diff options
| author | Vladislav Vaintroub <wlad@mariadb.com> | 2017-04-18 16:37:57 +0000 |
|---|---|---|
| committer | Sergei Golubchik <serg@mariadb.org> | 2017-04-27 19:12:38 +0200 |
| commit | db3910741347e7d741f4a854075c248e9081d722 (patch) | |
| tree | a868bb87a27eb54655e114ee24a57245060e8270 | |
| parent | 175dd3ad5933e1ad4afb676251f323fe5527a7f1 (diff) | |
| download | mariadb-git-db3910741347e7d741f4a854075c248e9081d722.tar.gz | |
MDEV-11663 Create services for functionality used by plugins
Added service for
- encryption (AES)
- error reporting, e.g my_printf_error()
33 files changed, 537 insertions, 144 deletions
diff --git a/include/my_crypt.h b/include/my_crypt.h index e1e94c9bd9d..719e349bfb9 100644 --- a/include/my_crypt.h +++ b/include/my_crypt.h @@ -18,74 +18,7 @@ #ifndef MY_CRYPT_INCLUDED #define MY_CRYPT_INCLUDED -#include <my_global.h> - -#ifdef __cplusplus -extern "C" { -#endif - -/* return values from my_aes_encrypt/my_aes_decrypt functions */ -#define MY_AES_OK 0 -#define MY_AES_BAD_DATA -100 -#define MY_AES_OPENSSL_ERROR -101 -#define MY_AES_BAD_KEYSIZE -102 - -/* The block size for all supported algorithms */ -#define MY_AES_BLOCK_SIZE 16 - -/* The max key length of all supported algorithms */ -#define MY_AES_MAX_KEY_LENGTH 32 - -#define MY_AES_CTX_SIZE 512 - -enum my_aes_mode { - MY_AES_ECB, MY_AES_CBC -#ifdef HAVE_EncryptAes128Ctr - , MY_AES_CTR -#endif -#ifdef HAVE_EncryptAes128Gcm - , MY_AES_GCM -#endif -}; - -int my_aes_crypt_init(void *ctx, enum my_aes_mode mode, int flags, - const unsigned char* key, unsigned int klen, - const unsigned char* iv, unsigned int ivlen); -int my_aes_crypt_update(void *ctx, const uchar *src, uint slen, - uchar *dst, uint *dlen); -int my_aes_crypt_finish(void *ctx, uchar *dst, uint *dlen); -int my_aes_crypt(enum my_aes_mode mode, int flags, - const uchar *src, uint slen, uchar *dst, uint *dlen, - const uchar *key, uint klen, const uchar *iv, uint ivlen); - -/* - calculate the length of the cyphertext from the length of the plaintext - for different AES encryption modes with padding enabled. - Without padding (ENCRYPTION_FLAG_NOPAD) cyphertext has the same length - as the plaintext -*/ -static inline uint my_aes_get_size(enum my_aes_mode mode __attribute__((unused)), uint source_length) -{ -#ifdef HAVE_EncryptAes128Ctr - if (mode == MY_AES_CTR) - return source_length; -#ifdef HAVE_EncryptAes128Gcm - if (mode == MY_AES_GCM) - return source_length + MY_AES_BLOCK_SIZE; -#endif -#endif - return (source_length / MY_AES_BLOCK_SIZE + 1) * MY_AES_BLOCK_SIZE; -} - -static inline uint my_aes_ctx_size(enum my_aes_mode mode __attribute__((unused))) -{ - return MY_AES_CTX_SIZE; -} - -int my_random_bytes(uchar* buf, int num); - -#ifdef __cplusplus -} -#endif +#include <my_config.h> /* HAVE_EncryptAes128{Ctr,Gcm} */ +#include <mysql/service_my_crypt.h> #endif /* MY_CRYPT_INCLUDED */ diff --git a/include/my_sys.h b/include/my_sys.h index 7480514dc08..ca933ed574e 100644 --- a/include/my_sys.h +++ b/include/my_sys.h @@ -42,6 +42,7 @@ typedef struct my_aio_result { #include <malloc.h> /*for alloca*/ #endif #include <mysql/plugin.h> +#include <mysql/service_my_print_error.h> #define MY_INIT(name) { my_progname= name; my_init(); } @@ -104,18 +105,10 @@ typedef struct my_aio_result { #define MY_GIVE_INFO 2 /* Give time info about process*/ #define MY_DONT_FREE_DBUG 4 /* Do not call DBUG_END() in my_end() */ -#define ME_HIGHBYTE 8 /* Shift for colours */ -#define ME_NOCUR 1 /* Don't use curses message */ -#define ME_OLDWIN 2 /* Use old window */ -#define ME_BELL 4 /* Ring bell then printing message */ -#define ME_HOLDTANG 8 /* Don't delete last keys */ -#define ME_WAITTOT 16 /* Wait for errtime secs of for a action */ -#define ME_WAITTANG 32 /* Wait for a user action */ -#define ME_NOREFRESH 64 /* Write the error message to error log */ -#define ME_NOINPUT 128 /* Dont use the input libary */ -#define ME_COLOUR1 ((1 << ME_HIGHBYTE)) /* Possibly error-colours */ -#define ME_COLOUR2 ((2 << ME_HIGHBYTE)) -#define ME_COLOUR3 ((3 << ME_HIGHBYTE)) +#define ME_BELL 4 /* Ring bell then printing message */ +#define ME_WAITTANG 0 /* Wait for a user action */ +#define ME_NOREFRESH 64 /* Write the error message to error log */ +#define ME_NOINPUT 0 /* Dont use the input libary */ #define ME_JUST_INFO 1024 /**< not error but just info */ #define ME_JUST_WARNING 2048 /**< not error but just warning */ #define ME_FATALERROR 4096 /* Fatal statement error */ @@ -715,12 +708,6 @@ extern int my_sync(File fd, myf my_flags); extern int my_sync_dir(const char *dir_name, myf my_flags); extern int my_sync_dir_by_file(const char *file_name, myf my_flags); extern const char *my_get_err_msg(uint nr); -extern void my_error(uint nr,myf MyFlags, ...); -extern void my_printf_error(uint my_err, const char *format, - myf MyFlags, ...) - ATTRIBUTE_FORMAT(printf, 2, 4); -extern void my_printv_error(uint error, const char *format, myf MyFlags, - va_list ap); extern int my_error_register(const char** (*get_errmsgs) (void), uint first, uint last); extern const char **my_error_unregister(uint first, uint last); diff --git a/include/mysql/plugin.h b/include/mysql/plugin.h index a5bfa1bbc9e..61be12057e8 100644 --- a/include/mysql/plugin.h +++ b/include/mysql/plugin.h @@ -75,7 +75,7 @@ typedef struct st_mysql_xid MYSQL_XID; #define MYSQL_PLUGIN_INTERFACE_VERSION 0x0104 /* MariaDB plugin interface version */ -#define MARIA_PLUGIN_INTERFACE_VERSION 0x010c +#define MARIA_PLUGIN_INTERFACE_VERSION 0x010d /* The allowable types of plugins diff --git a/include/mysql/plugin_audit.h.pp b/include/mysql/plugin_audit.h.pp index eb5369c0377..d014edfedb9 100644 --- a/include/mysql/plugin_audit.h.pp +++ b/include/mysql/plugin_audit.h.pp @@ -137,6 +137,43 @@ size_t my_md5_context_size(); void my_md5_init(void *context); void my_md5_input(void *context, const unsigned char *buf, size_t len); void my_md5_result(void *context, unsigned char *digest); +enum my_aes_mode { + MY_AES_ECB, MY_AES_CBC +}; +extern struct my_crypt_service_st { + int (*my_aes_crypt_init)(void *ctx, enum my_aes_mode mode, int flags, + const unsigned char* key, unsigned int klen, + const unsigned