Add server ID verification for KILL QUERY commands

Co-authored-by: bgrainger <[email protected]>

Author: Copilot

src/MySqlConnector/Core/ServerSession.cs

@@ -47,6 +47,8 @@ public ServerSession(ILogger logger, IConnectionPoolMetadata pool)
 	public int ActiveCommandId { get; private set; }
 	public int CancellationTimeout { get; private set; }
 	public int ConnectionId { get; set; }
+	public string? ServerUuid { get; set; }
+	public long? ServerId { get; set; }
 	public byte[]? AuthPluginData { get; set; }
 	public long CreatedTimestamp { get; }
 	public ConnectionPool? Pool { get; }
@@ -117,6 +119,14 @@ public void DoCancel(ICancellableCommand commandToCancel, MySqlCommand killComma
 				return;
 			}
 
+			// Verify server identity before executing KILL QUERY to prevent cancelling on the wrong server
+			var killSession = killCommand.Connection!.Session;
+			if (!VerifyServerIdentity(killSession))
+			{
+				Log.IgnoringCancellationForDifferentServer(m_logger, Id, killSession.Id, ServerUuid, killSession.ServerUuid, ServerId, killSession.ServerId);
+				return;
+			}
+
 			// NOTE: This command is executed while holding the lock to prevent race conditions during asynchronous cancellation.
 			// For example, if the lock weren't held, the current command could finish and the other thread could set ActiveCommandId
 			// to zero, then start executing a new command. By the time this "KILL QUERY" command reached the server, the wrong
@@ -137,6 +147,26 @@ public void AbortCancel(ICancellableCommand command)
 		}
 	}
 
+	private bool VerifyServerIdentity(ServerSession otherSession)
+	{
+		// If server UUID is available, use it as the primary identifier (most unique)
+		if (!string.IsNullOrEmpty(ServerUuid) && !string.IsNullOrEmpty(otherSession.ServerUuid))
+		{
+			return string.Equals(ServerUuid, otherSession.ServerUuid, StringComparison.Ordinal);
+		}
+
+		// Fall back to server ID if UUID is not available
+		if (ServerId.HasValue && otherSession.ServerId.HasValue)
+		{
+			return ServerId.Value == otherSession.ServerId.Value;
+		}
+
+		// If no server identification is available, allow the operation to proceed
+		// This maintains backward compatibility with older MySQL versions
+		Log.NoServerIdentificationForVerification(m_logger, Id, otherSession.Id);
+		return true;
+	}
+
 	public bool IsCancelingQuery => m_state == State.CancelingQuery;
 
 	public async Task PrepareAsync(IMySqlCommand command, IOBehavior ioBehavior, CancellationToken cancellationToken)
@@ -635,6 +665,9 @@ public async Task DisposeAsync(IOBehavior ioBehavior, CancellationToken cancella
 				ConnectionId = newConnectionId;
 			}
 
+			// Get server identification for KILL QUERY verification
+			await GetServerIdentificationAsync(ioBehavior, CancellationToken.None).ConfigureAwait(false);
+
 			m_payloadHandler.ByteHandler.RemainingTimeout = Constants.InfiniteTimeout;
 			return redirectionUrl;
 		}
@@ -1951,6 +1984,90 @@ private async Task GetRealServerDetailsAsync(IOBehavior ioBehavior, Cancellation
 		}
 	}
 
