MonetDB: default - Fixes the REMOTE property value (remote uri i...
Changeset: a94cf6d20ea1 for MonetDB URL: https://dev.monetdb.org/hg/MonetDB/rev/a94cf6d20ea1 Modified Files: sql/server/rel_distribute.c Branch: default Log Message: Fixes the REMOTE property value (remote uri instead of local name) diffs (40 lines): diff --git a/sql/server/rel_distribute.c b/sql/server/rel_distribute.c --- a/sql/server/rel_distribute.c +++ b/sql/server/rel_distribute.c @@ -12,6 +12,7 @@ #include "rel_optimizer_private.h" #include "rel_basetable.h" #include "rel_exp.h" +#include "rel_remote.h" #include "sql_privileges.h" static int @@ -219,12 +220,17 @@ rel_rewrite_remote_(visitor *v, sql_rel case op_basetable: { sql_table *t = rel->l; - /* set_remote() */ + /* when a basetable wraps a sql_table (->l) which is remote we want to store its remote +* uri to the REMOTE property. As the property is pulled up the tree it can be used in +* the case of binary rel operators (see later switch cases) in order to +* 1. resolve properly (same uri) replica tables in the other subtree (that's why we +*call the rewrite_replica) +* 2. pull REMOTE over the binary op if the other subtree has a matching uri remote table +*/ if (t && isRemote(t) && (p = find_prop(rel->p, PROP_REMOTE)) == NULL) { - char *local_name = sa_strconcat(v->sql->sa, sa_strconcat(v->sql->sa, t->s->base.name, "."), t->base.name); p = rel->p = prop_create(v->sql->sa, PROP_REMOTE, rel->p); p->id = t->base.id; - p->value.pval = local_name; + p->value.pval = (void *)mapiuri_uri(t->query, v->sql->sa); } } break; case op_table: @@ -290,6 +296,7 @@ rel_rewrite_remote_(visitor *v, sql_rel if (rel->flag&MERGE_LEFT) /* search for any remote tables but don't propagate over to this relation */ return rel; + /* if both subtrees have the REMOTE property with the same uri then pull it up */ if (l && (pl = find_prop(l->p, PROP_REMOTE)) != NULL && r && (pr = find_prop(r->p, PROP_REMOTE)) != NULL && strcmp(pl->value.pval, pr->value.pval) == 0) { ___ checkin-list mailing list -- checkin-list@monetdb.org To unsubscribe send an email to checkin-list-le...@monetdb.org
MonetDB: default - Adds test for the rel plan of a join between ...
Changeset: ecaa32759900 for MonetDB URL: https://dev.monetdb.org/hg/MonetDB/rev/ecaa32759900 Added Files: sql/test/rel-optimizers/Tests/join-merge-remote-replica.test Modified Files: sql/test/rel-optimizers/Tests/All Branch: default Log Message: Adds test for the rel plan of a join between merge with remote and replica table diffs (83 lines): diff --git a/sql/test/rel-optimizers/Tests/All b/sql/test/rel-optimizers/Tests/All --- a/sql/test/rel-optimizers/Tests/All +++ b/sql/test/rel-optimizers/Tests/All @@ -1,3 +1,4 @@ split-select groupby-cse groupjoin +join-merge-remote-replica diff --git a/sql/test/rel-optimizers/Tests/join-merge-remote-replica.test b/sql/test/rel-optimizers/Tests/join-merge-remote-replica.test new file mode 100644 --- /dev/null +++ b/sql/test/rel-optimizers/Tests/join-merge-remote-replica.test @@ -0,0 +1,70 @@ +statement ok +create table foo_p1 (n int, m text) + +statement ok +insert into foo_p1 values (1, 'hello'), (2, 'world'), (3, '!!') + +statement ok +create remote table foo_p2 (n int, m text) on 'mapi:monetdb://localhost:50001/node2' + +statement ok +create merge table foo_merge (n int, m text) + +statement ok +alter table foo_merge add table foo_p1 + +statement ok +alter table foo_merge add table foo_p2 + +# create members_rpl with members LOCAL and members_rmt REMOTE + +statement ok +create table members (n int, m text) + +statement ok +insert into members values (1, 'alice'), (2, 'bob') + +statement ok +create remote table members_rmt (n int, m text) on 'mapi:monetdb://localhost:50001/node2' + +statement ok +create replica table members_rpl (n int, m text) + +statement ok +alter table members_rpl add table members + +statement ok +alter table members_rpl add table members_rmt + +# this statement is so to have the UNIQUE property for the foo_p1 plan +# of the merge. It is not there the first time we execute the plan so +# the next query-test will fail without this statement + +statement ok +select * from foo_p1 + +# check that the plan is executing the join of the remote part of the +# merge table with the remote part of the replica and then transfers the +# result in the master node (hint: the remote plan is wrapped around a +# 'table' returning relational operator) + +query T nosort +plan select * from foo_merge, members_rpl + +union ( +| project ( +| | crossproduct ( +| | | table("sys"."foo_p1") [ "foo_p1"."n" UNIQUE as "foo_merge"."n", "foo_p1"."m" as "foo_merge"."m" ], +| | | table("sys"."members") [ "members"."n" UNIQUE as "members_rpl"."n", "members"."m" UNIQUE as "members_rpl"."m", "members"."%TID%" NOT NULL UNIQUE as "members_rpl"."%TID%" ] +| | ) [ ] +| ) [ "foo_merge"."n", "foo_merge"."m", "members_rpl"."n", "members_rpl"."m" ], +| table ( +| | project ( +| | | crossproduct ( +| | | | REMOTE("sys"."foo_p2") [ "foo_p2"."n" as "foo_merge"."n", "foo_p2"."m" as "foo_merge"."m" ], +| | | | REMOTE("sys"."members_rmt") [ "members_rmt"."n" as "members_rpl"."n", "members_rmt"."m" as "members_rpl"."m", "members_rmt"."%TID%" NOT NULL UNIQUE as "members_rpl"."%TID%" ] +| | | ) [ ] +| | ) [ "foo_merge"."n", "foo_merge"."m", "members_rpl"."n", "members_rpl"."m" ] REMOTE mapi:monetdb://localhost:50001/node2 +| ) [ "foo_merge"."n", "foo_merge"."m", "members_rpl"."n", "members_rpl"."m" ] +) [ "foo_merge"."n", "foo_merge"."m", "members_rpl"."n", "members_rpl"."m" ] + ___ checkin-list mailing list -- checkin-list@monetdb.org To unsubscribe send an email to checkin-list-le...@monetdb.org
MonetDB: monetdburl - Use mutil.h so opendir/readdir work on Win...
Changeset: 30b453fb154a for MonetDB URL: https://dev.monetdb.org/hg/MonetDB/rev/30b453fb154a Modified Files: clients/mapilib/CMakeLists.txt clients/mapilib/connect.c Branch: monetdburl Log Message: Use mutil.h so opendir/readdir work on Windows diffs (22 lines): diff --git a/clients/mapilib/CMakeLists.txt b/clients/mapilib/CMakeLists.txt --- a/clients/mapilib/CMakeLists.txt +++ b/clients/mapilib/CMakeLists.txt @@ -43,6 +43,7 @@ target_link_libraries(mapi moptions mcrypt stream + mutils $<$:OpenSSL::SSL> $<$:ws2_32>) diff --git a/clients/mapilib/connect.c b/clients/mapilib/connect.c --- a/clients/mapilib/connect.c +++ b/clients/mapilib/connect.c @@ -8,6 +8,7 @@ #include "mcrypt.h" #include "matomic.h" #include "mstring.h" +#include "mutils.h" #include "mapi_intern.h" ___ checkin-list mailing list -- checkin-list@monetdb.org To unsubscribe send an email to checkin-list-le...@monetdb.org
MonetDB: monetdburl - Adapt to older OpenSSL versions
Changeset: aecfc07d877c for MonetDB URL: https://dev.monetdb.org/hg/MonetDB/rev/aecfc07d877c Modified Files: clients/mapilib/connect_openssl.c common/stream/openssl_stream.c Branch: monetdburl Log Message: Adapt to older OpenSSL versions diffs (49 lines): diff --git a/clients/mapilib/connect_openssl.c b/clients/mapilib/connect_openssl.c --- a/clients/mapilib/connect_openssl.c +++ b/clients/mapilib/connect_openssl.c @@ -67,7 +67,7 @@ make_ssl_context(Mapi mid, SSL_CTX **ctx break; case verify_cert: cert = msetting_string(mid->settings, MP_CERT); - if (1 != SSL_CTX_load_verify_file(ctx, cert)) { + if (1 != SSL_CTX_load_verify_locations(ctx, cert, NULL)) { SSL_CTX_free(ctx); return croak(mid, __func__, "SSL_CTX_load_verify_file: %s", cert); } diff --git a/common/stream/openssl_stream.c b/common/stream/openssl_stream.c --- a/common/stream/openssl_stream.c +++ b/common/stream/openssl_stream.c @@ -71,14 +71,14 @@ ostream_read(stream *restrict s, void *r // iterate in order to read a complete number of items size_t pos = 0; do { - size_t nread; - if (!BIO_read_ex(bio, start + pos, size - pos, &nread)) + int nread = BIO_read(bio, start + pos, size - pos); + if (nread < 0) return ostream_error(s, MNSTR_READ_ERROR); if (nread == 0) { s->eof = 0; break; } - pos += nread; + pos += (size_t)nread; // adjust pos to the smallest multiple of elmsize. // example 1: size=4 pos=7 (-7)%4=1, newsize=8 @@ -99,12 +99,12 @@ ostream_write(stream *restrict s, const size_t size = elmsize * cnt; size_t pos = 0; while (pos < size) { - size_t nwritten; - if (!BIO_write_ex(bio, start + pos, size - pos, &nwritten)) + int nwritten = BIO_write(bio, start + pos, size - pos); + if (nwritten < 0) return ostream_error(s, MNSTR_WRITE_ERROR); if (nwritten == 0 && !BIO_should_retry(bio)) break; - pos += nwritten; + pos += (size_t)nwritten; } return (ssize_t) (pos / elmsize); ___ checkin-list mailing list -- checkin-list@monetdb.org To unsubscribe send an email to checkin-list-le...@monetdb.org
MonetDB: monetdburl - Fix warning
Changeset: 9c5429a0d128 for MonetDB URL: https://dev.monetdb.org/hg/MonetDB/rev/9c5429a0d128 Modified Files: clients/examples/C/testsfile.c Branch: monetdburl Log Message: Fix warning diffs (13 lines): diff --git a/clients/examples/C/testsfile.c b/clients/examples/C/testsfile.c --- a/clients/examples/C/testsfile.c +++ b/clients/examples/C/testsfile.c @@ -179,6 +179,9 @@ stringify_tls_verify(const msettings *mp return "cert"; case verify_hash: return "hash"; + default: + assert(0 && "unknown msetting_tls_verify value"); + return NULL; } assert(0 && "unreachable"); } ___ checkin-list mailing list -- checkin-list@monetdb.org To unsubscribe send an email to checkin-list-le...@monetdb.org
MonetDB: monetdburl - Can't have a declaration right after a swi...
