diff options
| author | Sergei Golubchik <serg@mariadb.org> | 2015-04-01 18:26:19 +0200 |
|---|---|---|
| committer | Sergei Golubchik <serg@mariadb.org> | 2015-04-09 18:42:43 +0200 |
| commit | c0878f64c5c39b9cc21f66a401040a708f4f0792 (patch) | |
| tree | ed5a7be09890c9aed02bb797413ae41f44b5a60f | |
| parent | bb1b61b312088ba9f5f2cb606594b6f33c284402 (diff) | |
| download | mariadb-git-c0878f64c5c39b9cc21f66a401040a708f4f0792.tar.gz | |
remove wrappers in encryption_keys.cc
invoke plugin methods directly
| -rw-r--r-- | include/mysql/plugin_audit.h.pp | 18 | ||||
| -rw-r--r-- | include/mysql/plugin_auth.h.pp | 18 | ||||
| -rw-r--r-- | include/mysql/plugin_encryption.h.pp | 18 | ||||
| -rw-r--r-- | include/mysql/plugin_ftparser.h.pp | 18 | ||||
| -rw-r--r-- | include/mysql/plugin_password_validation.h.pp | 18 | ||||
| -rw-r--r-- | include/mysql/service_encryption_keys.h | 26 | ||||
| -rw-r--r-- | sql/encryption_keys.cc | 87 | ||||
| -rw-r--r-- | sql/sql_plugin.cc | 3 | ||||
| -rw-r--r-- | sql/sql_plugin_services.h | 9 | ||||
| -rw-r--r-- | storage/maria/ma_check_standalone.h | 32 |
10 files changed, 68 insertions, 179 deletions
diff --git a/include/mysql/plugin_audit.h.pp b/include/mysql/plugin_audit.h.pp index 30647a7c331..0819b053ee3 100644 --- a/include/mysql/plugin_audit.h.pp +++ b/include/mysql/plugin_audit.h.pp @@ -203,26 +203,14 @@ typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen, const unsigned char* key, unsigned int klen, const unsigned char* iv, unsigned int ivlen, int no_padding, unsigned int key_version); -extern struct encryption_keys_service_st { +struct encryption_keys_service_st { unsigned int (*get_latest_encryption_key_version_func)(); unsigned int (*has_encryption_key_func)(unsigned int); unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*); encrypt_decrypt_func encrypt_data_func; encrypt_decrypt_func decrypt_data_func; -} *encryption_keys_service; -unsigned int get_latest_encryption_key_version(); -unsigned int has_encryption_key(unsigned int version); -unsigned int get_encryption_key(unsigned int version, unsigned char* key, unsigned int *keybufsize); -int encrypt_data(const unsigned char* src, unsigned int slen, - unsigned char* dst, unsigned int* dlen, - const unsigned char* key, unsigned int klen, - const unsigned char* iv, unsigned int ivlen, - int no_padding, unsigned int key_version); -int decrypt_data(const unsigned char* src, unsigned int slen, - unsigned char* dst, unsigned int* dlen, - const unsigned char* key, unsigned int klen, - const unsigned char* iv, unsigned int ivlen, - int no_padding, unsigned int key_version); +}; +extern struct encryption_keys_service_st encryption_keys_handler; struct st_mysql_xid { long formatID; long gtrid_length; diff --git a/include/mysql/plugin_auth.h.pp b/include/mysql/plugin_auth.h.pp index e821a7d1bfb..c612eda97d1 100644 --- a/include/mysql/plugin_auth.h.pp +++ b/include/mysql/plugin_auth.h.pp @@ -203,26 +203,14 @@ typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen, const unsigned char* key, unsigned int klen, const unsigned char* iv, unsigned int ivlen, int no_padding, unsigned int key_version); -extern struct encryption_keys_service_st { +struct encryption_keys_service_st { unsigned int (*get_latest_encryption_key_version_func)(); unsigned int (*has_encryption_key_func)(unsigned int); unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*); encrypt_decrypt_func encrypt_data_func; encrypt_decrypt_func decrypt_data_func; -} *encryption_keys_service; -unsigned int get_latest_encryption_key_version(); -unsigned int has_encryption_key(unsigned int version); -unsigned int