char* iv, unsigned int ivlen); + int (*my_aes_crypt_update)(void *ctx, const unsigned char *src, unsigned int slen, + unsigned char *dst, unsigned int *dlen); + int (*my_aes_crypt_finish)(void *ctx, unsigned char *dst, unsigned int *dlen); + int (*my_aes_crypt)(enum my_aes_mode mode, int flags, + const unsigned char *src, unsigned int slen, unsigned char *dst, unsigned int *dlen, + const unsigned char *key, unsigned int klen, const unsigned char *iv, unsigned int ivlen); + unsigned int (*my_aes_get_size)(enum my_aes_mode mode, unsigned int source_length); + unsigned int (*my_aes_ctx_size)(enum my_aes_mode mode); + int (*my_random_bytes)(unsigned char* buf, int num); +} *my_crypt_service; +int my_aes_crypt_init(void *ctx, enum my_aes_mode mode, int flags, + const unsigned char* key, unsigned int klen, + const unsigned char* iv, unsigned int ivlen); +int my_aes_crypt_update(void *ctx, const unsigned char *src, unsigned int slen, + unsigned char *dst, unsigned int *dlen); +int my_aes_crypt_finish(void *ctx, unsigned char *dst, unsigned int *dlen); +int my_aes_crypt(enum my_aes_mode mode, int flags, + const unsigned char *src, unsigned int slen, unsigned char *dst, unsigned int *dlen, + const unsigned char *key, unsigned int klen, const unsigned char *iv, unsigned int ivlen); +int my_random_bytes(unsigned char* buf, int num); +unsigned int my_aes_get_size(enum my_aes_mode mode, unsigned int source_length); +unsigned int my_aes_ctx_size(enum my_aes_mode mode); +extern struct my_print_error_service_st { + void(*my_error_func)(unsigned int nr, unsigned long MyFlags, ...); + void(*my_printf_error_func)(unsigned int nr, const char *fmt, unsigned long MyFlags,...); + void(*my_printv_error_func)(unsigned int error, const char *format, unsigned long MyFlags, va_list ap); +} *my_print_error_service; +extern void my_error(unsigned int nr, unsigned long MyFlags, ...); +extern void my_printf_error(unsigned int my_err, const char *format, unsigned long MyFlags, ...); +extern void my_printv_error(unsigned int error, const char *format, unsigned long MyFlags,va_list ap); extern struct my_snprintf_service_st { size_t (*my_snprintf_type)(char*, size_t, const char*, ...); size_t (*my_vsnprintf_type)(char *, size_t, const char*, va_list); diff --git a/include/mysql/plugin_auth.h.pp b/include/mysql/plugin_auth.h.pp index 766682fb44f..9dd3deba8de 100644 --- a/include/mysql/plugin_auth.h.pp +++ b/include/mysql/plugin_auth.h.pp @@ -137,6 +137,43 @@ size_t my_md5_context_size(); void my_md5_init(void *context); void my_md5_input(void *context, const unsigned char *buf, size_t len); void my_md5_result(void *context, unsigned char *digest); +enum my_aes_mode { + MY_AES_ECB, MY_AES_CBC +}; +extern struct my_crypt_service_st { + int (*my_aes_crypt_init)(void *ctx, enum my_aes_mode mode, int flags, + const unsigned char* key, unsigned int klen, + const unsigned char* iv, unsigned int ivlen); + int (*my_aes_crypt_update)(void *ctx, const unsigned char *src, unsigned int slen, + unsigned char *dst, unsigned int *dlen); + int (*my_aes_crypt_finish)(void *ctx, unsigned char *dst, unsigned int *dlen); + int (*my_aes_crypt)(enum my_aes_mode mode, int flags, + const unsigned char *src, unsigned int slen, unsigned char *dst, unsigned int *dlen, + const unsigned char *key, unsigned int klen, const unsigned char *iv, unsigned int ivlen); + unsigned int (*my_aes_get_size)(enum my_aes_mode mode, unsigned int source_length); + unsigned int (*my_aes_ctx_size)(enum my_aes_mode mode); + int (*my_random_bytes)(unsigned char* buf, int num); +} *my_crypt_service; +int my_aes_crypt_init(void *ctx, enum my_aes_mode mode, int flags, + const unsigned char* key, unsigned int klen, + const unsigned char* iv, unsigned int ivlen); +int my_aes_crypt_update(void *ctx, const unsigned char *src, unsigned int slen, + unsigned char *dst, unsigned int *dlen); +int my_aes_crypt_finish(void *ctx, unsigned char *dst, unsigned int *dlen); +int my_aes_crypt(enum my_aes_mode mode, int flags, + const unsigned char *src, unsigned int slen, unsigned char *dst, unsigned int *dlen, + const unsigned char *key, unsigned int klen, const unsigned char *iv, unsigned int ivlen); +int my_random_bytes(unsigned char* buf, int num); +unsigned int my_aes_get_size(enum my_aes_mode mode, unsigned int source_length); +unsigned int my_aes_ctx_size(enum my_aes_mode mode); +extern struct my_print_error_service_st { + void(*my_error_func)(unsigned int nr, unsigned long MyFlags, ...); + void(*my_printf_error_func)(unsigned int nr, const char *fmt, unsigned long MyFlags,...); + void(*my_printv_error_func)(unsigned int error, const char *format, unsigned long MyFlags, va_list ap); +} *my_print_error_service; +extern void my_error(unsigned int nr, unsigned long MyFlags, ...); +extern void my_printf_error(unsigned int my_err, const char *format, unsigned long MyFlags, ...); +extern void my_printv_error(unsigned int error, const char *format, unsigned long MyFlags,va_list ap); extern struct my_snprintf_service_st { size_t (*my_snprintf_type)(char*, size_t, const char*, ...); size_t (*my_vsnprintf_type)(char *, size_t, const char*, va_list); diff --git a/include/mysql/plugin_encryption.h.pp b/include/mysql/plugin_encryption.h.pp index 6a66e90234a..7bb81614971 100644 --- a/include/mysql/plugin_encryption.h.pp +++ b/include/mysql/plugin_encryption.h.pp @@ -137,6 +137,43 @@ size_t my_md5_context_size(); void my_md5_init(void *context); void my_md5_input(void *context, const unsigned char *buf, size_t len); void my_md5_result(void *context, unsigned char *digest); +enum my_aes_mode { + MY_AES_ECB, MY_AES_CBC +}; +extern struct my_crypt_service_st { + int (*my_aes_crypt_init)(void *ctx, enum my_aes_mode mode, int flags, + const unsigned char* key, unsigned int klen, + const unsigned char* iv, unsigned int ivlen); + int (*my_aes_crypt_update)(void *ctx, const unsigned char *src, unsigned int slen, + unsigned char *dst, unsigned int *dlen); + int (*my_aes_crypt_finish)(void *ctx, unsigned char *dst, unsigned int *dlen); + int (*my_aes_crypt)(enum my_aes_mode mode, int flags, + const unsigned char *src, unsigned int slen, unsigned char *dst, unsigned int *dlen, + const