List:Commits« Previous MessageNext Message »
From:Marc Alff Date:January 30 2012 7:04pm
Subject:bzr push into mysql-trunk-wl5259 branch (marc.alff:3364 to 3365)
View as plain text  
 3365 Marc Alff	2012-01-30
      Fixed blocked hosts, added tests

    added:
      mysql-test/suite/perfschema/r/hostcache_ipv4_blocked.result
      mysql-test/suite/perfschema/r/hostcache_ipv6_blocked.result
      mysql-test/suite/perfschema/t/hostcache_ipv4_blocked.test
      mysql-test/suite/perfschema/t/hostcache_ipv6_blocked-master.opt
      mysql-test/suite/perfschema/t/hostcache_ipv6_blocked.test
    modified:
      sql/hostname.cc
      sql/hostname.h
      sql/sql_acl.cc
      sql/sql_acl.h
      sql/sql_connect.cc
      sql/sql_parse.cc
 3364 Marc Alff	2012-01-30 [merge]
      Merge mysql-trunk --> mysql-trunk-wl5259

    renamed:
      mysql-test/suite/sys_vars/r/innodb_sort_buf_size_basic.result => mysql-test/suite/sys_vars/r/innodb_sort_buffer_size_basic.result
      mysql-test/suite/sys_vars/t/innodb_sort_buf_size_basic.test => mysql-test/suite/sys_vars/t/innodb_sort_buffer_size_basic.test
    modified:
      mysql-test/include/func_in.inc
      mysql-test/include/range.inc
      mysql-test/r/func_in_all.result
      mysql-test/r/func_in_icp.result
      mysql-test/r/func_in_icp_mrr.result
      mysql-test/r/func_in_mrr.result
      mysql-test/r/func_in_mrr_cost.result
      mysql-test/r/func_in_none.result
      mysql-test/r/lowercase_fs_off.result
      mysql-test/r/merge.result
      mysql-test/r/optimizer_debug_sync.result
      mysql-test/r/plugin.result
      mysql-test/r/range_all.result
      mysql-test/r/range_icp.result
      mysql-test/r/range_icp_mrr.result
      mysql-test/r/range_mrr.result
      mysql-test/r/range_mrr_cost.result
      mysql-test/r/range_none.result
      mysql-test/r/sp-security.result
      mysql-test/r/sp.result
      mysql-test/suite/opt_trace/include/range.inc
      mysql-test/suite/parts/inc/partition-dml-1-7.inc
      mysql-test/suite/parts/inc/partition-dml-1-8.inc
      mysql-test/suite/parts/inc/partition_key_16col.inc
      mysql-test/suite/parts/inc/partition_key_32col.inc
      mysql-test/suite/parts/inc/partition_key_4col.inc
      mysql-test/suite/parts/inc/partition_key_8col.inc
      mysql-test/suite/parts/r/partition_special_myisam.result
      mysql-test/t/merge.test
      mysql-test/t/optimizer_debug_sync.test
      mysql-test/t/plugin.test
      mysql-test/t/sp-security.test
      mysql-test/t/sp.test
      mysql-test/t/temp_table.test
      mysql-test/valgrind.supp
      sql/handler.cc
      sql/handler.h
      sql/item.cc
      sql/item_cmpfunc.h
      sql/item_func.cc
      sql/item_func.h
      sql/mysqld.cc
      sql/opt_explain.cc
      sql/opt_range.cc
      sql/sql_parse.cc
      storage/example/ha_example.cc
      storage/innobase/btr/btr0btr.cc
      storage/innobase/btr/btr0cur.cc
      storage/innobase/buf/buf0buf.cc
      storage/innobase/handler/ha_innodb.cc
      storage/innobase/ibuf/ibuf0ibuf.cc
      storage/innobase/include/btr0btr.h
      storage/innobase/include/mtr0log.ic
      storage/innobase/lock/lock0lock.cc
      storage/innobase/page/page0page.cc
      storage/innobase/row/row0ins.cc
      storage/innobase/row/row0sel.cc
      storage/innobase/row/row0umod.cc
      storage/innobase/row/row0upd.cc
      storage/innobase/srv/srv0srv.cc
      storage/innobase/trx/trx0purge.cc
      storage/innobase/trx/trx0rec.cc
      storage/myisammrg/ha_myisammrg.cc
      storage/perfschema/pfs_instr_class.cc
      storage/perfschema/pfs_instr_class.h
      storage/perfschema/pfs_server.cc
      mysql-test/suite/sys_vars/r/innodb_sort_buffer_size_basic.result
      mysql-test/suite/sys_vars/t/innodb_sort_buffer_size_basic.test
=== added file 'mysql-test/suite/perfschema/r/hostcache_ipv4_blocked.result'
--- a/mysql-test/suite/perfschema/r/hostcache_ipv4_blocked.result	1970-01-01 00:00:00 +0000
+++ b/mysql-test/suite/perfschema/r/hostcache_ipv4_blocked.result	2012-01-30 19:03:41 +0000
@@ -0,0 +1,351 @@
+flush status;
+flush hosts;
+flush user_resources;
+select @@global.debug;
+@@global.debug
+
+select @@global.max_connect_errors;
+@@global.max_connect_errors
+10
+select @@global.max_connect_errors into @saved_max_connect_errors;
+show global status like "%peer%";
+Variable_name	Value
+Peer_address_errors	0
+set global max_connect_errors = 2;
+grant select on test.* to 'root'@'santa.claus.ipv4.example.com';
+select "Con1 is alive";
+Con1 is alive
+Con1 is alive
+select current_user();
+current_user()
+root@localhost
+set global debug= "+d,vio_peer_addr_fake_ipv4,getnameinfo_fake_ipv4,getaddrinfo_fake_good_ipv4,native_password_bad_reply";
+ERROR 28000: Access denied for user 'quota'@'santa.claus.ipv4.example.com' (using password: NO)
+select 
+IP, HOST, HOST_VALIDATED, SUM_CONNECT_ERRORS,
+COUNT_HOST_BLOCKED_ERRORS,
+COUNT_NAMEINFO_TRANSIENT_ERRORS,
+COUNT_NAMEINFO_PERMANENT_ERRORS,
+COUNT_FORMAT_ERRORS,
+COUNT_ADDRINFO_TRANSIENT_ERRORS,
+COUNT_ADDRINFO_PERMANENT_ERRORS,
+COUNT_FCRDNS_ERRORS,
+COUNT_HOST_ACL_ERRORS,
+COUNT_NO_AUTH_PLUGIN_ERRORS,
+COUNT_AUTH_PLUGIN_ERRORS,
+COUNT_HANDSHAKE_ERRORS,
+COUNT_PROXY_USER_ERRORS,
+COUNT_PROXY_USER_ACL_ERRORS,
+COUNT_AUTHENTICATION_ERRORS,
+COUNT_SSL_ERRORS,
+COUNT_MAX_USER_CONNECTION_ERRORS,
+COUNT_MAX_USER_CONNECTION_PER_HOUR_ERRORS,
+COUNT_MAX_CONNECTION_ERRORS,
+COUNT_USER_ACL_ERRORS,
+COUNT_LOCAL_ERRORS,
+COUNT_UNKNOWN_ERRORS,
+if (FIRST_ERROR_SEEN is not null, "set", "null") as FIRST_ERROR_SEEN,
+if (LAST_ERROR_SEEN is not null, "set", "null") as LAST_ERROR_SEEN
+from performance_schema.host_cache;
+IP	192.0.2.4
+HOST	santa.claus.ipv4.example.com
+HOST_VALIDATED	YES
+SUM_CONNECT_ERRORS	1
+COUNT_HOST_BLOCKED_ERRORS	0
+COUNT_NAMEINFO_TRANSIENT_ERRORS	0
+COUNT_NAMEINFO_PERMANENT_ERRORS	0
+COUNT_FORMAT_ERRORS	0
+COUNT_ADDRINFO_TRANSIENT_ERRORS	0
+COUNT_ADDRINFO_PERMANENT_ERRORS	0
+COUNT_FCRDNS_ERRORS	0
+COUNT_HOST_ACL_ERRORS	0
+COUNT_NO_AUTH_PLUGIN_ERRORS	0
+COUNT_AUTH_PLUGIN_ERRORS	0
+COUNT_HANDSHAKE_ERRORS	1
+COUNT_PROXY_USER_ERRORS	0
+COUNT_PROXY_USER_ACL_ERRORS	0
+COUNT_AUTHENTICATION_ERRORS	1
+COUNT_SSL_ERRORS	0
+COUNT_MAX_USER_CONNECTION_ERRORS	0
+COUNT_MAX_USER_CONNECTION_PER_HOUR_ERRORS	0
+COUNT_MAX_CONNECTION_ERRORS	0
+COUNT_USER_ACL_ERRORS	0
+COUNT_LOCAL_ERRORS	0
+COUNT_UNKNOWN_ERRORS	0
+FIRST_ERROR_SEEN	set
+LAST_ERROR_SEEN	set
+ERROR 28000: Access denied for user 'quota'@'santa.claus.ipv4.example.com' (using password: NO)
+select 
+IP, HOST, HOST_VALIDATED, SUM_CONNECT_ERRORS,
+COUNT_HOST_BLOCKED_ERRORS,
+COUNT_NAMEINFO_TRANSIENT_ERRORS,
+COUNT_NAMEINFO_PERMANENT_ERRORS,
+COUNT_FORMAT_ERRORS,
+COUNT_ADDRINFO_TRANSIENT_ERRORS,
+COUNT_ADDRINFO_PERMANENT_ERRORS,
+COUNT_FCRDNS_ERRORS,
+COUNT_HOST_ACL_ERRORS,
+COUNT_NO_AUTH_PLUGIN_ERRORS,
+COUNT_AUTH_PLUGIN_ERRORS,
+COUNT_HANDSHAKE_ERRORS,
+COUNT_PROXY_USER_ERRORS,
+COUNT_PROXY_USER_ACL_ERRORS,
+COUNT_AUTHENTICATION_ERRORS,
+COUNT_SSL_ERRORS,
+COUNT_MAX_USER_CONNECTION_ERRORS,
+COUNT_MAX_USER_CONNECTION_PER_HOUR_ERRORS,
+COUNT_MAX_CONNECTION_ERRORS,
+COUNT_USER_ACL_ERRORS,
+COUNT_LOCAL_ERRORS,
+COUNT_UNKNOWN_ERRORS,
+if (FIRST_ERROR_SEEN is not null, "set", "null") as FIRST_ERROR_SEEN,
+if (LAST_ERROR_SEEN is not null, "set", "null") as LAST_ERROR_SEEN
+from performance_schema.host_cache;
+IP	192.0.2.4
+HOST	santa.claus.ipv4.example.com
+HOST_VALIDATED	YES
+SUM_CONNECT_ERRORS	2
+COUNT_HOST_BLOCKED_ERRORS	0
+COUNT_NAMEINFO_TRANSIENT_ERRORS	0
+COUNT_NAMEINFO_PERMANENT_ERRORS	0
+COUNT_FORMAT_ERRORS	0