Changeset: 6e151a1794a1 for MonetDB URL: https://dev.monetdb.org/hg/MonetDB/rev/6e151a1794a1 Modified Files: clients/mapilib/connect_openssl.c clients/mapilib/msettings.c Branch: monetdburl Log Message: Can't have a declaration right after a switch case: label, apparently diffs (61 lines): diff --git a/clients/mapilib/connect_openssl.c b/clients/mapilib/connect_openssl.c --- a/clients/mapilib/connect_openssl.c +++ b/clients/mapilib/connect_openssl.c @@ -59,13 +59,14 @@ make_ssl_context(Mapi mid, SSL_CTX **ctx // Because we use at least TLSv1.3 we don't need to mess with // SSL_CTX_set_cipher_list() and SSL_CTX_set_ciphersuites(). + const char *cert; switch (msettings_connect_tls_verify(mid->settings)) { case verify_none: case verify_hash: SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL); break; case verify_cert: - const char *cert = msetting_string(mid->settings, MP_CERT); + cert = msetting_string(mid->settings, MP_CERT); if (1 != SSL_CTX_load_verify_file(ctx, cert)) { SSL_CTX_free(ctx); return croak(mid, __func__, "SSL_CTX_load_verify_file: %s", cert); diff --git a/clients/mapilib/msettings.c b/clients/mapilib/msettings.c --- a/clients/mapilib/msettings.c +++ b/clients/mapilib/msettings.c @@ -432,9 +432,10 @@ msetting_set_bool(msettings *mp, mparm p msettings_error msetting_parse(msettings *mp, mparm parm, const char *text) { + int b; // int not bool because we need to allow for parse errors switch (mparm_classify(parm)) { case MPCLASS_BOOL: - int b = msetting_parse_bool(text); + b = msetting_parse_bool(text); if (b < 0) return "invalid boolean value"; return msetting_set_bool(mp, parm, b); @@ -457,12 +458,15 @@ msetting_parse(msettings *mp, mparm parm char * msetting_as_string(msettings *mp, mparm parm) { + bool b; + long l; + const char *s; switch (mparm_classify(parm)) { case MPCLASS_BOOL: - bool b = msetting_bool(mp, parm); + b = msetting_bool(mp, parm); return strdup(b ? "true" : " false"); case MPCLASS_LONG: - long l = msetting_long(mp, parm); + l = msetting_long(mp, parm); int n = 40; char *buf = malloc(n); if (!buf) @@ -470,7 +474,7 @@ msetting_as_string(msettings *mp, mparm snprintf(buf, n, "%ld", l); return buf; case MPCLASS_STRING: - const char *s = msetting_string(mp, parm); + s = msetting_string(mp, parm); return strdup(s); default: assert(0 && "unreachable"); ___ checkin-list mailing list -- checkin-list@monetdb.org To unsubscribe send an email to checkin-list-le...@monetdb.org
MonetDB: json-storage - Simplify code in JSONfromString
Changeset: d6e90e6193c6 for MonetDB URL: https://dev.monetdb.org/hg/MonetDB/rev/d6e90e6193c6 Modified Files: monetdb5/modules/atoms/json.c Branch: json-storage Log Message: Simplify code in JSONfromString JSONfromString is now a wrapper around JSONstr2json. JSONstr2json parses the input string and then creates a normalized json string from the result of parsing. This is what is actually stored in the BAT. diffs (93 lines): diff --git a/monetdb5/modules/atoms/json.c b/monetdb5/modules/atoms/json.c --- a/monetdb5/modules/atoms/json.c +++ b/monetdb5/modules/atoms/json.c @@ -223,56 +223,32 @@ JSONtoStorageString(JSON *jt, int idx, j return msg; } +static str JSONstr2json(json *ret, const char **j); + static ssize_t JSONfromString(const char *src, size_t *len, void **J, bool external) { json *buf = (json *) J; - size_t slen = strlen(src); - size_t olen = 0; - json j = GDKmalloc(slen + 1); - JSON *jt; - - if (strNil(src) || (external && strncmp(src, "nil", 3) == 0)) { - if (*len < 2 || *buf == NULL) { - GDKfree(*buf); - if ((*buf = GDKmalloc(2)) == NULL) - return -1; - *len = 2; - } - strcpy(*buf, str_nil); - return strNil(src) ? 1 : 3; - } - if (*len <= slen || *buf == NULL) { + if(*buf) { GDKfree(*buf); - if ((*buf = GDKmalloc(slen + 1)) == NULL) - return -1; - *len = slen + 1; + *buf = NULL; } - strcpy(j, src); - jt = JSONparse(j); - if (jt == NULL) { - return -1; - } - if (jt->error) { - GDKerror("%s", getExceptionMessageAndState(jt->error)); - JSONfree(jt); - return -1; + if (strNil(src) || (external && strncmp(src, "nil", 3) == 0)) { + *buf = GDKstrdup(str_nil); + if (*buf == NULL) + return -1; + *len = 2; + return strNil(src) ? 1 : 3; + } else { + str msg = JSONstr2json(buf, &src); + if (msg != MAL_SUCCEED) { + GDKerror("%s", getExceptionMessageAndState(msg)); + freeException(msg); + return -1; + } } - *buf = GDKmalloc(slen + 1); - if (buf == NULL) { - JSONfree(jt); - return -1; - } - if (JSONtoStorageString(jt, 0, buf, &olen) != MAL_SUCCEED) { - GDKfree(buf); - JSONfree(jt); - return -1; - } - JSONfree(jt); - GDKfree(j); - *len = olen + 1; - - return (ssize_t) olen + 1; + *len = strlen(*buf) + 1; + return (ssize_t) *len - 1; } static ssize_t @@ -517,11 +493,11 @@ JSON2json(json *ret, const json *j) } static str -JSONstr2json(json *ret, str *j) +JSONstr2json(json *ret, const char **j) { str msg = MAL_SUCCEED; json buf = NULL; - size_t ln = 2*strlen(*j)+1; + size_t ln = strlen(*j)+1; size_t out_size = 0; JSON *jt = JSONparse(*j); ___ checkin-list mailing list -- checkin-list@monetdb.org To unsubscribe send an email to checkin-list-le...@monetdb.org
MonetDB: monetdburl - Wording
Changeset: c44d62a99716 for MonetDB URL: https://dev.monetdb.org/hg/MonetDB/rev/c44d62a99716 Modified Files: clients/mapilib/msettings.c Branch: monetdburl Log Message: Wording diffs (12 lines): diff --git a/clients/mapilib/msettings.c b/clients/mapilib/msettings.c --- a/clients/mapilib/msettings.c +++ b/clients/mapilib/msettings.c @@ -629,7 +629,7 @@ msettings_validate(msettings *mp, char * // 6. If **tls** is 'off', **cert** and **certhash** must be 'off' as well. if (nonempty(mp, MP_CERT) || nonempty(mp, MP_CERTHASH)) if (!msetting_bool(mp, MP_TLS)) { - *errmsg = strdup("'cert' and 'certhash' can only be used with monetdbs:"); + *errmsg = strdup("'cert' and 'certhash' can only be used with monetdbs://"); return false; } ___ checkin-list mailing list -- checkin-list@monetdb.org To unsubscribe send an email to checkin-list-le...@monetdb.org
MonetDB: monetdburl - Do not clear host, port, etc for mapi:mero...
Changeset: 4057e112a202 for MonetDB URL: https://dev.monetdb.org/hg/MonetDB/rev/4057e112a202 Modified Files: clients/mapilib/parseurl.c Branch: monetdburl Log Message: Do not clear host, port, etc for mapi:merovingian URL's diffs (144 lines): diff --git a/clients/mapilib/parseurl.c b/clients/mapilib/parseurl.c --- a/clients/mapilib/parseurl.c +++ b/clients/mapilib/parseurl.c @@ -438,6 +438,12 @@ parse_classic_unix(msettings *mp, scanne static bool parse_classic_merovingian(msettings *mp, scanner *sc) { + if (!consume(sc, "mapi:merovingian://proxy")) + return false; + + long user_gen = msettings_user_generation(mp); + long password_gen = msettings_password_generation(mp); + if (sc->c == '?') { if (!parse_classic_query_parameters(mp, sc)) return false; @@ -447,6 +453,11 @@ parse_classic_merovingian(msettings *mp, if (sc->c != '\0' && sc-> c != '#') return unexpected(sc); + long new_user_gen = msettings_user_generation(mp); + long new_password_gen = msettings_password_generation(mp); + if (new_user_gen > user_gen || new_password_gen > password_gen) + return complain(sc, "MAPI redirect is not allowed to set user or password"); + return true; } @@ -471,7 +482,7 @@ parse_classic(msettings *mp, scanner *sc } static bool -parse(msettings *mp, scanner *sc) +parse_by_scheme(msettings *mp, scanner *sc) { // process the scheme char *scheme = scan(sc, generic_special); @@ -493,50 +504,72 @@ parse(msettings *mp, scanner *sc) } } - -/* update the msettings from the URL. set *error_buffer to NULL and return true - * if success, set *error_buffer to malloc'ed error message and return false on failure. - * if return value is true but *error_buffer is NULL, malloc failed. */ -bool msettings_parse_url(msettings *mp, const char *url, char **error_message) +static bool +parse(msettings *mp, scanner *sc) { - bool ok; - scanner sc; - if (!initialize(&sc, url)) - return false; + // mapi:merovingian:://proxy is not like other URLs, + // it designates the existing connection so the core properties + // must not be cleared and user and password cannot be changed. + bool is_mero = (strncmp(sc->p, "mapi:merovingian:", 16) == 0); - // clear existing core values - msetting_set_bool(mp, MP_TLS, false); - msetting_set_string(mp, MP_HOST, ""); - msetting_set_long(mp, MP_PORT, -1); - msetting_set_string(mp, MP_DATABASE, ""); + if (!is_mero) { + // clear existing core values + msetting_set_bool(mp, MP_TLS, false); + msetting_set_string(mp, MP_HOST, ""); + msetting_set_long(mp, MP_PORT, -1); + msetting_set_string(mp, MP_DATABASE, ""); + } long user_gen = msettings_user_generation(mp); long password_gen = msettings_password_generation(mp); - if (parse(mp, &sc)) { - // went well - if (error_message) - *error_message = NULL; - ok = true; + if (is_mero) { + if (!parse_classic_merovingian(mp, sc)) + return false; } else { - // went wrong - assert(sc.error_message[0] != '\0'); - if (error_message) { - char *msg = strdup(sc.error_message); - *error_message = msg; + if (!parse_by_scheme(mp, sc)) + return false; + } + + bool user_changed = (msettings_user_generation(mp) != user_gen); + bool password_changed = (msettings_password_generation(mp) != password_gen); + + if (is_mero && (user_changed || password_changed)) + return complain(sc, "MAPI redirect must not change user or password"); + + if (user_changed && !password_changed) { + // clear password + msettings_error msg = msetting_set_string(mp, MP_PASSWORD, ""); + if (msg) { + // failed, report + return complain(sc, "%s", msg); } - ok = false; } - long new_user_gen = msettings_user_generation(mp); - long new_password_gen = msettings_password_generation(mp); - if (new_user_gen > user_gen && new_password_gen == password_gen) { - msettings_error msg = msetting_set_string(mp, MP_PASSWORD, ""); - if (msg) { - if (error_message) - *error_message = strdup(msg); - ok = false; - } + return true; +} + +/* update the msettings from the URL. set *error_buffer to NULL and return true + * if success, set *error_buffer to malloc'ed error message and return false on failure. + * if return
MonetDB: monetdburl - Clear earlier redirects before processing ...
