WL#15130 Socket-level TLS patch mysql#5: Make m_socket private in Session

In class SocketServer::Session, make m_socket private, so the
compiler catches all use of m_socket in the two derived Session
classes in mgmd and cpcd. Adapt these two classes to use
NdbSocket.

Change-Id: I1cc0925981320669ce433c9bd72105078ce1e39a

Author: jdduncan

storage/ndb/include/util/SocketServer.hpp

@@ -52,8 +52,8 @@ class SocketServer {
     friend void* sessionThread_C(void*);
     Session(ndb_socket_t sock) :
       m_stop(false),
-      m_socket(sock),
       m_refCount(0),
+      m_socket(sock),
       m_thread_stopped(false)
       {
 	DBUG_ENTER("SocketServer::Session");
@@ -62,9 +62,9 @@ class SocketServer {
 	DBUG_VOID_RETURN;
       }
     bool m_stop;    // Has the session been ordered to stop?
-    ndb_socket_t m_socket;
     unsigned m_refCount;
   private:
+    ndb_socket_t m_socket;
     bool m_thread_stopped; // Has the session thread stopped?
   };
 

storage/ndb/src/cw/cpcd/APIService.cpp

@@ -128,8 +128,9 @@ const ParserRow<CPCDAPISession> commands[] = {
     CPCD_END()};
 CPCDAPISession::CPCDAPISession(ndb_socket_t sock, CPCD &cpcd)
     : SocketServer::Session(sock), m_cpcd(cpcd), m_protocol_version(1) {
-  m_input = new SocketInputStream(sock, 7 * 24 * 60 * 60000);
-  m_output = new SocketOutputStream(sock);
+  m_secure_socket.init_from_new(sock);
+  m_input = new SecureSocketInputStream(m_secure_socket, 7 * 24 * 60 * 60000);
+  m_output = new SecureSocketOutputStream(m_secure_socket);
   m_parser = new Parser<CPCDAPISession>(commands, *m_input);
 }
 
@@ -170,8 +171,8 @@ void CPCDAPISession::runSession() {
         break;
     }
   }
-  ndb_socket_close(m_socket);
-  ndb_socket_invalidate(&m_socket);
+  m_secure_socket.close();
+  m_secure_socket.invalidate();
 }
 
 void CPCDAPISession::stopSession() {

storage/ndb/src/cw/cpcd/APIService.hpp

@@ -28,13 +28,15 @@
 #include <InputStream.hpp>
 #include <Parser.hpp>
 #include <SocketServer.hpp>
+#include "util/NdbSocket.h"
 
 class CPCD;
 
 class CPCDAPISession : public SocketServer::Session {
   typedef Parser<CPCDAPISession> Parser_t;
 
   class CPCD &m_cpcd;
+  NdbSocket m_secure_socket;
   InputStream *m_input;
   OutputStream *m_output;
   Parser_t *m_parser;

storage/ndb/src/mgmsrv/Services.cpp

@@ -24,8 +24,6 @@
 
 #include <ndb_global.h>
 
-#include <uucode.h>
-#include <socket_io.h>
 #include <util/version.h>
 #include <mgmapi.h>
 #include <EventLogger.hpp>
@@ -350,13 +348,17 @@ extern int g_errorInsert;
 
 #define SLEEP_ERROR_INSERTED(x) if(ERROR_INSERTED(x)){NdbSleep_SecSleep(10);}
 
-MgmApiSession::MgmApiSession(class MgmtSrvr & mgm, ndb_socket_t sock, Uint64 session_id)
-  : SocketServer::Session(sock), m_mgmsrv(mgm),
-    m_session_id(session_id), m_name("unknown:0")
+MgmApiSession::MgmApiSession(class MgmtSrvr & mgm, ndb_socket_t sock,
+                             Uint64 session_id)
+  : SocketServer::Session(sock),
+    m_mgmsrv(mgm),
+    m_session_id(session_id),
+    m_name("unknown:0")
 {
   DBUG_ENTER("MgmApiSession::MgmApiSession");
-  m_input = new SocketInputStream(sock, SOCKET_TIMEOUT);
-  m_output = new BufferedSockOutputStream(sock, SOCKET_TIMEOUT);
+  m_secure_socket.init_from_new(sock);
+  m_input = new SecureSocketInputStream(m_secure_socket, SOCKET_TIMEOUT);
+  m_output = new BufferedSecureOutputStream(m_secure_socket, SOCKET_TIMEOUT);
   m_parser = new Parser_t(commands, *m_input);
   m_stopSelf= 0;
   m_ctx= NULL;
@@ -392,10 +394,10 @@ MgmApiSession::~MgmApiSession()
     delete m_output;
   if (m_parser)
     delete m_parser;
-  if(ndb_socket_valid(m_socket))
+  if(m_secure_socket.is_valid())
   {
-    ndb_socket_close(m_socket);
-    ndb_socket_invalidate(&m_socket);
+    m_secure_socket.close();
+    m_secure_socket.invalidate();
   }
   if(m_stopSelf < 0)
     g_RestartServer= true;
@@ -487,10 +489,10 @@ MgmApiSession::runSession()
 
