diff options
| author | Vladislav Vaintroub <wlad@mariadb.com> | 2017-04-25 15:44:18 +0200 |
|---|---|---|
| committer | Sergei Golubchik <serg@mariadb.org> | 2017-04-27 19:12:38 +0200 |
| commit | 7bf409593e624deb00265e21e0d4579ce9fa7999 (patch) | |
| tree | 7da6af1ff5a92126af5969a9504a82ddcf4cf263 /plugin | |
| parent | db3910741347e7d741f4a854075c248e9081d722 (diff) | |
| download | mariadb-git-7bf409593e624deb00265e21e0d4579ce9fa7999.tar.gz | |
MDEV-11660 Make encryption plugins "pure"
Do not exporting mysqld entry points directly.
This is needed for mariabackup, to load encryption plugins on Windows.
All plugins are "pure" by default. To mark plugin "impure"
it should use RECOMPILE_FOR_EMBEDDED or STORAGE_ENGINE keyword.
Diffstat (limited to 'plugin')
| -rw-r--r-- | plugin/auth_dialog/CMakeLists.txt | 5 | ||||
| -rw-r--r-- | plugin/aws_key_management/aws_key_management_plugin.cc | 145 | ||||
| -rw-r--r-- | plugin/daemon_example/CMakeLists.txt | 5 | ||||
| -rw-r--r-- | plugin/example_key_management/example_key_management_plugin.cc | 13 | ||||
| -rw-r--r-- | plugin/file_key_management/file_key_management_plugin.cc | 18 | ||||
| -rw-r--r-- | plugin/file_key_management/parser.cc | 106 | ||||
| -rw-r--r-- | plugin/file_key_management/parser.h | 6 | ||||
| -rw-r--r-- | plugin/handler_socket/CMakeLists.txt | 2 | ||||
| -rw-r--r-- | plugin/locale_info/CMakeLists.txt | 2 | ||||
| -rw-r--r-- | plugin/metadata_lock_info/CMakeLists.txt | 3 | ||||
| -rw-r--r-- | plugin/qc_info/CMakeLists.txt | 2 | ||||
| -rw-r--r-- | plugin/query_response_time/CMakeLists.txt | 3 | ||||
| -rw-r--r-- | plugin/semisync/CMakeLists.txt | 6 | ||||
| -rw-r--r-- | plugin/server_audit/CMakeLists.txt | 5 | ||||
| -rw-r--r-- | plugin/wsrep_info/CMakeLists.txt | 2 |
15 files changed, 178 insertions, 145 deletions
diff --git a/plugin/auth_dialog/CMakeLists.txt b/plugin/auth_dialog/CMakeLists.txt index 771bc615bd5..d16007405dc 100644 --- a/plugin/auth_dialog/CMakeLists.txt +++ b/plugin/auth_dialog/CMakeLists.txt @@ -15,5 +15,8 @@ # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA ADD_DEFINITIONS(-DNO_GET_TTY_PASSWORD) +IF(LIBDL) + SET(LLDL LINK_LIBRARIES dl) +ENDIF() MYSQL_ADD_PLUGIN(dialog dialog.c ${CMAKE_SOURCE_DIR}/libmysql/get_password.c - MODULE_ONLY CLIENT COMPONENT ClientPlugins) + MODULE_ONLY CLIENT ${LLDL} COMPONENT ClientPlugins) diff --git a/plugin/aws_key_management/aws_key_management_plugin.cc b/plugin/aws_key_management/aws_key_management_plugin.cc index e6a14150ccb..dd0c7021fca 100644 --- a/plugin/aws_key_management/aws_key_management_plugin.cc +++ b/plugin/aws_key_management/aws_key_management_plugin.cc @@ -16,9 +16,7 @@ #include <my_global.h> -#include <my_pthread.h> -#include <my_sys.h> -#include <my_dir.h> +#include <typelib.h> #include <mysql/plugin_encryption.h> #include <my_crypt.h> #include <string.h> @@ -33,6 +31,10 @@ #include <sstream> #include <fstream> +#ifndef _WIN32 +#include <dirent.h> +#endif + #include <aws/core/Aws.h> #include <aws/core/client/AWSError.h> #include <aws/core/utils/logging/AWSLogging.h> @@ -48,9 +50,6 @@ using namespace std; using namespace Aws::KMS; using namespace Aws::KMS::Model; using namespace Aws::Utils::Logging; -extern void sql_print_error(const char *format, ...); -extern void sql_print_warning(const char *format, ...); -extern void sql_print_information(const char *format, ...); /* Plaintext key