Changeset: 2fcf0487f042 for MonetDB URL: https://dev.monetdb.org/hg/MonetDB/rev/2fcf0487f042 Modified Files: clients/mapilib/connect.c Branch: monetdburl Log Message: Clear earlier redirects before processing new ones Apparently this has been lost in my refactoring diffs (16 lines): diff --git a/clients/mapilib/connect.c b/clients/mapilib/connect.c --- a/clients/mapilib/connect.c +++ b/clients/mapilib/connect.c @@ -749,6 +749,12 @@ mapi_handshake(Mapi mid) mnstr_flush(mid->to, MNSTR_FLUSH_DATA); check_stream(mid, mid->to, "Could not send initial byte sequence", mid->error); + // Clear the redirects before we receive new ones + for (char **r = mid->redirects; *r != NULL; r++) { + free(*r); + *r = NULL; + } + /* consume the welcome message from the server */ hdl = mapi_new_handle(mid); if (hdl == NULL) { ___ checkin-list mailing list -- checkin-list@monetdb.org To unsubscribe send an email to checkin-list-le...@monetdb.org
MonetDB: monetdburl - Improve tracing
Changeset: f52d54e1f489 for MonetDB URL: https://dev.monetdb.org/hg/MonetDB/rev/f52d54e1f489 Modified Files: clients/mapiclient/mclient.c clients/mapilib/connect.c clients/mapilib/connect_openssl.c clients/mapilib/mapi.c clients/mapilib/mapi_intern.h common/stream/rw.c common/stream/stream.h Branch: monetdburl Log Message: Improve tracing It seemed a bit neglected. Not too happy about the format but I tried to keep the spirit of the original. diffs (truncated from 659 to 300 lines): diff --git a/clients/mapiclient/mclient.c b/clients/mapiclient/mclient.c --- a/clients/mapiclient/mclient.c +++ b/clients/mapiclient/mclient.c @@ -3597,6 +3597,9 @@ main(int argc, char **argv) } } + if (logfile) + mapi_log(mid, logfile); + if (mapi_error(mid) == MOK) mapi_reconnect(mid);/* actually, initial connect */ @@ -3620,9 +3623,6 @@ main(int argc, char **argv) priv = (struct privdata) {0}; mapi_setfilecallback2(mid, getfile, putfile, &priv); - if (logfile) - mapi_log(mid, logfile); - mapi_trace(mid, trace); /* give the user a welcome message with some general info */ if (!has_fileargs && command == NULL && isatty(fileno(stdin))) { diff --git a/clients/mapilib/connect.c b/clients/mapilib/connect.c --- a/clients/mapilib/connect.c +++ b/clients/mapilib/connect.c @@ -11,6 +11,15 @@ #include "mapi_intern.h" +#ifdef HAVE_SYS_SOCKET_H +# include /* addr_in */ +#else /* UNIX specific */ +#ifdef HAVE_WINSOCK_H /* Windows specific */ +# include +#endif +#endif + + #ifdef HAVE_SYS_UN_H #define DO_UNIX_DOMAIN (1) #else @@ -77,6 +86,8 @@ scan_unix_sockets(Mapi mid) msettings *original = mid->settings; mid->settings = NULL; // invalid state, will fix it before use and on return + mapi_log_record(mid, "CONN", "Scanning %s for Unix domain sockets", sockdir); + // Make a list of Unix domain sockets in /tmp uid_t me = getuid(); if (DO_UNIX_DOMAIN && (dir = opendir(sockdir))) { @@ -100,6 +111,8 @@ scan_unix_sockets(Mapi mid) } } + mapi_log_record(mid, "CONN", "Found %d Unix domain sockets", ncandidates); + // Try those owned by us first, then all others for (int round = 0; round < 2; round++) { for (int i = 0; i < ncandidates; i++) { @@ -144,6 +157,8 @@ scan_unix_sockets(Mapi mid) free(namebuf); // Last-ditch attempt. + mapi_log_record(mid, "CONN", "All %d Unix domain sockets failed. Falling back to TCP", ncandidates); + // We can now freely modify original assert(mid->settings == NULL); mid->settings = original; @@ -162,8 +177,10 @@ scan_unix_sockets(Mapi mid) static MapiMsg establish_connection(Mapi mid) { - if (mid->connected) + if (mid->connected) { + mapi_log_record(mid, "CONN", "Found leftover open connection"); close_connection(mid); + } MapiMsg msg = MREDIRECT; while (msg == MREDIRECT) { @@ -192,20 +209,18 @@ connect_socket(Mapi mid) const char *tcp_host = msettings_connect_tcp(mid->settings); assert(*sockname || *tcp_host); - if (*sockname && connect_socket_unix(mid) == MOK) { - mid->connected = true; - return MOK; - } else if (*tcp_host && connect_socket_tcp(mid) == MOK) { - mid->connected = true; - return MOK; - } else { + do { + if (*sockname && connect_socket_unix(mid) == MOK) + break; + if (*tcp_host && connect_socket_tcp(mid) == MOK) + break; assert(mid->error == MERROR); mid->error = MERROR; // in case assert above was not enabled return mid->error; - } + } while (0); - assert(0 && "unreachable"); - return MERROR; + mid->connected = true; + return MOK; } static MapiMsg @@ -222,18 +237,18 @@ wrap_socket(Mapi mid, SOCKET sock) broken_stream = wstream; goto bailout; } - mapi_log_record(mid, "Mapi client write"); rstream = socket_rstream(sock, "Mapi client write"); if (rstream == NULL || mnstr_errnr(rstream) != MNSTR_NO__ERROR) { broken_stream = rstream; goto bailout; } - mapi_log_record(mid, "Mapi client read"); msg = mapi_set_streams(mid, rstream, wstream); - if (msg == MOK) - return MOK; + if (msg != MOK) + goto bailout; + mapi_log_record(mid, "CONN", "Network connection established"); + return MOK; bailout: if (rstream) @@ -243,9 +258,6 @@ bailout: closesocket(sock); if (broken_stream) {
MonetDB: monetdburl - It almost works
Changeset: d7ad96722fc6 for MonetDB URL: https://dev.monetdb.org/hg/MonetDB/rev/d7ad96722fc6 Modified Files: clients/mapilib/connect.c clients/mapilib/connect_openssl.c clients/mapilib/mapi_intern.h common/stream/openssl_stream.c common/stream/stream.h Branch: monetdburl Log Message: It almost works diffs (192 lines): diff --git a/clients/mapilib/connect.c b/clients/mapilib/connect.c --- a/clients/mapilib/connect.c +++ b/clients/mapilib/connect.c @@ -469,7 +469,7 @@ mapi_handshake(Mapi mid) /* consume server challenge */ len = mnstr_read_block(mid->from, buf, 1, sizeof(buf)); - check_stream(mid, mid->from, "Connection terminated while starting", (mid->blk.eos = true, mid->error)); + check_stream(mid, mid->from, "Connection terminated while starting handshake", (mid->blk.eos = true, mid->error)); assert(len < sizeof(buf)); buf[len] = 0; diff --git a/clients/mapilib/connect_openssl.c b/clients/mapilib/connect_openssl.c --- a/clients/mapilib/connect_openssl.c +++ b/clients/mapilib/connect_openssl.c @@ -181,18 +181,18 @@ wrap_tls(Mapi mid, SOCKET sock) return croak(mid, __func__, "BIO_up_ref bio"); } // On error: free 'bio' twice - stream *rstream = openssl_stream(hostcolonport, bio); + stream *rstream = openssl_rstream(hostcolonport, bio); if (rstream == NULL || mnstr_errnr(rstream) != MNSTR_NO__ERROR) { BIO_free_all(bio); // drops first ref BIO_free_all(bio); // drops second ref - return croak(mid, __func__, "openssl_stream: %s", mnstr_peek_error(rstream)); + return croak(mid, __func__, "openssl_rstream: %s", mnstr_peek_error(rstream)); } // On error: free 'bio' and close 'rstream'. - stream *wstream = openssl_stream(hostcolonport, bio); + stream *wstream = openssl_wstream(hostcolonport, bio); if (wstream == NULL || mnstr_errnr(wstream) != MNSTR_NO__ERROR) { BIO_free_all(bio); mnstr_close(rstream); - return croak(mid, __func__, "openssl_stream: %s", mnstr_peek_error(wstream)); + return croak(mid, __func__, "openssl_wstream: %s", mnstr_peek_error(wstream)); } // On error: free 'rstream' and 'wstream'. msg = mapi_set_streams(mid, rstream, wstream); diff --git a/clients/mapilib/mapi_intern.h b/clients/mapilib/mapi_intern.h --- a/clients/mapilib/mapi_intern.h +++ b/clients/mapilib/mapi_intern.h @@ -271,8 +271,11 @@ void mapi_log_record(Mapi mid, const cha if (msg != NULL) mapi_log_record(mid, msg); \ mapi_log_record(mid, mnstr_peek_error(s)); \ mapi_log_record(mid, __func__); \ + if (mnstr_peek_error(s))\ + mapi_printError((mid), __func__, MTIMEOUT, "%s: %s", (msg), mnstr_peek_error(s)); \ + else\ + mapi_printError((mid), __func__, MTIMEOUT, "%s", (msg)); \ close_connection(mid); \ - mapi_setError((mid), (msg), __func__, MTIMEOUT); \ return (e); \ } \ } while (0) diff --git a/common/stream/openssl_stream.c b/common/stream/openssl_stream.c --- a/common/stream/openssl_stream.c +++ b/common/stream/openssl_stream.c @@ -13,11 +13,117 @@ #include "stream_internal.h" #include +#include + +static ssize_t ostream_read(stream *restrict s, void *restrict buf, size_t elmsize, size_t cnt); +static ssize_t ostream_write(stream *restrict s, const void *restrict buf, size_t elmsize, size_t cnt); +static void ostream_close(stream *s); +static int ostream_flush(stream *s, mnstr_flush_level flush_level); stream * -openssl_stream(const char *hostname, BIO *bio) +openssl_rstream(const char *host_colon_port, BIO *bio) +{ + stream *s = openssl_wstream(host_colon_port, bio); + if (s != NULL) + s->readonly = true; + return s; +} +stream * +openssl_wstream(const char *host_colon_port, BIO *bio) +{ + assert(bio); + + stream *s = create_stream(host_colon_port); + if (s == NULL) + return NULL; + + s->stream_data.p = bio; + s->readonly = false; + s->binary = true; + s->read = ostream_read; + s->write = ostream_write; + s->close = ostream_close; + s->flush = ostream_flush; + + return s; +} + +static ssize_t +ostream_error(stream *s, mnstr_error_kind kind) +{ + unsigned long err = ERR_get_error(); + const char *msg = ERR_reason_error_string(err); + mnstr_set_error(s, kind, "%s", msg); + return -1; +} + +