unsigned char *key, unsigned int klen, const unsigned char *iv, unsigned int ivlen); + unsigned int (*my_aes_get_size)(enum my_aes_mode mode, unsigned int source_length); + unsigned int (*my_aes_ctx_size)(enum my_aes_mode mode); + int (*my_random_bytes)(unsigned char* buf, int num); +} *my_crypt_service; +int my_aes_crypt_init(void *ctx, enum my_aes_mode mode, int flags, + const unsigned char* key, unsigned int klen, + const unsigned char* iv, unsigned int ivlen); +int my_aes_crypt_update(void *ctx, const unsigned char *src, unsigned int slen, + unsigned char *dst, unsigned int *dlen); +int my_aes_crypt_finish(void *ctx, unsigned char *dst, unsigned int *dlen); +int my_aes_crypt(enum my_aes_mode mode, int flags, + const unsigned char *src, unsigned int slen, unsigned char *dst, unsigned int *dlen, + const unsigned char *key, unsigned int klen, const unsigned char *iv, unsigned int ivlen); +int my_random_bytes(unsigned char* buf, int num); +unsigned int my_aes_get_size(enum my_aes_mode mode, unsigned int source_length); +unsigned int my_aes_ctx_size(enum my_aes_mode mode); +extern struct my_print_error_service_st { + void(*my_error_func)(unsigned int nr, unsigned long MyFlags, ...); + void(*my_printf_error_func)(unsigned int nr, const char *fmt, unsigned long MyFlags,...); + void(*my_printv_error_func)(unsigned int error, const char *format, unsigned long MyFlags, va_list ap); +} *my_print_error_service; +extern void my_error(unsigned int nr, unsigned long MyFlags, ...); +extern void my_printf_error(unsigned int my_err, const char *format, unsigned long MyFlags, ...); +extern void my_printv_error(unsigned int error, const char *format, unsigned long MyFlags,va_list ap); extern struct my_snprintf_service_st { size_t (*my_snprintf_type)(char*, size_t, const char*, ...); size_t (*my_vsnprintf_type)(char *, size_t, const char*, va_list); diff --git a/include/mysql/plugin_ftparser.h.pp b/include/mysql/plugin_ftparser.h.pp index 6004f4b61aa..43c02059874 100644 --- a/include/mysql/plugin_ftparser.h.pp +++ b/include/mysql/plugin_ftparser.h.pp @@ -137,6 +137,43 @@ size_t my_md5_context_size(); void my_md5_init(void *context); void my_md5_input(void *context, const unsigned char *buf, size_t len); void my_md5_result(void *context, unsigned char *digest); +enum my_aes_mode { + MY_AES_ECB, MY_AES_CBC +}; +extern struct my_crypt_service_st { + int (*my_aes_crypt_init)(void *ctx, enum my_aes_mode mode, int flags, + const unsigned char* key, unsigned int klen, + const unsigned char* iv, unsigned int ivlen); + int (*my_aes_crypt_update)(void *ctx, const unsigned char *src, unsigned int slen, + unsigned char *dst, unsigned int *dlen); + int (*my_aes_crypt_finish)(void *ctx, unsigned char *dst, unsigned int *dlen); + int (*my_aes_crypt)(enum my_aes_mode mode, int flags, + const unsigned char *src, unsigned int slen, unsigned char *dst, unsigned int *dlen, + const unsigned char *key, unsigned int klen, const unsigned char *iv, unsigned int ivlen); + unsigned int (*my_aes_get_size)(enum my_aes_mode mode, unsigned int source_length); + unsigned int (*my_aes_ctx_size)(enum my_aes_mode mode); + int (*my_random_bytes)(unsigned char* buf, int num); +} *my_crypt_service; +int my_aes_crypt_init(void *ctx, enum my_aes_mode mode, int flags, + const unsigned char* key, unsigned int klen, + const unsigned char* iv, unsigned int ivlen); +int my_aes_crypt_update(void *ctx, const unsigned char *src, unsigned int slen, + unsigned char *dst, unsigned int *dlen); +int my_aes_crypt_finish(void *ctx, unsigned char *dst, unsigned int *dlen); +int my_aes_crypt(enum my_aes_mode mode, int flags, + const unsigned char *src, unsigned int slen, unsigned char *dst, unsigned int *dlen, + const unsigned char *key, unsigned int klen, const unsigned char *iv, unsigned int ivlen); +int my_random_bytes(unsigned char* buf, int num); +unsigned int my_aes_get_size(enum my_aes_mode mode, unsigned int source_length); +unsigned int my_aes_ctx_size(enum my_aes_mode mode); +extern struct my_print_error_service_st { + void(*my_error_func)(unsigned int nr, unsigned long MyFlags, ...); + void(*my_printf_error_func)(unsigned int nr, const char *fmt, unsigned long MyFlags,...); + void(*my_printv_error_func)(unsigned int error, const char *format, unsigned long MyFlags, va_list ap); +} *my_print_error_service; +extern void my_error(unsigned int nr, unsigned long MyFlags, ...); +extern void my_printf_error(unsigned int my_err, const char *format, unsigned long MyFlags, ...); +extern void my_printv_error(unsigned int error, const char *format, unsigned long MyFlags,va_list ap); extern struct my_snprintf_service_st { size_t (*my_snprintf_type)(char*, size_t, const char*, ...); size_t (*my_vsnprintf_type)(char *, size_t, const char*, va_list); diff --git a/include/mysql/plugin_password_validation.h.pp b/include/mysql/plugin_password_validation.h.pp index 966d92ae5ad..d2fe8fa8e23 100644 --- a/include/mysql/plugin_password_validation.h.pp +++ b/include/mysql/plugin_password_validation.h.pp @@ -137,6 +137,43 @@ size_t my_md5_context_size(); void my_md5_init(void *context); void my_md5_input(void *context, const unsigned char *buf, size_t len); void my_md5_result(void *context, unsigned char *digest); +enum my_aes_mode { + MY_AES_ECB, MY_AES_CBC +}; +extern struct my_crypt_service_st { + int (*my_aes_crypt_init)(void *ctx, enum my_aes_mode mode, int flags, + const unsigned char* key, unsigned int klen, + const unsigned char* iv, unsigned int ivlen); + int (*my_aes_crypt_update)(void *ctx, const unsigned char *src, unsigned int slen, + unsigned char *dst, unsigned int *dlen); + int (*my_aes_crypt_finish)(void *ctx, unsigned char *dst, unsigned int *dlen); + int (*my_aes_crypt)(enum my_aes_mode mode, int flags, + const unsigned char *src, unsigned int slen, unsigned char *dst, unsigned int *dlen, + const unsigned char *key, unsigned int klen, const unsigned char *iv, unsigned int ivlen); + unsigned int (*my_aes_get_size)(enum my_aes_mode mode, unsigned int source_length); + unsigned int (*my_aes_ctx_size)(enum my_aes_mode mode); + int (*my_random_bytes)(unsigned char* buf, int num); +} *my_crypt_service; +int