info struct */ @@ -90,14 +89,8 @@ static int extract_id_and_version(const char *name, uint *id, uint *ver); static unsigned int get_latest_key_version(unsigned int key_id); static unsigned int get_latest_key_version_nolock(unsigned int key_id); static int load_key(KEY_INFO *info); +static std::mutex mtx; -/* Mutex to serialize access to caches */ -static mysql_mutex_t mtx; - -#ifdef HAVE_PSI_INTERFACE -static uint mtx_key; -static PSI_mutex_info mtx_info = {&mtx_key, "mtx", 0}; -#endif static Aws::KMS::KMSClient *client; @@ -140,6 +133,33 @@ protected: } }; +/* Get list of files in current directory */ +static vector<string> traverse_current_directory() +{ + vector<string> v; +#ifdef _WIN32 + WIN32_FIND_DATA find_data; + HANDLE h= FindFirstFile("*.*", &find_data); + if (h == INVALID_HANDLE_VALUE) + return v; + do + { + v.push_back(find_data.cFileName); + } + while (FindNextFile(h, &find_data)); + FindClose(h); +#else + DIR *dir = opendir("."); + if (!dir) + return v; + struct dirent *e; + while ((e= readdir(dir)) + v.push_back(e->d_name); + closedir(dir); +#endif + return v; +} + Aws::SDKOptions sdkOptions; /* @@ -150,7 +170,6 @@ Aws::SDKOptions sdkOptions; */ static int plugin_init(void *p) { - DBUG_ENTER("plugin_init"); #ifdef HAVE_YASSL sdkOptions.cryptoOptions.initAndCleanupOpenSSL = true; @@ -176,46 +195,33 @@ static int plugin_init(void *p) if (!client) { my_printf_error(ER_UNKNOWN_ERROR, "Can not initialize KMS client", ME_ERROR_LOG,); - DBUG_RETURN(-1); + return -1; } -#ifdef HAVE_PSI_INTERFACE - mysql_mutex_register("aws_key_management", &mtx_info, 1); -#endif - mysql_mutex_init(mtx_key, &mtx, NULL); - - MY_DIR *dirp = my_dir(".", MYF(0)); - if (!dirp) - { - sql_print_error("Can't scan current directory"); - DBUG_RETURN(-1); - } - for (unsigned int i=0; i < dirp->number_of_files; i++) + vector<string> files= traverse_current_directory(); + for (size_t i=0; i < files.size(); i++) { KEY_INFO info; - if (extract_id_and_version(dirp->dir_entry[i].name, &info.key_id, &info.key_version) == 0) + if (extract_id_and_version(files[i].c_str(), &info.key_id, &info.key_version) == 0) { key_info_cache[KEY_ID_AND_VERSION(info.key_id, info.key_version)]= info; latest_version_cache[info.key_id]= max(info.key_version, latest_version_cache[info.key_id]); } } - my_dirend(dirp); - DBUG_RETURN(0); + return 0; } static int plugin_deinit(void *p) { - DBUG_ENTER("plugin_deinit"); latest_version_cache.clear(); key_info_cache.clear(); - mysql_mutex_destroy(&mtx); delete client; ShutdownAWSLogging(); Aws::ShutdownAPI(sdkOptions); - DBUG_RETURN(0); + return 0; } /* Generate filename to store the ciphered key */ @@ -242,8 +248,7 @@ static int load_key(KEY_INFO *info) { int ret; char path[256]; - DBUG_ENTER("load_key"); - DBUG_PRINT("enter", ("id=%u,ver=%u", info->key_id, info->key_version)); + format_keyfile_name(path, sizeof(path), info->key_id, info->key_version); ret= aws_decrypt_key(path, info); if (ret) @@ -262,7 +267,7 @@ static int load_key(KEY_INFO *info) my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin: key %u, version %u could not be decrypted", ME_ERROR_LOG | ER_WARNING, info->key_id, info->key_version); } - DBUG_RETURN(ret); + return ret; } @@ -281,19 +286,17 @@ static int load_key(KEY_INFO *info) static unsigned int get_latest_key_version(unsigned int key_id) { unsigned int