MonetDB: monetdburl - Switch openssl_stream from SSL to BIO
Changeset: 355b18e5ceb3 for MonetDB URL: https://dev.monetdb.org/hg/MonetDB/rev/355b18e5ceb3 Modified Files: clients/mapilib/connect.c clients/mapilib/connect_openssl.c common/stream/openssl_stream.c common/stream/stream.h Branch: monetdburl Log Message: Switch openssl_stream from SSL to BIO diffs (158 lines): diff --git a/clients/mapilib/connect.c b/clients/mapilib/connect.c --- a/clients/mapilib/connect.c +++ b/clients/mapilib/connect.c @@ -404,8 +404,6 @@ connect_socket_tcp(Mapi mid) if (use_tls) { return wrap_tls(mid, s); - closesocket(s); - return mapi_setError(mid, "TLS not implemented yet", __func__, MERROR); } else { // Some TLS servers hang if we accidentally make a non-TLS // connection to a TLS server. Sending a bunch of NULs causes diff --git a/clients/mapilib/connect_openssl.c b/clients/mapilib/connect_openssl.c --- a/clients/mapilib/connect_openssl.c +++ b/clients/mapilib/connect_openssl.c @@ -117,66 +117,81 @@ wrap_tls(Mapi mid, SOCKET sock) / // Create the SSL connection - SSL *ssl = SSL_new(ctx); - if (ssl == NULL) { - closesocket(sock); - SSL_CTX_free(ctx); - return croak(mid, __func__, "SSL_new"); - } - // SSL_new has inc'd the refcount of ctx. We can now drop our ref - // so we don't have to call SSL_CTX_free all the time - SSL_CTX_free(ctx); - // On error: close 'sock' and free 'ssl'. - - BIO *bio = BIO_new_socket(sock, BIO_CLOSE); + // BIO 'bio' represents the whole SSL connection. + // We will read and write plaintext from it. + BIO *bio = BIO_new_ssl(ctx, 1); if (bio == NULL) { closesocket(sock); - SSL_free(ssl); + SSL_CTX_free(ctx); + return croak(mid, __func__, "BIO_new_ssl"); + } + // BIO_new_ssl() inc'd the reference count of ctx so we can drop our + // reference here. + SSL_CTX_free(ctx); + // On error: close 'sock' and free 'bio' + + SSL *ssl = NULL; + if (1 != BIO_get_ssl(bio, &ssl)) { + closesocket(sock); + BIO_free(bio); + return croak(mid, __func__, "BIO_get_ssl"); + } + // As far as I know the SSL returned by BIO_get_ssl has not had + // its refcount inc'd so we don't need to free it. + // On error: close 'sock' and free 'bio'. + assert(ssl != NULL); + + // BIO 'sockbio' wraps the socket. OpenSSL will read and write + // ciphertext from it. + BIO *sockbio = BIO_new_socket(sock, BIO_CLOSE); + if (sockbio == NULL) { + closesocket(sock); + BIO_free_all(bio); return croak(mid, __func__, "BIO_new_socket"); } - // From here on, 'sock' will be free'd by 'bio'. - // On error: free 'bio' and free 'ssl'. + // From here on, 'sock' will be free'd by 'sockbio'. + // On error: free 'sockbio' and free 'bio'. - if (!BIO_up_ref(bio)) { + if (!BIO_up_ref(sockbio)) { + BIO_free_all(sockbio); BIO_free_all(bio); - SSL_free(ssl); - return croak(mid, __func__, "BIO_up_ref"); + return croak(mid, __func__, "BIO_up_ref sockbio"); } - SSL_set0_rbio(ssl, bio); // consumes first ref - SSL_set0_wbio(ssl, bio); // consumes second ref - // from here on 'bio' will be freed through 'ssl'. - // On error: free 'ssl'. + SSL_set0_rbio(ssl, sockbio); // consumes first ref + SSL_set0_wbio(ssl, sockbio); // consumes second ref + // from here on 'sockbio' will be freed through 'ssl' which is freed through 'bio'. + // On error: free 'bio'. if (!SSL_set_tlsext_host_name(ssl, host)) { - SSL_free(ssl); + BIO_free_all(bio); return croak(mid, __func__, "SSL_set_tlsext_host_name"); } // handshake if (1 != SSL_connect(ssl)) { - SSL_free(ssl); + BIO_free_all(bio); return croak(mid, __func__, "SSL_connect"); } / // Attach the connection to 'mid' - if (!SSL_up_ref(ssl)) { - SSL_free(ssl); - return croak(mid, __func__, "SSL_up_ref"); + if (!BIO_up_ref(bio)) { + BIO_free_all(bio); + return croak(mid, __func__, "BIO_up_ref bio"); } - // On error: free 'ssl' twice - stream *rstream = openssl_stream(hostcolonport, ssl); + // On error: free 'bio' twice + stream *rstream = openssl_stream(hostcolonport, bio); if (rstream == NULL || mnstr_errnr(rstream) != MNSTR_NO__ERROR) { -
MonetDB: monetdburl - Complete the TLS handshake, openssl_stream...
Changeset: 07883ebf5747 for MonetDB URL: https://dev.monetdb.org/hg/MonetDB/rev/07883ebf5747 Added Files: common/stream/openssl_stream.c Modified Files: clients/mapilib/connect_openssl.c common/stream/CMakeLists.txt common/stream/stream.h Branch: monetdburl Log Message: Complete the TLS handshake, openssl_stream not yet implemented diffs (truncated from 303 to 300 lines): diff --git a/clients/mapilib/connect_openssl.c b/clients/mapilib/connect_openssl.c --- a/clients/mapilib/connect_openssl.c +++ b/clients/mapilib/connect_openssl.c @@ -11,36 +11,6 @@ #include #include -typedef struct ssl_state { - SOCKET socket; - SSL_CTX *ctx; - SSL *ssl; -} ssl_state; - -static ssl_state* -create_ssl_state(void) -{ - ssl_state *st = malloc(sizeof(*st)); - if (st == NULL) - return NULL; - *st = (ssl_state) { - .socket = INVALID_SOCKET, - }; - return st; -} - -static void -destroy_ssl_state(struct ssl_state *st) -{ - if (st) { - if (st->socket != INVALID_SOCKET) - closesocket(st->socket); - if (st->ctx != NULL) - SSL_CTX_free(st->ctx); - } - free(st); -} - static MapiMsg croak(Mapi mid, const char *action, const char *fmt, ...) __attribute__(( __format__(__printf__, 3, 4) )); static MapiMsg @@ -59,101 +29,156 @@ croak(Mapi mid, const char *action, cons : ERR_reason_error_string(err); if (errmsg) return mapi_printError(mid, action, MERROR, "TLS error: %s: %s", buffer, errmsg); + else if (err != 0) + return mapi_printError(mid, action, MERROR, "TLS error: %s: failed with error %lu (0x%lx)", buffer, err, err); else - return mapi_printError(mid, action, MERROR, "TLS error: %s: failed with error %lu (0x%lx)", buffer, err, err); + return mapi_printError(mid, action, MERROR, "TLS error: %s", buffer); } static MapiMsg -perform_handshake(Mapi mid, ssl_state *state, SOCKET sock) +make_ssl_context(Mapi mid, SSL_CTX **ctx_out) { - // Based on the example on the OpenSSL wiki: - // https://wiki.openssl.org/index.php/SSL/TLS_Client - const msettings *settings = mid->settings; + // Today we just create a new one but if we load the system trust store + // the result could be cached for a while. + // (What's a reasonable amount of time for a process to pick up changes to + // the system trust store?) - // Clear any earlier errrors - do {} while (ERR_get_error() != 0); - - / - // Set up the context + *ctx_out = NULL; const SSL_METHOD *method = TLS_method(); if (!method) return croak(mid, __func__, "TLS_method"); - SSL_CTX *ctx = state->ctx = SSL_CTX_new(method); + SSL_CTX *ctx = SSL_CTX_new(method); if (!ctx) return croak(mid, __func__, "SSL_CTX_new"); + // From here on we need to free 'ctx' on failure SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL); - // SSL_CTX_set_verify_depth: why change the default? SSL_CTX_set_options(ctx, SSL_OP_NO_COMPRESSION); SSL_CTX_set_min_proto_version(ctx, TLS1_3_VERSION); // Because we use at least TLSv1.3 we don't need to mess with // SSL_CTX_set_cipher_list() and SSL_CTX_set_ciphersuites(). - switch (msettings_connect_tls_verify(settings)) { + switch (msettings_connect_tls_verify(mid->settings)) { case verify_none: case verify_hash: SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL); break; case verify_cert: - const char *cert = msetting_string(settings, MP_CERT); - if (1 != SSL_CTX_load_verify_file(ctx, cert)) + const char *cert = msetting_string(mid->settings, MP_CERT); + if (1 != SSL_CTX_load_verify_file(ctx, cert)) { + SSL_CTX_free(ctx); return croak(mid, __func__, "SSL_CTX_load_verify_file: %s", cert); + } break; case verify_system: - if (1 != SSL_CTX_set_default_verify_paths(ctx)) + if (1 != SSL_CTX_set_default_verify_paths(ctx)) { + SSL_CTX_free(ctx); return croak(mid, __func__, "SSL_CTX_set_default_verify_paths"); + } break; } + *ctx_out = ctx; + return MOK; +} + +MapiMsg +wrap_tls(Mapi mid, SOCKET sock) +{ + // Based on the example on the OpenSSL wiki: + // https://wiki.openssl.org/index.php/SSL/TLS_Client + + // On e
MonetDB: monetdburl - Pass host/port to openssl_stream to use as...
