On Tue, 2007-07-24 at 19:15 +0200, Sergei Golubchik wrote:
> Hi!
>
> On Jul 09, antony@stripped wrote:
> > ChangeSet@stripped, 2007-07-09 21:54:16-07:00, antony@stripped +4 -0
> > Bug#25679
> > "Federated Denial of Service"
> > Federated storage engine used to attempt to open connections within
> > the ::create() and ::open() methods which are invoked while LOCK_open
> > mutex is being held by mysqld. As a result, no other connection can
> > open tables during the network processing. Long DNS lookup times
> > would stall mysqld's operation and a rogue connection string which
> > connects to a remote server which simply stalls during handshake can
> > stall mysqld for much longer periods of time.
> > This patch moves the connection-opening much later to when LOCK_open
> > mutex is not being held.
>
> ok to push
> before pushing please
> 1. answer the question below
> 2. move the everything inside if(!mysql) in real_query()
> to a separate function (e.g. real_connect())
> 3. submit a bugreport that federated (as a result of fix for bug#25679)
> doesn't connect and check the existance of the remote table on CREATE -
> it'll be set to "to be fixed later", but let's have it recorded in
> bugdb.
ok working on it.
> > diff -Nrup a/sql/ha_federated.cc b/sql/ha_federated.cc
> > --- a/sql/ha_federated.cc 2007-06-29 15:14:00 -07:00
> > +++ b/sql/ha_federated.cc 2007-07-09 21:54:03 -07:00
> ....
> > + if (!mysql_real_connect(mysql,
> > + share->hostname,
> > + share->username,
> > + share->password,
> > + share->database,
> > + share->port,
> > + share->socket, 0))
> > + {
> > + mysql_close(mysql);
> > + mysql= NULL;
> > + sql_query.append("database: '");
> > + sql_query.append(share->database);
> > + sql_query.append("' username: '");
> > + sql_query.append(share->username);
> > + sql_query.append("' hostname: '");
> > + sql_query.append(share->hostname);
> > + sql_query.append("'");
> > + my_error(ER_CONNECT_TO_FOREIGN_DATA_SOURCE, MYF(0), sql_query.ptr());
> > + remote_error_number= -1;
>
> Why you don't use stash_remote_error(), but generates less informative
> generic error message ?
Using same error message as it used to generate in case where connection
has failed.
> > + DBUG_RETURN(-1);
> > + }
> > +
>
> Regards / Mit vielen Grüssen,
> Sergei
>
> --
> __ ___ ___ ____ __
> / |/ /_ __/ __/ __ \/ / Sergei Golubchik <serg@stripped>
> / /|_/ / // /\ \/ /_/ / /__ Principal Software Developer
> /_/ /_/\_, /___/\___\_\___/ MySQL GmbH, Radlkoferstr. 2, D-81373 München
> <___/ Geschäftsführer: Kaj Arnö - HRB
> München 162140
>
--
Antony T Curtis, Senior Software Developer
MySQL Inc, www.mysql.com
SIP: 4468@stripped