get_encryption_key(unsigned int version, unsigned char* key, unsigned int *keybufsize); -int encrypt_data(const unsigned char* src, unsigned int slen, - unsigned char* dst, unsigned int* dlen, - const unsigned char* key, unsigned int klen, - const unsigned char* iv, unsigned int ivlen, - int no_padding, unsigned int key_version); -int decrypt_data(const unsigned char* src, unsigned int slen, - unsigned char* dst, unsigned int* dlen, - const unsigned char* key, unsigned int klen, - const unsigned char* iv, unsigned int ivlen, - int no_padding, unsigned int key_version); +}; +extern struct encryption_keys_service_st encryption_keys_handler; struct st_mysql_xid { long formatID; long gtrid_length; diff --git a/include/mysql/plugin_encryption.h.pp b/include/mysql/plugin_encryption.h.pp index 100928f0b19..00eaa7e3095 100644 --- a/include/mysql/plugin_encryption.h.pp +++ b/include/mysql/plugin_encryption.h.pp @@ -203,26 +203,14 @@ typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen, const unsigned char* key, unsigned int klen, const unsigned char* iv, unsigned int ivlen, int no_padding, unsigned int key_version); -extern struct encryption_keys_service_st { +struct encryption_keys_service_st { unsigned int (*get_latest_encryption_key_version_func)(); unsigned int (*has_encryption_key_func)(unsigned int); unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*); encrypt_decrypt_func encrypt_data_func; encrypt_decrypt_func decrypt_data_func; -} *encryption_keys_service; -unsigned int get_latest_encryption_key_version(); -unsigned int has_encryption_key(unsigned int version); -unsigned int get_encryption_key(unsigned int version, unsigned char* key, unsigned int *keybufsize); -int encrypt_data(const unsigned char* src, unsigned int slen, - unsigned char* dst, unsigned int* dlen, - const unsigned char* key, unsigned int klen, - const unsigned char* iv, unsigned int ivlen, - int no_padding, unsigned int key_version); -int decrypt_data(const unsigned char* src, unsigned int slen, - unsigned char* dst, unsigned int* dlen, - const unsigned char* key, unsigned int klen, - const unsigned char* iv, unsigned int ivlen, - int no_padding, unsigned int key_version); +}; +extern struct encryption_keys_service_st encryption_keys_handler; struct st_mysql_xid { long formatID; long gtrid_length; diff --git a/include/mysql/plugin_ftparser.h.pp b/include/mysql/plugin_ftparser.h.pp index 0c58e6912ca..26a2e17c53a 100644 --- a/include/mysql/plugin_ftparser.h.pp +++ b/include/mysql/plugin_ftparser.h.pp @@ -203,26 +203,14 @@ typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen, const unsigned char* key, unsigned int klen, const unsigned char* iv, unsigned int ivlen, int no_padding, unsigned int key_version); -extern struct encryption_keys_service_st { +struct encryption_keys_service_st { unsigned int (*get_latest_encryption_key_version_func)(); unsigned int (*has_encryption_key_func)(unsigned int); unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*); encrypt_decrypt_func encrypt_data_func; encrypt_decrypt_func decrypt_data_func; -} *encryption_keys_service; -unsigned int get_latest_encryption_key_version(); -unsigned int has_encryption_key(unsigned int version); -unsigned int get_encryption_key(unsigned int version, unsigned char* key, unsigned int *keybufsize); -int encrypt_data(const unsigned char* src, unsigned int slen, - unsigned char* dst, unsigned int* dlen, - const unsigned char* key, unsigned int klen, - const unsigned char* iv, unsigned int ivlen, - int no_padding, unsigned int key_version); -int decrypt_data(const unsigned char* src, unsigned int slen, - unsigned