summaryrefslogtreecommitdiff
path: root/sql/encryption.cc
Commit message (Collapse)AuthorAgeFilesLines
* plugin can signal that it cannot be unloaded by failing deinit()Sergei Golubchik2021-10-271-6/+4
| | | | | | | | | | | | if plugin->deinit() returns a failure, it is no longer ignored, it means that the plugin isn't ready to be unloaded from memory yet. So it's marked "dying", deinitialized as much as possible, but stays in memory until shutdown. also: * increment MARIA_PLUGIN_INTERFACE_VERSION * rewrite ha_rocksdb to use the new approach, update the test
* Merge branch '10.3' into 10.4Oleksandr Byelkin2020-08-031-2/+2
|\
| * Merge branch '10.2' into 10.3Oleksandr Byelkin2020-08-031-2/+2
| |\
| | * Code comment spellfixesIan Gilfillan2020-07-221-2/+2
| | |
* | | MDEV-22917 wolfssl might crash at startup when both SSL and encryption ↵Vladislav Vaintroub2020-06-171-0/+3
|/ / | | | | | | | | | | plugin are enabled Make sure to initialize SSL early enough, when encryption plugins is loaded
* | Merge 10.2 into 10.3Marko Mäkelä2019-05-141-1/+1
|\ \ | |/
| * Merge branch '5.5' into 10.1Vicențiu Ciorbaru2019-05-111-1/+1
| |
* | Merge branch '10.2' into 10.3Sergei Golubchik2019-03-171-4/+11
|\ \ | |/
| * fix gcc 8 compiler warningsSergei Golubchik2019-03-141-4/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There were two newly enabled warnings: 1. cast for a function pointers. Affected sql_analyse.h, mi_write.c and ma_write.cc, mf_iocache-t.cc, mysqlbinlog.cc, encryption.cc, etc 2. memcpy/memset of nontrivial structures. Fixed as: * the warning disabled for InnoDB * TABLE, TABLE_SHARE, and TABLE_LIST got a new method reset() which does the bzero(), which is safe for these classes, but any other bzero() will still cause a warning * Table_scope_and_contents_source_st uses `TABLE_LIST *` (trivial) instead of `SQL_I_List<TABLE_LIST>` (not trivial) so it's safe to bzero now. * added casts in debug_sync.cc and sql_select.cc (for JOIN) * move assignment method for MDL_request instead of memcpy() * PARTIAL_INDEX_INTERSECT_INFO::init() instead of bzero() * remove constructor from READ_RECORD() to make it trivial * replace some memcpy() with c++ copy assignments
* | Merge branch 'bb-10.2-ext' into 10.3Sergei Golubchik2017-08-261-6/+14
|\ \ | |/
| * MDEV-12863 No table can be created after second encryption plugin attempted ↵Sergei Golubchik2017-08-081-6/+14
| | | | | | | | | | | | | | to load when deinitializing encryption plugins, disable server-wide encryption only if this plugin is the one that is used for encryption.
* | Enusure that my_global.h is included firstMichael Widenius2017-08-241-1/+1
|/ | | | | | | | | | - Added sql/mariadb.h file that should be included first by files in sql directory, if sql_plugin.h is not used (sql_plugin.h adds SHOW variables that must be done before my_global.h is included) - Removed a lot of include my_global.h from include files - Removed include's of some files that my_global.h automatically includes - Removed duplicated include's of my_sys.h - Replaced include my_config.h with my_global.h
* MDEV-11288 Server crashes in Binlog_crypt_data::init trying to feed ↵Sergei Golubchik2016-12-061-0/+5
| | | | encrypted log without decryption capabilities
* MDEV-9618 solaris sparc build fails on 10.1.Alexey Botchkov2016-05-041-3/+13
| | | | | | | Compiler there is strict about the C/C++ call model mixing in function variable assumptions. Fixed by adding some 'extern "C"' and changing '?' operator with 'if'.
* make encrypt-binlog and encrypt-tmp-files to fail if no encryptionSergei Golubchik2015-09-091-5/+0
| | | | | | --encrypt-binlog and --encrypt-tmp-files used to mean "encrypt XXX if encryption is available, otherwise don't encrypt", now they mean "encrypt or fail with an error".
* New encryption API. Piece-wise encryption.Sergei Golubchik2015-09-041-34/+31
| | | | | | | | | | | | | Instead of encrypt(src, dst, key, iv) that encrypts all data in one go, now we have encrypt_init(key,iv), encrypt_update(src,dst), and encrypt_finish(dst). This also causes collateral changes in the internal my_crypt.cc encryption functions and in the encryption service. There are wrappers to provide the old all-at-once encryption functionality. But binlog events are often written piecewise, they'll need the new api.
* MDEV-8126 encryption for temp filesSergei Golubchik2015-06-021-0/+5
| | | | IO_CACHE tempfiles encryption
* MDEV-8173: InnoDB; Failing assertion: crypt_data->type == 1Jan Lindström2015-05-201-1/+7
| | | | | | | | | | | | | | | | | | | | | | | Make sure that when we publish the crypt_data we access the memory cache of the tablespace crypt_data. Make sure that crypt_data is stored whenever it is really needed. All this is not yet enough in my opinion because: sql/encryption.cc has DBUG_ASSERT(scheme->type == 1) i.e. crypt_data->type == CRYPT_SCHEME_1 However, for InnoDB point of view we have global crypt_data for every tablespace. When we change variables on crypt_data we take mutex. However, when we use crypt_data for encryption/decryption we use pointer to this global structure and no mutex to protect against changes on crypt_data. Tablespace encryption starts in fil_crypt_start_encrypting_space from crypt_data that has crypt_data->type = CRYPT_SCHEME_UNENCRYPTED and later we write page 0 CRYPT_SCHEME_1 and finally whe publish that to memory cache.
* Identical key derivation code in XtraDB/InnoDB/AriaSergei Golubchik2015-05-151-0/+107
| | | | | | | | * Extract it into the "encryption_scheme" service. * Make these engines to use the service, remove duplicate code. * Change MY_AES_xxx error codes, to return them safely from encryption_scheme_encrypt/decrypt without conflicting with ENCRYPTION_SCHEME_KEY_INVALID error
* Add encryption key id to the API as a distinct conceptSergei Golubchik2015-04-091-6/+12
| | | | which is separate from the encryption key version
* renames to follow single consistent naming styleSergei Golubchik2015-04-091-0/+99
with namespace prefixes
View Lorry Controller Status