Changeset: 7d0fd580275d for MonetDB URL: https://dev.monetdb.org/hg/MonetDB/rev/7d0fd580275d Modified Files: clients/mapilib/connect_openssl.c common/stream/openssl_stream.c common/stream/stream.h Branch: monetdburl Log Message: Pass host/port to openssl_stream to use as a name diffs (77 lines): diff --git a/clients/mapilib/connect_openssl.c b/clients/mapilib/connect_openssl.c --- a/clients/mapilib/connect_openssl.c +++ b/clients/mapilib/connect_openssl.c @@ -92,7 +92,16 @@ wrap_tls(Mapi mid, SOCKET sock) // On error: close 'sock'. MapiMsg msg = MOK; + const msettings *settings = mid->settings; + const char *host = msettings_connect_tcp(settings); + int port = msettings_connect_port(settings); + size_t hostlen = strlen(host); + size_t hostportlen = hostlen + 1 + 20; + char *hostcolonport = malloc(hostportlen); + if (hostcolonport == NULL) + return mapi_setError(mid, "malloc failed", __func__, MERROR); + snprintf(hostcolonport, hostportlen, "%s:%d", host, port); // Clear any earlier errrors do {} while (ERR_get_error() != 0); @@ -138,8 +147,7 @@ wrap_tls(Mapi mid, SOCKET sock) // from here on 'bio' will be freed through 'ssl'. // On error: free 'ssl'. - const char *hostname = msettings_connect_tcp(settings); - if (!SSL_set_tlsext_host_name(ssl, hostname)) { + if (!SSL_set_tlsext_host_name(ssl, host)) { SSL_free(ssl); return croak(mid, __func__, "SSL_set_tlsext_host_name"); } @@ -158,14 +166,14 @@ wrap_tls(Mapi mid, SOCKET sock) return croak(mid, __func__, "SSL_up_ref"); } // On error: free 'ssl' twice - stream *rstream = openssl_stream(ssl); + stream *rstream = openssl_stream(hostcolonport, ssl); if (rstream == NULL || mnstr_errnr(rstream) != MNSTR_NO__ERROR) { SSL_free(ssl); // drops first ref SSL_free(ssl); // drops second ref return croak(mid, __func__, "openssl_stream: %s", mnstr_peek_error(rstream)); } // On error: free 'ssl' and close 'rstream'. - stream *wstream = openssl_stream(ssl); + stream *wstream = openssl_stream(hostcolonport, ssl); if (wstream == NULL || mnstr_errnr(wstream) != MNSTR_NO__ERROR) { mnstr_close(rstream); SSL_free(ssl); diff --git a/common/stream/openssl_stream.c b/common/stream/openssl_stream.c --- a/common/stream/openssl_stream.c +++ b/common/stream/openssl_stream.c @@ -12,10 +12,12 @@ #include "stream.h" #include "stream_internal.h" +#include + stream * -openssl_stream(SSL *ssl) +openssl_stream(const char *hostname, SSL *ssl) { (void)ssl; - mnstr_set_open_error(NULL, 0, "not implemented yet"); + mnstr_set_open_error(hostname, 0, "not implemented yet"); return NULL; } diff --git a/common/stream/stream.h b/common/stream/stream.h --- a/common/stream/stream.h +++ b/common/stream/stream.h @@ -278,7 +278,7 @@ stream_export stream *mapi_request_downl stream_export stream *byte_counting_stream(stream *wrapped, uint64_t *counter); #ifdef HAVE_OPENSSL -stream_export stream *openssl_stream(SSL *ssl); +stream_export stream *openssl_stream(const char *hostname, SSL *ssl); #endif ___ checkin-list mailing list -- checkin-list@monetdb.org To unsubscribe send an email to checkin-list-le...@monetdb.org
MonetDB: monetdburl - Perform the SSL handshake
Changeset: 3e5561b96555 for MonetDB URL: https://dev.monetdb.org/hg/MonetDB/rev/3e5561b96555 Modified Files: clients/mapilib/CMakeLists.txt clients/mapilib/connect_openssl.c Branch: monetdburl Log Message: Perform the SSL handshake diffs (181 lines): diff --git a/clients/mapilib/CMakeLists.txt b/clients/mapilib/CMakeLists.txt --- a/clients/mapilib/CMakeLists.txt +++ b/clients/mapilib/CMakeLists.txt @@ -43,6 +43,7 @@ target_link_libraries(mapi moptions mcrypt stream + $<$:OpenSSL::SSL> $<$:ws2_32>) target_compile_definitions(mapi diff --git a/clients/mapilib/connect_openssl.c b/clients/mapilib/connect_openssl.c --- a/clients/mapilib/connect_openssl.c +++ b/clients/mapilib/connect_openssl.c @@ -1,20 +1,159 @@ #include "monetdb_config.h" + #include "stream.h"/* include before mapi.h */ #include "stream_socket.h" #include "mapi.h" -#include "mapi_prompt.h" -#include "mcrypt.h" -#include "matomic.h" -#include "mstring.h" +#include "mapi_intern.h" + +#include +#include +#include + +typedef struct ssl_state { + SOCKET socket; + SSL_CTX *ctx; + SSL *ssl; +} ssl_state; + +static ssl_state* +create_ssl_state(void) +{ + ssl_state *st = malloc(sizeof(*st)); + if (st == NULL) + return NULL; + *st = (ssl_state) { + .socket = INVALID_SOCKET, + }; + return st; +} + +static void +destroy_ssl_state(struct ssl_state *st) +{ + if (st) { + if (st->socket != INVALID_SOCKET) + closesocket(st->socket); + if (st->ctx != NULL) + SSL_CTX_free(st->ctx); + } + free(st); +} + +static MapiMsg croak(Mapi mid, const char *action, const char *fmt, ...) + __attribute__(( __format__(__printf__, 3, 4) )); +static MapiMsg +croak(Mapi mid, const char *action, const char *fmt, ...) +{ + va_list ap; + char buffer[800]; + va_start(ap, fmt); + vsnprintf(buffer, sizeof(buffer), fmt, ap); + va_end(ap); + + unsigned long err = ERR_get_error(); + const char *errmsg = + ERR_SYSTEM_ERROR(err) + ? strerror(ERR_GET_REASON(err)) + : ERR_reason_error_string(err); + if (errmsg) + return mapi_printError(mid, action, MERROR, "TLS error: %s: %s", buffer, errmsg); + else + return mapi_printError(mid, action, MERROR, "TLS error: %s: failed with error %lu (0x%lx)", buffer, err, err); +} + +static MapiMsg +perform_handshake(Mapi mid, ssl_state *state, SOCKET sock) +{ + // Based on the example on the OpenSSL wiki: + // https://wiki.openssl.org/index.php/SSL/TLS_Client + const msettings *settings = mid->settings; -#include "mapi_intern.h" + // Clear any earlier errrors + do {} while (ERR_get_error() != 0); + + / + // Set up the context + + const SSL_METHOD *method = TLS_method(); + if (!method) + return croak(mid, __func__, "TLS_method"); + SSL_CTX *ctx = state->ctx = SSL_CTX_new(method); + if (!ctx) + return croak(mid, __func__, "SSL_CTX_new"); + + SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL); + // SSL_CTX_set_verify_depth: why change the default? + SSL_CTX_set_options(ctx, SSL_OP_NO_COMPRESSION); + SSL_CTX_set_min_proto_version(ctx, TLS1_3_VERSION); + // Because we use at least TLSv1.3 we don't need to mess with + // SSL_CTX_set_cipher_list() and SSL_CTX_set_ciphersuites(). + + switch (msettings_connect_tls_verify(settings)) { + case verify_none: + case verify_hash: + SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL); + break; + case verify_cert: + const char *cert = msetting_string(settings, MP_CERT); + if (1 != SSL_CTX_load_verify_file(ctx, cert)) + return croak(mid, __func__, "SSL_CTX_load_verify_file: %s", cert); + break; + case verify_system: + if (1 != SSL_CTX_set_default_verify_paths(ctx)) + return croak(mid, __func__, "SSL_CTX_set_default_verify_paths"); + break; + } + + / + // Create the SSL connection + + SSL *ssl = state->ssl = SSL_new(ctx); + if (ssl == NULL) { + return croak(mid, __func__, "SSL_new"); + } + + BIO *bio = BIO_new_socket(sock, BIO_NOCLOSE); + if (bio == NULL) + return croak(mid, __func__, "BIO_new_socket"); + if (!BIO_up_ref(bio)) { + BIO_free_all(bio); + return croak(mid, __func__, "BIO_up_ref"); + } + SSL_set0_rbio(ssl, bio); // con
MonetDB: monetdburl - Split wrap_socket(), adding mapi_set_strea...
