Georgy Moshkin authored 1 year ago and Georgy Moshkin committed 1 year ago

NO_DOC=internal change
NO_TEST=no functionality is changed

- Add a configurable non-negative
session parameter "sql_vdbe_max_steps"
-- max number of opcodes that Vdbe
is allowed to execute for sql query.

- Default value can be specified in box.cfg.
If not set via box.cfg, default value
is 45000. Value 0 means that no
checks for number of executed Vdbe
opcodes will be made.

- Add the third argument to box.execute
function, that allows to specify options
for query execution. The only option
supported: sql_vdbe_max_steps. Usage
example:

```
box.execute([[select * from t]], {}, {{sql_vdbe_max_steps = 1000}})
```

part of picodata/picodata/sbroad!461

NO_DOC=picodata internal patch
NO_CHANGELOG=picodata internal patch

box.schema.user.passwd doesn't change the password for the current
user because new password is passed instead of the user name.

NO_CHANGELOG=fix an unreleased bug
NO_DOC=fix an unreleased bug

It fixes the following assertion
```bash
tarantool: ./src/lib/core/crypt.c:84: md5_encrypt:
Assertion `password_len + salt_len > 0' failed.
```
caused by the following code
```lua
box.cfg{auth_type='md5'}
box.schema.user.password("")
```

NO_CHANGELOG=fix an unreleased feature
NO_DOC=fix an unreleased feature

part of picodata/tarantool#21

NO_CHANGELOG=refactoring
NO_DOC=refactoring

Maksim Kaitmazian authored 1 year ago and Maksim Kaitmazian committed 1 year ago

It prevents password sniffing and avoids storing passwords on the
server in plain text but provides no protection if an attacker
manages to steal the password hash from the server.

Usage example:
```lua
-- Enable the md5 authentication method for all new users.
box.cfg({auth_type = 'md5'})

-- Reset existing user passwords to use the md5 authentication method.
box.schema.user.passwd('alice', 'topsecret')

-- Authenticate using the md5 authentication method via net.box.
conn = require('net.box').connect(uri, {
    user = 'alice',
    password = 'topsecret',
    -- Specifying the authentication method isn't strictly necessary:
    -- by default the client will use the method set in the remote
	-- server config (box.cfg.auth_type)
    auth_type = 'md5',
})
```

part of picodata/picodata/sbroad!377

@TarantoolBot document
Title: md5 authentication method

See the commit message.

Maksim Kaitmazian authored 1 year ago and Maksim Kaitmazian committed 1 year ago

User name is usually used as a salt for user password in order to
avoid password repeating.
For instance, postgres md5 authentication stores passwords as
md5("password", "user"), so that the same passwords are represented by
different hashes.

part of picodata/picodata/sbroad!377

@TarantoolBot document
Title: Document updated `box.schema.user.password` declaration.

Since auth methods can use user name for hashing, user name is
added to argument list of `box.schema.user.password`.

NO_TEST=there are no methods that use user name

Feodor Alexandrov authored 1 year ago and Yaroslav Dynnikov committed 1 year ago

Picodata is built statically, and name crypto clashes between
`src/lib/crypto` and libcrypto from `openssl`. To resolve the
ambiguity this patch renames tarantool library to `tcrypto`.

NO_DOC=picodata internal patch
NO_CHANGELOG=picodata internal patch
NO_TEST=picodata internal patch

Maksim Kaitmazian authored 2 years ago and Yaroslav Dynnikov committed 1 year ago

In the picodata-support branch, the tarantool.a library is built
instead of a tarantool executable. So tests cannot be launched because
of the lack of the executable. This commit adds this executable.

NO_DOC=just an executable is added
NO_TEST=just an executable is added
NO_CHANGELOG=just an executable is added

Georgy Moshkin authored 2 years ago and Yaroslav Dynnikov committed 1 year ago

NO_DOC=picodata internal patch
NO_CHANGELOG=picodata internal patch
NO_TEST=picodata internal patch

Georgy Moshkin authored 2 years ago and Yaroslav Dynnikov committed 1 year ago

NO_DOC=picodata internal patch
NO_CHANGELOG=picodata internal patch
NO_TEST=picodata internal patch

Georgy Moshkin authored 2 years ago and Yaroslav Dynnikov committed 1 year ago

Was broken because `tarantool_free` checks if the current process is the
main one and not the child, which was forked at some point (at what
point?). This check was implemented by saving the original process's id
in the static variable master_pid, which got set when the code got
loaded the first time into memory.

