Thanks to visit codestin.com
Credit goes to github.com

Skip to content

#3 Fixed inconsistency between login success and logout #53302

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
alexey-milovidov merged 1 commit into from
Aug 12, 2023
Merged

#3 Fixed inconsistency between login success and logout #53302

alexey-milovidov merged 1 commit into from
Aug 12, 2023

Conversation

@Demilivor
Copy link
Contributor

@Demilivor Demilivor commented Aug 11, 2023

Added several new tests for session_log and fixed the inconsistency of the session_log records between user login and logout.

Changelog category (leave one):

  • Bug Fix (user-visible misbehavior in an official stable release)

Changelog entry (a user-readable short description of the changes that goes to CHANGELOG.md):

Fixed the record inconsistency in session_log between login and logout.

Inconsistency comes from this behavior:
During a TCP session, the client authenticates as Alice, Β with interface 'TCP' (set in TCPHandler::makeSession()) on the server side, and then server calls makeSessionContext() with this client_info.
After session setup, the client sends Protocol::Client::Query packet, the TCP handler accepts it, and then reads client_info.

Β  Β  ClientInfo client_info = session->getClientInfo();Β 
Β  Β  if (client_tcp_protocol_version >= DBMS_MIN_REVISION_WITH_CLIENT_INFO)
Β  Β  Β  Β  client_info.read(*in, client_tcp_protocol_version); // <- overwrites interface, Β hostname, client_name and several other parameters important for the session_log record.

client_tcp_protocol_version >= DBMS_MIN_REVISION_WITH_CLIENT_INFO is true for our case

This client_info is used for Session::createQueryContext and it can differ from session->getClientInfo().

Session::createQueryContext uses client info from query_context for the Login Success session log record.
Session::~Session uses client info from Session::getClientInfo()

This can lead to these results in the session log:

Login Success: User Alice, HTTP (from query_context) <- Some fields are overwritten by client_info.read() by some not-good clients.
Logout: Β User Alice, TCP (from session_context)

This pull request forces using Session::getClientInfo() for login success and logout session_log records.

I think we should verify client_info from the client in TCPHandler. It should validate 'interface' at least, it should not be HTTP, GRPC, or other, host, client_name, and protocol versions also must match between session->getClientInfo() and received client_info.

@Demilivor Demilivor changed the title Fixed inconsistency between login success and logout #3 Fixed inconsistency between login success and logout Aug 11, 2023
@Demilivor
Copy link
Contributor Author

Demilivor commented Aug 11, 2023
edited
Loading

@tavplubix I apologize for having to bother you again, could you be a reviewer for this PR?
This PR contains the same changes as #53255.

But without the tests. I will push the tests in separate PRs (see comment)

@Demilivor Demilivor mentioned this pull request Aug 11, 2023
Merged
@tavplubix tavplubix self-assigned this Aug 11, 2023
@tavplubix tavplubix added the can be tested Allows running workflows for external contributors label Aug 11, 2023
@robot-ch-test-poll2 robot-ch-test-poll2 added the pr-bugfix Pull request with bugfix, not backported by default label Aug 11, 2023
@robot-ch-test-poll2
Copy link
Contributor

robot-ch-test-poll2 commented Aug 11, 2023
edited
Loading

This is an automated comment for commit 0a49f45 with description of existing statuses. It's updated for the latest CI running
The full report is available here
The overall status of the commit is πŸ”΄ failure

Check nameDescriptionStatus
AST fuzzerRuns randomly generated queries to catch program errors. The build type is optionally given in parenthesis. If it fails, ask a maintainer for help🟒 success
CI runningA meta-check that indicates the running CI. Normally, it's in success or pending state. The failed status indicates some problems with the PR🟒 success
ClickHouse build checkBuilds ClickHouse in various configurations for use in further steps. You have to fix the builds that fail. Build logs often has enough information to fix the error, but you might have to reproduce the failure locally. The cmake options can be found in the build log, grepping for cmake. Use these options and follow the general build process🟒 success
Compatibility checkChecks that clickhouse binary runs on distributions with old libc versions. If it fails, ask a maintainer for help🟒 success
Docker image for serversThe check to build and optionally push the mentioned image to docker hub🟒 success
Fast testNormally this is the first check that is ran for a PR. It builds ClickHouse and runs most of stateless functional tests, omitting some. If it fails, further checks are not started until it is fixed. Look at the report to see which tests fail, then reproduce the failure locally as described here🟒 success
Flaky testsChecks if new added or modified tests are flaky by running them repeatedly, in parallel, with more randomization. Functional tests are run 100 times with address sanitizer, and additional randomization of thread scheduling. Integrational tests are run up to 10 times. If at least once a new test has failed, or was too long, this check will be red. We don't allow flaky tests, read the doc🟒 success
Install packagesChecks that the built packages are installable in a clear environment🟒 success
Integration testsThe integration tests report. In parenthesis the package type is given, and in square brackets are the optional part/total tests🟒 success
Mergeable CheckChecks if all other necessary checks are successful🟒 success
Performance ComparisonMeasure changes in query performance. The performance test report is described in detail here. In square brackets are the optional part/total testsπŸ”΄ failure
Push to DockerhubThe check for building and pushing the CI related docker images to docker hub🟒 success
SQLancerFuzzing tests that detect logical bugs with SQLancer tool🟒 success
SqllogicRun clickhouse on the sqllogic test set against sqlite and checks that all statements are passed🟒 success
Stateful testsRuns stateful functional tests for ClickHouse binaries built in various configurations -- release, debug, with sanitizers, etc🟒 success
Stateless testsRuns stateless functional tests for ClickHouse binaries built in various configurations -- release, debug, with sanitizers, etc🟒 success
Stress testRuns stateless functional tests concurrently from several clients to detect concurrency-related errors🟒 success
Style CheckRuns a set of checks to keep the code style clean. If some of tests failed, see the related log from the report🟒 success
Unit testsRuns the unit tests for different release types🟒 success
Upgrade checkRuns stress tests on server version from last release and then tries to upgrade it to the version from the PR. It checks if the new server can successfully startup without any errors, crashes or sanitizer asserts🟒 success

@alexey-milovidov alexey-milovidov merged commit d332861 into ClickHouse:master Aug 12, 2023
@Demilivor Demilivor mentioned this pull request Aug 15, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tavplubix tavplubix tavplubix approved these changes

Assignees

@tavplubix tavplubix

Labels

can be tested Allows running workflows for external contributors pr-bugfix Pull request with bugfix, not backported by default

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@Demilivor @robot-ch-test-poll2 @tavplubix @alexey-milovidov