+COUNT_ADDRINFO_TRANSIENT_ERRORS	0
+COUNT_ADDRINFO_PERMANENT_ERRORS	0
+COUNT_FCRDNS_ERRORS	0
+COUNT_HOST_ACL_ERRORS	0
+COUNT_NO_AUTH_PLUGIN_ERRORS	0
+COUNT_AUTH_PLUGIN_ERRORS	0
+COUNT_HANDSHAKE_ERRORS	2
+COUNT_PROXY_USER_ERRORS	0
+COUNT_PROXY_USER_ACL_ERRORS	0
+COUNT_AUTHENTICATION_ERRORS	2
+COUNT_SSL_ERRORS	0
+COUNT_MAX_USER_CONNECTION_ERRORS	0
+COUNT_MAX_USER_CONNECTION_PER_HOUR_ERRORS	0
+COUNT_MAX_CONNECTION_ERRORS	0
+COUNT_USER_ACL_ERRORS	0
+COUNT_LOCAL_ERRORS	0
+COUNT_UNKNOWN_ERRORS	0
+FIRST_ERROR_SEEN	set
+LAST_ERROR_SEEN	set
+ERROR 28000: Access denied for user 'quota'@'santa.claus.ipv4.example.com' (using password: NO)
+select 
+IP, HOST, HOST_VALIDATED, SUM_CONNECT_ERRORS,
+COUNT_HOST_BLOCKED_ERRORS,
+COUNT_NAMEINFO_TRANSIENT_ERRORS,
+COUNT_NAMEINFO_PERMANENT_ERRORS,
+COUNT_FORMAT_ERRORS,
+COUNT_ADDRINFO_TRANSIENT_ERRORS,
+COUNT_ADDRINFO_PERMANENT_ERRORS,
+COUNT_FCRDNS_ERRORS,
+COUNT_HOST_ACL_ERRORS,
+COUNT_NO_AUTH_PLUGIN_ERRORS,
+COUNT_AUTH_PLUGIN_ERRORS,
+COUNT_HANDSHAKE_ERRORS,
+COUNT_PROXY_USER_ERRORS,
+COUNT_PROXY_USER_ACL_ERRORS,
+COUNT_AUTHENTICATION_ERRORS,
+COUNT_SSL_ERRORS,
+COUNT_MAX_USER_CONNECTION_ERRORS,
+COUNT_MAX_USER_CONNECTION_PER_HOUR_ERRORS,
+COUNT_MAX_CONNECTION_ERRORS,
+COUNT_USER_ACL_ERRORS,
+COUNT_LOCAL_ERRORS,
+COUNT_UNKNOWN_ERRORS,
+if (FIRST_ERROR_SEEN is not null, "set", "null") as FIRST_ERROR_SEEN,
+if (LAST_ERROR_SEEN is not null, "set", "null") as LAST_ERROR_SEEN
+from performance_schema.host_cache;
+IP	192.0.2.4
+HOST	santa.claus.ipv4.example.com
+HOST_VALIDATED	YES
+SUM_CONNECT_ERRORS	3
+COUNT_HOST_BLOCKED_ERRORS	0
+COUNT_NAMEINFO_TRANSIENT_ERRORS	0
+COUNT_NAMEINFO_PERMANENT_ERRORS	0
+COUNT_FORMAT_ERRORS	0
+COUNT_ADDRINFO_TRANSIENT_ERRORS	0
+COUNT_ADDRINFO_PERMANENT_ERRORS	0
+COUNT_FCRDNS_ERRORS	0
+COUNT_HOST_ACL_ERRORS	0
+COUNT_NO_AUTH_PLUGIN_ERRORS	0
+COUNT_AUTH_PLUGIN_ERRORS	0
+COUNT_HANDSHAKE_ERRORS	3
+COUNT_PROXY_USER_ERRORS	0
+COUNT_PROXY_USER_ACL_ERRORS	0
+COUNT_AUTHENTICATION_ERRORS	3
+COUNT_SSL_ERRORS	0
+COUNT_MAX_USER_CONNECTION_ERRORS	0
+COUNT_MAX_USER_CONNECTION_PER_HOUR_ERRORS	0
+COUNT_MAX_CONNECTION_ERRORS	0
+COUNT_USER_ACL_ERRORS	0
+COUNT_LOCAL_ERRORS	0
+COUNT_UNKNOWN_ERRORS	0
+FIRST_ERROR_SEEN	set
+LAST_ERROR_SEEN	set
+ERROR HY000: Host '192.0.2.4' is blocked because of many connection errors; unblock with 'mysqladmin flush-hosts'
+select 
+IP, HOST, HOST_VALIDATED, SUM_CONNECT_ERRORS,
+COUNT_HOST_BLOCKED_ERRORS,
+COUNT_NAMEINFO_TRANSIENT_ERRORS,
+COUNT_NAMEINFO_PERMANENT_ERRORS,
+COUNT_FORMAT_ERRORS,
+COUNT_ADDRINFO_TRANSIENT_ERRORS,
+COUNT_ADDRINFO_PERMANENT_ERRORS,
+COUNT_FCRDNS_ERRORS,
+COUNT_HOST_ACL_ERRORS,
+COUNT_NO_AUTH_PLUGIN_ERRORS,
+COUNT_AUTH_PLUGIN_ERRORS,
+COUNT_HANDSHAKE_ERRORS,
+COUNT_PROXY_USER_ERRORS,
+COUNT_PROXY_USER_ACL_ERRORS,
+COUNT_AUTHENTICATION_ERRORS,
+COUNT_SSL_ERRORS,
+COUNT_MAX_USER_CONNECTION_ERRORS,
+COUNT_MAX_USER_CONNECTION_PER_HOUR_ERRORS,
+COUNT_MAX_CONNECTION_ERRORS,
+COUNT_USER_ACL_ERRORS,
+COUNT_LOCAL_ERRORS,
+COUNT_UNKNOWN_ERRORS,
+if (FIRST_ERROR_SEEN is not null, "set", "null") as FIRST_ERROR_SEEN,
+if (LAST_ERROR_SEEN is not null, "set", "null") as LAST_ERROR_SEEN
+from performance_schema.host_cache;
+IP	192.0.2.4
+HOST	santa.claus.ipv4.example.com
+HOST_VALIDATED	YES
+SUM_CONNECT_ERRORS	3
+COUNT_HOST_BLOCKED_ERRORS	1
+COUNT_NAMEINFO_TRANSIENT_ERRORS	0
+COUNT_NAMEINFO_PERMANENT_ERRORS	0
+COUNT_FORMAT_ERRORS	0
+COUNT_ADDRINFO_TRANSIENT_ERRORS	0
+COUNT_ADDRINFO_PERMANENT_ERRORS	0
+COUNT_FCRDNS_ERRORS	0
+COUNT_HOST_ACL_ERRORS	0
+COUNT_NO_AUTH_PLUGIN_ERRORS	0
+COUNT_AUTH_PLUGIN_ERRORS	0
+COUNT_HANDSHAKE_ERRORS	3
+COUNT_PROXY_USER_ERRORS	0
+COUNT_PROXY_USER_ACL_ERRORS	0
+COUNT_AUTHENTICATION_ERRORS	3
+COUNT_SSL_ERRORS	0
+COUNT_MAX_USER_CONNECTION_ERRORS	0
+COUNT_MAX_USER_CONNECTION_PER_HOUR_ERRORS	0
+COUNT_MAX_CONNECTION_ERRORS	0
+COUNT_USER_ACL_ERRORS	0
+COUNT_LOCAL_ERRORS	0
+COUNT_UNKNOWN_ERRORS	0
+FIRST_ERROR_SEEN	set
+LAST_ERROR_SEEN	set
+ERROR HY000: Host '192.0.2.4' is blocked because of many connection errors; unblock with 'mysqladmin flush-hosts'
+select 
+IP, HOST, HOST_VALIDATED, SUM_CONNECT_ERRORS,
+COUNT_HOST_BLOCKED_ERRORS,
+COUNT_NAMEINFO_TRANSIENT_ERRORS,
+COUNT_NAMEINFO_PERMANENT_ERRORS,
+COUNT_FORMAT_ERRORS,
+COUNT_ADDRINFO_TRANSIENT_ERRORS,
+COUNT_ADDRINFO_PERMANENT_ERRORS,
+COUNT_FCRDNS_ERRORS,
+COUNT_HOST_ACL_ERRORS,
+COUNT_NO_AUTH_PLUGIN_ERRORS,
+COUNT_AUTH_PLUGIN_ERRORS,
+COUNT_HANDSHAKE_ERRORS,
+COUNT_PROXY_USER_ERRORS,
+COUNT_PROXY_USER_ACL_ERRORS,
+COUNT_AUTHENTICATION_ERRORS,
+COUNT_SSL_ERRORS,
+COUNT_MAX_USER_CONNECTION_ERRORS,
+COUNT_MAX_USER_CONNECTION_PER_HOUR_ERRORS,
+COUNT_MAX_CONNECTION_ERRORS,
+COUNT_USER_ACL_ERRORS,
+COUNT_LOCAL_ERRORS,
+COUNT_UNKNOWN_ERRORS,
+if (FIRST_ERROR_SEEN is not null, "set", "null") as FIRST_ERROR_SEEN,
+if (LAST_ERROR_SEEN is not null, "set", "null") as LAST_ERROR_SEEN
+from performance_schema.host_cache;
+IP	192.0.2.4
+HOST	santa.claus.ipv4.example.com
+HOST_VALIDATED	YES
+SUM_CONNECT_ERRORS	3
+COUNT_HOST_BLOCKED_ERRORS	2
+COUNT_NAMEINFO_TRANSIENT_ERRORS	0
+COUNT_NAMEINFO_PERMANENT_ERRORS	0
+COUNT_FORMAT_ERRORS	0
+COUNT_ADDRINFO_TRANSIENT_ERRORS	0
+COUNT_ADDRINFO_PERMANENT_ERRORS	0
+COUNT_FCRDNS_ERRORS	0
+COUNT_HOST_ACL_ERRORS	0
+COUNT_NO_AUTH_PLUGIN_ERRORS	0
+COUNT_AUTH_PLUGIN_ERRORS	0
+COUNT_HANDSHAKE_ERRORS	3
+COUNT_PROXY_USER_ERRORS	0
+COUNT_PROXY_USER_ACL_ERRORS	0
+COUNT_AUTHENTICATION_ERRORS	3
+COUNT_SSL_ERRORS	0
+COUNT_MAX_USER_CONNECTION_ERRORS	0
+COUNT_MAX_USER_CONNECTION_PER_HOUR_ERRORS	0
+COUNT_MAX_CONNECTION_ERRORS	0
+COUNT_USER_ACL_ERRORS	0
+COUNT_LOCAL_ERRORS	0
+COUNT_UNKNOWN_ERRORS	0
+FIRST_ERROR_SEEN	set
+LAST_ERROR_SEEN	set
+flush hosts;
+ERROR 28000: Access denied for user 'quota'@'santa.claus.ipv4.example.com' (using password: NO)
+select 
+IP, HOST, HOST_VALIDATED, SUM_CONNECT_ERRORS,
+COUNT_HOST_BLOCKED_ERRORS,
+COUNT_NAMEINFO_TRANSIENT_ERRORS,
+COUNT_NAMEINFO_PERMANENT_ERRORS,
+COUNT_FORMAT_ERRORS,
+COUNT_ADDRINFO_TRANSIENT_ERRORS,
+COUNT_ADDRINFO_PERMANENT_ERRORS,
+COUNT_FCRDNS_ERRORS,
+COUNT_HOST_ACL_ERRORS,
+COUNT_NO_AUTH_PLUGIN_ERRORS,
+COUNT_AUTH_PLUGIN_ERRORS,
+COUNT_HANDSHAKE_ERRORS,
+COUNT_PROXY_USER_ERRORS,
+COUNT_PROXY_USER_ACL_ERRORS,
+COUNT_AUTHENTICATION_ERRORS,
+COUNT_SSL_ERRORS,
+COUNT_MAX_USER_CONNECTION_ERRORS,
+COUNT_MAX_USER_CONNECTION_PER_HOUR_ERRORS,
+COUNT_MAX_CONNECTION_ERRORS,
+COUNT_USER_ACL_ERRORS,
+COUNT_LOCAL_ERRORS,
+COUNT_UNKNOWN_ERRORS,
+if (FIRST_ERROR_SEEN is not null, "set", "null") as FIRST_ERROR_SEEN,
+if (LAST_ERROR_SEEN is not null, "set", "null") as LAST_ERROR_SEEN
+from performance_schema.host_cache;
+IP	192.0.2.4
+HOST	santa.claus.ipv4.example.com
+HOST_VALIDATED	YES
+SUM_CONNECT_ERRORS	1
+COUNT_HOST_BLOCKED_ERRORS	0
+COUNT_NAMEINFO_TRANSIENT_ERRORS	0
+COUNT_NAMEINFO_PERMANENT_ERRORS	0
+COUNT_FORMAT_ERRORS	0
+COUNT_ADDRINFO_TRANSIENT_ERRORS	0
+COUNT_ADDRINFO_PERMANENT_ERRORS	0
+COUNT_FCRDNS_ERRORS	0
+COUNT_HOST_ACL_ERRORS	0
+COUNT_NO_AUTH_PLUGIN_ERRORS	0
+COUNT_AUTH_PLUGIN_ERRORS	0
+COUNT_HANDSHAKE_ERRORS	1
+COUNT_PROXY_USER_ERRORS	0
+COUNT_PROXY_USER_ACL_ERRORS	0
+COUNT_AUTHENTICATION_ERRORS	1
+COUNT_SSL_ERRORS	0
+COUNT_MAX_USER_CONNECTION_ERRORS	0
+COUNT_MAX_USER_CONNECTION_PER_HOUR_ERRORS	0
+COUNT_MAX_CONNECTION_ERRORS	0
+COUNT_USER_ACL_ERRORS	0
+COUNT_LOCAL_ERRORS	0
+COUNT_UNKNOWN_ERRORS	0
+FIRST_ERROR_SEEN	set
+LAST_ERROR_SEEN	set
+revoke select on test.* from 'root'@'santa.claus.ipv4.example.com';
+drop user 'root'@'santa.claus.ipv4.example.com';
+set global max_connect_errors = @saved_max_connect_errors;
+set global debug= default;