char* dst, unsigned int* dlen, - const unsigned char* key, unsigned int klen, - const unsigned char* iv, unsigned int ivlen, - int no_padding, unsigned int key_version); +}; +extern struct encryption_keys_service_st encryption_keys_handler; struct st_mysql_xid { long formatID; long gtrid_length; diff --git a/include/mysql/plugin_password_validation.h.pp b/include/mysql/plugin_password_validation.h.pp index 8ab0f680815..9d9e2e8f25d 100644 --- a/include/mysql/plugin_password_validation.h.pp +++ b/include/mysql/plugin_password_validation.h.pp @@ -203,26 +203,14 @@ typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen, const unsigned char* key, unsigned int klen, const unsigned char* iv, unsigned int ivlen, int no_padding, unsigned int key_version); -extern struct encryption_keys_service_st { +struct encryption_keys_service_st { unsigned int (*get_latest_encryption_key_version_func)(); unsigned int (*has_encryption_key_func)(unsigned int); unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*); encrypt_decrypt_func encrypt_data_func; encrypt_decrypt_func decrypt_data_func; -} *encryption_keys_service; -unsigned int get_latest_encryption_key_version(); -unsigned int has_encryption_key(unsigned int version); -unsigned int get_encryption_key(unsigned int version, unsigned char* key, unsigned int *keybufsize); -int encrypt_data(const unsigned char* src, unsigned int slen, - unsigned char* dst, unsigned int* dlen, - const unsigned char* key, unsigned int klen, - const unsigned char* iv, unsigned int ivlen, - int no_padding, unsigned int key_version); -int decrypt_data(const unsigned char* src, unsigned int slen, - unsigned char* dst, unsigned int* dlen, - const unsigned char* key, unsigned int klen, - const unsigned char* iv, unsigned int ivlen, - int no_padding, unsigned int key_version); +}; +extern struct encryption_keys_service_st encryption_keys_handler; struct st_mysql_xid { long formatID; long gtrid_length; diff --git a/include/mysql/service_encryption_keys.h b/include/mysql/service_encryption_keys.h index 105146d00a5..93e96650758 100644 --- a/include/mysql/service_encryption_keys.h +++ b/include/mysql/service_encryption_keys.h @@ -34,16 +34,18 @@ typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen, const unsigned char* iv, unsigned int ivlen, int no_padding, unsigned int key_version); -extern struct encryption_keys_service_st { +struct encryption_keys_service_st { unsigned int (*get_latest_encryption_key_version_func)(); unsigned int (*has_encryption_key_func)(unsigned int); unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*); encrypt_decrypt_func encrypt_data_func; encrypt_decrypt_func decrypt_data_func; -} *encryption_keys_service; +}; #ifdef MYSQL_DYNAMIC_PLUGIN +extern struct encryption_keys_service_st *encryption_keys_service; + #define get_latest_encryption_key_version() encryption_keys_service->get_latest_encryption_key_version_func() #define has_encryption_key(V) encryption_keys_service->has_encryption_key_func(V) #define get_encryption_key(V,K,S) encryption_keys_service->get_encryption_key_func((V), (K), (S)) @@ -51,19 +53,13 @@ extern struct encryption_keys_service_st { #define decrypt_data(S,SL,D,DL,K,KL,I,IL,NP,KV) encryption_keys_service->decrypt_data_func(S,SL,D,DL,K,KL,I,IL,NP,KV) #else -unsigned int get_latest_encryption_key_version(); -unsigned int has_encryption_key(unsigned int version); -unsigned int get_encryption_key(unsigned int version, unsigned char* key, unsigned int *keybufsize); -int encrypt_data(const unsigned char* src, unsigned int slen, - unsigned char* dst, unsigned int* dlen, - const unsigned char* key, unsigned