Release Notes for MariaDB MaxScale 2.5.22
MariaDB MaxScale is an advanced database proxy, firewall, and query router.
MariaDB MaxScale 2.5.22 was released on 2022-10-11. This release is of General Availability (GA) maturity.
Can result in a hang or crash
Can result in unexpected behavior
When using the MaxScale REST API, if an unknown parameter is given to
maxctrl alter servera warning is reported instead of an error. This causes a generic HTTP error message to be printed: (MXS-4332)
maxctrl alter server server1 ssl_ca /home/markusjm/ssl-certs/ca.pem Error: Server at 127.0.0.1:8989 responded with status code 403 to ``PATCH servers/server1``
Starting with this release, unknown parameters are logged at the error level, and will be correctly relayed to the client application.
When using the MaxScale REST API,
maxctrl alter serverfails if SSL is enabled. (MXS-4331)
Starting with this release, the runtime configuration code correctly detects no-op changes to the SSL configurations and ignores them.
In previous releases, the following error message would be raised:
Error: socket hang up
Starting with this release, the following error message is raised:
If MaxScale is configured to use HTTPS, use the --secure option.
When using MaxCtrl with the MaxScale REST API, if an object name looks like a number, MaxCtrl automatically and incorrectly converts the object name to a number. (MXS-4313)
Starting with this release, object names are explicitly converted to strings.
The MaxScale REST API accepts empty values for
idwhich allows users to be created with empty names. (MXS-4312)
When the MaxScale REST API generates JWTs (JSON Web Tokens), the
audfield is used to store the username instead of the
Starting with this release, to retain backwards compatibility with external applications, MaxScale still sets the
audfield to the same value as the
subfield, but MaxScale no longer reads the username from the
use_sql_variables_in=allis configured and a write query modifies a user variable, MaxScale's query classifier can classify the query as a session command instead of as a write query, which can cause the query to be routed to replicas. (MXS-4269)
Starting with this release, write queries are not classified as session commands.
When replication fails to start on a replica node due to an incorrect password for the replication user, the Connection Router (
readconnroute) still routes connections to the replica node. (MXS-4240, MXS-4239)
In previous releases, commands like
maxctrl list serverswould show
[Slave, Running]in cases where replication fails to start on a replica node due to an incorrect password for the replication user.
When MaxScale tries to load a TLS certificate for a listener and the certificate's chain of trust is unknown to OpenSSL, MaxScale improperly verifies the certificate while building the certificate chain. (MXS-4198)
In previous releases, the following notice could be written to the MaxScale log:
notice : (LISTENER_NAME); OpenSSL reported problems in the certificate chain: error:1414C086:SSL routines:ssl_build_cert_chain:certificate verify failed. This is expected for certificates that do not contain the whole certificate chain.
Starting with this release, the notice is no longer written to the log.
The following example shows what the message can look like:
Reverse name resolution of address 'IP_ADDRESS' of incoming client 'USERNAME' took DURATION seconds. The resolution was performed to check against host pattern 'HOST_PATTERN', and can be prevented either by removing the user account or by enabling 'skip_name_resolve'.
If the warning frequently appears in the log, enabling the
skip_name_resolveparameter can help improve performance.
When MaxScale sends an authentication switch request, it expects the response to contain an authentication token, even when the user has an empty password. (MXS-4094)
In alignment to the MariaDB Corporation Engineering Policy, MariaDB MaxScale 2.5.22 is provided for:
CentOS 7 (x86_
Debian 9 (x86_
Debian 10 (x86_
Debian 11 (x86_
Red Hat Enterprise Linux 7 (x86_
Red Hat Enterprise Linux 8 (x86_
Red Hat Enterprise Linux 9 (x86_
Rocky Linux 8 (x86_
Rocky Linux 9 (x86_
SUSE Linux Enterprise Server 15 (x86_
Ubuntu 18.04 (x86_
Ubuntu 20.04 (x86_