=== added file 'mysql-test/suite/perfschema/r/hostcache_ipv6_blocked.result'
--- a/mysql-test/suite/perfschema/r/hostcache_ipv6_blocked.result	1970-01-01 00:00:00 +0000
+++ b/mysql-test/suite/perfschema/r/hostcache_ipv6_blocked.result	2012-01-30 19:03:41 +0000
@@ -0,0 +1,351 @@
+flush status;
+flush hosts;
+flush user_resources;
+select @@global.debug;
+@@global.debug
+
+select @@global.max_connect_errors;
+@@global.max_connect_errors
+10
+select @@global.max_connect_errors into @saved_max_connect_errors;
+show global status like "%peer%";
+Variable_name	Value
+Peer_address_errors	0
+set global max_connect_errors = 2;
+grant select on test.* to 'root'@'santa.claus.ipv6.example.com';
+select "Con1 is alive";
+Con1 is alive
+Con1 is alive
+select current_user();
+current_user()
+root@localhost
+set global debug= "+d,vio_peer_addr_fake_ipv6,getnameinfo_fake_ipv6,getaddrinfo_fake_good_ipv6,native_password_bad_reply";
+ERROR 28000: Access denied for user 'quota'@'santa.claus.ipv6.example.com' (using password: NO)
+select 
+IP, HOST, HOST_VALIDATED, SUM_CONNECT_ERRORS,
+COUNT_HOST_BLOCKED_ERRORS,
+COUNT_NAMEINFO_TRANSIENT_ERRORS,
+COUNT_NAMEINFO_PERMANENT_ERRORS,
+COUNT_FORMAT_ERRORS,
+COUNT_ADDRINFO_TRANSIENT_ERRORS,
+COUNT_ADDRINFO_PERMANENT_ERRORS,
+COUNT_FCRDNS_ERRORS,
+COUNT_HOST_ACL_ERRORS,
+COUNT_NO_AUTH_PLUGIN_ERRORS,
+COUNT_AUTH_PLUGIN_ERRORS,
+COUNT_HANDSHAKE_ERRORS,
+COUNT_PROXY_USER_ERRORS,
+COUNT_PROXY_USER_ACL_ERRORS,
+COUNT_AUTHENTICATION_ERRORS,
+COUNT_SSL_ERRORS,
+COUNT_MAX_USER_CONNECTION_ERRORS,
+COUNT_MAX_USER_CONNECTION_PER_HOUR_ERRORS,
+COUNT_MAX_CONNECTION_ERRORS,
+COUNT_USER_ACL_ERRORS,
+COUNT_LOCAL_ERRORS,
+COUNT_UNKNOWN_ERRORS,
+if (FIRST_ERROR_SEEN is not null, "set", "null") as FIRST_ERROR_SEEN,
+if (LAST_ERROR_SEEN is not null, "set", "null") as LAST_ERROR_SEEN
+from performance_schema.host_cache;
+IP	2001:db8::6:6
+HOST	santa.claus.ipv6.example.com
+HOST_VALIDATED	YES
+SUM_CONNECT_ERRORS	1
+COUNT_HOST_BLOCKED_ERRORS	0
+COUNT_NAMEINFO_TRANSIENT_ERRORS	0
+COUNT_NAMEINFO_PERMANENT_ERRORS	0
+COUNT_FORMAT_ERRORS	0
+COUNT_ADDRINFO_TRANSIENT_ERRORS	0
+COUNT_ADDRINFO_PERMANENT_ERRORS	0
+COUNT_FCRDNS_ERRORS	0
+COUNT_HOST_ACL_ERRORS	0
+COUNT_NO_AUTH_PLUGIN_ERRORS	0
+COUNT_AUTH_PLUGIN_ERRORS	0
+COUNT_HANDSHAKE_ERRORS	1
+COUNT_PROXY_USER_ERRORS	0
+COUNT_PROXY_USER_ACL_ERRORS	0
+COUNT_AUTHENTICATION_ERRORS	1
+COUNT_SSL_ERRORS	0
+COUNT_MAX_USER_CONNECTION_ERRORS	0
+COUNT_MAX_USER_CONNECTION_PER_HOUR_ERRORS	0
+COUNT_MAX_CONNECTION_ERRORS	0
+COUNT_USER_ACL_ERRORS	0
+COUNT_LOCAL_ERRORS	0
+COUNT_UNKNOWN_ERRORS	0
+FIRST_ERROR_SEEN	set
+LAST_ERROR_SEEN	set
+ERROR 28000: Access denied for user 'quota'@'santa.claus.ipv6.example.com' (using password: NO)
+select 
+IP, HOST, HOST_VALIDATED, SUM_CONNECT_ERRORS,
+COUNT_HOST_BLOCKED_ERRORS,
+COUNT_NAMEINFO_TRANSIENT_ERRORS,
+COUNT_NAMEINFO_PERMANENT_ERRORS,
+COUNT_FORMAT_ERRORS,
+COUNT_ADDRINFO_TRANSIENT_ERRORS,
+COUNT_ADDRINFO_PERMANENT_ERRORS,
+COUNT_FCRDNS_ERRORS,
+COUNT_HOST_ACL_ERRORS,
+COUNT_NO_AUTH_PLUGIN_ERRORS,
+COUNT_AUTH_PLUGIN_ERRORS,
+COUNT_HANDSHAKE_ERRORS,
+COUNT_PROXY_USER_ERRORS,
+COUNT_PROXY_USER_ACL_ERRORS,
+COUNT_AUTHENTICATION_ERRORS,
+COUNT_SSL_ERRORS,
+COUNT_MAX_USER_CONNECTION_ERRORS,
+COUNT_MAX_USER_CONNECTION_PER_HOUR_ERRORS,
+COUNT_MAX_CONNECTION_ERRORS,
+COUNT_USER_ACL_ERRORS,
+COUNT_LOCAL_ERRORS,
+COUNT_UNKNOWN_ERRORS,
+if (FIRST_ERROR_SEEN is not null, "set", "null") as FIRST_ERROR_SEEN,
+if (LAST_ERROR_SEEN is not null, "set", "null") as LAST_ERROR_SEEN
+from performance_schema.host_cache;
+IP	2001:db8::6:6
+HOST	santa.claus.ipv6.example.com
+HOST_VALIDATED	YES
+SUM_CONNECT_ERRORS	2
+COUNT_HOST_BLOCKED_ERRORS	0
+COUNT_NAMEINFO_TRANSIENT_ERRORS	0
+COUNT_NAMEINFO_PERMANENT_ERRORS	0
+COUNT_FORMAT_ERRORS	0
+COUNT_ADDRINFO_TRANSIENT_ERRORS	0
+COUNT_ADDRINFO_PERMANENT_ERRORS	0
+COUNT_FCRDNS_ERRORS	0
+COUNT_HOST_ACL_ERRORS	0
+COUNT_NO_AUTH_PLUGIN_ERRORS	0
+COUNT_AUTH_PLUGIN_ERRORS	0
+COUNT_HANDSHAKE_ERRORS	2
+COUNT_PROXY_USER_ERRORS	0
+COUNT_PROXY_USER_ACL_ERRORS	0
+COUNT_AUTHENTICATION_ERRORS	2
+COUNT_SSL_ERRORS	0
+COUNT_MAX_USER_CONNECTION_ERRORS	0
+COUNT_MAX_USER_CONNECTION_PER_HOUR_ERRORS	0
+COUNT_MAX_CONNECTION_ERRORS	0
+COUNT_USER_ACL_ERRORS	0
+COUNT_LOCAL_ERRORS	0
+COUNT_UNKNOWN_ERRORS	0
+FIRST_ERROR_SEEN	set
+LAST_ERROR_SEEN	set
+ERROR 28000: Access denied for user 'quota'@'santa.claus.ipv6.example.com' (using password: NO)
+select 
+IP, HOST, HOST_VALIDATED, SUM_CONNECT_ERRORS,
+COUNT_HOST_BLOCKED_ERRORS,
+COUNT_NAMEINFO_TRANSIENT_ERRORS,
+COUNT_NAMEINFO_PERMANENT_ERRORS,
+COUNT_FORMAT_ERRORS,
+COUNT_ADDRINFO_TRANSIENT_ERRORS,
+COUNT_ADDRINFO_PERMANENT_ERRORS,
+COUNT_FCRDNS_ERRORS,
+COUNT_HOST_ACL_ERRORS,
+COUNT_NO_AUTH_PLUGIN_ERRORS,
+COUNT_AUTH_PLUGIN_ERRORS,
+COUNT_HANDSHAKE_ERRORS,
+COUNT_PROXY_USER_ERRORS,
+COUNT_PROXY_USER_ACL_ERRORS,
+COUNT_AUTHENTICATION_ERRORS,
+COUNT_SSL_ERRORS,
+COUNT_MAX_USER_CONNECTION_ERRORS,
+COUNT_MAX_USER_CONNECTION_PER_HOUR_ERRORS,
+COUNT_MAX_CONNECTION_ERRORS,
+COUNT_USER_ACL_ERRORS,
+COUNT_LOCAL_ERRORS,
+COUNT_UNKNOWN_ERRORS,
+if (FIRST_ERROR_SEEN is not null, "set", "null") as FIRST_ERROR_SEEN,
+if (LAST_ERROR_SEEN is not null, "set", "null") as LAST_ERROR_SEEN
+from performance_schema.host_cache;
+IP	2001:db8::6:6
+HOST	santa.claus.ipv6.example.com
+HOST_VALIDATED	YES
+SUM_CONNECT_ERRORS	3
+COUNT_HOST_BLOCKED_ERRORS	0
+COUNT_NAMEINFO_TRANSIENT_ERRORS	0
+COUNT_NAMEINFO_PERMANENT_ERRORS	0
+COUNT_FORMAT_ERRORS	0
+COUNT_ADDRINFO_TRANSIENT_ERRORS	0
+COUNT_ADDRINFO_PERMANENT_ERRORS	0
+COUNT_FCRDNS_ERRORS	0
+COUNT_HOST_ACL_ERRORS	0
+COUNT_NO_AUTH_PLUGIN_ERRORS	0
+COUNT_AUTH_PLUGIN_ERRORS	0
+COUNT_HANDSHAKE_ERRORS	3