my_aes_crypt_init(void *ctx, enum my_aes_mode mode, int flags, + const unsigned char* key, unsigned int klen, + const unsigned char* iv, unsigned int ivlen); +int my_aes_crypt_update(void *ctx, const unsigned char *src, unsigned int slen, + unsigned char *dst, unsigned int *dlen); +int my_aes_crypt_finish(void *ctx, unsigned char *dst, unsigned int *dlen); +int my_aes_crypt(enum my_aes_mode mode, int flags, + const unsigned char *src, unsigned int slen, unsigned char *dst, unsigned int *dlen, + const unsigned char *key, unsigned int klen, const unsigned char *iv, unsigned int ivlen); +int my_random_bytes(unsigned char* buf, int num); +unsigned int my_aes_get_size(enum my_aes_mode mode, unsigned int source_length); +unsigned int my_aes_ctx_size(enum my_aes_mode mode); +extern struct my_print_error_service_st { + void(*my_error_func)(unsigned int nr, unsigned long MyFlags, ...); + void(*my_printf_error_func)(unsigned int nr, const char *fmt, unsigned long MyFlags,...); + void(*my_printv_error_func)(unsigned int error, const char *format, unsigned long MyFlags, va_list ap); +} *my_print_error_service; +extern void my_error(unsigned int nr, unsigned long MyFlags, ...); +extern void my_printf_error(unsigned int my_err, const char *format, unsigned long MyFlags, ...); +extern void my_printv_error(unsigned int error, const char *format, unsigned long MyFlags,va_list ap); extern struct my_snprintf_service_st { size_t (*my_snprintf_type)(char*, size_t, const char*, ...); size_t (*my_vsnprintf_type)(char *, size_t, const char*, va_list); diff --git a/include/mysql/service_my_crypt.h b/include/mysql/service_my_crypt.h new file mode 100644 index 00000000000..83de0378e4a --- /dev/null +++ b/include/mysql/service_my_crypt.h @@ -0,0 +1,120 @@ +#ifndef MYSQL_SERVICE_MY_CRYPT_INCLUDED +#define MYSQL_SERVICE_MY_CRYPT_INCLUDED + +/* + Copyright (c) 2014 Google Inc. + Copyright (c) 2014, 2015 MariaDB Corporation + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ + +/** + @file + my crypt service + + AES encryption functions, and a function to generate random bytes. + + Include my_config.h before this file to use CTR and GCM modes + (they only work if server was compiled with openssl). +*/ + + +#ifdef __cplusplus +extern "C" { +#endif + +/* return values from my_aes_encrypt/my_aes_decrypt functions */ +#define MY_AES_OK 0 +#define MY_AES_BAD_DATA -100 +#define MY_AES_OPENSSL_ERROR -101 +#define MY_AES_BAD_KEYSIZE -102 + +/* The block size for all supported algorithms */ +#define MY_AES_BLOCK_SIZE 16 + +/* The max key length of all supported algorithms */ +#define MY_AES_MAX_KEY_LENGTH 32 + +#define MY_AES_CTX_SIZE 512 + +enum my_aes_mode { + MY_AES_ECB, MY_AES_CBC +#ifdef HAVE_EncryptAes128Ctr + , MY_AES_CTR +#endif +#ifdef HAVE_EncryptAes128Gcm + , MY_AES_GCM +#endif +}; + +extern struct my_crypt_service_st { + int (*my_aes_crypt_init)(void *ctx, enum my_aes_mode mode, int flags, + const unsigned char* key, unsigned int klen, + const unsigned char* iv, unsigned int ivlen); + int (*my_aes_crypt_update)(void *ctx, const unsigned char *src, unsigned int slen, + unsigned char *dst, unsigned int *dlen); + int (*my_aes_crypt_finish)(void *ctx, unsigned char *dst, unsigned int *dlen); + int (*my_aes_crypt)(enum my_aes_mode mode, int flags, + const unsigned char *src, unsigned int slen, unsigned char *dst, unsigned int *dlen, + const unsigned char *key, unsigned int klen, const unsigned char *iv, unsigned int ivlen); + unsigned int (*my_aes_get_size)(enum my_aes_mode mode, unsigned int source_length); + unsigned int (*my_aes_ctx_size)(enum my_aes_mode mode); + int (*my_random_bytes)(unsigned char* buf, int num); +} *my_crypt_service; + +#ifdef MYSQL_DYNAMIC_PLUGIN + +#define my_aes_crypt_init(A,B,C,D,E,F,G) \ + my_crypt_service->my_aes_crypt_init(A,B,C,D,E,F,G) + +#define my_aes_crypt_update(A,B,C,D,E) \ + my_crypt_service->my_aes_crypt_update(A,B,C,D,E) + +#define my_aes_crypt_finish(A,B,C) \ + my_crypt_service->my_aes_crypt_finish(A,B,C) + +#define my_aes_crypt(A,B,C,D,E,F,G,H,I,J) \ + my_crypt_service->my_aes_crypt(A,B,C,D,E,F,G,H,I,J) + +#define my_aes_get_size(A,B)\ + my_crypt_service->my_aes_get_size(A,B) + +#define my_aes_ctx_size(A)\ + my_crypt_service->my_aes_ctx_size(A) + +#define my_random_bytes(A,B)\ + my_crypt_service->my_random_bytes(A,B) + +#else + +int my_aes_crypt_init(void *ctx, enum my_aes_mode mode, int flags, + const unsigned char* key, unsigned int klen, + const unsigned char* iv, unsigned int ivlen); +int my_aes_crypt_update(void *ctx, const unsigned char *src, unsigned int slen, + unsigned char *dst, unsigned int *dlen); +int my_aes_crypt_finish(void *ctx, unsigned char *dst, unsigned int *dlen); +int my_aes_crypt(enum my_aes_mode mode, int flags, + const unsigned char *src, unsigned int slen, unsigned char *dst, unsigned int *dlen, + const unsigned char *key, unsigned int klen, const unsigned char *iv, unsigned int ivlen); + +int my_random_bytes(unsigned char* buf, int num); +unsigned int my_aes_get_size(enum my_aes_mode mode, unsigned int source_length); +unsigned int my_aes_ctx_size(enum my_aes_mode mode); +#endif + + +#ifdef __cplusplus +} +#endif + +#endif /* MYSQL_SERVICE_MY_CRYPT_INCLUDED */ diff --git a/include/mysql/service_my_print_error.h b/include/mysql/service_my_print_error.h new file mode 100644 index 00000000000..636151655e5 --- /dev/null +++ b/include/mysql/service_my_print_error.h @@ -0,0 +1,64 @@ +/* Copyright (c) 2016, MariaDB + +This program is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; version 2 of the License. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ + +#ifndef MYSQL_SERVICE_MY_PRINT_ERROR_INCLUDED +#define MYSQL_SERVICE_MY_PRINT_ERROR_INCLUDED + +/** + @file include/mysql/service_my_print_error.h + + This service provides functions for plugins to report + errors to client (without client, the errors are written to the error log). + +*/ +#ifdef __cplusplus +extern "C" { +#endif + +#ifndef MYSQL_ABI_CHECK +#include <stdarg.h> +#include <stdlib.h> +#endif + +#define ME_ERROR_LOG 64 /* Write the message to the error log */ +#define ME_NOTE 1024 /* Not an error, just a note */ +#define ME_WARNING 2048 /* Not an error, just a warning */ +#define ME_FATAL 4096 /* Fatal statement error */ + +extern struct my_print_error_service_st { + void (*my_error_func)(unsigned int nr, unsigned long MyFlags, ...); + void (*my_printf_error_func)(unsigned int nr, const char *fmt, unsigned long MyFlags,...); + void (*my_printv_error_func)(unsigned int error, const char *format, unsigned long MyFlags, va_list ap); +} *my_print_error_service; + +#ifdef MYSQL_DYNAMIC_PLUGIN + +#define my_error my_print_error_service->my_error_func +#define my_printf_error my_print_error_service->my_printf_error_func +#define my_printv_error(A,B,C,D) my_print_error_service->my_printv_error_func(A,B,C,D) + +#else + +extern void my_error(unsigned int nr, unsigned long MyFlags, ...); +extern void my_printf_error(unsigned int my_err, const char *format, unsigned long MyFlags, ...); +extern void my_printv_error(unsigned int error, const char *format, unsigned long MyFlags,va_list ap); +#endif + +#ifdef __cplusplus +} +#endif + +#endif + diff --git a/include/mysql/services.h b/include/mysql/services.h index 420f2430a36..6168c5ed8dc 100644 --- a/include/mysql/services.h +++ b/include/mysql/services.h @@ -26,6 +26,8 @@ extern "C" { #include <mysql/service_kill_statement.h> #include <mysql/service_logger.h> #include <mysql/service_md5.h> +#include <mysql/service_my_crypt.h> +#include <mysql/service_my_print_error.h> #include <mysql/service_my_snprintf.h> #include <mysql/service_progress_report.h> #include <mysql/service_sha1.h> diff --git a/include/service_versions.h b/include/service_versions.h index d79474f1d36..ddc780a44b9 100644 --- a/include/service_versions.h +++ b/include/service_versions.h @@ -27,7 +27,9 @@ #define VERSION_encryption 0x0300 #define VERSION_encryption_scheme 0x0100 #define VERSION_logger 0x0100 +#define VERSION_my_crypt 0x0100 #define VERSION_my_md5 0x0100 +#define VERSION_my_print_error 0x0100 #define VERSION_my_sha1 0x0101 #define VERSION_my_sha2 0x0100 #define VERSION_my_snprintf 0x0100 diff --git a/libservices/CMakeLists.txt b/libservices/CMakeLists.txt index 0b68a156077..e20be6d7a7c 100644 --- a/libservices/CMakeLists.txt +++ b/libservices/CMakeLists.txt @@ -22,7 +22,9 @@ SET(MYSQLSERVICES_SOURCES encryption_service.c kill_statement_service.c logger_service.c + my_crypt_service.c my_md5_service.c + my_print_error_service.c my_sha1_service.c my_sha2_service.c my_snprintf_service.c @@ -35,7 +37,7 @@ SET(MYSQLSERVICES_SOURCES thd_timezone_service.c thd_wait_service.c wsrep_service.c -) + ) ADD_CONVENIENCE_LIBRARY(mysqlservices ${MYSQLSERVICES_SOURCES}) INSTALL(TARGETS mysqlservices DESTINATION ${INSTALL_LIBDIR} COMPONENT Development) diff --git a/libservices/my_crypt_service.c b/libservices/my_crypt_service.c new file mode 100644 index 00000000000..e6b9e273094 --- /dev/null +++ b/libservices/my_crypt_service.c @@ -0,0 +1,2 @@ +#include <service_versions.h> +SERVICE_VERSION my_crypt_service= (void*)VERSION_my_crypt; diff --git a/libservices/my_print_error_service.c b/libservices/my_print_error_service.c new file mode 100644 index 00000000000..7642668d470 --- /dev/null +++ b/libservices/my_print_error_service.c @@ -0,0 +1,17 @@ +/* Copyright (c) 2016 MariaDB + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ + +#include <service_versions.h> +SERVICE_VERSION my_print_error_service= (void*)VERSION_my_print_error;
\ No newline at end of file diff --git a/mysql-test/r/handlersocket.result b/mysql-test/r/handlersocket.result index 26c77813b26..1b3fc573548 100644 --- a/mysql-test/r/handlersocket.result +++ b/mysql-test/r/handlersocket.result @@ -5,7 +5,7 @@ plugin_version 1.0 plugin_status ACTIVE plugin_type DAEMON plugin_library handlersocket.so -plugin_library_version 1.12 +plugin_library_version 1.13 plugin_author higuchi dot akira at dena dot jp plugin_description Direct access into InnoDB plugin_license BSD diff --git a/mysql-test/r/plugin.result b/mysql-test/r/plugin.result index f278724cc9a..3a141a25b5c 100644 --- a/mysql-test/r/plugin.result +++ b/mysql-test/r/plugin.result @@ -12,7 +12,7 @@ PLUGIN_STATUS ACTIVE PLUGIN_TYPE STORAGE ENGINE PLUGIN_TYPE_VERSION # PLUGIN_LIBRARY ha_example.so -PLUGIN_LIBRARY_VERSION 1.12 +PLUGIN_LIBRARY_VERSION 1.13 PLUGIN_AUTHOR Brian Aker, MySQL AB PLUGIN_DESCRIPTION Example storage engine PLUGIN_LICENSE GPL @@ -25,7 +25,7 @@ PLUGIN_STATUS ACTIVE PLUGIN_TYPE DAEMON PLUGIN_TYPE_VERSION # PLUGIN_LIBRARY ha_example.so -PLUGIN_LIBRARY_VERSION 1.12 +PLUGIN_LIBRARY_VERSION 1.13 PLUGIN_AUTHOR Sergei Golubchik PLUGIN_DESCRIPTION Unusable Daemon PLUGIN_LICENSE GPL @@ -64,7 +64,7 @@ PLUGIN_STATUS DELETED PLUGIN_TYPE STORAGE ENGINE PLUGIN_TYPE_VERSION # PLUGIN_LIBRARY ha_example.so -PLUGIN_LIBRARY_VERSION 1.12 +PLUGIN_LIBRARY_VERSION 1.13 PLUGIN_AUTHOR Brian Aker, MySQL AB PLUGIN_DESCRIPTION Example storage engine PLUGIN_LICENSE GPL diff --git a/mysql-test/suite/plugins/r/auth_ed25519.result b/mysql-test/suite/plugins/r/auth_ed25519.result index 719dd462763..a3b85a11dea 100644 --- a/mysql-test/suite/plugins/r/auth_ed25519.result +++ b/mysql-test/suite/plugins/r/auth_ed25519.result @@ -27,7 +27,7 @@ PLUGIN_STATUS ACTIVE PLUGIN_TYPE AUTHENTICATION PLUGIN_TYPE_VERSION 2.1 PLUGIN_LIBRARY auth_ed25519.so -PLUGIN_LIBRARY_VERSION 1.12 +PLUGIN_LIBRARY_VERSION 1.13 PLUGIN_AUTHOR Sergei Golubchik PLUGIN_DESCRIPTION Elliptic curve ED25519 based authentication PLUGIN_LICENSE GPL diff --git a/mysql-test/suite/plugins/r/cracklib_password_check.result b/mysql-test/suite/plugins/r/cracklib_password_check.result index 479b4b00698..6b4e30b3d81 100644 --- a/mysql-test/suite/plugins/r/cracklib_password_check.result +++ b/mysql-test/suite/plugins/r/cracklib_password_check.result @@ -6,7 +6,7 @@ PLUGIN_STATUS ACTIVE PLUGIN_TYPE PASSWORD VALIDATION PLUGIN_TYPE_VERSION 1.0 PLUGIN_LIBRARY cracklib_password_check.so -PLUGIN_LIBRARY_VERSION 1.12 +PLUGIN_LIBRARY_VERSION 1.13 PLUGIN_AUTHOR Sergei Golubchik PLUGIN_DESCRIPTION Password validation via CrackLib PLUGIN_LICENSE GPL diff --git a/mysql-test/suite/plugins/r/show_all_plugins.result b/mysql-test/suite/plugins/r/show_all_plugins.result index c91a360d1d7..dd6cbfce4c4 100644 --- a/mysql-test/suite/plugins/r/show_all_plugins.result +++ b/mysql-test/suite/plugins/r/show_all_plugins.result @@ -4,8 +4,8 @@ Variable_name Value Opened_plugin_libraries 0 select * from information_schema.all_plugins where plugin_library='ha_example.so'; PLUGIN_NAME PLUGIN_VERSION PLUGIN_STATUS PLUGIN_TYPE PLUGIN_TYPE_VERSION PLUGIN_LIBRARY PLUGIN_LIBRARY_VERSION PLUGIN_AUTHOR PLUGIN_DESCRIPTION PLUGIN_LICENSE LOAD_OPTION PLUGIN_MATURITY PLUGIN_AUTH_VERSION -EXAMPLE 0.1 NOT INSTALLED STORAGE ENGINE MYSQL_VERSION_ID ha_example.so 1.12 Brian Aker, MySQL AB Example storage engine GPL OFF Experimental 0.1 -UNUSABLE 3.14 NOT INSTALLED DAEMON MYSQL_VERSION_ID ha_example.so 1.12 Sergei Golubchik Unusable Daemon GPL OFF Experimental 3.14.15.926 +EXAMPLE 0.1 NOT INSTALLED STORAGE ENGINE MYSQL_VERSION_ID ha_example.so 1.13 Brian Aker, MySQL AB Example storage engine GPL OFF Experimental 0.1 +UNUSABLE 3.14 NOT INSTALLED DAEMON MYSQL_VERSION_ID ha_example.so 1.13 Sergei Golubchik Unusable Daemon GPL OFF Experimental 3.14.15.926 show status like '%libraries%'; Variable_name Value Opened_plugin_libraries 1 diff --git a/mysql-test/suite/plugins/r/simple_password_check.result b/mysql-test/suite/plugins/r/simple_password_check.result index 11385bd6b01..672d0107492 100644 --- a/mysql-test/suite/plugins/r/simple_password_check.result +++ b/mysql-test/suite/plugins/r/simple_password_check.result @@ -6,7 +6,7 @@ PLUGIN_STATUS ACTIVE PLUGIN_TYPE PASSWORD VALIDATION PLUGIN_TYPE_VERSION 1.0 PLUGIN_LIBRARY simple_password_check.so -PLUGIN_LIBRARY_VERSION 1.12 +PLUGIN_LIBRARY_VERSION 1.13 PLUGIN_AUTHOR Sergei Golubchik PLUGIN_DESCRIPTION Simple password strength checks PLUGIN_LICENSE GPL diff --git a/mysys_ssl/my_crypt.cc b/mysys_ssl/my_crypt.cc index 49bd9af3f60..a0937a83e17 100644 --- a/mysys_ssl/my_crypt.cc +++ b/mysys_ssl/my_crypt.cc @@ -266,6 +266,32 @@ int my_aes_crypt(enum my_aes_mode mode, int flags, return res1 ? res1 : res2; } + +/* + calculate the length of the cyphertext from the length of the plaintext + for different AES encryption modes with padding enabled. + Without padding (ENCRYPTION_FLAG_NOPAD) cyphertext has the same length + as the plaintext +*/ +unsigned int my_aes_get_size(enum my_aes_mode mode __attribute__((unused)), unsigned int source_length) +{ +#ifdef HAVE_EncryptAes128Ctr + if (mode == MY_AES_CTR) + return source_length; +#ifdef HAVE_EncryptAes128Gcm + if (mode == MY_AES_GCM) + return source_length + MY_AES_BLOCK_SIZE; +#endif +#endif + return (source_length / MY_AES_BLOCK_SIZE + 1) * MY_AES_BLOCK_SIZE; +} + + +unsigned int my_aes_ctx_size(enum my_aes_mode) +{ + return MY_AES_CTX_SIZE; +} + #ifdef HAVE_YASSL #include <random.hpp> int my_random_bytes(uchar* buf, int num) diff --git a/plugin/auth_gssapi/gssapi_server.cc b/plugin/auth_gssapi/gssapi_server.cc index ac75a4f1593..50c34ecc573 100644 --- a/plugin/auth_gssapi/gssapi_server.cc +++ b/plugin/auth_gssapi/gssapi_server.cc @@ -44,26 +44,30 @@ static char* get_default_principal_name() if(krb5_init_context(&context)) { - sql_print_warning("GSSAPI plugin : krb5_init_context failed"); + my_printf_error(0, "GSSAPI plugin : krb5_init_context failed", + ME_ERROR_LOG | ME_WARNING); goto cleanup; } if (krb5_sname_to_principal(context, NULL, "mariadb", KRB5_NT_SRV_HST, &principal)) { - sql_print_warning("GSSAPI plugin : krb5_sname_to_principal failed"); + my_printf_error(0, "GSSAPI plugin : krb5_sname_to_principal failed", + ME_ERROR_LOG | ME_WARNING); goto cleanup; } if (krb5_unparse_name(context, principal, &unparsed_name)) { - sql_print_warning("GSSAPI plugin : krb5_unparse_name failed"); + my_printf_error(0, "GSSAPI plugin : krb5_unparse_name failed", + ME_ERROR_LOG | ME_WARNING); goto cleanup; } /* Check for entry in keytab */ if (krb5_kt_read_service_key(context, NULL, principal, 0, (krb5_enctype)0, &key)) { - sql_print_warning("GSSAPI plugin : default principal '%s' not found in keytab", unparsed_name); + my_printf_error(0, "GSSAPI plugin : default principal '%s' not found in keytab", + ME_ERROR_LOG | ME_WARNING, unparsed_name); goto cleanup; } @@ -100,7 +104,8 @@ int plugin_init() /* import service principal from plain text */ if(srv_principal_name && srv_principal_name[0]) { - sql_print_information("GSSAPI plugin : using principal name '%s'", srv_principal_name); + my_printf_error(0, "GSSAPI plugin : using principal name '%s'", + ME_ERROR_LOG | ME_NOTE, srv_principal_name); principal_name_buf.length= strlen(srv_principal_name); principal_name_buf.value= srv_principal_name; major= gss_import_name(&minor, &principal_name_buf, GSS_C_NT_USER_NAME, &service_name); @@ -115,8 +120,6 @@ int plugin_init() service_name= GSS_C_NO_NAME; } - - /* Check if SPN configuration is OK */ major= gss_acquire_cred(&minor, service_name, GSS_C_INDEFINITE, GSS_C_NO_OID_SET, GSS_C_ACCEPT, &cred, NULL, diff --git a/plugin/auth_gssapi/sspi_server.cc b/plugin/auth_gssapi/sspi_server.cc index 1dfd2986aaa..d2c2ae7e4b9 100644 --- a/plugin/auth_gssapi/sspi_server.cc +++ b/plugin/auth_gssapi/sspi_server.cc @@ -284,8 +284,8 @@ int plugin_init() { srv_principal_name= get_default_principal_name(); } - sql_print_information("SSPI: using principal name '%s', mech '%s'", - srv_principal_name, srv_mech_name); + my_printf_error(0, "SSPI: using principal name '%s', mech '%s'", + ME_ERROR_LOG | ME_NOTE, srv_principal_name, srv_mech_name); ret = AcquireCredentialsHandle( srv_principal_name, diff --git a/plugin/aws_key_management/aws_key_management_plugin.cc b/plugin/aws_key_management/aws_key_management_plugin.cc index 83966b97c17..e6a14150ccb 100644 --- a/plugin/aws_key_management/aws_key_management_plugin.cc +++ b/plugin/aws_key_management/aws_key_management_plugin.cc @@ -175,7 +175,7 @@ static int plugin_init(void *p) client = new KMSClient(clientConfiguration); if (!client) { - sql_print_error("Can not initialize KMS client"); + my_printf_error(ER_UNKNOWN_ERROR, "Can not initialize KMS client", ME_ERROR_LOG,); DBUG_RETURN(-1); } @@ -254,12 +254,12 @@ static int load_key(KEY_INFO *info) if (!ret) { - sql_print_information("AWS KMS plugin: loaded key %u, version %u, key length %u bit", + my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin: loaded key %u, version %u, key length %u