Changeset: 3d1acea394f4 for MonetDB URL: https://dev.monetdb.org/hg/MonetDB/rev/3d1acea394f4 Modified Files: clients/mapilib/connect.c clients/mapilib/mapi.c clients/mapilib/mapi_intern.h Branch: monetdburl Log Message: Split wrap_socket(), adding mapi_set_streams() diffs (152 lines): diff --git a/clients/mapilib/connect.c b/clients/mapilib/connect.c --- a/clients/mapilib/connect.c +++ b/clients/mapilib/connect.c @@ -212,65 +212,45 @@ static MapiMsg wrap_socket(Mapi mid, SOCKET sock) { // do not use check_stream here yet because the socket is not yet in 'mid' - const char *error_message; - stream *error_stream; - + stream *broken_stream = NULL; + MapiMsg msg; stream *rstream = NULL; stream *wstream = NULL; - stream *brstream = NULL; - stream *bwstream = NULL; wstream = socket_wstream(sock, "Mapi client write"); if (wstream == NULL || mnstr_errnr(wstream) != MNSTR_NO__ERROR) { - error_stream = wstream; - error_message = "socket_wstream"; + broken_stream = wstream; goto bailout; } mapi_log_record(mid, "Mapi client write"); rstream = socket_rstream(sock, "Mapi client write"); if (rstream == NULL || mnstr_errnr(rstream) != MNSTR_NO__ERROR) { - error_stream = rstream; - error_message = "socket_rstream"; + broken_stream = rstream; goto bailout; } mapi_log_record(mid, "Mapi client read"); - // old logic checked for this but that doesn't make sense, does it? - assert(!isa_block_stream(wstream)); - - bwstream = block_stream(wstream); - if (bwstream == NULL || mnstr_errnr(bwstream) != MNSTR_NO__ERROR) { - error_stream = bwstream; - error_message = "block_stream wstream"; - goto bailout; - } - brstream = block_stream(rstream); - if (brstream == NULL || mnstr_errnr(brstream) != MNSTR_NO__ERROR) { - error_stream = brstream; - error_message = "block_stream rstream"; - goto bailout; - } + msg = mapi_set_streams(mid, rstream, wstream); + if (msg == MOK) + return MOK; - mid->to = bwstream; - mid->from = brstream; - return MOK; bailout: - // adapted from the check_stream macro - mapi_log_record(mid, error_message); - mapi_log_record(mid, mnstr_peek_error(error_stream)); - mapi_log_record(mid, __func__); - if (brstream) - mnstr_destroy(brstream); - if (bwstream) - mnstr_destroy(bwstream); - if (brstream) - mnstr_destroy(brstream); - if (bwstream) - mnstr_destroy(bwstream); + if (rstream) + mnstr_destroy(rstream); + if (wstream) + mnstr_destroy(wstream); closesocket(sock); - // malloc failure is the only way these calls could have failed - return mapi_printError(mid, __func__, MERROR, "%s: %s", error_message, mnstr_peek_error(error_stream)); + if (broken_stream) { + char *error_message = "create stream from socket"; + mapi_log_record(mid, error_message); + mapi_log_record(mid, mnstr_peek_error(broken_stream)); + mapi_log_record(mid, __func__); + // malloc failure is the only way these calls could have failed + return mapi_printError(mid, __func__, MERROR, "%s: %s", error_message, mnstr_peek_error(broken_stream)); + } else { + return MERROR; + } } #ifndef HAVE_OPENSSL diff --git a/clients/mapilib/mapi.c b/clients/mapilib/mapi.c --- a/clients/mapilib/mapi.c +++ b/clients/mapilib/mapi.c @@ -4608,3 +4608,47 @@ mapi_get_active(Mapi mid) { return mid->active; } + + +MapiMsg +mapi_set_streams(Mapi mid, stream *rstream, stream *wstream) +{ + // do not use check_stream here yet because the socket is not yet in 'mid' + const char *error_message; + stream *error_stream; + + assert(!isa_block_stream(rstream)); + assert(!isa_block_stream(wstream)); + + stream *brstream = NULL; + stream *bwstream = NULL; + + bwstream = block_stream(wstream); + if (bwstream == NULL || mnstr_errnr(bwstream) != MNSTR_NO__ERROR) { + error_stream = bwstream; + error_message = "block_stream wstream"; + goto bailout; + } + brstream = block_stream(rstream); + if (brstream == NULL || mnstr_errnr(brstream) != MNSTR_NO__ERROR) { + error_stream = brstream; + error_message = "block_stream rstream"; + goto bailout; + } + + mid->to = bwstream; + mid->from = brstream; + return MOK; +bailout: + // adapted from the check_stream macro + mapi_log_re
MonetDB: monetdburl - Add conditionally compiled openssl stub
Changeset: a11f73dd283d for MonetDB URL: https://dev.monetdb.org/hg/MonetDB/rev/a11f73dd283d Added Files: clients/mapilib/connect_openssl.c Modified Files: clients/mapilib/CMakeLists.txt clients/mapilib/connect.c clients/mapilib/mapi_intern.h Branch: monetdburl Log Message: Add conditionally compiled openssl stub diffs (truncated from 372 to 300 lines): diff --git a/clients/mapilib/CMakeLists.txt b/clients/mapilib/CMakeLists.txt --- a/clients/mapilib/CMakeLists.txt +++ b/clients/mapilib/CMakeLists.txt @@ -11,6 +11,7 @@ add_library(mapi SHARED) + # We need to add the public library twice to the target sources, once for # the build interface and once for the install interface. This is because # of the fact that cmake < 3.13 does not handle relative paths well. If we @@ -22,6 +23,7 @@ target_sources(mapi connect.c msettings.c parseurl.c + $<$:connect_openssl.c> mapi_intern.h PUBLIC $/mapi.h> diff --git a/clients/mapilib/connect.c b/clients/mapilib/connect.c --- a/clients/mapilib/connect.c +++ b/clients/mapilib/connect.c @@ -27,8 +27,8 @@ static MapiMsg establish_connection(Mapi mid); static MapiMsg scan_unix_sockets(Mapi mid); static MapiMsg connect_socket(Mapi mid); -static SOCKET connect_socket_unix(Mapi mid, const char *sockname); -static SOCKET connect_socket_tcp(Mapi mid, const char *host, int port); +static MapiMsg connect_socket_unix(Mapi mid); +static MapiMsg connect_socket_tcp(Mapi mid); static SOCKET connect_socket_tcp_addr(Mapi mid, struct addrinfo *addr); static MapiMsg mapi_handshake(Mapi mid); @@ -43,10 +43,6 @@ mapi_reconnect(Mapi mid) return MERROR; } - bool tls = msetting_bool(mid->settings, MP_TLS); - if (tls) - return mapi_setError(mid, "TLS (monetdbs://...) is not supported yet", __func__, MERROR); - // If neither host nor port are given, scan the Unix domain sockets in // /tmp and see if any of them serve this database. // Otherwise, just try to connect to what was given. @@ -191,76 +187,122 @@ establish_connection(Mapi mid) static MapiMsg connect_socket(Mapi mid) { - SOCKET s = INVALID_SOCKET; - assert(!mid->connected); const char *sockname = msettings_connect_unix(mid->settings); const char *tcp_host = msettings_connect_tcp(mid->settings); - int tcp_port = msettings_connect_port(mid->settings); assert(*sockname || *tcp_host); - if (*sockname) { - s = connect_socket_unix(mid, sockname); - } - if (s == INVALID_SOCKET && *tcp_host) { - s = connect_socket_tcp(mid, tcp_host, tcp_port); - } - if (s == INVALID_SOCKET) { + if (*sockname && connect_socket_unix(mid) == MOK) { + mid->connected = true; + return MOK; + } else if (*tcp_host && connect_socket_tcp(mid) == MOK) { + mid->connected = true; + return MOK; + } else { assert(mid->error == MERROR); - mid->error = MERROR; + mid->error = MERROR; // in case assert above was not enabled return mid->error; } - mid->to = socket_wstream(s, "Mapi client write"); - mapi_log_record(mid, "Mapi client write"); - mid->from = socket_rstream(s, "Mapi client read"); - mapi_log_record(mid, "Mapi client read"); - check_stream(mid, mid->to, "Cannot open socket for writing", mid->error); - check_stream(mid, mid->from, "Cannot open socket for reading", mid->error); + assert(0 && "unreachable"); + return MERROR; +} + +static MapiMsg +wrap_socket(Mapi mid, SOCKET sock) +{ + // do not use check_stream here yet because the socket is not yet in 'mid' + const char *error_message; + stream *error_stream; + + stream *rstream = NULL; + stream *wstream = NULL; + stream *brstream = NULL; + stream *bwstream = NULL; - // Send an even number of NUL '\0' bytes to the server. - // This forces an error message when accidentally connecting to a TLS server. - // Also, surprisingly it seems to make connection setup slightly faster! - static const char zeroes[8] = { 0 }; - for (ssize_t nleft = sizeof(zeroes); nleft > 0; ) { - ssize_t nwritten = mnstr_write(mid->to, zeroes, 1, nleft); - if (nwritten < 0) - return mapi_setError(mid, "could not send leader block", __func__, MERROR); - nleft -= nwritten; + wstream = socket_wstream(sock, "Mapi client write"); + if (wstream == NULL || mnstr_errnr(wstream) != MNSTR_NO__ERROR) { + error_stream = wstream; + error_message = "socket_wstream"; + goto bailout; + } + mapi_log_record(mid, "Mapi client write"); + + rstream = socket_rstream(sock, "Mapi client write"); + if (rstream == NULL || mn
MonetDB: monetdburl - Add CMake magic for OpenSSL