   NdbMutex_Lock(m_mutex);
   m_ctx= NULL;
-  if(ndb_socket_valid(m_socket))
+  if(m_secure_socket.is_valid())
   {
-    ndb_socket_close(m_socket);
-    ndb_socket_invalidate(&m_socket);
+    m_secure_socket.close();
+    m_secure_socket.invalidate();
   }
   NdbMutex_Unlock(m_mutex);
 
@@ -555,7 +557,7 @@ MgmApiSession::get_nodeid(Parser_t::Context &,
 
   struct sockaddr_in6 client_addr;
   {
-    int r = ndb_getpeername(m_socket, &client_addr);
+    int r = ndb_getpeername(m_secure_socket.ndb_socket(), &client_addr);
     if (r != 0 )
     {
       m_output->println("result: getpeername() failed, err= %d",
@@ -1792,7 +1794,7 @@ MgmApiSession::listen_event(Parser<MgmApiSession>::Context & ctx,
 
   Ndb_mgmd_event_service::Event_listener le;
   le.m_parsable = parsable;
-  le.m_socket = m_socket;
+  le.m_socket = m_secure_socket.ndb_socket();
 
   Vector<BaseString> list;
   param.trim();
@@ -1858,7 +1860,7 @@ MgmApiSession::listen_event(Parser<MgmApiSession>::Context & ctx,
   {
     m_mgmsrv.m_event_listner.add_listener(le);
     m_stop = true;
-    ndb_socket_invalidate(&m_socket);
+    m_secure_socket.invalidate();
   }
 }
 
@@ -1892,16 +1894,17 @@ MgmApiSession::transporter_connect(Parser_t::Context &ctx,
 {
   bool close_with_reset = true;
   BaseString errormsg;
-  if (!m_mgmsrv.transporter_connect(m_socket, errormsg, close_with_reset))
+  if (!m_mgmsrv.transporter_connect(m_secure_socket.ndb_socket(),
+                                    errormsg, close_with_reset))
   {
     // Connection not allowed or failed
     g_eventLogger->warning("Failed to convert connection "
                            "from '%s' to transporter: %s",
                            name(),
                            errormsg.c_str());
     // Close the socket to indicate failure to client
-    ndb_socket_close_with_reset(m_socket, close_with_reset);
-    ndb_socket_invalidate(&m_socket); // Already closed
+    m_secure_socket.close_with_reset(close_with_reset);
+    m_secure_socket.invalidate(); // Already closed
   }
   else
   {
@@ -1911,7 +1914,7 @@ MgmApiSession::transporter_connect(Parser_t::Context &ctx,
       but don't close the socket, it's been taken over
       by the transporter
     */
-    ndb_socket_invalidate(&m_socket);   // so nobody closes it
+    m_secure_socket.invalidate();  // so nobody closes it
   }
 
   m_stop= true; // Stop the session
@@ -2217,10 +2220,9 @@ void MgmApiSession::setConfig(Parser_t::Context &ctx,
     int r = 0;
     size_t start = 0;
     do {
-      if((r= read_socket(m_socket,
-                         SOCKET_TIMEOUT,
-                         &buf64[start],
-                         (int)(len64-start))) < 1)
+      if((r= m_secure_socket.read(SOCKET_TIMEOUT,
+                                  &buf64[start],
+                                  (int)(len64-start))) < 1)
       {
         delete[] buf64;
         result.assfmt("read_socket failed, errno: %d", errno);

storage/ndb/src/mgmsrv/Services.hpp

@@ -25,11 +25,12 @@
 #ifndef MGMAPI_SERVICE_HPP
 #define MGMAPI_SERVICE_HPP
 
-#include <SocketServer.hpp>
-#include <NdbSleep.h>
-#include <Parser.hpp>
-#include <OutputStream.hpp>
-#include <InputStream.hpp>
+#include "util/SocketServer.hpp"
+#include "NdbSleep.h"
+#include "Parser.hpp"
+#include "util/OutputStream.hpp"
+#include "util/InputStream.hpp"
+#include "util/NdbSocket.h"
 
 #include "MgmtSrvr.hpp"
 
@@ -40,6 +41,7 @@ class MgmApiSession : public SocketServer::Session
 private:
   typedef Parser<MgmApiSession> Parser_t;
 
+  NdbSocket m_secure_socket;
   class MgmtSrvr & m_mgmsrv;
   InputStream *m_input;
   OutputStream *m_output;

storage/ndb/test/include/SocketInputStream2.hpp

@@ -28,10 +28,10 @@
 #include "portlib/ndb_socket.h"
 #include <BaseString.hpp>
 #include <UtilBuffer.hpp>
-#include "util/SecureSocket.h"
+#include "util/NdbSocket.h"
 
 class SocketInputStream2 {
-  SecureSocket m_socket;
+  NdbSocket m_socket;
   unsigned m_read_timeout;
   UtilBuffer m_buffer;
   size_t m_buffer_read_pos;
@@ -44,7 +44,7 @@ class SocketInputStream2 {
 public:
   SocketInputStream2(ndb_socket_t socket,
                      unsigned read_timeout = 60) :
-    m_socket(socket, SecureSocket::From::Existing),
+    m_socket(socket, NdbSocket::From::Existing),
     m_read_timeout(read_timeout),
     m_buffer_read_pos(0)          {}