+COUNT_PROXY_USER_ERRORS	0
+COUNT_PROXY_USER_ACL_ERRORS	0
+COUNT_AUTHENTICATION_ERRORS	3
+COUNT_SSL_ERRORS	0
+COUNT_MAX_USER_CONNECTION_ERRORS	0
+COUNT_MAX_USER_CONNECTION_PER_HOUR_ERRORS	0
+COUNT_MAX_CONNECTION_ERRORS	0
+COUNT_USER_ACL_ERRORS	0
+COUNT_LOCAL_ERRORS	0
+COUNT_UNKNOWN_ERRORS	0
+FIRST_ERROR_SEEN	set
+LAST_ERROR_SEEN	set
+ERROR HY000: Host '2001:db8::6:6' is blocked because of many connection errors; unblock with 'mysqladmin flush-hosts'
+select 
+IP, HOST, HOST_VALIDATED, SUM_CONNECT_ERRORS,
+COUNT_HOST_BLOCKED_ERRORS,
+COUNT_NAMEINFO_TRANSIENT_ERRORS,
+COUNT_NAMEINFO_PERMANENT_ERRORS,
+COUNT_FORMAT_ERRORS,
+COUNT_ADDRINFO_TRANSIENT_ERRORS,
+COUNT_ADDRINFO_PERMANENT_ERRORS,
+COUNT_FCRDNS_ERRORS,
+COUNT_HOST_ACL_ERRORS,
+COUNT_NO_AUTH_PLUGIN_ERRORS,
+COUNT_AUTH_PLUGIN_ERRORS,
+COUNT_HANDSHAKE_ERRORS,
+COUNT_PROXY_USER_ERRORS,
+COUNT_PROXY_USER_ACL_ERRORS,
+COUNT_AUTHENTICATION_ERRORS,
+COUNT_SSL_ERRORS,
+COUNT_MAX_USER_CONNECTION_ERRORS,
+COUNT_MAX_USER_CONNECTION_PER_HOUR_ERRORS,
+COUNT_MAX_CONNECTION_ERRORS,
+COUNT_USER_ACL_ERRORS,
+COUNT_LOCAL_ERRORS,
+COUNT_UNKNOWN_ERRORS,
+if (FIRST_ERROR_SEEN is not null, "set", "null") as FIRST_ERROR_SEEN,
+if (LAST_ERROR_SEEN is not null, "set", "null") as LAST_ERROR_SEEN
+from performance_schema.host_cache;
+IP	2001:db8::6:6
+HOST	santa.claus.ipv6.example.com
+HOST_VALIDATED	YES
+SUM_CONNECT_ERRORS	3
+COUNT_HOST_BLOCKED_ERRORS	1
+COUNT_NAMEINFO_TRANSIENT_ERRORS	0
+COUNT_NAMEINFO_PERMANENT_ERRORS	0
+COUNT_FORMAT_ERRORS	0
+COUNT_ADDRINFO_TRANSIENT_ERRORS	0
+COUNT_ADDRINFO_PERMANENT_ERRORS	0
+COUNT_FCRDNS_ERRORS	0
+COUNT_HOST_ACL_ERRORS	0
+COUNT_NO_AUTH_PLUGIN_ERRORS	0
+COUNT_AUTH_PLUGIN_ERRORS	0
+COUNT_HANDSHAKE_ERRORS	3
+COUNT_PROXY_USER_ERRORS	0
+COUNT_PROXY_USER_ACL_ERRORS	0
+COUNT_AUTHENTICATION_ERRORS	3
+COUNT_SSL_ERRORS	0
+COUNT_MAX_USER_CONNECTION_ERRORS	0
+COUNT_MAX_USER_CONNECTION_PER_HOUR_ERRORS	0
+COUNT_MAX_CONNECTION_ERRORS	0
+COUNT_USER_ACL_ERRORS	0
+COUNT_LOCAL_ERRORS	0
+COUNT_UNKNOWN_ERRORS	0
+FIRST_ERROR_SEEN	set
+LAST_ERROR_SEEN	set
+ERROR HY000: Host '2001:db8::6:6' is blocked because of many connection errors; unblock with 'mysqladmin flush-hosts'
+select 
+IP, HOST, HOST_VALIDATED, SUM_CONNECT_ERRORS,
+COUNT_HOST_BLOCKED_ERRORS,
+COUNT_NAMEINFO_TRANSIENT_ERRORS,
+COUNT_NAMEINFO_PERMANENT_ERRORS,
+COUNT_FORMAT_ERRORS,
+COUNT_ADDRINFO_TRANSIENT_ERRORS,
+COUNT_ADDRINFO_PERMANENT_ERRORS,
+COUNT_FCRDNS_ERRORS,
+COUNT_HOST_ACL_ERRORS,
+COUNT_NO_AUTH_PLUGIN_ERRORS,
+COUNT_AUTH_PLUGIN_ERRORS,
+COUNT_HANDSHAKE_ERRORS,
+COUNT_PROXY_USER_ERRORS,
+COUNT_PROXY_USER_ACL_ERRORS,
+COUNT_AUTHENTICATION_ERRORS,
+COUNT_SSL_ERRORS,
+COUNT_MAX_USER_CONNECTION_ERRORS,
+COUNT_MAX_USER_CONNECTION_PER_HOUR_ERRORS,
+COUNT_MAX_CONNECTION_ERRORS,
+COUNT_USER_ACL_ERRORS,
+COUNT_LOCAL_ERRORS,
+COUNT_UNKNOWN_ERRORS,
+if (FIRST_ERROR_SEEN is not null, "set", "null") as FIRST_ERROR_SEEN,
+if (LAST_ERROR_SEEN is not null, "set", "null") as LAST_ERROR_SEEN
+from performance_schema.host_cache;
+IP	2001:db8::6:6
+HOST	santa.claus.ipv6.example.com
+HOST_VALIDATED	YES
+SUM_CONNECT_ERRORS	3
+COUNT_HOST_BLOCKED_ERRORS	2
+COUNT_NAMEINFO_TRANSIENT_ERRORS	0
+COUNT_NAMEINFO_PERMANENT_ERRORS	0
+COUNT_FORMAT_ERRORS	0
+COUNT_ADDRINFO_TRANSIENT_ERRORS	0
+COUNT_ADDRINFO_PERMANENT_ERRORS	0
+COUNT_FCRDNS_ERRORS	0
+COUNT_HOST_ACL_ERRORS	0
+COUNT_NO_AUTH_PLUGIN_ERRORS	0
+COUNT_AUTH_PLUGIN_ERRORS	0
+COUNT_HANDSHAKE_ERRORS	3
+COUNT_PROXY_USER_ERRORS	0
+COUNT_PROXY_USER_ACL_ERRORS	0
+COUNT_AUTHENTICATION_ERRORS	3
+COUNT_SSL_ERRORS	0
+COUNT_MAX_USER_CONNECTION_ERRORS	0
+COUNT_MAX_USER_CONNECTION_PER_HOUR_ERRORS	0
+COUNT_MAX_CONNECTION_ERRORS	0
+COUNT_USER_ACL_ERRORS	0
+COUNT_LOCAL_ERRORS	0
+COUNT_UNKNOWN_ERRORS	0
+FIRST_ERROR_SEEN	set
+LAST_ERROR_SEEN	set
+flush hosts;
+ERROR 28000: Access denied for user 'quota'@'santa.claus.ipv6.example.com' (using password: NO)
+select 
+IP, HOST, HOST_VALIDATED, SUM_CONNECT_ERRORS,
+COUNT_HOST_BLOCKED_ERRORS,
+COUNT_NAMEINFO_TRANSIENT_ERRORS,
+COUNT_NAMEINFO_PERMANENT_ERRORS,
+COUNT_FORMAT_ERRORS,
+COUNT_ADDRINFO_TRANSIENT_ERRORS,
+COUNT_ADDRINFO_PERMANENT_ERRORS,
+COUNT_FCRDNS_ERRORS,
+COUNT_HOST_ACL_ERRORS,
+COUNT_NO_AUTH_PLUGIN_ERRORS,
+COUNT_AUTH_PLUGIN_ERRORS,
+COUNT_HANDSHAKE_ERRORS,
+COUNT_PROXY_USER_ERRORS,
+COUNT_PROXY_USER_ACL_ERRORS,
+COUNT_AUTHENTICATION_ERRORS,
+COUNT_SSL_ERRORS,
+COUNT_MAX_USER_CONNECTION_ERRORS,
+COUNT_MAX_USER_CONNECTION_PER_HOUR_ERRORS,
+COUNT_MAX_CONNECTION_ERRORS,
+COUNT_USER_ACL_ERRORS,
+COUNT_LOCAL_ERRORS,
+COUNT_UNKNOWN_ERRORS,
+if (FIRST_ERROR_SEEN is not null, "set", "null") as FIRST_ERROR_SEEN,
+if (LAST_ERROR_SEEN is not null, "set", "null") as LAST_ERROR_SEEN
+from performance_schema.host_cache;
+IP	2001:db8::6:6
+HOST	santa.claus.ipv6.example.com
+HOST_VALIDATED	YES
+SUM_CONNECT_ERRORS	1
+COUNT_HOST_BLOCKED_ERRORS	0
+COUNT_NAMEINFO_TRANSIENT_ERRORS	0
+COUNT_NAMEINFO_PERMANENT_ERRORS	0
+COUNT_FORMAT_ERRORS	0
+COUNT_ADDRINFO_TRANSIENT_ERRORS	0
+COUNT_ADDRINFO_PERMANENT_ERRORS	0
+COUNT_FCRDNS_ERRORS	0
+COUNT_HOST_ACL_ERRORS	0
+COUNT_NO_AUTH_PLUGIN_ERRORS	0
+COUNT_AUTH_PLUGIN_ERRORS	0
+COUNT_HANDSHAKE_ERRORS	1
+COUNT_PROXY_USER_ERRORS	0
+COUNT_PROXY_USER_ACL_ERRORS	0
+COUNT_AUTHENTICATION_ERRORS	1
+COUNT_SSL_ERRORS	0
+COUNT_MAX_USER_CONNECTION_ERRORS	0
+COUNT_MAX_USER_CONNECTION_PER_HOUR_ERRORS	0
+COUNT_MAX_CONNECTION_ERRORS	0
+COUNT_USER_ACL_ERRORS	0
+COUNT_LOCAL_ERRORS	0
+COUNT_UNKNOWN_ERRORS	0
+FIRST_ERROR_SEEN	set
+LAST_ERROR_SEEN	set
+revoke select on test.* from 'root'@'santa.claus.ipv6.example.com';
+drop user 'root'@'santa.claus.ipv6.example.com';
+set global max_connect_errors = @saved_max_connect_errors;
+set global debug= default;