ret; - DBUG_ENTER("get_latest_key_version"); - mysql_mutex_lock(&mtx); + mtx.lock(); ret= get_latest_key_version_nolock(key_id); - mysql_mutex_unlock(&mtx); - DBUG_PRINT("info", ("key=%u,ret=%u", key_id, ret)); - DBUG_RETURN(ret); + mtx.unlock(); + return ret; } static unsigned int get_latest_key_version_nolock(unsigned int key_id) { KEY_INFO info; uint ver; - DBUG_ENTER("get_latest_key_version_nolock"); + ver= latest_version_cache[key_id]; if (ver > 0) { @@ -302,13 +305,13 @@ static unsigned int get_latest_key_version_nolock(unsigned int key_id) if (info.load_failed) { /* Decryption failed previously, don't retry */ - DBUG_RETURN(ENCRYPTION_KEY_VERSION_INVALID); + return(ENCRYPTION_KEY_VERSION_INVALID); } else if (ver > 0) { /* Key exists already, return it*/ if (info.length > 0) - DBUG_RETURN(ver); + return(ver); } else // (ver == 0) { @@ -318,18 +321,18 @@ static unsigned int get_latest_key_version_nolock(unsigned int key_id) my_printf_error(ER_UNKNOWN_ERROR, "Can't generate encryption key %u, because 'aws_key_management_master_key_id' parameter is not set", MYF(0), key_id); - DBUG_RETURN(ENCRYPTION_KEY_VERSION_INVALID); + return(ENCRYPTION_KEY_VERSION_INVALID); } if (aws_generate_datakey(key_id, 1) != 0) - DBUG_RETURN(ENCRYPTION_KEY_VERSION_INVALID); + return(ENCRYPTION_KEY_VERSION_INVALID); info.key_id= key_id; info.key_version= 1; info.length= 0; } if (load_key(&info)) - DBUG_RETURN(ENCRYPTION_KEY_VERSION_INVALID); - DBUG_RETURN(info.key_version); + return(ENCRYPTION_KEY_VERSION_INVALID); + return(info.key_version); } @@ -338,20 +341,19 @@ static unsigned int get_latest_key_version_nolock(unsigned int key_id) */ static int aws_decrypt_key(const char *path, KEY_INFO *info) { - DBUG_ENTER("aws_decrypt_key"); /* Read file content into memory */ ifstream ifs(path, ios::binary | ios::ate); if (!ifs.good()) { my_printf_error(ER_UNKNOWN_ERROR, "can't open file %s", ME_ERROR_LOG, path); - DBUG_RETURN(-1); + return(-1); } size_t pos = (size_t)ifs.tellg(); if (!pos || pos == SIZE_T_MAX) { my_printf_error(ER_UNKNOWN_ERROR, "invalid key file %s", ME_ERROR_LOG, path); - DBUG_RETURN(-1); + return(-1); } std::vector<char> contents(pos); ifs.seekg(0, ios::beg); @@ -366,7 +368,7 @@ static int aws_decrypt_key(const char *path, KEY_INFO *info) { my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin: Decrypt failed for %s : %s", ME_ERROR_LOG, path, outcome.GetError().GetMessage().c_str()); - DBUG_RETURN(-1); + return(-1); } Aws::Utils::ByteBuffer plaintext = outcome.GetResult().GetPlaintext(); size_t len = plaintext.GetLength(); @@ -374,19 +376,17 @@ static int aws_decrypt_key(const char *path, KEY_INFO *info) if (len > (int)sizeof(info->data)) { my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin: encoding key too large for %s", ME_ERROR_LOG, path); - DBUG_RETURN(ENCRYPTION_KEY_BUFFER_TOO_SMALL); + return(ENCRYPTION_KEY_BUFFER_TOO_SMALL); } memcpy(info->data, plaintext.GetUnderlyingData(), len); info->length= len; - DBUG_RETURN(0); + return(0); } /* Generate a new datakey and store it a file */ static int aws_generate_datakey(uint keyid, uint version) { - - DBUG_ENTER("aws_generate_datakey"); GenerateDataKeyWithoutPlaintextRequest request; request.SetKeyId(master_key_id); request.SetKeySpec(DataKeySpecMapper::GetDataKeySpecForName(key_spec_names[key_spec])); @@ -398,7 +398,7 @@ static int aws_generate_datakey(uint keyid, uint version) my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin : GenerateDataKeyWithoutPlaintext failed : %s - %s", ME_ERROR_LOG, outcome.GetError().GetExceptionName().c_str(), outcome.GetError().GetMessage().c_str()); - DBUG_RETURN(-1); + return(-1); } string out; @@ -406,24 +406,24 @@ static int aws_generate_datakey(uint keyid, uint version) Aws::Utils::ByteBuffer byteBuffer = outcome.GetResult().GetCiphertextBlob(); format_keyfile_name(filename, sizeof(filename), keyid, version); - int fd= my_open(filename, O_RDWR | O_CREAT, 0); + int fd= open(filename, O_WRONLY |O_CREAT|O_BINARY, IF_WIN(_S_IREAD, S_IRUSR| S_IRGRP| S_IROTH)); if (fd < 0) { my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin: Can't create file %s", ME_ERROR_LOG, filename); - DBUG_RETURN(-1); + return(-1); } size_t len= byteBuffer.GetLength(); - if (my_write(fd, byteBuffer.GetUnderlyingData(), len, 0) != len) + if (write(fd, byteBuffer.GetUnderlyingData(), len) != len) { my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin: can't write to %s", ME_ERROR_LOG, filename); - my_close(fd, 0); - my_delete(filename, 0); - DBUG_RETURN(-1); + close(fd); + unlink(filename); + return(-1); } - my_close(fd, 0); + close(fd); my_printf_error(ER_UNKNOWN_ERROR, "AWS KMS plugin: generated encrypted datakey for key id=%u, version=%u", ME_ERROR_LOG | ER_NOTE, keyid, version); - DBUG_RETURN(0); + return(0); } /* Key rotation for a single key */ @@ -479,7 +479,7 @@ static void update_rotate(MYSQL_THD, struct st_mysql_sys_var *, void *, const vo "aws_key_management_master_key_id must be set to generate new data keys", MYF(ME_JUST_WARNING)); return; } - mysql_mutex_lock(&mtx); + mtx.lock(); rotate_key= *(int *)val; switch (rotate_key) { @@ -493,7 +493,7 @@ static void update_rotate(MYSQL_THD, struct st_mysql_sys_var *, void *, const vo break; } rotate_key= 0; - mysql_mutex_unlock(&mtx); + mtx.unlock(); } static unsigned int get_key( @@ -504,8 +504,7 @@ static unsigned int get_key( { KEY_INFO info; - DBUG_ENTER("get_key"); - mysql_mutex_lock(&mtx); + mtx.lock(); info= key_info_cache[KEY_ID_AND_VERSION(key_id, version)]; if (info.length == 0 && !info.load_failed) { @@ -513,17 +512,17 @@ static unsigned int get_key( info.key_version= version; load_key(&info); } - mysql_mutex_unlock(&mtx); + mtx.unlock(); if (info.load_failed) - DBUG_RETURN(ENCRYPTION_KEY_VERSION_INVALID); + return(ENCRYPTION_KEY_VERSION_INVALID); if (*buflen < info.length) { *buflen= info.length; - DBUG_RETURN(ENCRYPTION_KEY_BUFFER_TOO_SMALL); + return(ENCRYPTION_KEY_BUFFER_TOO_SMALL); } *buflen= info.length; memcpy(dstbuf, info.data, info.length); - DBUG_RETURN(0); + return(0); } diff --git a/plugin/daemon_example/CMakeLists.txt b/plugin/daemon_example/CMakeLists.txt index 3d674c4ef3e..28fbff78302 100644 --- a/plugin/daemon_example/CMakeLists.txt +++ b/plugin/daemon_example/CMakeLists.txt @@ -13,7 +13,8 @@ # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA -MYSQL_ADD_PLUGIN(daemon_example daemon_example.cc +MYSQL_ADD_PLUGIN(daemon_example daemon_example.cc RECOMPILE_FOR_EMBEDDED MODULE_ONLY MODULE_OUTPUT_NAME "libdaemon_example" COMPONENT Test) -INSTALL(FILES daemon_example.ini DESTINATION ${INSTALL_PLUGINDIR} COMPONENT Test) +INSTALL(FILES daemon_example.ini DESTINATION ${INSTALL_PLUGINDIR} + COMPONENT Test) diff --git a/plugin/example_key_management/example_key_management_plugin.cc b/plugin/example_key_management/example_key_management_plugin.cc