int klen, - const unsigned char* iv, unsigned int ivlen, - int no_padding, unsigned int key_version); -int decrypt_data(const unsigned char* src, unsigned int slen, - unsigned char* dst, unsigned int* dlen, - const unsigned char* key, unsigned int klen, - const unsigned char* iv, unsigned int ivlen, - int no_padding, unsigned int key_version); +extern struct encryption_keys_service_st encryption_keys_handler; + +#define get_latest_encryption_key_version() encryption_keys_handler.get_latest_encryption_key_version_func() +#define has_encryption_key(V) encryption_keys_handler.has_encryption_key_func(V) +#define get_encryption_key(V,K,S) encryption_keys_handler.get_encryption_key_func((V), (K), (S)) +#define encrypt_data(S,SL,D,DL,K,KL,I,IL,NP,KV) encryption_keys_handler.encrypt_data_func(S,SL,D,DL,K,KL,I,IL,NP,KV) +#define decrypt_data(S,SL,D,DL,K,KL,I,IL,NP,KV) encryption_keys_handler.decrypt_data_func(S,SL,D,DL,K,KL,I,IL,NP,KV) #endif #ifdef __cplusplus diff --git a/sql/encryption_keys.cc b/sql/encryption_keys.cc index 8a9a17a5452..b7afedaa27b 100644 --- a/sql/encryption_keys.cc +++ b/sql/encryption_keys.cc @@ -19,61 +19,29 @@ #include "sql_plugin.h" #include <my_crypt.h> +#warning TODO rename to follow single consistent style + /* there can be only one encryption plugin enabled */ static plugin_ref encryption_key_manager= 0; -static struct st_mariadb_encryption *handle; - -unsigned int get_latest_encryption_key_version() -{ - if (encryption_key_manager) - return handle->get_latest_key_version(); - - return BAD_ENCRYPTION_KEY_VERSION; -} +struct encryption_keys_service_st encryption_keys_handler; -unsigned int has_encryption_key(uint version) +unsigned int has_key(uint version) { - if (encryption_key_manager) - { - uint unused; - return handle->get_key(version, NULL, &unused) != BAD_ENCRYPTION_KEY_VERSION; - } - - return 0; + uint unused; + return get_encryption_key(version, NULL, &unused) != BAD_ENCRYPTION_KEY_VERSION; } -uint get_encryption_key(uint version, uchar* key, uint *size) +uint no_key() { - if (encryption_key_manager) - return handle->get_key(version, key, size); - return BAD_ENCRYPTION_KEY_VERSION; } -int encrypt_data(const uchar* source, uint source_length, - uchar* dest, uint* dest_length, - const uchar* key, uint key_length, - const uchar* iv, uint iv_length, - int no_padding, uint key_version) -{ - if (encryption_key_manager) - return handle->encrypt(source, source_length, - dest, dest_length, key, key_length, - iv, iv_length, no_padding, key_version); - return 1; -} - - -int decrypt_data(const uchar* source, uint source_length, - uchar* dest, uint* dest_length, - const uchar* key, uint key_length, - const uchar* iv, uint iv_length, - int no_padding, uint key_version) +static int no_crypt(const uchar* source, uint source_length, + uchar* dest, uint* dest_length, + const uchar* key, uint key_length, + const uchar* iv, uint iv_length, + int no_padding, uint key_version) { - if (encryption_key_manager) - return handle->decrypt(source, source_length, - dest, dest_length, key, key_length, - iv, iv_length, no_padding, key_version); return 1; } @@ -91,21 +59,36 @@ int initialize_encryption_plugin(st_plugin_int *plugin) } encryption_key_manager= plugin_lock(NULL, plugin_int_to_ref(plugin)); - handle= (struct st_mariadb_encryption*) - plugin->plugin->info; + st_mariadb_encryption *handle= + (struct st_mariadb_encryption*) plugin->plugin->info; + + encryption_keys_handler.encrypt_data_func= + handle->encrypt ? handle->encrypt + : (encrypt_decrypt_func)my_aes_encrypt_cbc; + + encryption_keys_handler.decrypt_data_func= + handle->decrypt ? handle->decrypt + : (encrypt_decrypt_func)my_aes_decrypt_cbc; + + encryption_keys_handler.get_encryption_key_func= + handle->get_key; - /* default encryption algorithm */ - if (!handle->encrypt) - handle->encrypt= (encrypt_decrypt_func)my_aes_encrypt_cbc; - if (!handle->decrypt) - handle->decrypt= (encrypt_decrypt_func)my_aes_decrypt_cbc; + encryption_keys_handler.get_latest_encryption_key_version_func= + handle->get_latest_key_version; // must be the last return 0; } int finalize_encryption_plugin(st_plugin_int *plugin) { - if (plugin->plugin->deinit && plugin->plugin->deinit(NULL)) + encryption_keys_handler.encrypt_data_func= no_crypt; + encryption_keys_handler.decrypt_data_func= no_crypt; + encryption_keys_handler.has_encryption_key_func= has_key; + encryption_keys_handler.get_encryption_key_func= + (uint (*)(uint, uchar*, uint*))no_key; + encryption_keys_handler.get_latest_encryption_key_version_func= no_key; + + if (plugin && plugin->plugin->deinit && plugin->plugin->deinit(NULL)) { DBUG_PRINT("warning", ("Plugin '%s' deinit function returned error.", plugin->name.str)); diff --git a/sql/sql_plugin.cc b/sql/sql_plugin.cc index 0c9ac6b6cb8..ee6650e14e2 100644 --- a/sql/sql_plugin.cc +++ b/sql/sql_plugin.cc @@ -1562,6 +1562,9 @@ int plugin_init(int *argc, char **argv, int flags) DBUG_ASSERT(strcmp(list_of_services[4].name, "debug_sync_service") == 0); list_of_services[4].service= *(void**)&debug_sync_C_callback_ptr; + /* prepare encryption_keys service */ + finalize_encryption_plugin(0); + mysql_mutex_lock(&LOCK_plugin); initialized= 1; diff --git a/sql/sql_plugin_services.h b/sql/sql_plugin_services.h index 8deac855a53..768797a4381 100644 --- a/sql/sql_plugin_services.h +++ b/sql/sql_plugin_services.h @@ -139,15 +139,6 @@ static struct wsrep_service_st wsrep_handler = { wsrep_unlock_rollback }; -static struct encryption_keys_service_st encryption_keys_handler= -{ - get_latest_encryption_key_version, - has_encryption_key, - get_encryption_key, - encrypt_data, - decrypt_data -}; - static struct thd_specifics_service_st thd_specifics_handler= { thd_key_create, diff --git a/storage/maria/ma_check_standalone.h b/storage/maria/ma_check_standalone.h index 056d4660a72..2b4e8a3560f 100644 --- a/storage/maria/ma_check_standalone.h +++ b/storage/maria/ma_check_standalone.h @@ -23,39 +23,15 @@ void _mi_report_crashed(void *file __attribute__((unused)), { } -unsigned int get_latest_encryption_key_version() +static unsigned int no_key() { return BAD_ENCRYPTION_KEY_VERSION; } -int encrypt_data(const uchar* source __attribute__((unused)), - uint source_length __attribute__((unused)), - uchar* dest __attribute__((unused)), - uint* dest_length __attribute__((unused)), - const uchar* key __attribute__((unused)), - uint key_length __attribute__((unused)), - const uchar* iv __attribute__((unused)), - uint iv_length __attribute__((unused)), - int no_padding __attribute__((unused)), - uint key_version __attribute__((unused))) +struct encryption_keys_service_st encryption_keys_handler= { - return 1; -} - - -int decrypt_data(const uchar* source __attribute__((unused)), - uint source_length __attribute__((unused)), - uchar* dest __attribute__((unused)), - uint* dest_length __attribute__((unused)), - const uchar* key __attribute__((unused)), - uint key_length __attribute__((unused)), - const uchar* iv __attribute__((unused)), - uint iv_length __attribute__((unused)), - int no_padding __attribute__((unused)), - uint key_version __attribute__((unused))) -{ - return 1; -} + no_key, 0, 0, 0, 0 +}; /* only those that included myisamchk.h may need and can use the below */ #ifdef _myisamchk_h |