6.0.0-git
2021-01-18

[#6673] horde not switching db correctly using horde sql session storage and mysql authentication with persistent connections
Summary horde not switching db correctly using horde sql session storage and mysql authentication with persistent connections
Queue Horde Base
Queue Version 3.1.7
Type Bug
State Resolved
Priority 1. Low
Owners chuck (at) horde (dot) org
Requester robb (at) wtg (dot) cw (dot) com
Created 2008-05-02 (4644 days ago)
Due
Updated 2008-06-16 (4599 days ago)
Assigned 2008-06-13 (4602 days ago)
Resolved 2008-06-13 (4602 days ago)
Milestone
Patch No

History
2008-06-16 11:36:40 robb (at) wtg (dot) cw (dot) com Comment #14 Reply to this comment
applied fix and issue is resolved.



Many thanks,



Rob
2008-06-13 21:33:04 Chuck Hagenbuch Comment #13 Reply to this comment
... and will be Horde 3.2.1.
2008-06-13 21:32:50 Chuck Hagenbuch Comment #12
Assigned to Chuck Hagenbuch
Taken from Horde DevelopersHorde Developers
State ⇒ Resolved
Reply to this comment
Should be set with this commit.
2008-06-13 14:55:47 Chuck Hagenbuch Assigned to Horde DevelopersHorde Developers
State ⇒ Assigned
 
2008-06-13 09:08:55 Jan Schneider Comment #10 Reply to this comment
Scratch that, DB *is* selecting the database before each query (I 
could have notice that from the many Init DB logs), so that's what we 
should do in the session handler too.
2008-06-13 09:03:57 Jan Schneider Comment #9 Reply to this comment
I thought it would check if a mysql connection exists already and 
whether is uses the same database as specified in the DB::connect() 
call. But that's probably a bit too much magic. Instead it calls 
mysql_connect() and uses the new_link parameter for that if specified.



This opens a whole can of worms though, because there could be a lot 
of other places where we don't do all database operation sequentially. 
But we can't simply request a new link in each SQL driver. That could 
easily open a dozen connections per request.
2008-06-02 23:55:46 Chuck Hagenbuch Comment #8 Reply to this comment
I guess I'm not sure how DB is supposed to know _not_ to reuse an 
existing connection without that parameter, though.
2008-06-02 22:25:23 Jan Schneider Comment #7 Reply to this comment
I'm not sure how that would help, because we would have to add this to 
all DB::connect() calls, and we actually don't want them open new 
connections.
2008-05-23 19:15:00 Chuck Hagenbuch Comment #6 Reply to this comment
We can pass a 'new_link' parameter to PEAR::DB's mysql driver. Would 
that help?
2008-05-02 20:49:19 Jan Schneider Comment #5 Reply to this comment
Yes, but it creates the mysql handle before DB. So DB seems to reuse it.
2008-05-02 17:56:55 Chuck Hagenbuch Comment #4 Reply to this comment
The mysql session handler backend uses the mysql_* functions directly.
2008-05-02 17:45:44 Jan Schneider Comment #3 Reply to this comment
This looks like a bug in DB to me, since it seems to be reusing the 
mysql handle even though DB::connect is called with different 
parameters than the current handle (as opened by the sessions handler).
2008-05-02 17:26:50 Chuck Hagenbuch Comment #2
State ⇒ Feedback
Reply to this comment
Is it even the auth driver causing this? I don't see a query in the 
auth driver that would result in "SELECT name ...".



Either way, ugh. We call mysql_select_db when we open the connection 
(or get back the persistent connection). We could call _open inside 
_write, or just mysql_select_db, or we could force the use of 
non-persistent connections. Thoughts?
2008-05-02 08:37:14 robb (at) wtg (dot) cw (dot) com Comment #1
Type ⇒ Bug
State ⇒ Unconfirmed
Priority ⇒ 1. Low
Summary ⇒ horde not switching db correctly using horde sql session storage and mysql authentication with persistent connections
Queue ⇒ Horde Base
Milestone ⇒
Patch ⇒ No
Reply to this comment
auth config is as follows:



$conf['auth']['params']['persistent'] = false;

$conf['auth']['params']['username'] = 'horde';

$conf['auth']['params']['password'] = '*****';

$conf['auth']['params']['hostspec'] = 'mysql';

$conf['auth']['params']['port'] = 3306;

$conf['auth']['params']['protocol'] = 'tcp';

$conf['auth']['params']['database'] = 'postfix';

$conf['auth']['params']['charset'] = 'iso-8859-1';

$conf['auth']['params']['phptype'] = 'mysql';

$conf['auth']['params']['driverconfig'] = 'custom';

$conf['auth']['params']['table'] = 'mailbox';

$conf['auth']['params']['username_field'] = 'username';

$conf['auth']['params']['password_field'] = 'password';

$conf['auth']['params']['encryption'] = 'crypt-md5';

$conf['auth']['params']['show_encryption'] = false;

$conf['auth']['driver'] = 'sql';



session config:



$conf['sessionhandler']['params']['persistent'] = true;

$conf['sessionhandler']['params']['rowlocking'] = true;

$conf['sessionhandler']['params']['port'] = 3306;

$conf['sessionhandler']['params']['protocol'] = 'tcp';

$conf['sessionhandler']['params']['hostspec'] = 'mysql';

$conf['sessionhandler']['params']['username'] = 'horde';

$conf['sessionhandler']['params']['password'] = '*****';

$conf['sessionhandler']['params']['database'] = 'horde';

$conf['sessionhandler']['type'] = 'mysql';



mysql query log shows:



080501 17:18:12     186 Connect     horde@example.org on

                     186 Init DB     horde

                     186 Query       START TRANSACTION

                     186 Query       SELECT session_data FROM 
horde_sessionhandler WHERE session_id = '***************' AND 
session_lastmodified > 1209657252 FOR UPDATE

                     186 Init DB     postfix

                     186 Init DB     postfix

                     186 Query       SELECT name FROM mailbox WHERE username=''

                     186 Init DB     postfix

                     186 Init DB     postfix

                     186 Query       SELECT name FROM mailbox WHERE username=''

                     186 Query       DELETE FROM horde_sessionhandler 
WHERE session_id = '***************'

                     186 Query       ROLLBACK

                     186 Init DB     postfix

                     186 Init DB     postfix

                     186 Query       SELECT name FROM mailbox WHERE username=''

                     186 Init DB     postfix

                     186 Init DB     postfix

                     186 Query       SELECT name FROM mailbox WHERE username=''

                     186 Query       REPLACE INTO horde_sessionhandler 
(session_id, session_data



login fails with following logged by horde:



horde[22401]: [horde] Error writing session data: INSERT,DELETE 
command denied to user 'horde'@'example.org' for table 
'horde_sessionhandler' [on line 147 of 
"/usr/share/horde/lib/Horde/SessionHandler/mysql.php"]



changing to non-persistent db connections fixes the issue

Saved Queries