+	private async Task GetServerIdentificationAsync(IOBehavior ioBehavior, CancellationToken cancellationToken)
+	{
+		Log.GettingServerIdentification(m_logger, Id);
+		try
+		{
+			PayloadData payload;
+			
+			// Try to get both server_uuid and server_id if server supports server_uuid (MySQL 5.6+)
+			if (!ServerVersion.IsMariaDb && ServerVersion.Version >= ServerVersions.SupportsServerUuid)
+			{
+				payload = SupportsQueryAttributes ? s_selectServerIdWithAttributesPayload : s_selectServerIdNoAttributesPayload;
+				await SendAsync(payload, ioBehavior, cancellationToken).ConfigureAwait(false);
+
+				// column count: 2
+				_ = await ReceiveReplyAsync(ioBehavior, cancellationToken).ConfigureAwait(false);
+
+				// @@server_uuid and @@server_id columns
+				_ = await ReceiveReplyAsync(ioBehavior, CancellationToken.None).ConfigureAwait(false);
+				_ = await ReceiveReplyAsync(ioBehavior, CancellationToken.None).ConfigureAwait(false);
+
+				if (!SupportsDeprecateEof)
+				{
+					payload = await ReceiveReplyAsync(ioBehavior, CancellationToken.None).ConfigureAwait(false);
+					_ = EofPayload.Create(payload.Span);
+				}
+
+				// first (and only) row
+				payload = await ReceiveReplyAsync(ioBehavior, CancellationToken.None).ConfigureAwait(false);
+
+				var reader = new ByteArrayReader(payload.Span);
+				var length = reader.ReadLengthEncodedIntegerOrNull();
+				var serverUuid = length != -1 ? Encoding.UTF8.GetString(reader.ReadByteString(length)) : null;
+				length = reader.ReadLengthEncodedIntegerOrNull();
+				var serverId = (length != -1 && Utf8Parser.TryParse(reader.ReadByteString(length), out long id, out _)) ? id : default(long?);
+
+				ServerUuid = serverUuid;
+				ServerId = serverId;
+
+				Log.RetrievedServerIdentification(m_logger, Id, serverUuid, serverId);
+			}
+			else
+			{
+				// Fall back to just server_id for older versions or MariaDB
+				payload = SupportsQueryAttributes ? s_selectServerIdOnlyWithAttributesPayload : s_selectServerIdOnlyNoAttributesPayload;
+				await SendAsync(payload, ioBehavior, cancellationToken).ConfigureAwait(false);
+
+				// column count: 1
+				_ = await ReceiveReplyAsync(ioBehavior, cancellationToken).ConfigureAwait(false);
+
+				// @@server_id column
+				_ = await ReceiveReplyAsync(ioBehavior, CancellationToken.None).ConfigureAwait(false);
+
+				if (!SupportsDeprecateEof)
+				{
+					payload = await ReceiveReplyAsync(ioBehavior, CancellationToken.None).ConfigureAwait(false);
+					_ = EofPayload.Create(payload.Span);
+				}
+
+				// first (and only) row
+				payload = await ReceiveReplyAsync(ioBehavior, CancellationToken.None).ConfigureAwait(false);
+
+				var reader = new ByteArrayReader(payload.Span);
+				var length = reader.ReadLengthEncodedIntegerOrNull();
+				var serverId = (length != -1 && Utf8Parser.TryParse(reader.ReadByteString(length), out long id, out _)) ? id : default(long?);
+
+				ServerUuid = null;
+				ServerId = serverId;
+
+				Log.RetrievedServerIdentification(m_logger, Id, null, serverId);
+			}
+
+			// OK/EOF payload
+			payload = await ReceiveReplyAsync(ioBehavior, CancellationToken.None).ConfigureAwait(false);
+			if (OkPayload.IsOk(payload.Span, this))
+				OkPayload.Verify(payload.Span, this);
+			else
+				EofPayload.Create(payload.Span);
+		}
+		catch (MySqlException ex)
+		{
+			Log.FailedToGetServerIdentification(m_logger, ex, Id);
+		}
+	}
+
 	private void ShutdownSocket()
 	{
 		Log.ClosingStreamSocket(m_logger, Id);
@@ -2182,6 +2299,10 @@ protected override void OnStatementBegin(int index)
 	private static readonly PayloadData s_sleepWithAttributesPayload = QueryPayload.Create(true, "SELECT SLEEP(0) INTO @__MySqlConnector__Sleep;"u8);
 	private static readonly PayloadData s_selectConnectionIdVersionNoAttributesPayload = QueryPayload.Create(false, "SELECT CONNECTION_ID(), VERSION();"u8);
 	private static readonly PayloadData s_selectConnectionIdVersionWithAttributesPayload = QueryPayload.Create(true, "SELECT CONNECTION_ID(), VERSION();"u8);
+	private static readonly PayloadData s_selectServerIdNoAttributesPayload = QueryPayload.Create(false, "SELECT @@server_uuid, @@server_id;"u8);
+	private static readonly PayloadData s_selectServerIdWithAttributesPayload = QueryPayload.Create(true, "SELECT @@server_uuid, @@server_id;"u8);
+	private static readonly PayloadData s_selectServerIdOnlyNoAttributesPayload = QueryPayload.Create(false, "SELECT @@server_id;"u8);
+	private static readonly PayloadData s_selectServerIdOnlyWithAttributesPayload = QueryPayload.Create(true, "SELECT @@server_id;"u8);
 
 	private readonly ILogger m_logger;
 #if NET9_0_OR_GREATER

src/MySqlConnector/Core/ServerVersions.cs

@@ -19,4 +19,7 @@ internal static class ServerVersions
 
 	// https://mariadb.com/kb/en/set-statement/
 	public static readonly Version MariaDbSupportsPerQueryVariables = new(10, 1, 2);
+
+	// https://dev.mysql.com/doc/refman/5.6/en/replication-options.html#sysvar_server_uuid
+	public static readonly Version SupportsServerUuid = new(5, 6, 0);
 }

src/MySqlConnector/Logging/EventIds.cs

@@ -78,14 +78,17 @@ internal static class EventIds
 	public const int DetectedProxy = 2150;
 	public const int ChangingConnectionId = 2151;
 	public const int FailedToGetConnectionId = 2152;
-	public const int CreatingConnectionAttributes = 2153;
-	public const int ObtainingPasswordViaProvidePasswordCallback = 2154;
-	public const int FailedToObtainPassword = 2155;
-	public const int ConnectedTlsBasicPreliminary = 2156;
-	public const int ConnectedTlsDetailedPreliminary = 2157;
-	public const int CertificateErrorUnixSocket = 2158;
-	public const int CertificateErrorNoPassword = 2159;
-	public const int CertificateErrorValidThumbprint = 2160;
+	public const int GettingServerIdentification = 2153;
+	public const int RetrievedServerIdentification = 2154;
+	public const int FailedToGetServerIdentification = 2155;
+	public const int CreatingConnectionAttributes = 2156;
+	public const int ObtainingPasswordViaProvidePasswordCallback = 2157;
+	public const int FailedToObtainPassword = 2158;
+	public const int ConnectedTlsBasicPreliminary = 2159;
+	public const int ConnectedTlsDetailedPreliminary = 2160;
+	public const int CertificateErrorUnixSocket = 2161;
+	public const int CertificateErrorNoPassword = 2162;
+	public const int CertificateErrorValidThumbprint = 2163;
 
 	// Command execution events, 2200-2299
 	public const int CannotExecuteNewCommandInState = 2200;
@@ -108,6 +111,8 @@ internal static class EventIds
 	public const int IgnoringCancellationForInactiveCommand = 2306;
 	public const int CancelingCommand = 2307;
 	public const int SendingSleepToClearPendingCancellation = 2308;
+	public const int IgnoringCancellationForDifferentServer = 2309;
+	public const int NoServerIdentificationForVerification = 2310;
 
 	// Cached procedure events, 2400-2499
 	public const int GettingCachedProcedure = 2400;

src/MySqlConnector/Logging/Log.cs

@@ -189,6 +189,21 @@ internal static partial class Log
 	[LoggerMessage(EventIds.FailedToGetConnectionId, LogLevel.Information, "Session {SessionId} failed to get CONNECTION_ID(), VERSION()")]
 	public static partial void FailedToGetConnectionId(ILogger logger, Exception exception, string sessionId);
 
+	[LoggerMessage(EventIds.GettingServerIdentification, LogLevel.Debug, "Session {SessionId} getting server identification")]
+	public static partial void GettingServerIdentification(ILogger logger, string sessionId);
+
+	[LoggerMessage(EventIds.RetrievedServerIdentification, LogLevel.Debug, "Session {SessionId} retrieved server identification: UUID={ServerUuid}, ID={ServerId}")]
+	public static partial void RetrievedServerIdentification(ILogger logger, string sessionId, string? serverUuid, long? serverId);
+
+	[LoggerMessage(EventIds.FailedToGetServerIdentification, LogLevel.Information, "Session {SessionId} failed to get server identification")]
+	public static partial void FailedToGetServerIdentification(ILogger logger, Exception exception, string sessionId);
+
+	[LoggerMessage(EventIds.IgnoringCancellationForDifferentServer, LogLevel.Warning, "Session {SessionId} ignoring cancellation from session {KillSessionId}: server identity mismatch (this UUID={ServerUuid}, kill UUID={KillServerUuid}, this ID={ServerId}, kill ID={KillServerId})")]
+	public static partial void IgnoringCancellationForDifferentServer(ILogger logger, string sessionId, string killSessionId, string? serverUuid, string? killServerUuid, long? serverId, long? killServerId);
+
+	[LoggerMessage(EventIds.NoServerIdentificationForVerification, LogLevel.Debug, "Session {SessionId} and kill session {KillSessionId} have no server identification available for verification")]
+	public static partial void NoServerIdentificationForVerification(ILogger logger, string sessionId, string killSessionId);
+
 	[LoggerMessage(EventIds.ClosingStreamSocket, LogLevel.Debug, "Session {SessionId} closing stream/socket")]
 	public static partial void ClosingStreamSocket(ILogger logger, string sessionId);
 

tests/MySqlConnector.Tests/ServerIdentificationTests.cs

@@ -0,0 +1,138 @@
+using MySqlConnector.Core;
+using MySqlConnector.Logging;
+using Microsoft.Extensions.Logging.Abstractions;
+
+namespace MySqlConnector.Tests;
+
+public class ServerIdentificationTests
+{
+	[Fact]
+	public void VerifyServerIdentity_WithMatchingUuids_ReturnsTrue()
+	{
+		// Arrange
+		var session1 = CreateServerSession();
+		var session2 = CreateServerSession();
+		session1.ServerUuid = "test-uuid-123";
+		session1.ServerId = 1;
+		session2.ServerUuid = "test-uuid-123";
+		session2.ServerId = 2; // Different server ID, but UUIDs match
+
+		// Act
+		bool result = InvokeVerifyServerIdentity(session1, session2);
+
+		// Assert
+		Assert.True(result);
+	}
+
+	[Fact]
+	public void VerifyServerIdentity_WithDifferentUuids_ReturnsFalse()
+	{
+		// Arrange
+		var session1 = CreateServerSession();
+		var session2 = CreateServerSession();
+		session1.ServerUuid = "test-uuid-123";
+		session1.ServerId = 1;
+		session2.ServerUuid = "test-uuid-456";
+		session2.ServerId = 1; // Same server ID, but UUIDs don't match
+
+		// Act
+		bool result = InvokeVerifyServerIdentity(session1, session2);
+
+		// Assert
+		Assert.False(result);
+	}
+
+	[Fact]
+	public void VerifyServerIdentity_WithMatchingServerIds_ReturnsTrue()
+	{
+		// Arrange
+		var session1 = CreateServerSession();
+		var session2 = CreateServerSession();
+		session1.ServerUuid = null; // No UUID available
+		session1.ServerId = 1;
+		session2.ServerUuid = null; // No UUID available
+		session2.ServerId = 1;
+
+		// Act
+		bool result = InvokeVerifyServerIdentity(session1, session2);
+
+		// Assert
+		Assert.True(result);
+	}
+
+	[Fact]
+	public void VerifyServerIdentity_WithDifferentServerIds_ReturnsFalse()
+	{
+		// Arrange
+		var session1 = CreateServerSession();
+		var session2 = CreateServerSession();
+		session1.ServerUuid = null; // No UUID available
+		session1.ServerId = 1;
+		session2.ServerUuid = null; // No UUID available
+		session2.ServerId = 2;
+
+		// Act
+		bool result = InvokeVerifyServerIdentity(session1, session2);
+
+		// Assert
+		Assert.False(result);
+	}
+
+	[Fact]
+	public void VerifyServerIdentity_WithNoIdentification_ReturnsTrue()
+	{
+		// Arrange
+		var session1 = CreateServerSession();
+		var session2 = CreateServerSession();
+		session1.ServerUuid = null;
+		session1.ServerId = null;
+		session2.ServerUuid = null;
+		session2.ServerId = null;
+
+		// Act
+		bool result = InvokeVerifyServerIdentity(session1, session2);
+
+		// Assert
+		Assert.True(result); // Should allow operation for backward compatibility
+	}
+
+	[Fact]
+	public void VerifyServerIdentity_UuidTakesPrecedenceOverServerId()
+	{
+		// Arrange
+		var session1 = CreateServerSession();
+		var session2 = CreateServerSession();
+		session1.ServerUuid = "test-uuid-123";
+		session1.ServerId = 1;
+		session2.ServerUuid = "test-uuid-456"; // Different UUID
+		session2.ServerId = 1; // Same server ID
+
+		// Act
+		bool result = InvokeVerifyServerIdentity(session1, session2);
+
+		// Assert
+		Assert.False(result); // Should use UUID comparison, not server ID
+	}
+
+	private static ServerSession CreateServerSession()
+	{
+		var pool = new TestConnectionPool();
+		return new ServerSession(NullLogger.Instance, pool);
+	}
+
+	private static bool InvokeVerifyServerIdentity(ServerSession session1, ServerSession session2)
+	{
+		// Use reflection to call the private VerifyServerIdentity method
+		var method = typeof(ServerSession).GetMethod("VerifyServerIdentity", 
+			System.Reflection.BindingFlags.NonPublic | System.Reflection.BindingFlags.Instance);
+		return (bool)method!.Invoke(session1, new object[] { session2 })!;
+	}
+
+	private class TestConnectionPool : IConnectionPoolMetadata
+	{
+		public int Id => 1;
+		public int Generation => 1;
+		public ConnectionPool? ConnectionPool => null;
+		public int GetNewSessionId() => 1;
+	}
+}