=== added file 'mysql-test/suite/perfschema/t/hostcache_ipv4_blocked.test'
--- a/mysql-test/suite/perfschema/t/hostcache_ipv4_blocked.test	1970-01-01 00:00:00 +0000
+++ b/mysql-test/suite/perfschema/t/hostcache_ipv4_blocked.test	2012-01-30 19:03:41 +0000
@@ -0,0 +1,91 @@
+
+#
+# Tests for the performance_schema host_cache.
+#
+# Simulate failures from client / server protocol:
+# - reported in COUNT_HANDSHAKE_ERRORS
+# aud further causes blocking errors:
+# - reported in SUM_CONNECT_ERRORS
+# - reported in COUNT_HOST_BLOCKED_ERRORS
+
+--source include/not_embedded.inc
+--source include/have_debug.inc
+--source include/have_perfschema.inc
+
+flush status;
+flush hosts;
+flush user_resources;
+select @@global.debug;
+select @@global.max_connect_errors;
+select @@global.max_connect_errors into @saved_max_connect_errors;
+show global status like "%peer%";
+
+set global max_connect_errors = 2;
+
+grant select on test.* to 'root'@'santa.claus.ipv4.example.com';
+
+connect (con1,"127.0.0.1",root,,test,$MASTER_MYPORT,);
+select "Con1 is alive";
+select current_user();
+disconnect con1;
+
+--connection default
+set global debug= "+d,vio_peer_addr_fake_ipv4,getnameinfo_fake_ipv4,getaddrinfo_fake_good_ipv4,native_password_bad_reply";
+
+--disable_query_log
+--error ER_ACCESS_DENIED_ERROR
+connect (con2a,"127.0.0.1",quota,,test,$MASTER_MYPORT,);
+--enable_query_log
+
+--connection default
+--source ../include/hostcache_dump.inc
+
+--disable_query_log
+--error ER_ACCESS_DENIED_ERROR
+connect (con2b,"127.0.0.1",quota,,test,$MASTER_MYPORT,);
+--enable_query_log
+
+--connection default
+--source ../include/hostcache_dump.inc
+
+--disable_query_log
+--error ER_ACCESS_DENIED_ERROR
+connect (con2c,"127.0.0.1",quota,,test,$MASTER_MYPORT,);
+--enable_query_log
+
+--connection default
+--source ../include/hostcache_dump.inc
+
+--disable_query_log
+--error ER_HOST_IS_BLOCKED
+connect (con2d,"127.0.0.1",quota,,test,$MASTER_MYPORT,);
+--enable_query_log
+
+--connection default
+--source ../include/hostcache_dump.inc
+
+--disable_query_log
+--error ER_HOST_IS_BLOCKED
+connect (con2e,"127.0.0.1",quota,,test,$MASTER_MYPORT,);
+--enable_query_log
+
+--connection default
+--source ../include/hostcache_dump.inc
+
+# Now that the host is blocked, check that flush works
+flush hosts;
+
+--disable_query_log
+--error ER_ACCESS_DENIED_ERROR
+connect (con2c,"127.0.0.1",quota,,test,$MASTER_MYPORT,);
+--enable_query_log
+
+--connection default
+--source ../include/hostcache_dump.inc
+
+revoke select on test.* from 'root'@'santa.claus.ipv4.example.com';
+drop user 'root'@'santa.claus.ipv4.example.com';
+
+set global max_connect_errors = @saved_max_connect_errors;
+set global debug= default;
+

