欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  IT编程

从NetCore报错到MySql安全

程序员文章站 2023-01-14 09:30:25
之前项目在测试服务器上的一些接口时不时会报出下面的错误:(采用Abp框架) "SocketException: 你的主机中的软件中止了一个已建立的连接。 STACK TRACE: at MySqlConnector.Protocol.Serialization.SocketByteHandler.W ......

之前项目在测试服务器上的一些接口时不时会报出下面的错误:(采用abp框架)

从NetCore报错到MySql安全
"socketexception: 你的主机中的软件中止了一个已建立的连接。
stack trace:    at mysqlconnector.protocol.serialization.socketbytehandler.writebytesasync(arraysegment`1 data, iobehavior iobehavior) in c:\projects\mysqlconnector\src\mysqlconnector\protocol\serialization\socketbytehandler.cs:line 90
--- end of stack trace from previous location where exception was thrown ---
   at system.runtime.exceptionservices.exceptiondispatchinfo.throw()
   at system.runtime.compilerservices.taskawaiter.handlenonsuccessanddebuggernotification(task task)
   at mysqlconnector.utilities.valuetaskextensions.<continuewith>d__0`2.movenext() in c:\projects\mysqlconnector\src\mysqlconnector\utilities\valuetaskextensions.cs:line 8
--- end of stack trace from previous location where exception was thrown ---
   at system.runtime.exceptionservices.exceptiondispatchinfo.throw()
   at system.runtime.compilerservices.taskawaiter.handlenonsuccessanddebuggernotification(task task)
   at mysqlconnector.core.serversession.tryasynccontinuation(task`1 task) in c:\projects\mysqlconnector\src\mysqlconnector\core\serversession.cs:line 1225
   at system.threading.tasks.continuationresulttaskfromresulttask`2.innerinvoke()
   at system.threading.executioncontext.run(executioncontext executioncontext, contextcallback callback, object state)
   at system.threading.tasks.task.executewiththreadlocal(task& currenttaskslot)
--- end of stack trace from previous location where exception was thrown ---
   at system.runtime.exceptionservices.exceptiondispatchinfo.throw()
   at system.runtime.compilerservices.taskawaiter.handlenonsuccessanddebuggernotification(task task)
   at mysqlconnector.core.textcommandexecutor.<executereaderasync>d__1.movenext() in c:\projects\mysqlconnector\src\mysqlconnector\core\textcommandexecutor.cs:line 36
--- end of stack trace from previous location where exception was thrown ---
   at system.runtime.exceptionservices.exceptiondispatchinfo.throw()
   at system.runtime.compilerservices.taskawaiter.handlenonsuccessanddebuggernotification(task task)
   at mysql.data.mysqlclient.mysqlcommand.<executenonqueryasync>d__60.movenext() in c:\projects\mysqlconnector\src\mysqlconnector\mysql.data.mysqlclient\mysqlcommand.cs:line 261
--- end of stack trace from previous location where exception was thrown ---
   at system.runtime.exceptionservices.exceptiondispatchinfo.throw()
   at system.runtime.compilerservices.taskawaiter.handlenonsuccessanddebuggernotification(task task)
   at mysql.data.mysqlclient.mysqlcommand.executenonquery() in c:\projects\mysqlconnector\src\mysqlconnector\mysql.data.mysqlclient\mysqlcommand.cs:line 62
   at mysql.data.mysqlclient.mysqltransaction.dispose(boolean disposing) in c:\projects\mysqlconnector\src\mysqlconnector\mysql.data.mysqlclient\mysqltransaction.cs:line 81
   at microsoft.entityframeworkcore.storage.relationaltransaction.dispose()
   at abp.entityframeworkcore.uow.dbcontextefcoretransactionstrategy.dispose(iiocresolver iocresolver)
   at abp.entityframeworkcore.uow.efcoreunitofwork.disposeuow()
   at abp.domain.uow.unitofworkbase.dispose()
   at abp.aspnetcore.mvc.uow.abpuowactionfilter.<onactionexecutionasync>d__4.movenext()
--- end of stack trace from previous location where exception was thrown ---
   at system.runtime.exceptionservices.exceptiondispatchinfo.throw()
   at system.runtime.compilerservices.taskawaiter.handlenonsuccessanddebuggernotification(task task)
   at microsoft.aspnetcore.mvc.internal.controlleractioninvoker.<invokenextactionfilterasync>d__10.movenext()
--- end of stack trace from previous location where exception was thrown ---
   at system.runtime.exceptionservices.exceptiondispatchinfo.throw()
   at microsoft.aspnetcore.mvc.internal.controlleractioninvoker.rethrow(actionexecutedcontext context)
   at microsoft.aspnetcore.mvc.internal.controlleractioninvoker.next(state& next, scope& scope, object& state, boolean& iscompleted)
   at microsoft.aspnetcore.mvc.internal.controlleractioninvoker.<invokeinnerfilterasync>d__13.movenext()
--- end of stack trace from previous location where exception was thrown ---
   at system.runtime.exceptionservices.exceptiondispatchinfo.throw()
   at system.runtime.compilerservices.taskawaiter.handlenonsuccessanddebuggernotification(task task)
   at microsoft.aspnetcore.mvc.internal.resourceinvoker.<invokenextexceptionfilterasync>d__24.movenext()
"
view code
从NetCore报错到MySql安全
mysql.data.mysqlclient.mysqlexception (0x80004005): failed to read the result set. 
---> system.io.endofstreamexception: expected to read 4 header bytes but only received 0.
   at system.runtime.exceptionservices.exceptiondispatchinfo.throw()
   at system.runtime.compilerservices.taskawaiter.handlenonsuccessanddebuggernotification(task task)
   at mysqlconnector.protocol.serialization.protocolutility.doreadpayloadasync(bufferedbytereader bufferedbytereader, ibytehandler bytehandler, func`1 getnextsequencenumber, arraysegmentholder`1 previouspayloads, protocolerrorbehavior protocolerrorbehavior, iobehavior iobehavior) in c:\projects\mysqlconnector\src\mysqlconnector\protocol\serialization\protocolutility.cs:line 462
   at mysqlconnector.protocol.serialization.standardpayloadhandler.readpayloadasync(arraysegmentholder`1 cache, protocolerrorbehavior protocolerrorbehavior, iobehavior iobehavior) in c:\projects\mysqlconnector\src\mysqlconnector\protocol\serialization\standardpayloadhandler.cs:line 37
   at mysqlconnector.core.serversession.receivereplyasync(iobehavior iobehavior, cancellationtoken cancellationtoken) in c:\projects\mysqlconnector\src\mysqlconnector\core\serversession.cs:line 645
--- end of stack trace from previous location where exception was thrown ---
   at system.runtime.exceptionservices.exceptiondispatchinfo.throw()
   at system.runtime.compilerservices.taskawaiter.handlenonsuccessanddebuggernotification(task task)
   at mysqlconnector.core.serversession.tryasynccontinuation(task`1 task) in c:\projects\mysqlconnector\src\mysqlconnector\core\serversession.cs:line 1230
   at system.threading.tasks.continuationresulttaskfromresulttask`2.innerinvoke()
   at system.threading.executioncontext.run(executioncontext executioncontext, contextcallback callback, object state)
   at system.threading.tasks.task.executewiththreadlocal(task& currenttaskslot)
--- end of stack trace from previous location where exception was thrown ---
view code

