Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

server, session: refine mysql handshake error log (#15731) #15798

Merged
merged 2 commits into from
Mar 30, 2020
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
32 changes: 29 additions & 3 deletions server/conn.go
Original file line number Diff line number Diff line change
Expand Up @@ -168,6 +168,11 @@ func (cc *clientConn) String() string {
// After handshake, client can send sql query to server.
func (cc *clientConn) handshake(ctx context.Context) error {
if err := cc.writeInitialHandshake(); err != nil {
if errors.Cause(err) == io.EOF {
logutil.Logger(ctx).Info("Could not send handshake due to connection has be closed by client-side")
} else {
terror.Log(err)
}
return err
}
if err := cc.readOptionalSSLRequestAndHandshakeResponse(ctx); err != nil {
Expand All @@ -188,10 +193,18 @@ func (cc *clientConn) handshake(ctx context.Context) error {
err := cc.writePacket(data)
cc.pkt.sequence = 0
if err != nil {
err = errors.SuspendStack(err)
logutil.Logger(ctx).Debug("write response to client failed", zap.Error(err))
return err
}

return cc.flush()
err = cc.flush()
if err != nil {
err = errors.SuspendStack(err)
logutil.Logger(ctx).Debug("flush response to client failed", zap.Error(err))
return err
}
return err
}

func (cc *clientConn) Close() error {
Expand Down Expand Up @@ -471,6 +484,12 @@ func (cc *clientConn) readOptionalSSLRequestAndHandshakeResponse(ctx context.Con
// Read a packet. It may be a SSLRequest or HandshakeResponse.
data, err := cc.readPacket()
if err != nil {
err = errors.SuspendStack(err)
if errors.Cause(err) == io.EOF {
logutil.Logger(ctx).Info("wait handshake response fail due to connection has be closed by client-side")
} else {
logutil.Logger(ctx).Error("wait handshake response fail", zap.Error(err))
}
return err
}

Expand All @@ -493,6 +512,7 @@ func (cc *clientConn) readOptionalSSLRequestAndHandshakeResponse(ctx context.Con
}

if err != nil {
terror.Log(err)
return err
}

Expand All @@ -506,6 +526,7 @@ func (cc *clientConn) readOptionalSSLRequestAndHandshakeResponse(ctx context.Con
// Read the following HandshakeResponse packet.
data, err = cc.readPacket()
if err != nil {
logutil.Logger(ctx).Warn("read handshake response failure after upgrade to TLS", zap.Error(err))
return err
}
if isOldVersion {
Expand All @@ -514,11 +535,14 @@ func (cc *clientConn) readOptionalSSLRequestAndHandshakeResponse(ctx context.Con
pos, err = parseHandshakeResponseHeader(ctx, &resp, data)
}
if err != nil {
terror.Log(err)
return err
}
}
} else if config.GetGlobalConfig().Security.RequireSecureTransport {
return errSecureTransportRequired.FastGenByArgs()
err := errSecureTransportRequired.FastGenByArgs()
terror.Log(err)
return err
}

// Read the remaining part of the packet.
Expand All @@ -528,6 +552,7 @@ func (cc *clientConn) readOptionalSSLRequestAndHandshakeResponse(ctx context.Con
err = parseHandshakeResponseBody(ctx, &resp, data, pos)
}
if err != nil {
terror.Log(err)
return err
}

Expand All @@ -538,6 +563,7 @@ func (cc *clientConn) readOptionalSSLRequestAndHandshakeResponse(ctx context.Con
cc.attrs = resp.Attrs

err = cc.openSessionAndDoAuth(resp.Auth)
logutil.Logger(ctx).Warn("open new session failure", zap.Error(err))
return err
}

Expand Down Expand Up @@ -575,7 +601,7 @@ func (cc *clientConn) openSessionAndDoAuth(authData []byte) error {
return err
}
if !cc.ctx.Auth(&auth.UserIdentity{Username: cc.user, Hostname: host}, authData, cc.salt) {
return errAccessDenied.GenWithStackByArgs(cc.user, host, hasPassword)
return errAccessDenied.FastGenByArgs(cc.user, host, hasPassword)
}
if cc.dbname != "" {
err = cc.useDB(context.Background(), cc.dbname)
Expand Down
1 change: 0 additions & 1 deletion server/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -346,7 +346,6 @@ func (s *Server) Close() {
func (s *Server) onConn(conn *clientConn) {
ctx := logutil.WithConnID(context.Background(), conn.connectionID)
if err := conn.handshake(ctx); err != nil {
terror.Log(err)
if plugin.IsEnable(plugin.Audit) {
conn.ctx.GetSessionVars().ConnectionInfo = conn.connectInfo()
}
Expand Down
5 changes: 0 additions & 5 deletions session/session.go
Original file line number Diff line number Diff line change
Expand Up @@ -1377,8 +1377,6 @@ func (s *session) Auth(user *auth.UserIdentity, authentication []byte, salt []by
s.sessionVars.ActiveRoles = pm.GetDefaultRoles(user.AuthUsername, user.AuthHostname)
return true
} else if user.Hostname == variable.DefHostname {
logutil.Logger(context.Background()).Error("user connection verification failed",
zap.Stringer("user", user))
return false
}

Expand All @@ -1396,9 +1394,6 @@ func (s *session) Auth(user *auth.UserIdentity, authentication []byte, salt []by
return true
}
}

logutil.Logger(context.Background()).Error("user connection verification failed",
zap.Stringer("user", user))
return false
}

Expand Down