Merge pull request #26209 from taosdata/fix/TD-30583-update-30
Fix the issue of dynamically adjusting the IP whitelist.
This commit is contained in:
Hongze Cheng
GitHub
commit
52111f9cab
|
|
@ -134,13 +134,14 @@ static int32_t hbUpdateUserAuthInfo(SAppHbMgr *pAppHbMgr, SUserAuthBatchRsp *bat
|
|||
if (pTscObj->whiteListInfo.fp) {
|
||||
SWhiteListInfo *whiteListInfo = &pTscObj->whiteListInfo;
|
||||
int64_t oldVer = atomic_load_64(&whiteListInfo->ver);
|
||||
if (oldVer < pRsp->whiteListVer) {
|
||||
|
||||
if (oldVer < pRsp->whiteListVer || pRsp->whiteListVer == 0) {
|
||||
atomic_store_64(&whiteListInfo->ver, pRsp->whiteListVer);
|
||||
if (whiteListInfo->fp) {
|
||||
(*whiteListInfo->fp)(whiteListInfo->param, &pRsp->whiteListVer, TAOS_NOTIFY_WHITELIST_VER);
|
||||
}
|
||||
tscDebug("update whitelist version of user %s from %"PRId64" to %"PRId64", tscRid:%" PRIi64, pRsp->user, oldVer,
|
||||
atomic_load_64(&whiteListInfo->ver), pTscObj->id);
|
||||
tscDebug("update whitelist version of user %s from %" PRId64 " to %" PRId64 ", tscRid:%" PRIi64, pRsp->user,
|
||||
oldVer, atomic_load_64(&whiteListInfo->ver), pTscObj->id);
|
||||
}
|
||||
}
|
||||
releaseTscObj(pReq->connKey.tscRid);
|
||||
|
|
@ -202,8 +203,8 @@ static int32_t hbProcessDBInfoRsp(void *value, int32_t valueLen, struct SCatalog
|
|||
for (int32_t i = 0; i < numOfBatchs; ++i) {
|
||||
SDbHbRsp *rsp = taosArrayGet(batchRsp.pArray, i);
|
||||
if (rsp->useDbRsp) {
|
||||
tscDebug("hb use db rsp, db:%s, vgVersion:%d, stateTs:%" PRId64 ", uid:%" PRIx64,
|
||||
rsp->useDbRsp->db, rsp->useDbRsp->vgVersion, rsp->useDbRsp->stateTs, rsp->useDbRsp->uid);
|
||||
tscDebug("hb use db rsp, db:%s, vgVersion:%d, stateTs:%" PRId64 ", uid:%" PRIx64, rsp->useDbRsp->db,
|
||||
rsp->useDbRsp->vgVersion, rsp->useDbRsp->stateTs, rsp->useDbRsp->uid);
|
||||
|
||||
if (rsp->useDbRsp->vgVersion < 0) {
|
||||
tscDebug("hb to remove db, db:%s", rsp->useDbRsp->db);
|
||||
|
|
@ -225,7 +226,9 @@ static int32_t hbProcessDBInfoRsp(void *value, int32_t valueLen, struct SCatalog
|
|||
goto _return;
|
||||
}
|
||||
|
||||
catalogUpdateDBVgInfo(pCatalog, (rsp->useDbRsp->db[0] == 'i') ? TSDB_PERFORMANCE_SCHEMA_DB : TSDB_INFORMATION_SCHEMA_DB, rsp->useDbRsp->uid, vgInfo);
|
||||
catalogUpdateDBVgInfo(pCatalog,
|
||||
(rsp->useDbRsp->db[0] == 'i') ? TSDB_PERFORMANCE_SCHEMA_DB : TSDB_INFORMATION_SCHEMA_DB,
|
||||
rsp->useDbRsp->uid, vgInfo);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -294,7 +297,6 @@ static int32_t hbProcessStbInfoRsp(void *value, int32_t valueLen, struct SCatalo
|
|||
return TSDB_CODE_SUCCESS;
|
||||
}
|
||||
|
||||
|
||||
static int32_t hbProcessDynViewRsp(void *value, int32_t valueLen, struct SCatalog *pCatalog) {
|
||||
return catalogUpdateDynViewVer(pCatalog, (SDynViewVersion *)value);
|
||||
}
|
||||
|
|
@ -799,7 +801,8 @@ int32_t hbGetExpiredDBInfo(SClientHbKey *connKey, struct SCatalog *pCatalog, SCl
|
|||
|
||||
for (int32_t i = 0; i < dbNum; ++i) {
|
||||
SDbCacheInfo *db = &dbs[i];
|
||||
tscDebug("the %dth expired dbFName:%s, dbId:%" PRId64 ", vgVersion:%d, cfgVersion:%d, numOfTable:%d, startTs:%" PRId64,
|
||||
tscDebug("the %dth expired dbFName:%s, dbId:%" PRId64
|
||||
", vgVersion:%d, cfgVersion:%d, numOfTable:%d, startTs:%" PRId64,
|
||||
i, db->dbFName, db->dbId, db->vgVersion, db->cfgVersion, db->numOfTable, db->stateTs);
|
||||
|
||||
db->dbId = htobe64(db->dbId);
|
||||
|
|
@ -1151,7 +1154,8 @@ static void *hbThreadFunc(void *param) {
|
|||
if (sz > 0) {
|
||||
hbGatherAppInfo();
|
||||
if (sz > 1 && !clientHbMgr.appHbHash) {
|
||||
clientHbMgr.appHbHash = taosHashInit(0, taosGetDefaultHashFunction(TSDB_DATA_TYPE_UBIGINT), false, HASH_NO_LOCK);
|
||||
clientHbMgr.appHbHash =
|
||||
taosHashInit(0, taosGetDefaultHashFunction(TSDB_DATA_TYPE_UBIGINT), false, HASH_NO_LOCK);
|
||||
}
|