bit", ME_ERROR_LOG | ER_NOTE, info->key_id, info->key_version,(uint)info->length*8); } else { - sql_print_warning("AWS KMS plugin: key %u, version %u could not be decrypted", + my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin: key %u, version %u could not be decrypted", ME_ERROR_LOG | ER_WARNING, info->key_id, info->key_version); } DBUG_RETURN(ret); @@ -344,13 +344,13 @@ static int aws_decrypt_key(const char *path, KEY_INFO *info) ifstream ifs(path, ios::binary | ios::ate); if (!ifs.good()) { - sql_print_error("can't open file %s", path); + my_printf_error(ER_UNKNOWN_ERROR, "can't open file %s", ME_ERROR_LOG, path); DBUG_RETURN(-1); } size_t pos = (size_t)ifs.tellg(); if (!pos || pos == SIZE_T_MAX) { - sql_print_error("invalid key file %s", path); + my_printf_error(ER_UNKNOWN_ERROR, "invalid key file %s", ME_ERROR_LOG, path); DBUG_RETURN(-1); } std::vector<char> contents(pos); @@ -364,7 +364,7 @@ static int aws_decrypt_key(const char *path, KEY_INFO *info) DecryptOutcome outcome = client->Decrypt(request); if (!outcome.IsSuccess()) { - sql_print_error("AWS KMS plugin: Decrypt failed for %s : %s", path, + my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin: Decrypt failed for %s : %s", ME_ERROR_LOG, path, outcome.GetError().GetMessage().c_str()); DBUG_RETURN(-1); } @@ -373,7 +373,7 @@ static int aws_decrypt_key(const char *path, KEY_INFO *info) if (len > (int)sizeof(info->data)) { - sql_print_error("AWS KMS plugin: encoding key too large for %s", path); + my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin: encoding key too large for %s", ME_ERROR_LOG, path); DBUG_RETURN(ENCRYPTION_KEY_BUFFER_TOO_SMALL); } memcpy(info->data, plaintext.GetUnderlyingData(), len); @@ -395,7 +395,7 @@ static int aws_generate_datakey(uint keyid, uint version) outcome= client->GenerateDataKeyWithoutPlaintext(request); if (!outcome.IsSuccess()) { - sql_print_error("AWS KMS plugin : GenerateDataKeyWithoutPlaintext failed : %s - %s", + my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin : GenerateDataKeyWithoutPlaintext failed : %s - %s", ME_ERROR_LOG, outcome.GetError().GetExceptionName().c_str(), outcome.GetError().GetMessage().c_str()); DBUG_RETURN(-1); @@ -409,19 +409,19 @@ static int aws_generate_datakey(uint keyid, uint version) int fd= my_open(filename, O_RDWR | O_CREAT, 0); if (fd < 0) { - sql_print_error("AWS KMS plugin: Can't create file %s", filename); + my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin: Can't create file %s", ME_ERROR_LOG, filename); DBUG_RETURN(-1); } size_t len= byteBuffer.GetLength(); if (my_write(fd, byteBuffer.GetUnderlyingData(), len, 0) != len) { - sql_print_error("AWS KMS plugin: can't write to %s", filename); + my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin: can't write to %s", ME_ERROR_LOG, filename); my_close(fd, 0); my_delete(filename, 0); DBUG_RETURN(-1); } my_close(fd, 0); - sql_print_information("AWS KMS plugin: generated encrypted datakey for key id=%u, version=%u", + my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin: generated encrypted datakey for key id=%u, version=%u", ME_ERROR_LOG | ER_NOTE, keyid, version); DBUG_RETURN(0); } diff --git a/plugin/example_key_management/example_key_management_plugin.cc b/plugin/example_key_management/example_key_management_plugin.cc index 2b417866406..dc1e2038dd2 100644 --- a/plugin/example_key_management/example_key_management_plugin.cc +++ b/plugin/example_key_management/example_key_management_plugin.cc @@ -114,14 +114,32 @@ static int example_key_management_plugin_deinit(void *p) return 0; } + +static int ctx_update(void *ctx, const unsigned char *src, unsigned int slen, + unsigned char *dst, unsigned int *dlen) +{ + return my_aes_crypt_update(ctx, src, slen, dst, dlen); +} + + +int ctx_finish(void *ctx, unsigned char *dst, unsigned int *dlen) +{ + return my_aes_crypt_finish(ctx, dst, dlen); +} + +static uint ctx_size(unsigned int , unsigned int key_version) +{ + return my_aes_ctx_size(mode(key_version)); +} + struct st_mariadb_encryption example_key_management_plugin= { MariaDB_ENCRYPTION_INTERFACE_VERSION, get_latest_key_version, get_key, - (uint (*)(unsigned int, unsigned int))my_aes_ctx_size, + ctx_size, ctx_init, - my_aes_crypt_update, - my_aes_crypt_finish, + ctx_update, + ctx_finish, get_length }; diff --git a/plugin/file_key_management/file_key_management_plugin.cc b/plugin/file_key_management/file_key_management_plugin.cc index 5872a070813..2c3e22c02d2 100644 --- a/plugin/file_key_management/file_key_management_plugin.cc +++ b/plugin/file_key_management/file_key_management_plugin.cc @@ -13,7 +13,8 @@ along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ - +#include <my_global.h> +#include <typelib.h> #include "parser.h" #include <mysql/plugin_encryption.h> #include <string.h> @@ -146,20 +147,37 @@ static int ctx_init(void *ctx, const unsigned char* key, unsigned int klen, return my_aes_crypt_init(ctx, mode(flags), flags, key, klen, iv, ivlen); } +static int ctx_update(void *ctx, const unsigned char *src, unsigned int slen, + unsigned char *dst, unsigned int *dlen) +{ + return my_aes_crypt_update(ctx, src, slen, dst, dlen); +} + + +static int ctx_finish(void *ctx, unsigned char *dst, unsigned int *dlen) +{ + return my_aes_crypt_finish(ctx, dst, dlen); +} + static unsigned int get_length(unsigned int slen, unsigned int key_id, unsigned int key_version) { return my_aes_get_size(mode(0), slen); } +static uint ctx_size(uint, uint) +{ + return my_aes_ctx_size(mode(0)); +} + struct st_mariadb_encryption file_key_management_plugin= { MariaDB_ENCRYPTION_INTERFACE_VERSION, get_latest_version, get_key_from_key_file, - (uint (*)(unsigned int, unsigned int))my_aes_ctx_size, + ctx_size, ctx_init, - my_aes_crypt_update, - my_aes_crypt_finish, + ctx_update, + ctx_finish, get_length }; diff --git a/plugin/file_key_management/parser.cc b/plugin/file_key_management/parser.cc index 294ccc9ff79..facea9fad25 100644 --- a/plugin/file_key_management/parser.cc +++ b/plugin/file_key_management/parser.cc @@ -232,7 +232,7 @@ bool Parser::parse_file(Dynamic_array<keyentry> *keys, const char *secret) void Parser::report_error(const char *reason, uint