然后我使用swagger+miniprofiler,查看生成的sql语句

 从NetCore报错到MySql安全

查看mysql错误日志:

aborted connection 422 to db: '数据库名称' user: 'root' host: 'localhost' (got a packet bigger than 'max_allowed_packet' bytes)

可能因为传输的数据过大,而mysql的max_allowed_packet默认为1024b,导致sql执行不成功。

然后将mysql配置文件中的max_allowed_packet值改为max_allowed_packet = 4m

重启mysql,问题解决。

 

然而过了一段时间,同样的报错又出现了,首先看了下max_allowed_packet的值,果然max_allowed_packet又被修改为了1024b,查看命令如下:

show variables like '%max_allowed_packet%';

 

然后询问同事,他们说并没有动数据库,上网查了下说是有可能是被攻击了。

于是我开启了mysql的日志,命令如下:

set global general_log=on;

 

在日志里看到了被修改信息,然后看了下ip~~~

从NetCore报错到MySql安全

还发现了几个新增用户tvt,把它删掉:

从NetCore报错到MySql安全

 

查看mysql用户命令如下:

select * from mysql.user

 从NetCore报错到MySql安全

目前解决方法是,加强密码,限制远程连接ip:把上图的% 改为指定ip段xxx.xxx.xxx.%,重启mysql。