So we broke this when we started forking the process in picodata, which
resulted in `master_pid` being set to the pid of the picodata's
"supervisor" process, which doesn't even enter tarantool runtime.

The fix is simple - save master_pid first thing when running
tarantool_main.

Georgy Moshkin authored 2 years ago and Yaroslav Dynnikov committed 1 year ago

- tarantool is now a static library
- main(argc, argv) -> tarantool_main(argc, argv, cb, cb_data)
- callback is called before running lua script

Tuple hash calculation tests for the C API were incorrect. Thanks
to the full pipeline with DEBUG build we detected the problem and
fixed it.

NO_DOC=picodata internal patch
NO_CHANGELOG=picodata internal patch

Picodata supports cluster-wide SQL and needs some predictable
method to calculate tuple hashes for the bucket ids. Method
should be available for Lua, C and Rust users. It was decided
to expose a murmur3 hash calculation method of the key_def module.

NO_DOC=picodata internal patch
NO_CHANGELOG=picodata internal patch

godzie44 authored 1 year ago and Дмитрий Кольцов committed 1 year ago

Introduced a new type of cbus pipe - lcpipe. The current pipe in the
cbus - cpipe, has a number of limitations, first of all - the cpipe
cannot be used from the 3rd party threads, cpipe only works as a channel
between two cords. That why lcpipe is needed. Its main responsibility -
create channel between any thread and tarantool cord.

Internally lcpipe is a cpipe, but:
- on flush triggers removed, cause triggers use thread-local mem-pool,
this is not possible on a third party thread
- producer event loop removed, cause there is no libev event loop in
third party thread

Also, lcpipe interface is exported to the outside world.

NO_DOC=core feature

NO_DOC=disable feedback
NO_TEST=disable feedback

Vladimir Davydov authored 2 years ago and Дмитрий Кольцов committed 1 year ago

The index directory is created on demand since commit c00ba8e7
("xlog: make log directory if needed") and removed when it becomes
empty. There's no need to create it when an index is created anymore.

Follow-up #8441

NO_DOC=bugfix

Denis Smirnov authored 2 years ago and Дмитрий Кольцов committed 1 year ago

When vinyl space is dropped, its files are left on the file system
until GC removes them. At the moment GC removes only run files,
but not the root directory. These empty directories are never
removed and occupy 4KB on ext-family file systems each. In a case
of many dropped vinyl spaces it can become a serious disk space
and inode leak. Current commit makes gc always remove root directory
if there are no runs in it.

Closes #8441

NO_DOC=bugfix

NO_DOC=core feature
NO_TEST=no Lua API
NO_CHANGELOG=bugfix

Due to inconsistency of Tarantool type casting while using strict
data types as "double" or "unsigned" it is needed
to use "number" data type in a whole bunch of cases.
However "number" may contain "decimal" that will be serialized into
string by JSON builtin module.

This commit adds "encode_decimal_as_number" parameter to json.cfg{}.
That forces to encode `decimal` as JSON number to force type
consistency in JSON output.
Use with catious - most of JSON parsers assume that number is restricted
to float64.

NO_DOC=we do not host doc

Denis Smirnov authored 2 years ago and Дмитрий Кольцов committed 1 year ago

Previously,

select "t1"."a" from (select "a" from "t") as "t1";

returned a result column name `t1` instead of `t1.a` because of
incorrect work of a dequoting function. The reason was that
previously sqlDequote() function finished its work when found the
first closing quote.

Old logic worked for simple selects where the column name doesn't
contain an explicit scan name ("a" -> a).
But for the sub-queries results sqlDequote() finished its work right
after the scan name ("t1"."a" -> t1). Now the function continues its
deqouting till it gets the null terminator at the end of the string.

Closes #7063

NO_DOC=don't change any public API, only a bug fix

Co-authored-by: Mergen Imeev <imeevma@gmail.com>

Denis Smirnov authored 2 years ago and Дмитрий Кольцов committed 1 year ago

Actually there is no reason to throw an error and make a user
manually recreate prepared statement when it expires. A much more
user friendly way is to recreate it under hood when statement's
schema version differs from the box one.

NO_DOC=refactoring
NO_TEST=refactoring
NO_CHANGELOG=refactoring

Denis Smirnov authored 2 years ago and Дмитрий Кольцов committed 1 year ago

Problem description.

When we prepare a statement with parameters in the result columns
(for example box.prepare('select ?')) Tarantool has no information
about the type of the output column and set it to default boolean.
Then, on the execution phase, the type would be recalculated during
the parameter binding.

Tarantool expects that there is no way for parameter to appear in the
result tuple other than exactly be mentioned in the final projection.
But it is incorrect - we can easily propagate parameter from the inner
part of the join. For example

box.prepare([[select COLUMN_1 from t1 join (values (?)) as t2 on true]])

In this case column COLUMN_1 in the final projection is not a
parameter, but a "reference" to it and its type depends on the
parameter from the inner part of the join. But as Tarantool
recalculates only binded parameters in the result projection,
it doesn't change the default boolean metadata type of the COLUMN_1
and the query fails on comparison with the actual type of the tuple.

Solution.
As we don't want to patch Vdbe to make COLUMN_1 refer inner parameter,
it was decided to make a simple workaround: change the default
column type from BOOLEAN to ANY for parameters. It fixes the
comparison with the actual tuple type (we do not fail), but in some
cases get ANY column in the results where we would like to have
explicitly defined type. Also NULL parameters would also have ANY
type, though Tarantool prefers to have BOOLEAN in this case.

Closes https://github.com/tarantool/tarantool/issues/7283

NO_DOC=bug fix

godzie44 authored 2 years ago and Дмитрий Кольцов committed 1 year ago

sql: add sql_execute_prepared_ext function, same as sql_execute_prepared but without `region` parameter
closes #2

NO_DOC=minor
NO_TEST=minor

godzie44 authored 2 years ago and Дмитрий Кольцов committed 1 year ago

- add box_tuple_data_offset function (return offset of the messagePack encoded data from the beginning of the tuple)
- add more export functions

closes #1

NO_DOC=build
NO_TEST=build

Alexey Protsenko authored 2 years ago and Дмитрий Кольцов committed 1 year ago

Add to .gitlab.ci.yml test_linux, test_debian_docker_luacheck, coverage
from .travis.mk. Also sign package on build
Add checkpatch linter.
Add docker image build. Image copies original tarantool/tarantool from
Dockerhub

NO_DOC=ci change
NO_TEST=ci change
NO_CHANGELOG=ci change

Also, remove RC-related changelog.

NO_DOC=no code changes
NO_TEST=no code changes
NO_CHANGELOG=no code changes

Remove all entries since they're part of 2.11.0-rc2
changelog.

NO_DOC=no code changes
NO_TEST=no code changes
NO_CHANGELOG=no code changes

NO_DOC=no code changes
NO_TEST=no code changes
NO_CHANGELOG=no code changes

Fix grammar, punctuation, and wording

NO_CHANGELOG=changelog
NO_DOC=changelog
NO_TEST=changelog

In some cases unsafe extension decoding was done without bound and type
checks: add necessary checks.

Closes tarantool/security#73

NO_DOC=bugfix

(cherry picked from commit 1de6a071)

This patch addresses coverity complain 1535241.

Follow-up #8047

NO_TEST=nit
NO_CHANGELOG=nit
NO_DOC=nit

(cherry picked from commit 089cbfa9)

If the 'after' key is less than the search key in case of ge/gt or
greater than the search key in case of le/lt, the iterator either
crashes (vinyl) or returns invalid result (memtx). This happens because
the engine implementation doesn't expect an invalid 'after' key.
Let's fix this by raising an error at the top level in case the 'after'
key doesn't meet the search criteria.

Closes #8403
Closes #8404

NO_DOC=bug fix
NO_CHANGELOG=unreleased

(cherry picked from commit c561202d)

Currently, if the position isn't compatible with the index, we raise
an error like "Invalid key part count ...". From this error it's
difficult to figure out whether it's for the given iterator position of
for the search key. Let's always raise ER_ITERATOR_POSITION in this
case. Later on we'll use stacked diag to add extra error info.

Needed for #8403
Needed for #8404

NO_DOC=bug fix
NO_CHANGELOG=unreleased

(cherry picked from commit 81d43c17)