index dc1e2038dd2..2b43729e3f7 100644 --- a/plugin/example_key_management/example_key_management_plugin.cc +++ b/plugin/example_key_management/example_key_management_plugin.cc @@ -28,18 +28,24 @@ #include <my_global.h> #include <my_pthread.h> #include <mysql/plugin_encryption.h> -#include <my_rnd.h> #include <my_crypt.h> /* rotate key randomly between 45 and 90 seconds */ #define KEY_ROTATION_MIN 45 #define KEY_ROTATION_MAX 90 -static struct my_rnd_struct seed; static time_t key_version = 0; static time_t next_key_version = 0; static pthread_mutex_t mutex; + +/* Random double value in 0..1 range */ +static double double_rnd() +{ + return ((double)rand()) / RAND_MAX; +} + + static unsigned int get_latest_key_version(unsigned int key_id) { @@ -50,7 +56,7 @@ get_latest_key_version(unsigned int key_id) key_version = now; unsigned int interval = KEY_ROTATION_MAX - KEY_ROTATION_MIN; next_key_version = (time_t) (now + KEY_ROTATION_MIN + - my_rnd(&seed) * interval); + double_rnd() * interval); } pthread_mutex_unlock(&mutex); @@ -101,7 +107,6 @@ static unsigned int get_length(unsigned int slen, unsigned int key_id, static int example_key_management_plugin_init(void *p) { /* init */ - my_rnd_init(&seed, time(0), 0); pthread_mutex_init(&mutex, NULL); get_latest_key_version(1); diff --git a/plugin/file_key_management/file_key_management_plugin.cc b/plugin/file_key_management/file_key_management_plugin.cc index 2c3e22c02d2..f6f7083d5f7 100644 --- a/plugin/file_key_management/file_key_management_plugin.cc +++ b/plugin/file_key_management/file_key_management_plugin.cc @@ -66,22 +66,14 @@ static struct st_mysql_sys_var* settings[] = { NULL }; -Dynamic_array<keyentry> keys(static_cast<uint>(0)); +std::map<unsigned int,keyentry> keys; static keyentry *get_key(unsigned int key_id) { - keyentry *a= keys.front(), *b= keys.back() + 1, *c; - while (b - a > 1) - { - c= a + (b - a)/2; - if (c->id == key_id) - return c; - else if (c->id < key_id) - a= c; - else - b= c; - } - return a->id == key_id ? a : 0; + keyentry &key= keys[key_id]; + if (key.id == 0) + return 0; + return &key; } /* the version is always the same, no automatic key rotation */ diff --git a/plugin/file_key_management/parser.cc b/plugin/file_key_management/parser.cc index facea9fad25..ac78186a488 100644 --- a/plugin/file_key_management/parser.cc +++ b/plugin/file_key_management/parser.cc @@ -143,13 +143,13 @@ void Parser::bytes_to_key(const unsigned char *salt, const char *input, } -bool Parser::parse(Dynamic_array<keyentry> *keys) +bool Parser::parse(std::map<uint,keyentry> *keys) { const char *secret= filekey; char buf[MAX_SECRET_SIZE + 1]; //If secret starts with FILE: interpret the secret as a filename. - if (is_prefix(filekey, FILE_PREFIX)) + if (strncmp(filekey, FILE_PREFIX,sizeof(FILE_PREFIX) -1) == 0) { if (read_filekey(filekey + sizeof(FILE_PREFIX) - 1, buf)) return 1; @@ -166,22 +166,26 @@ bool Parser::parse(Dynamic_array<keyentry> *keys) bool Parser::read_filekey(const char *filekey, char *secret) { - int f= my_open(filekey, O_RDONLY, MYF(MY_WME)); + int f= open(filekey, O_RDONLY|O_BINARY); if (f == -1) + { + my_error(EE_FILENOTFOUND,ME_ERROR_LOG, filekey, errno); return 1; - int len= my_read(f, (uchar*)secret, MAX_SECRET_SIZE, MYF(MY_WME)); - my_close(f, MYF(MY_WME)); + } + + int len= read(f, secret, MAX_SECRET_SIZE); if (len <= 0) + { + my_error(EE_READ,ME_ERROR_LOG, filekey, errno); + close(f); return 1; + } + close(f); while (secret[len - 1] == '\r' || secret[len - 1] == '\n') len--; secret[len]= '\0'; return 0; } -static int sort_keys(const keyentry *k1, const keyentry *k2) -{ - return k1->id < k2->id ? -1 : k1->id > k2->id; -} /** Get the keys from the key file <filename> and decrypt it with the @@ -191,7 +195,7 @@ static int sort_keys(const keyentry *k1, const keyentry *k2) @return 0 when ok, 1 for an error */ -bool Parser::parse_file(Dynamic_array<keyentry> *keys, const char *secret) +bool Parser::parse_file(std::map<uint,keyentry> *keys, const char *secret) { char *buffer= read_and_decrypt_file(secret); @@ -208,19 +212,16 @@ bool Parser::parse_file(Dynamic_array<keyentry> *keys, const char *secret) case 1: // comment break; case -1: // error - my_free(buffer); + free(buffer); return 1; case 0: - if (keys->push(key)) - return 1; + (*keys)[key.id] = key; break; } } - keys->sort(sort_keys); - my_free(buffer); - - if (keys->elements() == 0 || keys->at(0).id != 1) + free(buffer); + if (keys->size() == 0 || (*keys)[1].id == 0) { report_error("System key id 1 is missing", 0); return 1; @@ -247,16 +248,25 @@ int Parser::parse_line(char **line_ptr, keyentry *key) while (isspace(*p) && *p != '\n') p++; if (*p != '#' && *p != '\n') { - int error; - p+= 100; // the number will surely end here (on a non-digit or with an overflow) - longlong id= my_strtoll10(p - 100, &p, &error); - if (error) + if (!isdigit(*p)) { report_error("Syntax error", p - *line_ptr); return -1; } - if (id < 1 || id > UINT_MAX32) + longlong id = 0; + while (isdigit(*p)) + { + id = id * 10 + *p - '0'; + if (id > UINT_MAX32) + { + report_error("Invalid key id", p - *line_ptr); + return -1; + } + p++; + } + + if (id < 1) { report_error("Invalid key id", p - *line_ptr); return -1; @@ -269,7 +279,7 @@ int Parser::parse_line(char **line_ptr, keyentry *key) } p++; - key->id= id; + key->id= (unsigned int)id; key->length=0; while (isxdigit(p[0]) && isxdigit(p[1]) && key->length < sizeof(key->key)) { @@ -295,9 +305,13 @@ int Parser::parse_line(char **line_ptr, keyentry *key) 'secret'. Store the content of the decrypted file in 'buffer'. The buffer has to be freed in the calling function. */ +#ifdef _WIN32 +#define lseek _lseeki64 +#endif char* Parser::read_and_decrypt_file(const char *secret) { + int f; if (!filename || !filename[0]) { my_printf_error(EE_CANT_OPEN_STREAM, "file-key-management-filename is not set", @@ -305,15 +319,21 @@ char* Parser::read_and_decrypt_file(const char *secret) goto err0; } - int f; - if ((f= my_open(filename, O_RDONLY, MYF(MY_WME))) < 0) + f= open(filename, O_RDONLY|O_BINARY, 0); + if (f < 0) + { + my_error(EE_FILENOTFOUND, ME_ERROR_LOG, filename, errno); goto err0; + } my_off_t file_size; - file_size= my_seek(f, 0, SEEK_END, MYF(MY_WME)); + file_size= lseek(f, 0, SEEK_END); - if (file_size == MY_FILEPOS_ERROR) + if (file_size == MY_FILEPOS_ERROR || (my_off_t)lseek(f, 0, SEEK_SET) == MY_FILEPOS_ERROR) + { + my_error(EE_CANT_SEEK, MYF(0), filename, errno); goto err1; + } if (file_size > MAX_KEY_FILE_SIZE) { @@ -323,29 +343,39 @@ char* Parser::read_and_decrypt_file(const char *secret) //Read file into buffer uchar *buffer; - buffer= (uchar*)my_malloc(file_size + 1, MYF(MY_WME)); + buffer= (uchar*)malloc((size_t)file_size + 1); if (!buffer) + { + my_error(EE_OUTOFMEMORY, ME_ERROR_LOG| ME_FATAL, file_size); goto