diff --git a/include/mysql_connection.h b/include/mysql_connection.h index 5b90881517..ae7dbeffe6 100644 --- a/include/mysql_connection.h +++ b/include/mysql_connection.h @@ -21,6 +21,8 @@ using json = nlohmann::json; #define STATUS_MYSQL_CONNECTION_HAS_SAVEPOINT 0x00000800 #define STATUS_MYSQL_CONNECTION_HAS_WARNINGS 0x00001000 +class MySQLServers_SslParams; + class Variable { public: char *value = (char*)""; @@ -151,6 +153,9 @@ class MySQL_Connection { bool unknown_transaction_status; void compute_unknown_transaction_status(); char gtid_uuid[128]; + + MySQLServers_SslParams * ssl_params = NULL; + MySQL_Connection(); ~MySQL_Connection(); bool set_autocommit(bool); diff --git a/lib/mysql_connection.cpp b/lib/mysql_connection.cpp index e8e8f77e78..e3430b02a7 100644 --- a/lib/mysql_connection.cpp +++ b/lib/mysql_connection.cpp @@ -514,6 +514,11 @@ MySQL_Connection::~MySQL_Connection() { if (connected_host_details.ip) free(connected_host_details.ip); + + if (ssl_params != NULL) { + delete ssl_params; + ssl_params = NULL; + } }; bool MySQL_Connection::set_autocommit(bool _ac) { @@ -740,7 +745,11 @@ void MySQL_Connection::connect_start() { mysql_options4(mysql, MYSQL_OPT_CONNECT_ATTR_ADD, "mysql_bug_102266", "Avoid MySQL bug https://bugs.mysql.com/bug.php?id=102266 , https://github.com/sysown/proxysql/issues/3276"); } if (parent->use_ssl) { - MySQLServers_SslParams * ssl_params = MyHGM->get_Server_SSL_Params(parent->address, parent->port, userinfo->username); + if (ssl_params != NULL) { + delete ssl_params; + ssl_params = NULL; + } + ssl_params = MyHGM->get_Server_SSL_Params(parent->address, parent->port, userinfo->username); if (ssl_params == NULL) { mysql_ssl_set(mysql, mysql_thread___ssl_p2s_key, @@ -760,7 +769,6 @@ void MySQL_Connection::connect_start() { ); mysql_options(mysql, MYSQL_OPT_SSL_CRL, ssl_params->ssl_crl.c_str()); mysql_options(mysql, MYSQL_OPT_SSL_CRLPATH, ssl_params->ssl_crlpath.c_str()); - delete ssl_params; } mysql_options(mysql, MARIADB_OPT_SSL_KEYLOG_CALLBACK, (void*)proxysql_keylog_write_line_callback); } @@ -1151,13 +1159,29 @@ MDB_ASYNC_ST MySQL_Connection::handler(short event) { } } if (!ret_mysql) { - // always increase the counter - proxy_error("Failed to mysql_real_connect() on %u:%s:%d , FD (Conn:%d , MyDS:%d) , %d: %s.\n", parent->myhgc->hid, parent->address, parent->port, mysql->net.fd , myds->fd, mysql_errno(mysql), mysql_error(mysql)); - NEXT_IMMEDIATE(ASYNC_CONNECT_FAILED); + int myerr = mysql_errno(mysql); + if (ssl_params != NULL && myerr == 2026) { + proxy_error("Failed to mysql_real_connect() on %u:%s:%d , FD (Conn:%d , MyDS:%d) , %d: %s. SSL Params: %s , %s , %s , %s , %s , %s , %s , %s\n", + parent->myhgc->hid, parent->address, parent->port, mysql->net.fd , myds->fd, mysql_errno(mysql), mysql_error(mysql), + ssl_params->ssl_ca.c_str() , ssl_params->ssl_cert.c_str() , ssl_params->ssl_key.c_str() , ssl_params->ssl_capath.c_str() , + ssl_params->ssl_crl.c_str() , ssl_params->ssl_crlpath.c_str() , ssl_params->ssl_cipher.c_str() , ssl_params->tls_version.c_str() + ); + } else { + proxy_error("Failed to mysql_real_connect() on %u:%s:%d , FD (Conn:%d , MyDS:%d) , %d: %s.\n", parent->myhgc->hid, parent->address, parent->port, mysql->net.fd , myds->fd, mysql_errno(mysql), mysql_error(mysql)); + } + if (ssl_params != NULL) { + delete ssl_params; + ssl_params = NULL; + } + NEXT_IMMEDIATE(ASYNC_CONNECT_FAILED); } else { - NEXT_IMMEDIATE(ASYNC_CONNECT_SUCCESSFUL); + if (ssl_params != NULL) { + delete ssl_params; + ssl_params = NULL; + } + NEXT_IMMEDIATE(ASYNC_CONNECT_SUCCESSFUL); } - break; + break; case ASYNC_CONNECT_SUCCESSFUL: if (mysql && ret_mysql) { // PMC-10005