=== added file 'mysql-test/suite/perfschema/t/hostcache_ipv6_blocked-master.opt'
--- a/mysql-test/suite/perfschema/t/hostcache_ipv6_blocked-master.opt	1970-01-01 00:00:00 +0000
+++ b/mysql-test/suite/perfschema/t/hostcache_ipv6_blocked-master.opt	2012-01-30 19:03:41 +0000
@@ -0,0 +1 @@
+--bind-addr=::

=== added file 'mysql-test/suite/perfschema/t/hostcache_ipv6_blocked.test'
--- a/mysql-test/suite/perfschema/t/hostcache_ipv6_blocked.test	1970-01-01 00:00:00 +0000
+++ b/mysql-test/suite/perfschema/t/hostcache_ipv6_blocked.test	2012-01-30 19:03:41 +0000
@@ -0,0 +1,92 @@
+
+#
+# Tests for the performance_schema host_cache.
+#
+# Simulate failures from client / server protocol:
+# - reported in COUNT_HANDSHAKE_ERRORS
+# aud further causes blocking errors:
+# - reported in SUM_CONNECT_ERRORS
+# - reported in COUNT_HOST_BLOCKED_ERRORS
+
+--source include/not_embedded.inc
+--source include/have_debug.inc
+--source include/have_ipv6.inc
+--source include/have_perfschema.inc
+
+flush status;
+flush hosts;
+flush user_resources;
+select @@global.debug;
+select @@global.max_connect_errors;
+select @@global.max_connect_errors into @saved_max_connect_errors;
+show global status like "%peer%";
+
+set global max_connect_errors = 2;
+
+grant select on test.* to 'root'@'santa.claus.ipv6.example.com';
+
+connect (con1,"::1",root,,test,$MASTER_MYPORT,);
+select "Con1 is alive";
+select current_user();
+disconnect con1;
+
+--connection default
+set global debug= "+d,vio_peer_addr_fake_ipv6,getnameinfo_fake_ipv6,getaddrinfo_fake_good_ipv6,native_password_bad_reply";
+
+--disable_query_log
+--error ER_ACCESS_DENIED_ERROR
+connect (con2a,"::1",quota,,test,$MASTER_MYPORT,);
+--enable_query_log
+
+--connection default
+--source ../include/hostcache_dump.inc
+
+--disable_query_log
+--error ER_ACCESS_DENIED_ERROR
+connect (con2b,"::1",quota,,test,$MASTER_MYPORT,);
+--enable_query_log
+
+--connection default
+--source ../include/hostcache_dump.inc
+
+--disable_query_log
+--error ER_ACCESS_DENIED_ERROR
+connect (con2c,"::1",quota,,test,$MASTER_MYPORT,);
+--enable_query_log
+
+--connection default
+--source ../include/hostcache_dump.inc
+
+--disable_query_log
+--error ER_HOST_IS_BLOCKED
+connect (con2d,"::1",quota,,test,$MASTER_MYPORT,);
+--enable_query_log
+
+--connection default
+--source ../include/hostcache_dump.inc
+
+--disable_query_log
+--error ER_HOST_IS_BLOCKED
+connect (con2e,"::1",quota,,test,$MASTER_MYPORT,);
+--enable_query_log
+
+--connection default
+--source ../include/hostcache_dump.inc
+
+# Now that the host is blocked, check that flush works
+flush hosts;
+
+--disable_query_log
+--error ER_ACCESS_DENIED_ERROR
+connect (con2c,"::1",quota,,test,$MASTER_MYPORT,);
+--enable_query_log
+
+--connection default
+--source ../include/hostcache_dump.inc
+
+revoke select on test.* from 'root'@'santa.claus.ipv6.example.com';
+drop user 'root'@'santa.claus.ipv6.example.com';
+
+set global max_connect_errors = @saved_max_connect_errors;
+set global debug= default;
+