err1; + } - if (my_pread(f, buffer, file_size, 0, MYF(MY_WME)) != file_size) + if (read(f, buffer, (int)file_size) != (int)file_size) + { + my_printf_error(EE_READ, + "read from %s failed, errno %d", + MYF(ME_ERROR_LOG|ME_FATAL), filename, errno); goto err2; + } // Check for file encryption uchar *decrypted; - if (file_size > OpenSSL_prefix_len && is_prefix((char*)buffer, OpenSSL_prefix)) + if (file_size > OpenSSL_prefix_len && strncmp((char*)buffer, OpenSSL_prefix, OpenSSL_prefix_len) == 0) { uchar key[OpenSSL_key_len]; uchar iv[OpenSSL_iv_len]; - decrypted= (uchar*)my_malloc(file_size, MYF(MY_WME)); + decrypted= (uchar*)malloc((size_t)file_size); if (!decrypted) + { + my_error(EE_OUTOFMEMORY, ME_ERROR_LOG | ME_FATAL, file_size); goto err2; - + } bytes_to_key(buffer + OpenSSL_prefix_len, secret, key, iv); uint32 d_size; if (my_aes_crypt(MY_AES_CBC, ENCRYPTION_FLAG_DECRYPT, buffer + OpenSSL_prefix_len + OpenSSL_salt_len, - file_size - OpenSSL_prefix_len - OpenSSL_salt_len, + (unsigned int)file_size - OpenSSL_prefix_len - OpenSSL_salt_len, decrypted, &d_size, key, OpenSSL_key_len, iv, OpenSSL_iv_len)) @@ -354,7 +384,7 @@ char* Parser::read_and_decrypt_file(const char *secret) goto err3; } - my_free(buffer); + free(buffer); buffer= decrypted; file_size= d_size; } @@ -365,15 +395,15 @@ char* Parser::read_and_decrypt_file(const char *secret) } buffer[file_size]= '\0'; - my_close(f, MYF(MY_WME)); + close(f); return (char*) buffer; err3: - my_free(decrypted); + free(decrypted); err2: - my_free(buffer); + free(buffer); err1: - my_close(f, MYF(MY_WME)); + close(f); err0: return NULL; } diff --git a/plugin/file_key_management/parser.h b/plugin/file_key_management/parser.h index c8349db70a0..627b7fd84a6 100644 --- a/plugin/file_key_management/parser.h +++ b/plugin/file_key_management/parser.h @@ -22,7 +22,7 @@ Created 09/15/2014 #include <my_crypt.h> #include <ctype.h> -#include <sql_array.h> +#include <map> struct keyentry { unsigned int id; @@ -42,7 +42,7 @@ class Parser void bytes_to_key(const unsigned char *salt, const char *secret, unsigned char *key, unsigned char *iv); bool read_filekey(const char *filekey, char *secret); - bool parse_file(Dynamic_array<keyentry> *keys, const char *secret); + bool parse_file(std::map<unsigned int ,keyentry> *keys, const char *secret); void report_error(const char *reason, unsigned int position); int parse_line(char **line_ptr, keyentry *key); char* read_and_decrypt_file(const char *secret); @@ -50,5 +50,5 @@ class Parser public: Parser(const char* fn, const char *fk) : filename(fn), filekey(fk), line_number(0) { } - bool parse(Dynamic_array<keyentry> *keys); + bool parse(std::map<unsigned int ,keyentry> *keys); }; diff --git a/plugin/handler_socket/CMakeLists.txt b/plugin/handler_socket/CMakeLists.txt index 2e7caa80897..a10743210e9 100644 --- a/plugin/handler_socket/CMakeLists.txt +++ b/plugin/handler_socket/CMakeLists.txt @@ -34,6 +34,6 @@ SET(HANDLERSOCKET_SOURCES MYSQL_ADD_PLUGIN(handlersocket ${HANDLERSOCKET_SOURCES} MODULE_ONLY COMPONENT Server - LINK_LIBRARIES hsclient + LINK_LIBRARIES hsclient RECOMPILE_FOR_EMBEDDED ) diff --git a/plugin/locale_info/CMakeLists.txt b/plugin/locale_info/CMakeLists.txt index 1ace6619041..8f1dfa0d715 100644 --- a/plugin/locale_info/CMakeLists.txt +++ b/plugin/locale_info/CMakeLists.txt @@ -1,5 +1,5 @@ INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/sql ${CMAKE_SOURCE_DIR}/regex ${CMAKE_SOURCE_DIR}/extra/yassl/include) -MYSQL_ADD_PLUGIN(LOCALES locale_info.cc) +MYSQL_ADD_PLUGIN(LOCALES locale_info.cc RECOMPILE_FOR_EMBEDDED) diff --git a/plugin/metadata_lock_info/CMakeLists.txt b/plugin/metadata_lock_info/CMakeLists.txt index 44393c09eb6..6b1f5108bf1 100644 --- a/plugin/metadata_lock_info/CMakeLists.txt +++ b/plugin/metadata_lock_info/CMakeLists.txt @@ -1,2 +1,3 @@ SET(METADATA_LOCK_INFO_SOURCES metadata_lock_info.cc) -MYSQL_ADD_PLUGIN(metadata_lock_info ${METADATA_LOCK_INFO_SOURCES} MODULE_OUTPUT_NAME "metadata_lock_info") +MYSQL_ADD_PLUGIN(metadata_lock_info ${METADATA_LOCK_INFO_SOURCES} + RECOMPILE_FOR_EMBEDDED) diff --git a/plugin/qc_info/CMakeLists.txt b/plugin/qc_info/CMakeLists.txt index d10f4547227..821ffb79225 100644 --- a/plugin/qc_info/CMakeLists.txt +++ b/plugin/qc_info/CMakeLists.txt @@ -2,4 +2,4 @@ INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/sql ${PCRE_INCLUDES} ${CMAKE_SOURCE_DIR}/extra/yassl/include) -MYSQL_ADD_PLUGIN(QUERY_CACHE_INFO qc_info.cc) +MYSQL_ADD_PLUGIN(QUERY_CACHE_INFO qc_info.cc RECOMPILE_FOR_EMBEDDED) diff --git a/plugin/query_response_time/CMakeLists.txt b/plugin/query_response_time/CMakeLists.txt index f008d0256fc..112d72e429a 100644 --- a/plugin/query_response_time/CMakeLists.txt +++ b/plugin/query_response_time/CMakeLists.txt @@ -1,2 +1,3 @@ ADD_DEFINITIONS(-DHAVE_RESPONSE_TIME_DISTRIBUTION) -MYSQL_ADD_PLUGIN(QUERY_RESPONSE_TIME query_response_time.cc plugin.cc) +MYSQL_ADD_PLUGIN(QUERY_RESPONSE_TIME query_response_time.cc plugin.cc + RECOMPILE_FOR_EMBEDDED) diff --git a/plugin/semisync/CMakeLists.txt b/plugin/semisync/CMakeLists.txt index 33c0895e5e1..88998fb3093 100644 --- a/plugin/semisync/CMakeLists.txt +++ b/plugin/semisync/CMakeLists.txt @@ -17,10 +17,12 @@ SET(SEMISYNC_MASTER_SOURCES semisync.cc semisync_master.cc semisync_master_plugin.cc semisync.h semisync_master.h) -MYSQL_ADD_PLUGIN(semisync_master ${SEMISYNC_MASTER_SOURCES}) +MYSQL_ADD_PLUGIN(semisync_master ${SEMISYNC_MASTER_SOURCES} + RECOMPILE_FOR_EMBEDDED) SET(SEMISYNC_SLAVE_SOURCES semisync.cc semisync_slave.cc semisync_slave_plugin.cc semisync.h semisync_slave.h ) -MYSQL_ADD_PLUGIN(semisync_slave ${SEMISYNC_SLAVE_SOURCES}) +MYSQL_ADD_PLUGIN(semisync_slave ${SEMISYNC_SLAVE_SOURCES} + RECOMPILE_FOR_EMBEDDED) diff --git a/plugin/server_audit/CMakeLists.txt b/plugin/server_audit/CMakeLists.txt index 2c9964543bf..056a11f3753 100644 --- a/plugin/server_audit/CMakeLists.txt +++ b/plugin/server_audit/CMakeLists.txt @@ -13,7 +13,6 @@ # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02111-1301 USA -SET(SERVER_AUDIT_SOURCES - server_audit.c test_audit_v4.c plugin_audit_v4.h) +SET(SOURCES server_audit.c test_audit_v4.c plugin_audit_v4.h) - MYSQL_ADD_PLUGIN(server_audit ${SERVER_AUDIT_SOURCES} MODULE_ONLY) +MYSQL_ADD_PLUGIN(server_audit ${SOURCES} MODULE_ONLY RECOMPILE_FOR_EMBEDDED) diff --git a/plugin/wsrep_info/CMakeLists.txt b/plugin/wsrep_info/CMakeLists.txt index 4dee10c34c1..34aee9fba2c 100644 --- a/plugin/wsrep_info/CMakeLists.txt +++ b/plugin/wsrep_info/CMakeLists.txt @@ -1,5 +1,5 @@ IF (WITH_WSREP) INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/sql ${CMAKE_SOURCE_DIR}/wsrep) - MYSQL_ADD_PLUGIN(WSREP_INFO plugin.cc MODULE_ONLY) + MYSQL_ADD_PLUGIN(WSREP_INFO plugin.cc MODULE_ONLY RECOMPILE_FOR_EMBEDDED) ENDIF() |