position) { my_printf_error(EE_READ, "%s at %s line %u, column %u", - MYF(ME_NOREFRESH), reason, filename, line_number, position + 1); + ME_ERROR_LOG, reason, filename, line_number, position + 1); } /* @@ -300,9 +300,8 @@ char* Parser::read_and_decrypt_file(const char *secret) { if (!filename || !filename[0]) { - my_printf_error(EE_CANT_OPEN_STREAM, - "file-key-management-filename is not set", - MYF(ME_NOREFRESH)); + my_printf_error(EE_CANT_OPEN_STREAM, "file-key-management-filename is not set", + ME_ERROR_LOG); goto err0; } @@ -351,7 +350,7 @@ char* Parser::read_and_decrypt_file(const char *secret) iv, OpenSSL_iv_len)) { - my_printf_error(EE_READ, "Cannot decrypt %s. Wrong key?", MYF(ME_NOREFRESH), filename); + my_printf_error(EE_READ, "Cannot decrypt %s. Wrong key?", ME_ERROR_LOG, filename); goto err3; } @@ -361,7 +360,7 @@ char* Parser::read_and_decrypt_file(const char *secret) } else if (*secret) { - my_printf_error(EE_READ, "Cannot decrypt %s. Not encrypted", MYF(ME_NOREFRESH), filename); + my_printf_error(EE_READ, "Cannot decrypt %s. Not encrypted", ME_ERROR_LOG, filename); goto err2; } @@ -378,4 +377,3 @@ err1: err0: return NULL; } - diff --git a/sql/innodb_priv.h b/sql/innodb_priv.h index ec85aa352f8..27aa9ac8645 100644 --- a/sql/innodb_priv.h +++ b/sql/innodb_priv.h @@ -28,6 +28,7 @@ void localtime_to_TIME(MYSQL_TIME *to, struct tm *from); uint strconvert(CHARSET_INFO *from_cs, const char *from, uint from_length, CHARSET_INFO *to_cs, char *to, uint to_length, uint *errors); + void sql_print_error(const char *format, ...); #define thd_binlog_pos(X, Y, Z) mysql_bin_log_commit_pos(X, Z, Y) diff --git a/sql/sql_plugin_services.ic b/sql/sql_plugin_services.ic index 8e651d64ba1..572ceacbd7e 100644 --- a/sql/sql_plugin_services.ic +++ b/sql/sql_plugin_services.ic @@ -133,7 +133,7 @@ static struct base64_service_st base64_handler= { base64_decode }; -static struct thd_error_context_service_st thd_error_conext_handler= { +static struct thd_error_context_service_st thd_error_context_handler= { thd_get_error_message, thd_get_error_number, thd_get_error_row, @@ -196,6 +196,24 @@ static struct encryption_scheme_service_st encryption_scheme_handler= encryption_scheme_decrypt }; +static struct my_crypt_service_st crypt_handler= +{ + my_aes_crypt_init, + my_aes_crypt_update, + my_aes_crypt_finish, + my_aes_crypt, + my_aes_get_size, + my_aes_ctx_size, + my_random_bytes +}; + +static struct my_print_error_service_st my_print_error_handler= +{ + my_error, + my_printf_error, + my_printv_error +}; + static struct st_service_ref list_of_services[]= { { "base64_service", VERSION_base64, &base64_handler }, @@ -203,19 +221,21 @@ static struct st_service_ref list_of_services[]= { "encryption_scheme_service", VERSION_encryption_scheme, &encryption_scheme_handler }, { "encryption_service", VERSION_encryption, &encryption_handler }, { "logger_service", VERSION_logger, &logger_service_handler }, + { "my_crypt_service", VERSION_my_crypt, &crypt_handler}, { "my_md5_service", VERSION_my_md5, &my_md5_handler}, + { "my_print_error_service", VERSION_my_print_error, &my_print_error_handler}, { "my_sha1_service", VERSION_my_sha1, &my_sha1_handler}, { "my_sha2_service", VERSION_my_sha2, &my_sha2_handler}, { "my_snprintf_service", VERSION_my_snprintf, &my_snprintf_handler }, { "progress_report_service", VERSION_progress_report, &progress_report_handler }, { "thd_alloc_service", VERSION_thd_alloc, &thd_alloc_handler }, { "thd_autoinc_service", VERSION_thd_autoinc, &thd_autoinc_handler }, - { "thd_error_context_service", VERSION_thd_error_context, &thd_error_conext_handler }, + { "thd_error_context_service", VERSION_thd_error_context, &thd_error_context_handler }, { "thd_kill_statement_service", VERSION_kill_statement, &thd_kill_statement_handler }, { "thd_rnd_service", VERSION_thd_rnd, &thd_rnd_handler }, { "thd_specifics_service", VERSION_thd_specifics, &thd_specifics_handler }, { "thd_timezone_service", VERSION_thd_timezone, &thd_timezone_handler }, { "thd_wait_service", VERSION_thd_wait, &thd_wait_handler }, - { "wsrep_service", VERSION_wsrep, &wsrep_handler }, + { "wsrep_service", VERSION_wsrep, &wsrep_handler } }; diff --git a/sql/unireg.h b/sql/unireg.h index 10751b6ec93..e1947d8d3cd 100644 --- a/sql/unireg.h +++ b/sql/unireg.h @@ -53,8 +53,8 @@ #define ER_THD(thd,X) ((thd)->variables.errmsgs[(X) - ER_ERROR_FIRST]) #define ER_THD_OR_DEFAULT(thd,X) ((thd) ? ER_THD(thd, X) : ER_DEFAULT(X)) -#define ME_INFO (ME_HOLDTANG+ME_OLDWIN+ME_NOREFRESH) -#define ME_ERROR (ME_BELL+ME_OLDWIN+ME_NOREFRESH) +#define ME_INFO (ME_HOLDTANG | ME_NOREFRESH) +#define ME_ERROR (ME_BELL | ME_NOREFRESH) #define MYF_RW MYF(MY_WME+MY_NABP) /* Vid my_read & my_write */ #define SPECIAL_USE_LOCKS 1 /* Lock used databases */ diff --git a/storage/innobase/log/log0crypt.cc b/storage/innobase/log/log0crypt.cc index e6b5c845757..af9b2349187 100644 --- a/storage/innobase/log/log0crypt.cc +++ b/storage/innobase/log/log0crypt.cc @@ -25,8 +25,7 @@ Modified Jan Lindström jan.lindstrom@mariadb.com *******************************************************/ #include "m_string.h" #include "log0crypt.h" -#include <my_crypt.h> -#include <my_crypt.h> +#include <mysql/service_my_crypt.h> #include "log0log.h" #include "srv0start.h" // for srv_start_lsn @@ -34,7 +33,6 @@ Modified Jan Lindström jan.lindstrom@mariadb.com #include "ha_prototypes.h" // IB_LOG_ -#include "my_crypt.h" /* Used for debugging */ // #define DEBUG_CRYPT 1 diff --git a/storage/xtradb/log/log0crypt.cc b/storage/xtradb/log/log0crypt.cc index e6b5c845757..f6c1416d81a 100644 --- a/storage/xtradb/log/log0crypt.cc +++ b/storage/xtradb/log/log0crypt.cc @@ -25,8 +25,7 @@ Modified Jan Lindström jan.lindstrom@mariadb.com *******************************************************/ #include "m_string.h" #include "log0crypt.h" -#include <my_crypt.h> -#include <my_crypt.h> +#include <mysql/service_my_crypt.h> #include "log0log.h" #include "srv0start.h" // for srv_start_lsn @@ -34,8 +33,6 @@ Modified Jan Lindström jan.lindstrom@mariadb.com #include "ha_prototypes.h" // IB_LOG_ -#include "my_crypt.h" - /* Used for debugging */ // #define DEBUG_CRYPT 1 #define UNENCRYPTED_KEY_VER 0 |