godzie44 authored 10 months ago and Georgy Moshkin committed 9 months ago

chore(plugins): `update_plugin_tiers` API call is split into `service_append_tier` and `service_remove_tier` calls

godzie44 authored 10 months ago and Georgy Moshkin committed 9 months ago

- add description field to `_pico_plugin` and `_pico_service`
- plugin loading: filter files by its extensions
- plugin loading: check possible service collisions
- plugin loading: now plugin searching at {plugin_dir}/{plugin_name} path
- now all errors between plugin and picodata wrapping with `BoxError` (this protects plugin caller from UAF)

This patch fixes a couple of warnings that look like this:

```
warning: creating a shared reference to mutable static is discouraged
  --> src/error_injection.rs:23:43
   |
23 |     let Some(injected_errors) = (unsafe { &INJECTED_ERRORS }) else {
   |                                           ^^^^^^^^^^^^^^^^ shared reference to mutable static
   |
   = note: for more information, see issue #114447 <https://github.com/rust-lang/rust/issues/114447>
   = note: this will be a hard error in the 2024 edition
   = note: this shared reference has lifetime `'static`, but if the static ever gets mutated, or a mutable reference is created, then any further use of this shared reference is Undefined Behavior
help: use `addr_of!` instead to create a raw pointer
   |
23 |     let Some(injected_errors) = (unsafe { addr_of!(INJECTED_ERRORS) }) else {
   |                                           ~~~~~~~~~~~~~~~~~~~~~~~~~
```

This commit fixes that non-admin users can't read queries from the query cache.
An attempt to read from the cache used to result in the following error:
sbroad error: failed to get space_def: box error: AccessDenied: Read access to space '_pico_table' is denied for user 'alex3'

Previously, an error would occur when a user ran the same query twice.
During the first execution, the query was prepared and cached. However,
on the second execution, the client attempted to retrieve the query from the
cache and encountered an access denied error.

- we didn't check that index name is unique
in indexes meta table. That led to panics
when index with same name was created for
two tables.
- previous commit set wrong sbroad submodule.
Set sbroad submodule to correct commit

Dmitry Ivanov authored 10 months ago and Maksim Kaitmazian committed 10 months ago

By default, tarantool submodule is built and linked against its bundled
version of openssl (1.1.1q). This causes issues when we try to link
against the host system's shared openssl of a different version (e.g. 3.0):

```
= note: /usr/bin/ld: target/debug/build/tarantool-sys/static/tarantool-prefix/src/tarantool-build/src/lib/crypto/libtcrypto.a(crypto.c.o): in function `crypto_stream_begin':
          tarantool-sys/src/lib/crypto/crypto.c:154:(.text+0x841): undefined reference to `EVP_CIPHER_key_length'
          /usr/bin/ld: tarantool-sys/src/lib/crypto/crypto.c:160:(.text+0x852): undefined reference to `EVP_CIPHER_iv_length'
```

Thus, we should pass `-DENABLE_BUNDLED_OPENSSL=OFF` to properly
configure tarantool and prevent missing symbols from occurring.

Maksim Kaitmazian authored 1 year ago and Maksim Kaitmazian committed 10 months ago

This commit adds supportion of extended query messages and
error handling in extended query pipeline.

Features that are not implemented:
 * binary encoding
 * parameterized queries