=== modified file 'sql/hostname.cc'
--- a/sql/hostname.cc	2012-01-27 12:14:54 +0000
+++ b/sql/hostname.cc	2012-01-30 19:03:41 +0000
@@ -290,7 +290,7 @@ static void add_hostname(const char *ip_
   return;
 }
 
-void inc_host_errors(const char *ip_string, const Host_errors *errors)
+void inc_host_errors(const char *ip_string, Host_errors *errors)
 {
   if (!ip_string)
     return;
@@ -305,6 +305,11 @@ void inc_host_errors(const char *ip_stri
 
   if (entry)
   {
+    if (entry->m_host_validated)
+      errors->sum_connect_errors();
+    else
+      errors->clear_connect_errors();
+
     entry->m_errors.aggregate(errors);
     entry->set_error_timestamps(now);
   }
@@ -313,7 +318,7 @@ void inc_host_errors(const char *ip_stri
 }
 
 
-void reset_host_errors(const char *ip_string)
+void reset_host_connect_errors(const char *ip_string)
 {
   if (!ip_string)
     return;
@@ -326,7 +331,7 @@ void reset_host_errors(const char *ip_st
   Host_entry *entry= hostname_cache_search(ip_key);
 
   if (entry)
-    entry->m_errors.reset();
+    entry->m_errors.clear_connect_errors();
 
   mysql_mutex_unlock(&hostname_cache->lock);
 }
@@ -381,6 +386,8 @@ static inline bool is_hostname_valid(con
     - resolves IP-address;
     - employs Forward Confirmed Reverse DNS technique to validate IP-address;
     - returns host name if IP-address is validated;
+    - set value to out-variable connect_errors -- this variable represents the
+      number of connection errors from the specified IP-address.
     - update the host_cache statistics
 
   NOTE: connect_errors are counted (are supported) only for the clients
@@ -389,6 +396,7 @@ static inline bool is_hostname_valid(con
   @param [in]  ip_storage IP address (sockaddr). Must be set.
   @param [in]  ip_string  IP address (string). Must be set.
   @param [out] hostname
+  @param [out] connect_errors
 
   @return Error status
   @retval 0 Success
@@ -401,7 +409,8 @@ static inline bool is_hostname_valid(con
 
 int ip_to_hostname(struct sockaddr_storage *ip_storage,
                    const char *ip_string,
-                   char **hostname)
+                   char **hostname,
+                   uint *connect_errors)
 {
   const struct sockaddr *ip= (const sockaddr *) ip_storage;
   int err_code;
@@ -415,6 +424,7 @@ int ip_to_hostname(struct sockaddr_stora
 
   /* Default output values, for most cases. */
   *hostname= NULL;
+  *connect_errors= 0;
 
   /* Check if we have loopback address (127.0.0.1 or ::1). */
 
@@ -451,6 +461,7 @@ int ip_to_hostname(struct sockaddr_stora
       {
         entry->m_errors.m_host_blocked++;
         entry->set_error_timestamps(now);
+        *connect_errors= entry->m_errors.m_connect;
         mysql_mutex_unlock(&hostname_cache->lock);
         DBUG_RETURN(RC_BLOCKED_HOST);
       }

=== modified file 'sql/hostname.h'
--- a/sql/hostname.h	2012-01-27 12:14:54 +0000
+++ b/sql/hostname.h	2012-01-30 19:03:41 +0000
@@ -102,7 +102,11 @@ public:
 
   void sum_connect_errors()
   {
-    m_connect= m_host_acl + m_authentication + m_user_acl;
+    /* Current (historical) behavior: */
+    m_connect= m_handshake;
+    /* Proposed behavior:
+    m_connect= m_host_acl + m_handshake + m_authentication + m_user_acl;
+    */
   }
 
   void clear_connect_errors()
@@ -167,14 +171,13 @@ public:
 extern ulong host_cache_size;
 
