dbproxy-user/pwd
dbproxy 的账号是统一的, 即连接dbproxy,连接主mysql ,连接从mysql 的账号必须一样, 为了隔离 即使用dbproxy的人感知不到mysql, 需要分离
配置文件
#dbproxy账号密码与real 主mysql 和 从mysql 隔离
dbproxy-user=test
dbproxy-pwd=7O7YJJEK
master-user = master
master-pwd = 7O7YJJEK
slave-user = slave
slave-pwd = 7O7YJJEK
struct chassis_plugin_config
位置plugins/proxy/proxy-plugin.h
struct chassis_plugin_config {
...
gchar* id_generate;
gchar* dbproxy_user;
gchar* dbproxy_pwd;
gchar* master_user;
gchar* master_pwd;
gchar* slave_user;
gchar* slave_pwd;
...
}
network_mysqld_proxy_plugin_new
位置:/plugins/proxy/proxy-plugin.c
chassis_plugin_config * network_mysqld_proxy_plugin_new(void) {
...
config = g_new0(chassis_plugin_config, 1);
config->id_generate = NULL;
config->dbproxy_user = NULL;
config->dbproxy_pwd = NULL;
config->master_user = NULL;
config->master_pwd = NULL;
config->slave_user = NULL;
config->slave_pwd = NULL;
...
}
network_mysqld_proxy_plugin_free
位置:/plugins/proxy/proxy-plugin.c
void network_mysqld_proxy_plugin_free(chassis_plugin_config *oldconfig) {
...
if (config->id_generate) g_free(config->id_generate);
if (config->dbproxy_user) g_free(config->dbproxy_user);
if (config->dbproxy_pwd) g_free(config->dbproxy_pwd);
if (config->master_user) g_free(config->master_user);
if (config->master_pwd) g_free(config->master_pwd);
if (config->slave_user) g_free(config->slave_user);
if (config->slave_pwd) g_free(config->slave_pwd);
...
}
network_mysqld_proxy_plugin_get_options
位置:/plugins/proxy/proxy-plugin.c
static chassis_options_t * network_mysqld_proxy_plugin_get_options(chassis_plugin_config *oldconfig) {
if (config->opts == NULL) {
chassis_options_t *opts = chassis_options_new();
chassis_options_add(opts, "id-generate", 0, 0, G_OPTION_ARG_STRING, &(config->id_generate), "id-generate", NULL, NULL, NULL, 0);
chassis_options_add(opts, "dbproxy-user", 0, 0, G_OPTION_ARG_STRING, &(config->dbproxy_user), "dbproxy-user", NULL, NULL, NULL, 0);
chassis_options_add(opts, "dbproxy-pwd", 0, 0, G_OPTION_ARG_STRING, &(config->dbproxy_pwd), "dbproxy-pwd", NULL, NULL, NULL, 0);
chassis_options_add(opts, "master-user", 0, 0, G_OPTION_ARG_STRING, &(config->master_user), "master-user", NULL, NULL, NULL, 0);
chassis_options_add(opts, "master-pwd", 0, 0, G_OPTION_ARG_STRING, &(config->master_pwd), "master-pwd", NULL, NULL, NULL, 0);
chassis_options_add(opts, "slave-user", 0, 0, G_OPTION_ARG_STRING, &(config->slave_user), "slave-user", NULL, NULL, NULL, 0);
chassis_options_add(opts, "slave-pwd", 0, 0, G_OPTION_ARG_STRING, &(config->slave_pwd), "slave-pwd", NULL, NULL, NULL, 0);
config->opts = opts;
}
return config->opts;
}
network_mysqld_proxy_plugin_apply_config
位置:/plugins/proxy/proxy-plugin.c
