-061-19/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 'size_t' to 'type', possible loss of data) Handle string length as size_t, consistently (almost always:)) Change function prototypes to accept size_t, where in the past ulong or uint were used. change local/member variables to size_t when appropriate. This fix excludes rocksdb, spider,spider, sphinx and connect for now.
* | | | Merge remote-tracking branch 'origin/bb-10.2-ext' into 10.3Alexander Barkov2018-01-293-10/+10
|\ \ \ \ | |/ / /
| * | | Fix and reenable Windows compiler warning C4800 (size_t conversion).Vladislav Vaintroub2018-01-263-10/+10
| | | |
* | | | MDEV-14113 Use abortive TCP close, in case server closes the connectionVladislav Vaintroub2017-12-111-40/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | first, and we do not not care whether client has received all data. This is a TCP optimization to avoid TIME_WAIT in TCP connection teardown. This patch would abort connection on timeout, which usually happens when client reads a large result set, at slower pace then the server can write. The patch also cleans up socket timeout handling, so that Windows is consistent with another platforms (using nonblocking socket IO + waiting in poll/select on single socket, rather than setsockopt). This makes identifying timeouts easier. Also removed the superficial shutdown() before closesocket() in a few places where it was used, because it was never needed , and reportedly breaks SO_LINGER on Windows.
* | | | MDEV-14412 Support TCP keepalive optionsVladislav Vaintroub2017-11-171-0/+58
| | | | | | | | | | | | | | | | | | | | Based on pull request by Oleg Obleukhov https://github.com/MariaDB/server/pull/400
* | | | Merge bb-10.2-ext into 10.3Marko Mäkelä2017-10-044-24/+24
|\ \ \ \ | |/ / /
| * | | MDEV-13844 : Fix Windows warnings. Fix DBUG_PRINT.Vladislav Vaintroub2017-09-284-24/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Fix win64 pointer truncation warnings (usually coming from misusing 0x%lx and long cast in DBUG) - Also fix printf-format warnings Make the above mentioned warnings fatal. - fix pthread_join on Windows to set return value.
* | | | Merge bb-10.2-ext into 10.3Marko Mäkelä2017-09-211-4/+0
|\ \ \ \ | |/ / /
| * | | Merge branch '10.1' into 10.2Vicențiu Ciorbaru2017-09-191-4/+0
| |\ \ \ | | |/ /
| | * | Merge branch '10.0' into 10.1Vicențiu Ciorbaru2017-09-191-4/+0
| | |\ \
| | | * | Build improvements and cleanups.Vladislav Vaintroub2017-09-081-4/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - the probably ultimate fix for dependencies on VS - remove some GET_TARGET_PROPERTY(LOCATION ...), they are deprecated in cmake 3.9 - simplify signing targets on Windows. - remove INSTALL_DEBUG_TARGET, we do not mix binaries from different builds in the same package
* | | | | MDEV-11159 Server proxy protocol supportVladislav Vaintroub2017-08-221-1/+1
|/ / / / | | | | | | | | | | | | | | | | | | | | accept proxy protocol header from client connections. The new server variable 'proxy_protocol_networks' contains list of networks from which proxy header is accepted.
* | | | MDEV-10332 support for OpenSSL 1.1 and LibreSSLSergei Golubchik2017-05-092-62/+47
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | post-review fixes: * move all ssl implementation related ifdefs/defines to one file (ssl_compat.h) * work around OpenSSL-1.1 desire to malloc every EVP context by run-time checking that context allocated on the stack is big enough (openssl.c) * use newer version of the AWS SDK for OpenSSL 1.1 * use get_dh2048() function as generated by openssl 1.1 (viosslfactories.c)
* | | | MDEV-10332 support for OpenSSL 1.1 and LibreSSLGeorg Richter2017-05-091-16/+38
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Initial support tested against OpenSSL 1.0.1, 1.0.2, 1.1.0, Yassl and LibreSSL not working on Windows with native SChannel support, due to wrong cipher mapping: Latter one requires push of CONC-241 fixes. Please note that OpenSSL 0.9.8 and OpenSSL 1.1.0 will not work: Even if the build succeeds, test cases will fail with various errors, especially when using different tls libraries or versions for client and server.
View Lorry Controller Status