diff options
author | Sergei Golubchik <serg@mariadb.org> | 2015-05-27 12:18:29 +0200 |
---|---|---|
committer | Sergei Golubchik <serg@mariadb.org> | 2015-06-02 19:00:23 +0200 |
commit | 487e5f45908c04d63a9becf1078ecaeaf658f0ae (patch) | |
tree | fdea124d88a07bc88dc335500631d1164aa166b0 | |
parent | 432b78c90376aac4fda94317fd20eced33d08230 (diff) | |
download | mariadb-git-487e5f45908c04d63a9becf1078ecaeaf658f0ae.tar.gz |
file_key_management plugin: complain if key id 1 is not found
and don't recommend aes_ctr if it's unavailable
-rw-r--r-- | mysql-test/suite/encryption/r/filekeys_syntax.result | 20 | ||||
-rw-r--r-- | mysql-test/suite/encryption/t/filekeys_syntax.test | 13 | ||||
-rw-r--r-- | plugin/file_key_management/file_key_management_plugin.cc | 7 | ||||
-rw-r--r-- | plugin/file_key_management/parser.cc | 8 |
4 files changed, 46 insertions, 2 deletions
diff --git a/mysql-test/suite/encryption/r/filekeys_syntax.result b/mysql-test/suite/encryption/r/filekeys_syntax.result index a5606152d80..eb8119bc4f5 100644 --- a/mysql-test/suite/encryption/r/filekeys_syntax.result +++ b/mysql-test/suite/encryption/r/filekeys_syntax.result @@ -127,3 +127,23 @@ ERROR HY000: Can't create table `test`.`t1` (errno: 140 "Wrong create options") select plugin_status from information_schema.plugins where plugin_name = 'file_key_management'; plugin_status +install soname 'file_key_management'; +ERROR HY000: System key id 1 is missing at MYSQL_TMP_DIR/keys.txt line 1, column 1 +call mtr.add_suppression("Syntax error"); +call mtr.add_suppression("Plugin 'file_key_management' init function returned error"); +call mtr.add_suppression("Plugin 'file_key_management' registration.*failed"); +FOUND /Syntax error/ in mysqld.1.err +create table t1(c1 bigint not null, b char(200)) engine=innodb encrypted=yes encryption_key_id=1; +ERROR HY000: Can't create table `test`.`t1` (errno: 140 "Wrong create options") +select plugin_status from information_schema.plugins +where plugin_name = 'file_key_management'; +plugin_status +call mtr.add_suppression("System key id 1"); +call mtr.add_suppression("Plugin 'file_key_management' init function returned error"); +call mtr.add_suppression("Plugin 'file_key_management' registration.*failed"); +FOUND /System key id 1/ in mysqld.1.err +create table t1(c1 bigint not null, b char(200)) engine=innodb encrypted=yes encryption_key_id=1; +ERROR HY000: Can't create table `test`.`t1` (errno: 140 "Wrong create options") +select plugin_status from information_schema.plugins +where plugin_name = 'file_key_management'; +plugin_status diff --git a/mysql-test/suite/encryption/t/filekeys_syntax.test b/mysql-test/suite/encryption/t/filekeys_syntax.test index e68e18bee1a..61db6ad716e 100644 --- a/mysql-test/suite/encryption/t/filekeys_syntax.test +++ b/mysql-test/suite/encryption/t/filekeys_syntax.test @@ -94,3 +94,16 @@ install soname 'file_key_management'; source filekeys_badtest.inc; let SEARCH_PATTERN=Syntax error; source filekeys_badtest.inc; +# +# no key id 1 +# +remove_file $MYSQL_TMP_DIR/keys.txt; +write_file $MYSQL_TMP_DIR/keys.txt; +3;22222222222222222222222222222222 +EOF +--replace_result $MYSQL_TMP_DIR MYSQL_TMP_DIR +--error 2 +install soname 'file_key_management'; +source filekeys_badtest.inc; +let SEARCH_PATTERN=System key id 1; +source filekeys_badtest.inc; diff --git a/plugin/file_key_management/file_key_management_plugin.cc b/plugin/file_key_management/file_key_management_plugin.cc index 666a5190860..74eeebbc4e3 100644 --- a/plugin/file_key_management/file_key_management_plugin.cc +++ b/plugin/file_key_management/file_key_management_plugin.cc @@ -48,9 +48,14 @@ static MYSQL_SYSVAR_STR(filekey, filekey, "Key to encrypt / decrypt the keyfile.", NULL, NULL, ""); +#ifdef HAVE_EncryptAes128Ctr +#define recommendation ", aes_ctr is the recommended one" +#else +#define recommendation "" +#endif static MYSQL_SYSVAR_ENUM(encryption_algorithm, encryption_algorithm, PLUGIN_VAR_RQCMDARG | PLUGIN_VAR_READONLY, - "Encryption algorithm to use, aes_ctr is the recommended one.", + "Encryption algorithm to use" recommendation ".", NULL, NULL, 0, &encryption_algorithm_typelib); static struct st_mysql_sys_var* settings[] = { diff --git a/plugin/file_key_management/parser.cc b/plugin/file_key_management/parser.cc index 27349f1a0a9..552dd7df970 100644 --- a/plugin/file_key_management/parser.cc +++ b/plugin/file_key_management/parser.cc @@ -218,8 +218,14 @@ bool Parser::parse_file(Dynamic_array<keyentry> *keys, const char *secret) } keys->sort(sort_keys); - my_free(buffer); + + if (keys->at(0).id != 1) + { + report_error("System key id 1 is missing", 0); + return 1; + } + return 0; } |