int network_mysqld_proxy_plugin_apply_config(chassis *chas, chassis_plugin_config *oldconfig) { gchar *user = NULL, *pwd = NULL, *user_master = NULL, *pwd_master = NULL, *user_slave = NULL, *pwd_slave = NULL; user = config->dbproxy_user; pwd = config->dbproxy_pwd; user_master = config->master_user; pwd_master = config->master_pwd; user_slave = config->slave_user; pwd_slave = config->slave_pwd; char* raw_pwd = decrypt(pwd); char* raw_pwd_master = decrypt(pwd_master); char* raw_pwd_slave = decrypt(pwd_slave); if (raw_pwd && raw_pwd_master && raw_pwd_slave) { GString* hashed_password = g_string_new(NULL); network_mysqld_proto_password_hash(hashed_password, raw_pwd, strlen(raw_pwd)); /* 主库 设置密码 */ GString* hashed_password_master = g_string_new(NULL); network_mysqld_proto_password_hash(hashed_password_master, raw_pwd_master, strlen(raw_pwd_master)); /* 从库 设置密码 */ GString* hashed_password_slave = g_string_new(NULL); network_mysqld_proto_password_hash(hashed_password_slave, raw_pwd_slave, strlen(raw_pwd_slave)); /* hash key: username (dbproxy本身的账号) value: 加密过的dbproxy本身的密码, 加密过的主mysql密码,加密过的从mysql密码, 主mysql 账号, 从mysql 账号 */ user_info_hval *hval = user_info_hval_new(hashed_passwo rd, hashed_password_master, user_master, hashed_password_slave, user_slave); /* 保存密码明文, 这里是个数组,感觉作用不到,因为只有一组账号密码在起作用 */ raw_user_info *rwi = raw_user_info_new(user, pwd, NULL, NULL, user_master, pwd_master, user_slave, pwd_slave); g_rw_lock_writer_lock(&bs->user_mgr_lock); if (g_hash_table_lookup(bs->pwd_table, user) == NULL) { g_hash_table_insert(bs->pwd_table, g_strdup(user), hval); g_ptr_array_add(bs->raw_pwds, rwi); } g_rw_lock_writer_unlock(&bs->user_mgr_lock); //g_free(tmp_for_free); g_free(raw_pwd); } raw_user_info * raw_user_info_new(const gchar *username, const gchar *encrypt_pwd, const gchar *user_hosts, gchar *backends, const gchar* user_master, const gchar* encrypt_pwd_master, const gchar* user_slave, const gchar* encrypt_pwd_slave) { raw_user_info *rwi = NULL; g_assert(username != NULL); rwi = g_new0(raw_user_info, 1); rwi->username = g_strdup(username); if (encrypt_pwd) { rwi->encrypt_pwd = g_strdup(encrypt_pwd); } if (user_hosts) { rwi->user_hosts = g_strdup(user_hosts); } if (backends) { rwi->backends = g_strdup(backends); } rwi->user_master = g_strdup(user_master); rwi->encrypt_pwd_master = g_strdup(encrypt_pwd_master); rwi->user_slave = g_strdup(user_slave); rwi->encrypt_pwd_slave = g_strdup(encrypt_pwd_slave); return rwi; }
保存主mysql 账号 , 从mysql 账号
//user_info_hval_new(hashed_password, hashed_password_real_db, username_real_db, host_real_db); user_info_hval * user_info_hval_new(GString *hashed_passwd, GString *hashed_password_master, gchar* user_master, GString *hashed_password_slave, gchar* user_slave) { user_info_hval *hval = g_new0(user_info_hval, 1); hval->user_hosts = g_ptr_array_new_with_free_func(g_free); hval->backends_tag = g_ptr_array_new_with_free_func(g_free); hval->hashed_password = hashed_passwd; hval->user_tag_max_weight = 0; /* 主库账号和密码 */ hval->user_master = g_strdup(user_master); hval->hashed_password_master = hashed_password_master; /* 从库账号和密码 */ hval->user_slave = g_strdup(user_slave); hval->hashed_password_slave = hashed_password_slave; return hval; }
