Mirrors
/
mariadb
mirror of https://github.com/MariaDB/server
3
0
Fork 0
Code Releases Activity
Browse Source

MDEV-11660 Make encryption plugins "pure" 

Do not exporting mysqld entry points directly.
This is needed for mariabackup, to load encryption plugins on Windows.

All plugins are "pure" by default. To mark plugin "impure"
it should use RECOMPILE_FOR_EMBEDDED or STORAGE_ENGINE keyword.
pull/333/merge
Vladislav Vaintroub 9 years ago
committed by Sergei Golubchik
parent
db39107413
commit
7bf409593e
17 changed files with 182 additions and 147 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      cmake/plugin.cmake
  2. 2
      mysql-test/suite/encryption/r/filekeys_syntax.result
  3. 5
      plugin/auth_dialog/CMakeLists.txt
  4. 145
      plugin/aws_key_management/aws_key_management_plugin.cc
  5. 5
      plugin/daemon_example/CMakeLists.txt
  6. 13
      plugin/example_key_management/example_key_management_plugin.cc
  7. 18
      plugin/file_key_management/file_key_management_plugin.cc
  8. 106
      plugin/file_key_management/parser.cc
  9. 6
      plugin/file_key_management/parser.h
  10. 2
      plugin/handler_socket/CMakeLists.txt
  11. 2
      plugin/locale_info/CMakeLists.txt
  12. 3
      plugin/metadata_lock_info/CMakeLists.txt
  13. 2
      plugin/qc_info/CMakeLists.txt
  14. 3
      plugin/query_response_time/CMakeLists.txt
  15. 6
      plugin/semisync/CMakeLists.txt
  16. 5
      plugin/server_audit/CMakeLists.txt
  17. 2
      plugin/wsrep_info/CMakeLists.txt

4
cmake/plugin.cmake
View File

@ -201,13 +201,15 @@ MACRO(MYSQL_ADD_PLUGIN)
# executable to the linker command line (it would result into link error).
# Thus we skip TARGET_LINK_LIBRARIES on Linux, as it would only generate
# an additional dependency.
IF(NOT ARG_CLIENT)
IF(ARG_RECOMPILE_FOR_EMBEDDED OR ARG_STORAGE_ENGINE)
IF(MSVC)
ADD_DEPENDENCIES(${target} gen_mysqld_lib)
TARGET_LINK_LIBRARIES(${target} mysqld_import_lib)
ELSEIF(NOT CMAKE_SYSTEM_NAME STREQUAL "Linux")
TARGET_LINK_LIBRARIES (${target} mysqld)
ENDIF()
ELSEIF(CMAKE_SYSTEM_NAME STREQUAL "Linux")
TARGET_LINK_LIBRARIES (${target} "-Wl,--no-undefined")
ENDIF()
IF(ARG_LINK_LIBRARIES)

2
mysql-test/suite/encryption/r/filekeys_syntax.result
View File

@ -28,7 +28,7 @@ select plugin_status from information_schema.plugins
where plugin_name = 'file_key_management';
plugin_status
install soname 'file_key_management';
ERROR HY000: Invalid key id at MYSQL_TMP_DIR/keys.txt line 2, column 11
ERROR HY000: Invalid key id at MYSQL_TMP_DIR/keys.txt line 2, column 10
call mtr.add_suppression("Invalid key id");
call mtr.add_suppression("Plugin 'file_key_management' init function returned error");
call mtr.add_suppression("Plugin 'file_key_management' registration.*failed");

5
plugin/auth_dialog/CMakeLists.txt
View File

@ -15,5 +15,8 @@
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
ADD_DEFINITIONS(-DNO_GET_TTY_PASSWORD)
IF(LIBDL)
SET(LLDL LINK_LIBRARIES dl)
ENDIF()
MYSQL_ADD_PLUGIN(dialog dialog.c ${CMAKE_SOURCE_DIR}/libmysql/get_password.c
MODULE_ONLY CLIENT COMPONENT ClientPlugins)
MODULE_ONLY CLIENT ${LLDL} COMPONENT ClientPlugins)

145
plugin/aws_key_management/aws_key_management_plugin.cc
View File

@ -16,9 +16,7 @@
#include <my_global.h>
#include <my_pthread.h>
#include <my_sys.h>
#include <my_dir.h>
#include <typelib.h>
#include <mysql/plugin_encryption.h>
#include <my_crypt.h>
#include <string.h>
@ -33,6 +31,10 @@
#include <sstream>
#include <fstream>
#ifndef _WIN32
#include <dirent.h>
#endif
#include <aws/core/Aws.h>
#include <aws/core/client/AWSError.h>
#include <aws/core/utils/logging/AWSLogging.h>
@ -48,9 +50,6 @@ using namespace std;
using namespace Aws::KMS;
using namespace Aws::KMS::Model;
using namespace Aws::Utils::Logging;
extern void sql_print_error(const char *format, ...);
extern void sql_print_warning(const char *format, ...);
extern void sql_print_information(const char *format, ...);
/* Plaintext key info struct */
@ -90,14 +89,8 @@ static int extract_id_and_version(const char *name, uint *id, uint *ver);
static unsigned int get_latest_key_version(unsigned int key_id);
static unsigned int get_latest_key_version_nolock(unsigned int key_id);
static int load_key(KEY_INFO *info);
static std::mutex mtx;
/* Mutex to serialize access to caches */
static mysql_mutex_t mtx;
#ifdef HAVE_PSI_INTERFACE
static uint mtx_key;
static PSI_mutex_info mtx_info = {&mtx_key, "mtx", 0};
#endif
static Aws::KMS::KMSClient *client;
@ -140,6 +133,33 @@ protected:
}
};
/* Get list of files in current directory */
static vector<string> traverse_current_directory()
{
vector<string> v;
#ifdef _WIN32
WIN32_FIND_DATA find_data;
HANDLE h= FindFirstFile("*.*", &find_data);
if (h == INVALID_HANDLE_VALUE)
return v;
do
{
v.push_back(find_data.cFileName);
}
while (FindNextFile(h, &find_data));
FindClose(h);
#else
DIR *dir = opendir(".");
if (!dir)
return v;
struct dirent *e;
while ((e= readdir(dir))
v.push_back(e->d_name);
closedir(dir);
#endif
return v;
}
Aws::SDKOptions sdkOptions;
/*
@ -150,7 +170,6 @@ Aws::SDKOptions sdkOptions;
*/
static int plugin_init(void *p)
{
DBUG_ENTER("plugin_init");
#ifdef HAVE_YASSL
sdkOptions.cryptoOptions.initAndCleanupOpenSSL = true;
@ -176,46 +195,33 @@ static int plugin_init(void *p)
if (!client)
{
my_printf_error(ER_UNKNOWN_ERROR, "Can not initialize KMS client", ME_ERROR_LOG,);
DBUG_RETURN(-1);
return -1;
}
#ifdef HAVE_PSI_INTERFACE
mysql_mutex_register("aws_key_management", &mtx_info, 1);
#endif
mysql_mutex_init(mtx_key, &mtx, NULL);
MY_DIR *dirp = my_dir(".", MYF(0));
if (!dirp)
{
sql_print_error("Can't scan current directory");
DBUG_RETURN(-1);
}
for (unsigned int i=0; i < dirp->number_of_files; i++)
vector<string> files= traverse_current_directory();
for (size_t i=0; i < files.size(); i++)
{
KEY_INFO info;
if (extract_id_and_version(dirp->dir_entry[i].name, &info.key_id, &info.key_version) == 0)
if (extract_id_and_version(files[i].c_str(), &info.key_id, &info.key_version) == 0)
{
key_info_cache[KEY_ID_AND_VERSION(info.key_id, info.key_version)]= info;
latest_version_cache[info.key_id]= max(info.key_version, latest_version_cache[info.key_id]);
}
}
my_dirend(dirp);
DBUG_RETURN(0);
return 0;
}
static int plugin_deinit(void *p)
{
DBUG_ENTER("plugin_deinit");
latest_version_cache.clear();
key_info_cache.clear();
mysql_mutex_destroy(&mtx);
delete client;
ShutdownAWSLogging();
Aws::ShutdownAPI(sdkOptions);
DBUG_RETURN(0);
return 0;
}
/* Generate filename to store the ciphered key */
@ -242,8 +248,7 @@ static int load_key(KEY_INFO *info)
{
int ret;
char path[256];
DBUG_ENTER("load_key");
DBUG_PRINT("enter", ("id=%u,ver=%u", info->key_id, info->key_version));
format_keyfile_name(path, sizeof(path), info->key_id, info->key_version);
ret= aws_decrypt_key(path, info);
if (ret)
@ -262,7 +267,7 @@ static int load_key(KEY_INFO *info)
my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin: key %u, version %u could not be decrypted", ME_ERROR_LOG | ER_WARNING,
info->key_id, info->key_version);
}
DBUG_RETURN(ret);
return ret;
}
@ -281,19 +286,17 @@ static int load_key(KEY_INFO *info)
static unsigned int get_latest_key_version(unsigned int key_id)
{
unsigned int ret;
DBUG_ENTER("get_latest_key_version");
mysql_mutex_lock(&mtx);
mtx.lock();
ret= get_latest_key_version_nolock(key_id);
mysql_mutex_unlock(&mtx);
DBUG_PRINT("info", ("key=%u,ret=%u", key_id, ret));
DBUG_RETURN(ret);
mtx.unlock();
return ret;
}
static unsigned int get_latest_key_version_nolock(unsigned int key_id)
{
KEY_INFO info;
uint ver;
DBUG_ENTER("get_latest_key_version_nolock");
ver= latest_version_cache[key_id];
if (ver > 0)
{
@ -302,13 +305,13 @@ static unsigned int get_latest_key_version_nolock(unsigned int key_id)
if (info.load_failed)
{
/* Decryption failed previously, don't retry */
DBUG_RETURN(ENCRYPTION_KEY_VERSION_INVALID);
return(ENCRYPTION_KEY_VERSION_INVALID);
}
else if (ver > 0)
{
/* Key exists already, return it*/
if (info.length > 0)
DBUG_RETURN(ver);
return(ver);
}
else // (ver == 0)
{
@ -318,18 +321,18 @@ static unsigned int get_latest_key_version_nolock(unsigned int key_id)
my_printf_error(ER_UNKNOWN_ERROR,
"Can't generate encryption key %u, because 'aws_key_management_master_key_id' parameter is not set",
MYF(0), key_id);
DBUG_RETURN(ENCRYPTION_KEY_VERSION_INVALID);
return(ENCRYPTION_KEY_VERSION_INVALID);
}
if (aws_generate_datakey(key_id, 1) != 0)
DBUG_RETURN(ENCRYPTION_KEY_VERSION_INVALID);
return(ENCRYPTION_KEY_VERSION_INVALID);
info.key_id= key_id;
info.key_version= 1;
info.length= 0;
}
if (load_key(&info))
DBUG_RETURN(ENCRYPTION_KEY_VERSION_INVALID);
DBUG_RETURN(info.key_version);
return(ENCRYPTION_KEY_VERSION_INVALID);
return(info.key_version);
}
@ -338,20 +341,19 @@ static unsigned int get_latest_key_version_nolock(unsigned int key_id)
*/
static int aws_decrypt_key(const char *path, KEY_INFO *info)
{
DBUG_ENTER("aws_decrypt_key");
/* Read file content into memory */
ifstream ifs(path, ios::binary | ios::ate);
if (!ifs.good())
{
my_printf_error(ER_UNKNOWN_ERROR, "can't open file %s", ME_ERROR_LOG, path);
DBUG_RETURN(-1);
return(-1);
}
size_t pos = (size_t)ifs.tellg();
if (!pos || pos == SIZE_T_MAX)
{
my_printf_error(ER_UNKNOWN_ERROR, "invalid key file %s", ME_ERROR_LOG, path);
DBUG_RETURN(-1);
return(-1);
}
std::vector<char> contents(pos);
ifs.seekg(0, ios::beg);
@ -366,7 +368,7 @@ static int aws_decrypt_key(const char *path, KEY_INFO *info)
{
my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin: Decrypt failed for %s : %s", ME_ERROR_LOG, path,
outcome.GetError().GetMessage().c_str());
DBUG_RETURN(-1);
return(-1);
}
Aws::Utils::ByteBuffer plaintext = outcome.GetResult().GetPlaintext();
size_t len = plaintext.GetLength();
@ -374,19 +376,17 @@ static int aws_decrypt_key(const char *path, KEY_INFO *info)
if (len > (int)sizeof(info->data))
{
my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin: encoding key too large for %s", ME_ERROR_LOG, path);
DBUG_RETURN(ENCRYPTION_KEY_BUFFER_TOO_SMALL);
return(ENCRYPTION_KEY_BUFFER_TOO_SMALL);
}
memcpy(info->data, plaintext.GetUnderlyingData(), len);
info->length= len;
DBUG_RETURN(0);
return(0);
}
/* Generate a new datakey and store it a file */
static int aws_generate_datakey(uint keyid, uint version)
{
DBUG_ENTER("aws_generate_datakey");
GenerateDataKeyWithoutPlaintextRequest request;
request.SetKeyId(master_key_id);
request.SetKeySpec(DataKeySpecMapper::GetDataKeySpecForName(key_spec_names[key_spec]));
@ -398,7 +398,7 @@ static int aws_generate_datakey(uint keyid, uint version)
my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin : GenerateDataKeyWithoutPlaintext failed : %s - %s", ME_ERROR_LOG,
outcome.GetError().GetExceptionName().c_str(),
outcome.GetError().GetMessage().c_str());
DBUG_RETURN(-1);
return(-1);
}
string out;
@ -406,24 +406,24 @@ static int aws_generate_datakey(uint keyid, uint version)
Aws::Utils::ByteBuffer byteBuffer = outcome.GetResult().GetCiphertextBlob();
format_keyfile_name(filename, sizeof(filename), keyid, version);
int fd= my_open(filename, O_RDWR | O_CREAT, 0);
int fd= open(filename, O_WRONLY |O_CREAT|O_BINARY, IF_WIN(_S_IREAD, S_IRUSR| S_IRGRP| S_IROTH));
if (fd < 0)
{
my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin: Can't create file %s", ME_ERROR_LOG, filename);
DBUG_RETURN(-1);
return(-1);
}
size_t len= byteBuffer.GetLength();
if (my_write(fd, byteBuffer.GetUnderlyingData(), len, 0) != len)
if (write(fd, byteBuffer.GetUnderlyingData(), len) != len)
{
my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin: can't write to %s", ME_ERROR_LOG, filename);
my_close(fd, 0);
my_delete(filename, 0);
DBUG_RETURN(-1);
close(fd);
unlink(filename);
return(-1);
}
my_close(fd, 0);
close(fd);
my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin: generated encrypted datakey for key id=%u, version=%u", ME_ERROR_LOG | ER_NOTE,
keyid, version);
DBUG_RETURN(0);
return(0);
}
/* Key rotation for a single key */
@ -479,7 +479,7 @@ static void update_rotate(MYSQL_THD, struct st_mysql_sys_var *, void *, const vo
"aws_key_management_master_key_id must be set to generate new data keys", MYF(ME_JUST_WARNING));
return;
}
mysql_mutex_lock(&mtx);
mtx.lock();
rotate_key= *(int *)val;
switch (rotate_key)
{
@ -493,7 +493,7 @@ static void update_rotate(MYSQL_THD, struct st_mysql_sys_var *, void *, const vo
break;
}
rotate_key= 0;
mysql_mutex_unlock(&mtx);
mtx.unlock();
}
static unsigned int get_key(
@ -504,8 +504,7 @@ static unsigned int get_key(
{
KEY_INFO info;
DBUG_ENTER("get_key");
mysql_mutex_lock(&mtx);
mtx.lock();
info= key_info_cache[KEY_ID_AND_VERSION(key_id, version)];
if (info.length == 0 && !info.load_failed)
{
@ -513,17 +512,17 @@ static unsigned int get_key(
info.key_version= version;
load_key(&info);
}
mysql_mutex_unlock(&mtx);
mtx.unlock();
if (info.load_failed)
DBUG_RETURN(ENCRYPTION_KEY_VERSION_INVALID);
return(ENCRYPTION_KEY_VERSION_INVALID);
if (*buflen < info.length)
{
*buflen= info.length;
DBUG_RETURN(ENCRYPTION_KEY_BUFFER_TOO_SMALL);
return(ENCRYPTION_KEY_BUFFER_TOO_SMALL);
}
*buflen= info.length;
memcpy(dstbuf, info.data, info.length);
DBUG_RETURN(0);
return(0);
}

5
plugin/daemon_example/CMakeLists.txt
View File

@ -13,7 +13,8 @@
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
MYSQL_ADD_PLUGIN(daemon_example daemon_example.cc
MYSQL_ADD_PLUGIN(daemon_example daemon_example.cc RECOMPILE_FOR_EMBEDDED
MODULE_ONLY MODULE_OUTPUT_NAME "libdaemon_example" COMPONENT Test)
INSTALL(FILES daemon_example.ini DESTINATION ${INSTALL_PLUGINDIR} COMPONENT Test)
INSTALL(FILES daemon_example.ini DESTINATION ${INSTALL_PLUGINDIR}
COMPONENT Test)

13
plugin/example_key_management/example_key_management_plugin.cc
View File

@ -28,18 +28,24 @@
#include <my_global.h>
#include <my_pthread.h>
#include <mysql/plugin_encryption.h>
#include <my_rnd.h>
#include <my_crypt.h>
/* rotate key randomly between 45 and 90 seconds */
#define KEY_ROTATION_MIN 45
#define KEY_ROTATION_MAX 90
static struct my_rnd_struct seed;
static time_t key_version = 0;
static time_t next_key_version = 0;
static pthread_mutex_t mutex;
/* Random double value in 0..1 range */
static double double_rnd()
{
return ((double)rand()) / RAND_MAX;
}
static unsigned int
get_latest_key_version(unsigned int key_id)
{
@ -50,7 +56,7 @@ get_latest_key_version(unsigned int key_id)
key_version = now;
unsigned int interval = KEY_ROTATION_MAX - KEY_ROTATION_MIN;
next_key_version = (time_t) (now + KEY_ROTATION_MIN +
my_rnd(&seed) * interval);
double_rnd() * interval);
}
pthread_mutex_unlock(&mutex);
@ -101,7 +107,6 @@ static unsigned int get_length(unsigned int slen, unsigned int key_id,
static int example_key_management_plugin_init(void *p)
{
/* init */
my_rnd_init(&seed, time(0), 0);
pthread_mutex_init(&mutex, NULL);
get_latest_key_version(1);

18
plugin/file_key_management/file_key_management_plugin.cc
View File

@ -66,22 +66,14 @@ static struct st_mysql_sys_var* settings[] = {
NULL
};
Dynamic_array<keyentry> keys(static_cast<uint>(0));
std::map<unsigned int,keyentry> keys;
static keyentry *get_key(unsigned int key_id)
{
keyentry *a= keys.front(), *b= keys.back() + 1, *c;
while (b - a > 1)
{
c= a + (b - a)/2;
if (c->id == key_id)
return c;
else if (c->id < key_id)
a= c;
else
b= c;
}
return a->id == key_id ? a : 0;
keyentry &key= keys[key_id];
if (key.id == 0)
return 0;
return &key;
}
/* the version is always the same, no automatic key rotation */

106
plugin/file_key_management/parser.cc
View File

@ -143,13 +143,13 @@ void Parser::bytes_to_key(const unsigned char *salt, const char *input,
}
bool Parser::parse(Dynamic_array<keyentry> *keys)
bool Parser::parse(std::map<uint,keyentry> *keys)
{
const char *secret= filekey;
char buf[MAX_SECRET_SIZE + 1];
//If secret starts with FILE: interpret the secret as a filename.
if (is_prefix(filekey, FILE_PREFIX))
if (strncmp(filekey, FILE_PREFIX,sizeof(FILE_PREFIX) -1) == 0)
{
if (read_filekey(filekey + sizeof(FILE_PREFIX) - 1, buf))
return 1;
@ -166,22 +166,26 @@ bool Parser::parse(Dynamic_array<keyentry> *keys)
bool Parser::read_filekey(const char *filekey, char *secret)
{
int f= my_open(filekey, O_RDONLY, MYF(MY_WME));
int f= open(filekey, O_RDONLY|O_BINARY);
if (f == -1)
{
my_error(EE_FILENOTFOUND,ME_ERROR_LOG, filekey, errno);
return 1;
int len= my_read(f, (uchar*)secret, MAX_SECRET_SIZE, MYF(MY_WME));
my_close(f, MYF(MY_WME));
}
int len= read(f, secret, MAX_SECRET_SIZE);
if (len <= 0)
{
my_error(EE_READ,ME_ERROR_LOG, filekey, errno);
close(f);
return 1;
}
close(f);
while (secret[len - 1] == '\r' || secret[len - 1] == '\n') len--;
secret[len]= '\0';
return 0;
}
static int sort_keys(const keyentry *k1, const keyentry *k2)
{
return k1->id < k2->id ? -1 : k1->id > k2->id;
}
/**
Get the keys from the key file <filename> and decrypt it with the
@ -191,7 +195,7 @@ static int sort_keys(const keyentry *k1, const keyentry *k2)
@return 0 when ok, 1 for an error
*/
bool Parser::parse_file(Dynamic_array<keyentry> *keys, const char *secret)
bool Parser::parse_file(std::map<uint,keyentry> *keys, const char *secret)
{
char *buffer= read_and_decrypt_file(secret);
@ -208,19 +212,16 @@ bool Parser::parse_file(Dynamic_array<keyentry> *keys, const char *secret)
case 1: // comment
break;
case -1: // error
my_free(buffer);
free(buffer);
return 1;
case 0:
if (keys->push(key))
return 1;
(*keys)[key.id] = key;
break;
}
}
keys->sort(sort_keys);
my_free(buffer);
if (keys->elements() == 0 || keys->at(0).id != 1)
free(buffer);
if (keys->size() == 0 || (*keys)[1].id == 0)
{
report_error("System key id 1 is missing", 0);
return 1;
@ -247,16 +248,25 @@ int Parser::parse_line(char **line_ptr, keyentry *key)
while (isspace(*p) && *p != '\n') p++;
if (*p != '#' && *p != '\n')
{
int error;
p+= 100; // the number will surely end here (on a non-digit or with an overflow)
longlong id= my_strtoll10(p - 100, &p, &error);
if (error)
if (!isdigit(*p))
{
report_error("Syntax error", p - *line_ptr);
return -1;
}
if (id < 1 || id > UINT_MAX32)
longlong id = 0;
while (isdigit(*p))
{
id = id * 10 + *p - '0';
if (id > UINT_MAX32)
{
report_error("Invalid key id", p - *line_ptr);
return -1;
}
p++;
}
if (id < 1)
{
report_error("Invalid key id", p - *line_ptr);
return -1;
@ -269,7 +279,7 @@ int Parser::parse_line(char **line_ptr, keyentry *key)
}
p++;
key->id= id;
key->id= (unsigned int)id;
key->length=0;
while (isxdigit(p[0]) && isxdigit(p[1]) && key->length < sizeof(key->key))
{
@ -295,9 +305,13 @@ int Parser::parse_line(char **line_ptr, keyentry *key)
'secret'. Store the content of the decrypted file in 'buffer'. The
buffer has to be freed in the calling function.
*/
#ifdef _WIN32
#define lseek _lseeki64
#endif
char* Parser::read_and_decrypt_file(const char *secret)
{
int f;
if (!filename || !filename[0])
{
my_printf_error(EE_CANT_OPEN_STREAM, "file-key-management-filename is not set",
@ -305,15 +319,21 @@ char* Parser::read_and_decrypt_file(const char *secret)
goto err0;
}
int f;
if ((f= my_open(filename, O_RDONLY, MYF(MY_WME))) < 0)
f= open(filename, O_RDONLY|O_BINARY, 0);
if (f < 0)
{
my_error(EE_FILENOTFOUND, ME_ERROR_LOG, filename, errno);
goto err0;
}
my_off_t file_size;
file_size= my_seek(f, 0, SEEK_END, MYF(MY_WME));
file_size= lseek(f, 0, SEEK_END);
if (file_size == MY_FILEPOS_ERROR)
if (file_size == MY_FILEPOS_ERROR || (my_off_t)lseek(f, 0, SEEK_SET) == MY_FILEPOS_ERROR)
{
my_error(EE_CANT_SEEK, MYF(0), filename, errno);
goto err1;
}
if (file_size > MAX_KEY_FILE_SIZE)
{
@ -323,29 +343,39 @@ char* Parser::read_and_decrypt_file(const char *secret)
//Read file into buffer
uchar *buffer;
buffer= (uchar*)my_malloc(file_size + 1, MYF(MY_WME));
buffer= (uchar*)malloc((size_t)file_size + 1);
if (!buffer)
{
my_error(EE_OUTOFMEMORY, ME_ERROR_LOG| ME_FATAL, file_size);
goto err1;
}
if (my_pread(f, buffer, file_size, 0, MYF(MY_WME)) != file_size)
if (read(f, buffer, (int)file_size) != (int)file_size)
{
my_printf_error(EE_READ,
"read from %s failed, errno %d",
MYF(ME_ERROR_LOG|ME_FATAL), filename, errno);
goto err2;
}
// Check for file encryption
uchar *decrypted;
if (file_size > OpenSSL_prefix_len && is_prefix((char*)buffer, OpenSSL_prefix))
if (file_size > OpenSSL_prefix_len && strncmp((char*)buffer, OpenSSL_prefix, OpenSSL_prefix_len) == 0)
{
uchar key[OpenSSL_key_len];
uchar iv[OpenSSL_iv_len];
decrypted= (uchar*)my_malloc(file_size, MYF(MY_WME));
decrypted= (uchar*)malloc((size_t)file_size);
if (!decrypted)
{
my_error(EE_OUTOFMEMORY, ME_ERROR_LOG | ME_FATAL, file_size);
goto err2;
}
bytes_to_key(buffer + OpenSSL_prefix_len, secret, key, iv);
uint32 d_size;
if (my_aes_crypt(MY_AES_CBC, ENCRYPTION_FLAG_DECRYPT,
buffer + OpenSSL_prefix_len + OpenSSL_salt_len,
file_size - OpenSSL_prefix_len - OpenSSL_salt_len,
(unsigned int)file_size - OpenSSL_prefix_len - OpenSSL_salt_len,
decrypted, &d_size, key, OpenSSL_key_len,
iv, OpenSSL_iv_len))
@ -354,7 +384,7 @@ char* Parser::read_and_decrypt_file(const char *secret)
goto err3;
}
my_free(buffer);
free(buffer);
buffer= decrypted;
file_size= d_size;
}
@ -365,15 +395,15 @@ char* Parser::read_and_decrypt_file(const char *secret)
}
buffer[file_size]= '\0';
my_close(f, MYF(MY_WME));
close(f);
return (char*) buffer;
err3:
my_free(decrypted);
free(decrypted);
err2:
my_free(buffer);
free(buffer);
err1:
my_close(f, MYF(MY_WME));
close(f);
err0:
return NULL;
}

6
plugin/file_key_management/parser.h
View File

@ -22,7 +22,7 @@ Created 09/15/2014
#include <my_crypt.h>
#include <ctype.h>
#include <sql_array.h>
#include <map>
struct keyentry {
unsigned int id;
@ -42,7 +42,7 @@ class Parser
void bytes_to_key(const unsigned char *salt, const char *secret,
unsigned char *key, unsigned char *iv);
bool read_filekey(const char *filekey, char *secret);
bool parse_file(Dynamic_array<keyentry> *keys, const char *secret);
bool parse_file(std::map<unsigned int ,keyentry> *keys, const char *secret);
void report_error(const char *reason, unsigned int position);
int parse_line(char **line_ptr, keyentry *key);
char* read_and_decrypt_file(const char *secret);
@ -50,5 +50,5 @@ class Parser
public:
Parser(const char* fn, const char *fk) :
filename(fn), filekey(fk), line_number(0) { }
bool parse(Dynamic_array<keyentry> *keys);
bool parse(std::map<unsigned int ,keyentry> *keys);
};

2
plugin/handler_socket/CMakeLists.txt
View File

@ -34,6 +34,6 @@ SET(HANDLERSOCKET_SOURCES
MYSQL_ADD_PLUGIN(handlersocket
${HANDLERSOCKET_SOURCES}
MODULE_ONLY COMPONENT Server
LINK_LIBRARIES hsclient
LINK_LIBRARIES hsclient RECOMPILE_FOR_EMBEDDED
)

2
plugin/locale_info/CMakeLists.txt
View File

@ -1,5 +1,5 @@
INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/sql ${CMAKE_SOURCE_DIR}/regex
${CMAKE_SOURCE_DIR}/extra/yassl/include)
MYSQL_ADD_PLUGIN(LOCALES locale_info.cc)
MYSQL_ADD_PLUGIN(LOCALES locale_info.cc RECOMPILE_FOR_EMBEDDED)

3
plugin/metadata_lock_info/CMakeLists.txt
View File

@ -1,2 +1,3 @@
SET(METADATA_LOCK_INFO_SOURCES metadata_lock_info.cc)
MYSQL_ADD_PLUGIN(metadata_lock_info ${METADATA_LOCK_INFO_SOURCES} MODULE_OUTPUT_NAME "metadata_lock_info")
MYSQL_ADD_PLUGIN(metadata_lock_info ${METADATA_LOCK_INFO_SOURCES}
RECOMPILE_FOR_EMBEDDED)

2
plugin/qc_info/CMakeLists.txt
View File

@ -2,4 +2,4 @@ INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/sql
${PCRE_INCLUDES}
${CMAKE_SOURCE_DIR}/extra/yassl/include)
MYSQL_ADD_PLUGIN(QUERY_CACHE_INFO qc_info.cc)
MYSQL_ADD_PLUGIN(QUERY_CACHE_INFO qc_info.cc RECOMPILE_FOR_EMBEDDED)

3
plugin/query_response_time/CMakeLists.txt
View File

@ -1,2 +1,3 @@
ADD_DEFINITIONS(-DHAVE_RESPONSE_TIME_DISTRIBUTION)
MYSQL_ADD_PLUGIN(QUERY_RESPONSE_TIME query_response_time.cc plugin.cc)
MYSQL_ADD_PLUGIN(QUERY_RESPONSE_TIME query_response_time.cc plugin.cc
RECOMPILE_FOR_EMBEDDED)

6
plugin/semisync/CMakeLists.txt
View File

@ -17,10 +17,12 @@ SET(SEMISYNC_MASTER_SOURCES
semisync.cc semisync_master.cc semisync_master_plugin.cc
semisync.h semisync_master.h)
MYSQL_ADD_PLUGIN(semisync_master ${SEMISYNC_MASTER_SOURCES})
MYSQL_ADD_PLUGIN(semisync_master ${SEMISYNC_MASTER_SOURCES}
RECOMPILE_FOR_EMBEDDED)
SET(SEMISYNC_SLAVE_SOURCES semisync.cc semisync_slave.cc
semisync_slave_plugin.cc semisync.h semisync_slave.h )
MYSQL_ADD_PLUGIN(semisync_slave ${SEMISYNC_SLAVE_SOURCES})
MYSQL_ADD_PLUGIN(semisync_slave ${SEMISYNC_SLAVE_SOURCES}
RECOMPILE_FOR_EMBEDDED)

5
plugin/server_audit/CMakeLists.txt
View File

@ -13,7 +13,6 @@
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02111-1301 USA
SET(SERVER_AUDIT_SOURCES
server_audit.c test_audit_v4.c plugin_audit_v4.h)
SET(SOURCES server_audit.c test_audit_v4.c plugin_audit_v4.h)
MYSQL_ADD_PLUGIN(server_audit ${SERVER_AUDIT_SOURCES} MODULE_ONLY)
MYSQL_ADD_PLUGIN(server_audit ${SOURCES} MODULE_ONLY RECOMPILE_FOR_EMBEDDED)

2
plugin/wsrep_info/CMakeLists.txt
View File

@ -1,5 +1,5 @@
IF (WITH_WSREP)
INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/sql
${CMAKE_SOURCE_DIR}/wsrep)
MYSQL_ADD_PLUGIN(WSREP_INFO plugin.cc MODULE_ONLY)
MYSQL_ADD_PLUGIN(WSREP_INFO plugin.cc MODULE_ONLY RECOMPILE_FOR_EMBEDDED)
ENDIF()
Write Preview
Loading…
Cancel
Save