||||
taosHashClear(clientHbMgr.appHbHash);
|
||||
}
|
||||
|
|
@ -1433,6 +1437,4 @@ void hbDeregisterConn(STscObj *pTscObj, SClientHbKey connKey) {
|
|||
}
|
||||
|
||||
// set heart beat thread quit mode , if quicByKill 1 then kill thread else quit from inner
|
||||
void taos_set_hb_quit(int8_t quitByKill) {
|
||||
clientHbMgr.quitByKill = quitByKill;
|
||||
}
|
||||
void taos_set_hb_quit(int8_t quitByKill) { clientHbMgr.quitByKill = quitByKill; }
|
||||
|
|
|
|||
|
|
@ -53,6 +53,7 @@ void mndUpdateIpWhiteForAllUser(SMnode *pMnode, char *user, char *fqdn, int8_t t
|
|||
|
||||
int32_t mndRefreshUserIpWhiteList(SMnode *pMnode);
|
||||
|
||||
int64_t mndGetUserIpWhiteListVer(SMnode *pMnode, SUserObj *pUser);
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
|
|
|||
|
|
@ -31,7 +31,6 @@ int32_t mndCheckDbPrivilegeByName(SMnode *pMnode, const char *user, EOperType op
|
|||
|
||||
int32_t mndCheckTopicPrivilege(SMnode *pMnode, const char *user, EOperType operType, SMqTopicObj *pTopic) { return 0; }
|
||||
|
||||
|
||||
int32_t mndSetUserWhiteListRsp(SMnode *pMnode, SUserObj *pUser, SGetUserWhiteListRsp *pWhiteListRsp) {
|
||||
memcpy(pWhiteListRsp->user, pUser->user, TSDB_USER_LEN);
|
||||
pWhiteListRsp->numWhiteLists = 1;
|
||||
|
|
@ -41,25 +40,6 @@ int32_t mndSetUserWhiteListRsp(SMnode *pMnode, SUserObj *pUser, SGetUserWhiteLis
|
|||
}
|
||||
memset(pWhiteListRsp->pWhiteLists, 0, pWhiteListRsp->numWhiteLists * sizeof(SIpV4Range));
|
||||
|
||||
// if (tsEnableWhiteList) {
|
||||
// memcpy(pWhiteListRsp->user, pUser->user, TSDB_USER_LEN);
|
||||
// pWhiteListRsp->numWhiteLists = pUser->pIpWhiteList->num;
|
||||
// pWhiteListRsp->pWhiteLists = taosMemoryMalloc(pWhiteListRsp->numWhiteLists * sizeof(SIpV4Range));
|
||||
// if (pWhiteListRsp->pWhiteLists == NULL) {
|
||||
// return TSDB_CODE_OUT_OF_MEMORY;
|
||||
// }
|
||||
// memcpy(pWhiteListRsp->pWhiteLists, pUser->pIpWhiteList->pIpRange,
|
||||
// pWhiteListRsp->numWhiteLists * sizeof(SIpV4Range));
|
||||
// } else {
|
||||
// memcpy(pWhiteListRsp->user, pUser->user, TSDB_USER_LEN);
|
||||
// pWhiteListRsp->numWhiteLists = 1;
|
||||
// pWhiteListRsp->pWhiteLists = taosMemoryMalloc(pWhiteListRsp->numWhiteLists * sizeof(SIpV4Range));
|
||||
// if (pWhiteListRsp->pWhiteLists == NULL) {
|
||||
// return TSDB_CODE_OUT_OF_MEMORY;
|
||||
// }
|
||||
// memset(pWhiteListRsp->pWhiteLists, 0, pWhiteListRsp->numWhiteLists * sizeof(SIpV4Range));
|
||||
// }
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
@ -70,7 +50,7 @@ int32_t mndSetUserAuthRsp(SMnode *pMnode, SUserObj *pUser, SGetUserAuthRsp *pRsp
|
|||
pRsp->sysInfo = pUser->sysInfo;
|
||||
pRsp->version = pUser->authVersion;
|
||||
pRsp->passVer = pUser->passVersion;
|
||||
pRsp->whiteListVer = pUser->ipWhiteListVer;
|
||||
pRsp->whiteListVer = mndGetUserIpWhiteListVer(pMnode, pUser);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -300,7 +300,7 @@ _CONNECT:
|
|||
connectRsp.svrTimestamp = taosGetTimestampSec();
|
||||
connectRsp.passVer = pUser->passVersion;
|
||||
connectRsp.authVer = pUser->authVersion;
|
||||
connectRsp.whiteListVer = pUser->ipWhiteListVer;
|
||||
connectRsp.whiteListVer = mndGetUserIpWhiteListVer(pMnode, pUser);
|
||||
|
||||
strcpy(connectRsp.sVer, version);
|
||||
snprintf(connectRsp.sDetailVer, sizeof(connectRsp.sDetailVer), "ver:%s\nbuild:%s\ngitinfo:%s", version, buildinfo,
|
||||
|
|
|
|||
|
|
@ -3042,3 +3042,9 @@ int32_t mndUserRemoveTopic(SMnode *pMnode, STrans *pTrans, char *topic) {
|
|||
mndUserFreeObj(&newUser);
|
||||
return code;
|
||||
}
|
||||
|
||||
int64_t mndGetUserIpWhiteListVer(SMnode *pMnode, SUserObj *pUser) {
|
||||
// ver = 0, disable ip white list
|
||||
// ver > 0, enable ip white list
|
||||
return tsEnableWhiteList ? pUser->ipWhiteListVer : 0;
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue