Author Archives: Sergei

10.7 preview feature: CONVERT PARTITION

Written by Written by Sergei Leave a comment on 10.7 preview feature: CONVERT PARTITION

If you are using table partitioning, you have likely heard of the ALTER TABLE … EXCHANGE PARTITION … WITH TABLE … command. It existed in MariaDB since forever. But if you check the manual (any manual) or search the web, you will see that almost the only use case of it is converting a partition to a standalone non-partitoned table, or converting a standalone non-partitoned table into a partition.

And the usage was designed back then to be anything but obvious. To convert a partition to a table you need first to create an empty table with the same structure as a partition, then you exchange it with a partition, and then you drop the empty partition.

Continue reading “10.7 preview feature: CONVERT PARTITION”

Emergency Release of MariaDB 10.5.8, 10.4.17, 10.3.27, and 10.2.36 is now available

Written by Written by Sergei 2 Comments on Emergency Release of MariaDB 10.5.8, 10.4.17, 10.3.27, and 10.2.36 is now available

The MariaDB Foundation is pleased to announce the availability of MariaDB 10.5.8, MariaDB 10.4.17, MariaDB 10.3.27, and MariaDB 10.2.36, the latest stable releases in their respective series.

Why do we release MariaDB again only a week after the 10.5.7, 10.4.16, etc? What’s the emergency?

The previous, scheduled, set of releases (10.2 and up) included a security related change — MariaDB server became more strict about accepting network packets from the client. It never was particularly trusting, but still there was a loophole in the handling of prepared statements where the server just assumed that the client sends the correct data. …

Continue reading “Emergency Release of MariaDB 10.5.8, 10.4.17, 10.3.27, and 10.2.36 is now available”

Authentication in MariaDB 10.4 — Understanding the Changes

Written by Written by Sergei 9 Comments on Authentication in MariaDB 10.4 — Understanding the Changes

MariaDB Server 10.4 came with a whole lot of Security related changes. Some of them are merely optimizations (like MDEV-15649), some improve existing features to be more robust (MDEV-15473, MDEV-7598) or convenient (MDEV-12835, MDEV-16266). Some are MySQL compatibility features, requested by our users (MDEV-7597, MDEV-13095).

But the first thing any MariaDB Server user, whether an experienced veteran or a newbie, does — before even issuing the first SQL statement — is logging in. Authenticating to the database server. …

Continue reading “Authentication in MariaDB 10.4 — Understanding the Changes”

Duel: gdb vs. linked lists, trees, and hash tables

Written by Written by Sergei 3 Comments on Duel: gdb vs. linked lists, trees, and hash tables

My first encounter with the gdb command duel was on some old IRIX about 15 years ago. I immediately loved how convenient it was for displaying various data structures during MySQL debugging, and I wished Linux had something similar. Later I found out that Duel was not something IRIX specific, but a public domain patch for gdb 4.6 written in ’93 by Michael Golan. Unfortunately, it never got into gdb (for licensing reasons, so I’ve heard). Now the gdb 8 is out, and the patch, obviously doesn’t apply. Instead of fixing the patch, I’ve re-implemented Duel in Python, using gdb Python API and the Arpeggio parser. …

Continue reading “Duel: gdb vs. linked lists, trees, and hash tables”

Making life prettier with gdb PrettyPrinting API

Written by Written by Sergei

Anyone who has peeked inside a gdb manual knows that gdb has some kind of Python API. And anyone who has skimmed through has seen something called “Pretty Printing” that supposedly tells gdb how to print complex data structures in a nice and readable way. Well, at least I have seen that, but I’ve never given it much thought. Still, one day, when I was typing:
(gdb) p/t table->read_set->bitmap[0] @ (table->read_set->n_bits+7)/8
for the umpteenth time I asked myself, “why the heck not?”, and so it begun…
(more…)

Continue reading “Making life prettier with gdb PrettyPrinting API”

Who are you? The history of MySQL and MariaDB authentication protocols from 1997 to 2017

Written by Written by Sergei 10 Comments on Who are you? The history of MySQL and MariaDB authentication protocols from 1997 to 2017

MySQL 3.20 to 4.0

In the good old days, when 32MB of RAM justified the name my-huge.cnf, when nobody knew Google and Facebook didn’t even exist, security was… how do I put it… kind of cute. Computer viruses didn’t steal millions and didn’t disrupt elections — they played Yankee Doodle or told you not to play with the PC. People used telnet and ftp, although some security conscious admins already knew ssh.

Somewhere around this time, give or take a few years, MySQL was born. And it had users, who had to be kept away from seeing others’ data, but allowed to use their own. …

Continue reading “Who are you? The history of MySQL and MariaDB authentication protocols from 1997 to 2017”

MariaDB in Google Summer of Code 2016

Written by Written by Sergei 1 Comment on MariaDB in Google Summer of Code 2016

And for the fourth year in a row, MariaDB Foundation participates in the Google Summer of Code! The MariaDB Organization in GSoC is an umbrella organization for all projects that belongs to the MariaDB ecosystem, be it MariaDB Server, MariaDB Connectors, or MariaDB MaxScale. The complete list of our suggested project ideas is in MariaDB Jira. This year we were granted 10 student slots (as compared to 8 last year, 5 in 2014, and 3 in 2013). And it was good, as applicants this year were exceptionally strong. Our students have chosen these projects:

For the server:

  • MDEV-7773 Aggregate Stored Functions

    • student: Varun Raiko, mentors: Sanja Byelkin and Vicențiu Ciorbaru

  • MDEV-8947 Cassandra connector support for 2.x

    • student: Charles Muurmu, mentor: Sergey Petrunia
    blog: https://cassandrastorageenginev2.wordpress.com/

  • MDEV-4989 Support for GTID in mysqlbinlog

    • student: Becca Tucker, mentors: Lixun Peng and Colin Charles

  • MDEV-9711 NO PAD collations

    • student: Daniil Medvedev, mentor: Alexander Barkov

  • MDEV-9197 Pushdown conditions into non-mergeable views/derived tables

    • student: Galina Shalygina, mentors: Igor Babaev and Sergey Petrunia
    blog: http://gsocmariadbshagalla.blogspot.ru/

  • MDEV-371 Unique indexes for blobs (server-side implementation) and adaptive hashing for generated hash

    • student: Sachin Setiya, mentor: Sergei Golubchik

  • MDEV-371 Unique indexes for blobs (in MyISAM, Aria, InnoDB, and XtraDB)

    • student: Shubham Barai, mentors: Jan Lindström and Sergei Golubchik

For the MariaDB Connector/C:

For the MariaDB MaxScale:

For the Master High Availability Manager for MySQL:

Many projects have two mentors to ensure that the student always gets a quick answer to his questions and someone is always available to help even if one of the mentors is, for example, on vacations. …

Continue reading “MariaDB in Google Summer of Code 2016”

The State of SSL in MariaDB

Written by Written by Sergei 9 Comments on The State of SSL in MariaDB

Usually when one says “SSL” or “TLS” it means not a specific protocol but a family of protocols. Wikipedia article has the details, but in short — SSL 2.0 and SSL 3.0 are deprecated and should not be used anymore (the well-known POODLE vulnerability exploits the flaw in SSL 3.0). TLS 1.0 is sixteen years old and while it’s still being used, new security standards (for example PCI DSS v3.1) require TLS 1.1 or, preferably, TLS 1.2.

MySQL used to support TLS 1.0 since 2001. Which means MariaDB supported it from the day one, and never supported weaker SSL 2.0 or SSL 3.0. …

Continue reading “The State of SSL in MariaDB”