Changeset: 50e9b26a4e4c for MonetDB URL: https://dev.monetdb.org/hg/MonetDB/rev/50e9b26a4e4c Modified Files: cmake/monetdb-defines.cmake cmake/monetdb-findpackages.cmake cmake/monetdb-functions.cmake cmake/monetdb-options.cmake common/stream/CMakeLists.txt monetdb_config.h.in Branch: monetdburl Log Message: Add CMake magic for OpenSSL diffs (72 lines): diff --git a/cmake/monetdb-defines.cmake b/cmake/monetdb-defines.cmake --- a/cmake/monetdb-defines.cmake +++ b/cmake/monetdb-defines.cmake @@ -153,6 +153,7 @@ macro(monetdb_macro_variables) set(HAVE_SHP ${GDAL_FOUND}) set(SANITIZER ${SANITIZER}) set(HAVE_RTREE ${RTREE_FOUND}) + set(HAVE_OPENSSL ${OPENSSL_FOUND}) if(PY3INTEGRATION) set(HAVE_LIBPY3 "${Python3_NumPy_FOUND}") diff --git a/cmake/monetdb-findpackages.cmake b/cmake/monetdb-findpackages.cmake --- a/cmake/monetdb-findpackages.cmake +++ b/cmake/monetdb-findpackages.cmake @@ -127,6 +127,10 @@ if(WITH_MALLOC) endif() endif() +if(WITH_OPENSSL) + find_package(OpenSSL) +endif() + find_package(Sphinx) find_package(Createrepo) find_package(Rpmbuild) diff --git a/cmake/monetdb-functions.cmake b/cmake/monetdb-functions.cmake --- a/cmake/monetdb-functions.cmake +++ b/cmake/monetdb-functions.cmake @@ -105,6 +105,7 @@ function(monetdb_cmake_summary) message(STATUS "Netcdf library: ${NETCDF_FOUND}") message(STATUS "Readline library: ${READLINE_FOUND}") message(STATUS "R library: ${LIBR_FOUND}") + message(STATUS "OpenSSL: ${OPENSSL_FOUND}") message(STATUS "ODBC: ${ODBC_FOUND}") message(STATUS "Sphinx: ${SPHINX_FOUND}") message(STATUS "Createrepo: ${CREATEREPO_FOUND}") diff --git a/cmake/monetdb-options.cmake b/cmake/monetdb-options.cmake --- a/cmake/monetdb-options.cmake +++ b/cmake/monetdb-options.cmake @@ -143,6 +143,10 @@ option(WITH_ZLIB "Include zlib support" ON) +option(WITH_OPENSSL + "Include TLS support" + ON) + option(CMAKE_SUMMARY "Show a summary of the cmake configuration (for debug purposes)" OFF) diff --git a/common/stream/CMakeLists.txt b/common/stream/CMakeLists.txt --- a/common/stream/CMakeLists.txt +++ b/common/stream/CMakeLists.txt @@ -67,6 +67,7 @@ target_link_libraries(stream $<$:LibLZMA::LibLZMA> $<$:LZ4::LZ4> $<$:Iconv::Iconv> + $<$:OpenSSL::SSL> matomic monetdb_config_header $<$:ws2_32> diff --git a/monetdb_config.h.in b/monetdb_config.h.in --- a/monetdb_config.h.in +++ b/monetdb_config.h.in @@ -196,6 +196,7 @@ #cmakedefine HAVE_RTREE 1 #cmakedefine HAVE_SHP 1 #cmakedefine HAVE_LIBPY3 1 +#cmakedefine HAVE_OPENSSL 1 // #cmakedefine SOCKET_LIBRARIES #cmakedefine HAVE_GETADDRINFO 1 ___ checkin-list mailing list -- checkin-list@monetdb.org To unsubscribe send an email to checkin-list-le...@monetdb.org
MonetDB: monetdburl - Redirects must be validated
Changeset: c888eb2c7876 for MonetDB URL: https://dev.monetdb.org/hg/MonetDB/rev/c888eb2c7876 Modified Files: clients/mapilib/connect.c Branch: monetdburl Log Message: Redirects must be validated diffs (14 lines): diff --git a/clients/mapilib/connect.c b/clients/mapilib/connect.c --- a/clients/mapilib/connect.c +++ b/clients/mapilib/connect.c @@ -762,7 +762,9 @@ mapi_handshake(Mapi mid) char *red = mid->redirects[0]; char *error_message = NULL; - if (!msettings_parse_url(mid->settings, red, &error_message)) { + if (!msettings_parse_url(mid->settings, red, &error_message) + || !msettings_validate(mid->settings, &error_message) + ) { mapi_close_handle(hdl); close_connection(mid); return mapi_printError( ___ checkin-list mailing list -- checkin-list@monetdb.org To unsubscribe send an email to checkin-list-le...@monetdb.org
MonetDB: monetdburl - Let msettings_connect_tls_verify() return ...
Changeset: ad3994bd989b for MonetDB URL: https://dev.monetdb.org/hg/MonetDB/rev/ad3994bd989b Modified Files: clients/examples/C/testsfile.c clients/mapilib/msettings.c clients/mapilib/msettings.h Branch: monetdburl Log Message: Let msettings_connect_tls_verify() return an enum diffs (90 lines): diff --git a/clients/examples/C/testsfile.c b/clients/examples/C/testsfile.c --- a/clients/examples/C/testsfile.c +++ b/clients/examples/C/testsfile.c @@ -166,6 +166,22 @@ expect_string(const char *location, cons return false; } +static const char * +stringify_tls_verify(const msettings *mp) +{ + enum msetting_tls_verify verify = msettings_connect_tls_verify(mp); + switch (verify) { + case verify_none: + return ""; + case verify_system: + return "system"; + case verify_cert: + return "cert"; + case verify_hash: + return "hash"; + } + assert(0 && "unreachable"); +} static bool handle_expect_command(const char *location, char *key, char *value) @@ -201,7 +217,7 @@ handle_expect_command(const char *locati if (strcmp("connect_port", key) == 0) return expect_long(location, MP_UNKNOWN, msettings_connect_port, value); if (strcmp("connect_tls_verify", key) == 0) - return expect_string(location, MP_UNKNOWN, msettings_connect_tls_verify, value); + return expect_string(location, MP_UNKNOWN, stringify_tls_verify, value); if (strcmp("connect_certhash_digits", key) == 0) return expect_string(location, MP_UNKNOWN, msettings_connect_certhash_digits, value); if (strcmp("connect_binary", key) == 0) diff --git a/clients/mapilib/msettings.c b/clients/mapilib/msettings.c --- a/clients/mapilib/msettings.c +++ b/clients/mapilib/msettings.c @@ -746,7 +746,7 @@ msettings_connect_port(const msettings * return port; } -const char* +enum msetting_tls_verify msettings_connect_tls_verify(const msettings *mp) { assert(mp->validated); @@ -755,12 +755,12 @@ msettings_connect_tls_verify(const msett const char *certhash = msetting_string(mp, MP_CERTHASH); if (!tls) - return ""; - if (*certhash) - return "hash"; + return verify_none; + if (*certhash) // certhash comes before cert + return verify_hash; if (*cert) - return "cert"; - return "system"; + return verify_cert; + return verify_system; } const char* diff --git a/clients/mapilib/msettings.h b/clients/mapilib/msettings.h --- a/clients/mapilib/msettings.h +++ b/clients/mapilib/msettings.h @@ -106,14 +106,20 @@ bool msettings_validate(msettings *mp, c /* virtual parameters */ +enum msetting_tls_verify { + verify_none, + verify_system, + verify_cert, + verify_hash, +}; bool msettings_connect_scan(const msettings *mp); const char *msettings_connect_sockdir(const msettings *mp); const char *msettings_connect_unix(const msettings *mp); const char *msettings_connect_tcp(const msettings *mp); long msettings_connect_port(const msettings *mp); -const char *msettings_connect_tls_verify(const msettings *mp); const char *msettings_connect_certhash_digits(const msettings *mp); long msettings_connect_binary(const msettings *mp); +enum msetting_tls_verify msettings_connect_tls_verify(const msettings *mp); /* automatically incremented each time the corresponding field is updated */ long msettings_user_generation(const msettings *mp); ___ checkin-list mailing list -- checkin-list@monetdb.org To unsubscribe send an email to checkin-list-le...@monetdb.org
MonetDB: monetdburl - Cannot do if(s) if s is a SOCKET
Changeset: 1f5623d0483b for MonetDB URL: https://dev.monetdb.org/hg/MonetDB/rev/1f5623d0483b Modified Files: clients/mapilib/connect.c Branch: monetdburl Log Message: Cannot do if(s) if s is a SOCKET diffs (12 lines): diff --git a/clients/mapilib/connect.c b/clients/mapilib/connect.c --- a/clients/mapilib/connect.c +++ b/clients/mapilib/connect.c @@ -345,7 +345,7 @@ connect_socket_tcp(Mapi mid, const char SOCKET s; for (struct addrinfo *addr = addresses; addr; addr = addr->ai_next) { s = connect_socket_tcp_addr(mid, addr); - if (s) + if (s != INVALID_SOCKET) break; } freeaddrinfo(addresses); ___ checkin-list mailing list -- checkin-list@monetdb.org To unsubscribe send an email to checkin-list-le...@monetdb.org
MonetDB: monetdburl - rename mapi_PrintError to mapi_printError
Changeset: 612c42f151d0 for MonetDB URL: https://dev.monetdb.org/hg/MonetDB/rev/612c42f151d0 Modified Files: clients/mapilib/connect.c clients/mapilib/mapi.c clients/mapilib/mapi_intern.h Branch: monetdburl Log Message: rename mapi_PrintError to mapi_printError diffs (106 lines): diff --git a/clients/mapilib/connect.c b/clients/mapilib/connect.c --- a/clients/mapilib/connect.c +++ b/clients/mapilib/connect.c @@ -259,7 +259,7 @@ connect_socket_unix(Mapi mid, const char { struct sockaddr_un userver; if (strlen(sockname) >= sizeof(userver.sun_path)) { - mapi_PrintError(mid, __func__, MERROR, "path name '%s' too long", sockname); + mapi_printError(mid, __func__, MERROR, "path name '%s' too long", sockname); return INVALID_SOCKET; } @@ -271,7 +271,7 @@ connect_socket_unix(Mapi mid, const char int s = socket(PF_UNIX, SOCK_STREAM, 0); #endif if (s == INVALID_SOCKET) { - mapi_PrintError( + mapi_printError( mid, __func__, MERROR, "could not create Unix domain socket '%s': %s", sockname, strerror(errno)); return INVALID_SOCKET; @@ -289,7 +289,7 @@ connect_socket_unix(Mapi mid, const char if (connect(s, (struct sockaddr *) &userver, sizeof(struct sockaddr_un)) == SOCKET_ERROR) { closesocket(s); - mapi_PrintError( + mapi_printError( mid, __func__, MERROR, "connect to Unix domain socket '%s' failed: %s", sockname, strerror(errno)); return INVALID_SOCKET; @@ -302,7 +302,7 @@ connect_socket_unix(Mapi mid, const char if (n < 1) { // used to be if n < 0 but this makes more sense closesocket(s); - mapi_PrintError( + mapi_printError( mid, __func__, MERROR, "could not send initial '0' on Unix domain socket: %s", strerror(errno)); return INVALID_SOCKET; @@ -329,13 +329,13 @@ connect_socket_tcp(Mapi mid, const char struct addrinfo *addresses; ret = getaddrinfo(host, portbuf, &hints, &addresses); if (ret != 0) { - mapi_PrintError( + mapi_printError( mid, __func__, MERROR, "getaddrinfo %s:%s failed: %s", host, portbuf, gai_strerror(ret)); return INVALID_SOCKET; } if (addresses == NULL) { - mapi_PrintError( + mapi_printError( mid, __func__, MERROR, "getaddrinfo return 0 addresses"); return INVALID_SOCKET; @@ -394,7 +394,7 @@ connect_socket_tcp_addr(Mapi mid, struct SOCKET s = socket(addr->ai_family, socktype, addr->ai_protocol); if (s == INVALID_SOCKET) { - mapi_PrintError( + mapi_printError( mid, __func__, MERROR, "could not create TCP socket: %s", SOCKET_STRERROR()); return INVALID_SOCKET; @@ -405,7 +405,7 @@ connect_socket_tcp_addr(Mapi mid, struct #endif if (connect(s, addr->ai_addr, addr->ai_addrlen) == SOCKET_ERROR) { - mapi_PrintError( + mapi_printError( mid, __func__, MERROR, "could not connect: %s", SOCKET_STRERROR()); closesocket(s); @@ -765,7 +765,7 @@ mapi_handshake(Mapi mid) if (!msettings_parse_url(mid->settings, red, &error_message)) { mapi_close_handle(hdl); close_connection(mid); - return mapi_PrintError( + return mapi_printError( mid, __func__, MERROR, "%s: %s", error_message ? error_message : "invalid redirect", diff --git a/clients/mapilib/mapi.c b/clients/mapilib/mapi.c --- a/clients/mapilib/mapi.c +++ b/clients/mapilib/mapi.c @@ -837,7 +837,7 @@ mapi_setError(Mapi mid, const char *msg, return mid->error; } -MapiMsg mapi_PrintError(Mapi mid, const char *action, MapiMsg error, const char *fmt, ...) +MapiMsg mapi_printError(Mapi mid, const char *action, MapiMsg error, const char *fmt, ...) { size_t size = 81; // just a guess diff --git a/clients/mapilib/mapi_intern.h b/clients/mapilib/mapi_intern.h --- a/clients/mapilib/mapi_intern.h +++ b/clients/mapilib/mapi_intern.h @@ -260,7 +260,7 @@ void mapi_clrError(Mapi mid) __attribute__((__nonnull__(1))); MapiMsg mapi_setError(Mapi mid, const char *msg, const char *action, MapiMsg error) __attribute__((__nonnull__(2))) __attribute__((__nonnull__(3))); -MapiMsg mapi_PrintError
MonetDB: literal_features - remove obsolete upgrade code
Changeset: 8190c83b02ae for MonetDB URL: https://dev.monetdb.org/hg/MonetDB/rev/8190c83b02ae Modified Files: sql/backends/monet5/sql_upgrades.c Branch: literal_features Log Message: remove obsolete upgrade code diffs (30 lines): diff --git a/sql/backends/monet5/sql_upgrades.c b/sql/backends/monet5/sql_upgrades.c --- a/sql/backends/monet5/sql_upgrades.c +++ b/sql/backends/monet5/sql_upgrades.c @@ -6012,26 +6012,6 @@ sql_update_default(Client c, mvc *sql, s output = NULL; } - - /* 49_strings.sql */ - sql_find_subtype(&tp, "string", 0, 0); - if (sql_bind_func(sql, s->base.name, "btrim", &tp, &tp, F_FUNC, true) == NULL) { - sql->session->status = 0; /* if the function was not found clean the error */ - sql->errstr[0] = '\0'; - const char *cmds = - "create function sys.btrim(x string)\n" - "returns string external name str.trim;\n" - "grant execute on function btrim(string) to public;\n" - - "create function sys.btrim(x string, y string)\n" - "returns string external name str.trim2;\n" - "grant execute on function btrim(string, string) to public;\n" - ; - printf("Running database upgrade commands:\n%s\n", cmds); - fflush(stdout); - err = SQLstatementIntern(c, cmds, "update", true, false, NULL); - } - /* 91_information_schema.sql */ info = mvc_bind_schema(sql, "information_schema"); if (info == NULL) { ___ checkin-list mailing list -- checkin-list@monetdb.org To unsubscribe send an email to checkin-list-le...@monetdb.org
MonetDB: literal_features - approve convert tests
Changeset: 143153489a2e for MonetDB URL: https://dev.monetdb.org/hg/MonetDB/rev/143153489a2e Modified Files: sql/test/BugTracker-2016/Tests/convert-function-test-hge.Bug-3460.test sql/test/BugTracker-2016/Tests/convert-function-test.Bug-3460.test Branch: literal_features Log Message: approve convert tests diffs (truncated from 1066 to 300 lines): diff --git a/sql/test/BugTracker-2016/Tests/convert-function-test-hge.Bug-3460.test b/sql/test/BugTracker-2016/Tests/convert-function-test-hge.Bug-3460.test --- a/sql/test/BugTracker-2016/Tests/convert-function-test-hge.Bug-3460.test +++ b/sql/test/BugTracker-2016/Tests/convert-function-test-hge.Bug-3460.test @@ -424,8 +424,29 @@ 0 1 1 -statement error +query IT rowsort SELECT v, convert(v, varchar) from T_hugeint + +-1 +-1 +-127 +-127 +-2147483647 +-2147483647 +-32767 +-32767 +0 +0 +1 +1 +127 +127 +2147483647 +2147483647 +32767 +32767 +NULL +NULL query IT rowsort SELECT v, convert(v, varchar(16)) from T_hugeint @@ -935,8 +956,29 @@ 0 1 1 -statement error +query IT rowsort SELECT v, cast(v as varchar) from T_hugeint + +-1 +-1 +-127 +-127 +-2147483647 +-2147483647 +-32767 +-32767 +0 +0 +1 +1 +127 +127 +2147483647 +2147483647 +32767 +32767 +NULL +NULL query IT rowsort SELECT v, cast(v as varchar(16)) from T_hugeint diff --git a/sql/test/BugTracker-2016/Tests/convert-function-test.Bug-3460.test b/sql/test/BugTracker-2016/Tests/convert-function-test.Bug-3460.test --- a/sql/test/BugTracker-2016/Tests/convert-function-test.Bug-3460.test +++ b/sql/test/BugTracker-2016/Tests/convert-function-test.Bug-3460.test @@ -159,8 +159,19 @@ t NULL NULL -statement error +query IT rowsort SELECT v, convert(v, varchar) from T_BOOLEAN + +0 +false +0 +false +1 +true +1 +true +NULL +NULL query IT rowsort SELECT v, convert(v, varchar(6)) from T_BOOLEAN @@ -371,8 +382,19 @@ t NULL NULL -statement error +query IT rowsort SELECT v, cast(v as varchar) from T_BOOLEAN + +0 +false +0 +false +1 +true +1 +true +NULL +NULL query IT rowsort SELECT v, cast(v as varchar(6)) from T_BOOLEAN @@ -552,8 +574,21 @@ SELECT v, convert(v, decimal(15,3)) from statement error SELECT v, convert(v, char) from T_blob where v between '11' and '11' -statement error +query TT rowsort SELECT v, convert(v, varchar) from T_blob + +(empty) +(empty) +00 +00 +0123456789 +0123456789 +11 +11 +A0B2C3D4F5 +A0B2C3D4F5 +NULL +NULL query TT rowsort SELECT v, convert(v, varchar(16)) from T_blob @@ -706,8 +741,21 @@ SELECT v, cast(v as decimal(15,3)) from statement error SELECT v, cast(v as char) from T_blob where v between '11' and '11' -statement error +query TT rowsort SELECT v, cast(v as varchar) from T_blob + +(empty) +(empty) +00 +00 +0123456789 +0123456789 +11 +11 +A0B2C3D4F5 +A0B2C3D4F5 +NULL +NULL query TT rowsort SELECT v, cast(v as varchar(16)) from T_blob @@ -1108,8 +1156,21 @@ 0 1 1 -statement error +query IT rowsort SELECT v, convert(v, varchar) from T_tinyint + +-1 +-1 +-127 +-127 +0 +0 +1 +1 +127 +127 +NULL +NULL query IT rowsort SELECT v, convert(v, varchar(6)) from T_tinyint @@ -1475,8 +1536,21 @@ 0 1 1 -statement error +query IT rowsort SELECT v, cast(v as varchar) from T_tinyint + +-1 +-1 +-127 +-127 +0 +0 +1 +1 +127 +127 +NULL +NULL query IT rowsort SELECT v, cast(v as varchar(6)) from T_tinyint @@ -1928,8 +2002,25 @@ 0 1 1 -statement error +query IT rowsort SELECT v, convert(v, varchar) from T_smallint + +-1 +-1 +-127 +-127 +-32767 +-32767 +0 +0 +1 +1 +127 +127 +32767 +32767 +NULL +NULL query IT rowsort SELECT v, convert(v, varchar(6)) from T_smallint @@ -2369,8 +2460,25 @@ 0 1 1 -statement error +query IT rowsort SELECT v, cast(v as varchar) from T_smallint + +-1 +-1 +-127 +-127 +-32767 +-32767 +0 +0 +1 +1 +127 +127 +32767 +32767 +NULL +NULL query IT rowsort SELECT v, cast(v as varchar(6)) from T_smallint @@ -2894,8 +3002,29 @@ 0 1 1 -statement error +query IT rowsort SELECT v, convert(v, varchar) from T_int + +-1 +-1 +-127 +-127 +-2147483647 +-2147483647 +-32767 +-32767 +0 +0 +1 +1 +127 +127 +2147483647 +2147483647 +32767 +32767 +NULL +NULL query IT rowsort SELECT v, convert(v, varchar(16)) from T_int @@ -3405,8 +3534,29 @@ 0 1 1 -statement error +query IT rowsort SELECT v, cast(v as varchar) from T_int + +-1 +-1 +-127 +-127 +-2147483647 ___ checkin-list mailing list -- checkin-list@monetdb.org To unsubscribe send an email to checkin-list-le...@monetdb.org