 #define RC_OK 0
-#define RC_NO_HOST 1
-#define RC_BLOCKED_HOST 2
+#define RC_BLOCKED_HOST 1
 int ip_to_hostname(struct sockaddr_storage *ip_storage,
                    const char *ip_string,
-                   char **hostname);
+                   char **hostname, uint *connect_errors);
 
-void inc_host_errors(const char *ip_string, const Host_errors *errors);
-void reset_host_errors(const char *ip_string);
+void inc_host_errors(const char *ip_string, Host_errors *errors);
+void reset_host_connect_errors(const char *ip_string);
 bool hostname_cache_init();
 void hostname_cache_free();
 void hostname_cache_refresh(void);

=== modified file 'sql/sql_acl.cc'
--- a/sql/sql_acl.cc	2012-01-26 10:10:55 +0000
+++ b/sql/sql_acl.cc	2012-01-30 19:03:41 +0000
@@ -7993,7 +7993,6 @@ struct MPVIO_EXT :public MYSQL_PLUGIN_VI
     uint pkt_len;
   } cached_server_packet;
   int packets_read, packets_written; ///< counters for send/received packets
-  uint connect_errors;      ///< if there were connect errors for this host
   /** when plugin returns a failure this tells us what really happened */
   enum { SUCCESS, FAILURE, RESTART } status;
 
@@ -8676,9 +8675,6 @@ static ulong parse_client_handshake_pack
   bool packet_has_required_size= false;
   DBUG_ASSERT(mpvio->status == MPVIO_EXT::FAILURE);
 
-  if (mpvio->connect_errors)
-    reset_host_errors(mpvio->ip);
-
   uint charset_code= 0;
   end= (char *)net->read_pos;
   /*
@@ -9352,7 +9348,7 @@ static int do_auth_once(THD *thd, const
 
 
 static void
-server_mpvio_initialize(THD *thd, MPVIO_EXT *mpvio, uint connect_errors,
+server_mpvio_initialize(THD *thd, MPVIO_EXT *mpvio,
                         Thd_charset_adapter *charset_adapter)
 {
   memset(mpvio, 0, sizeof(MPVIO_EXT));
@@ -9364,7 +9360,6 @@ server_mpvio_initialize(THD *thd, MPVIO_
     (unsigned int) strlen(thd->security_ctx->host_or_ip);
   mpvio->auth_info.user_name= NULL;
   mpvio->auth_info.user_name_length= 0;
-  mpvio->connect_errors= connect_errors;
   mpvio->status= MPVIO_EXT::FAILURE;
 
   mpvio->client_capabilities= thd->client_capabilities;
@@ -9396,8 +9391,6 @@ server_mpvio_update_thd(THD *thd, MPVIO_
   Perform the handshake, authorize the client and update thd sctx variables.
 
   @param thd                     thread handle
-  @param connect_errors          number of previous failed connect attemps
-                                 from this host
   @param com_change_user_pkt_len size of the COM_CHANGE_USER packet
                                  (without the first, command, byte) or 0
                                  if it's not a COM_CHANGE_USER (that is, if
@@ -9406,8 +9399,8 @@ server_mpvio_update_thd(THD *thd, MPVIO_
   @retval 0  success, thd is updated.
   @retval 1  error
 */
-bool 
-acl_authenticate(THD *thd, uint connect_errors, uint com_change_user_pkt_len)
+int
+acl_authenticate(THD *thd, uint com_change_user_pkt_len)
 {
   int res= CR_OK;
   MPVIO_EXT mpvio;
@@ -9420,7 +9413,7 @@ acl_authenticate(THD *thd, uint connect_
   DBUG_ENTER("acl_authenticate");
   compile_time_assert(MYSQL_USERNAME_LENGTH == USERNAME_LENGTH);
 
-  server_mpvio_initialize(thd, &mpvio, connect_errors, &charset_adapter);
+  server_mpvio_initialize(thd, &mpvio, &charset_adapter);
 
   DBUG_PRINT("info", ("com_change_user_pkt_len=%u", com_change_user_pkt_len));
 
@@ -9761,6 +9754,12 @@ static int native_password_authenticate(
   DBUG_RETURN(CR_OK);
 #endif
 
+  DBUG_EXECUTE_IF("native_password_bad_reply",
+                  {
+                    pkt_len= 12;
+                  }
+                  );
+
   if (pkt_len == 0) /* no password */
     DBUG_RETURN(mpvio->acl_user->salt_len != 0 ? CR_ERROR : CR_OK);
 

=== modified file 'sql/sql_acl.h'
--- a/sql/sql_acl.h	2011-08-17 14:07:07 +0000
+++ b/sql/sql_acl.h	2012-01-30 19:03:41 +0000
@@ -195,7 +195,7 @@ my_bool acl_reload(THD *thd);
 void acl_free(bool end=0);
 ulong acl_get(const char *host, const char *ip,
 	      const char *user, const char *db, my_bool db_is_pattern);
-bool acl_authenticate(THD *thd, uint connect_errors, uint com_change_user_pkt_len);
+int acl_authenticate(THD *thd, uint com_change_user_pkt_len);
 bool acl_getroot(Security_context *sctx, char *user, char *host,
                  char *ip, char *db);
 bool acl_check_host(const char *host, const char *ip);

=== modified file 'sql/sql_connect.cc'
--- a/sql/sql_connect.cc	2012-01-26 10:10:55 +0000
+++ b/sql/sql_connect.cc	2012-01-30 19:03:41 +0000
@@ -463,6 +463,7 @@ bool init_new_connection_handler_thread(
 static int check_connection(THD *thd)
 {
   uint connect_errors= 0;
+  int auth_rc;
   NET *net= &thd->net;
 
   DBUG_PRINT("info",
@@ -563,14 +564,8 @@ static int check_connection(THD *thd)
 
       rc= ip_to_hostname(&net->vio->remote,
                          thd->main_security_ctx.ip,
-                         &thd->main_security_ctx.host);
-
-      if (rc == RC_NO_HOST)
-      {
-        /* HOST_CACHE stats updated by ip_to_hostname(). */
-        my_error(ER_BAD_HOST_ERROR, MYF(0));
-        return 1;
-      }
+                         &thd->main_security_ctx.host,
+                         &connect_errors);
 
       /* Cut very long hostnames to avoid possible overflows */
       if (thd->main_security_ctx.host)
@@ -617,7 +612,18 @@ static int check_connection(THD *thd)
     return 1; /* The error is set by alloc(). */
   }
 
-  return acl_authenticate(thd, connect_errors, 0);
+  auth_rc= acl_authenticate(thd, 0);
+  if (auth_rc == 0 && connect_errors != 0)
+  {
+    /*
+      A client connection from this IP was successful,
+      after some previous failures.
+      Reset the connection error counter.
+    */
+    reset_host_connect_errors(thd->main_security_ctx.ip);
+  }
+
+  return auth_rc;
 }
 
 

=== modified file 'sql/sql_parse.cc'
--- a/sql/sql_parse.cc	2012-01-30 06:59:39 +0000
+++ b/sql/sql_parse.cc	2012-01-30 19:03:41 +0000
@@ -1099,7 +1099,7 @@ bool dispatch_command(enum enum_server_c
 #endif
   case COM_CHANGE_USER:
   {
-    bool rc;
+    int auth_rc;
     status_var_increment(thd->status_var.com_other);
 
     thd->change_user();
@@ -1119,9 +1119,9 @@ bool dispatch_command(enum enum_server_c
     const CHARSET_INFO *save_character_set_results=
       thd->variables.character_set_results;
 
-    rc= acl_authenticate(thd, 0, packet_length);
+    auth_rc= acl_authenticate(thd, packet_length);
     MYSQL_AUDIT_NOTIFY_CONNECTION_CHANGE_USER(thd);
-    if (rc)
+    if (auth_rc)
     {
       my_free(thd->security_ctx->user);
       *thd->security_ctx= save_security_ctx;

No bundle (reason: useless for push emails).
Thread
bzr push into mysql-trunk-wl5259 branch (marc.alff:3364 to 3365) Marc Alff31 Jan