!6473 麒麟V10 arm执行gs_guc generate报错

Merge pull request !6473 from 杨皓/cherry-pick-1727337546
2024-09-27 02:04:09 +00:00
parent ebf2c30906 ed61b63d51
commit 55e96153ba
6 changed files with 24 additions and 21 deletions
--- a/src/bin/gs_guc/pg_guc.cpp
+++ b/src/bin/gs_guc/pg_guc.cpp
@ -1985,7 +1985,8 @@ static void do_help_encrypt_options(void)
    (void)printf(_("\nOptions for encrypt: \n"));
    (void)printf(_("  -M, --keymode=MODE     the cipher files will be applies in server, client or source,default "
                   "value is server mode\n"));
-    (void)printf(_("  -K PASSWORD            the plain password you want to encrypt, which length should between 8~16 and at least 3 different types of characters\n"));
+    (void)printf(_("  -K PASSWORD            the plain password you want to encrypt, which length should between "
+                   "8~15 and at least 3 different types of characters\n"));
    (void)printf(_("  -U, --keyuser=USER     if appointed, the cipher files will name with the user name\n"));
    (void)printf(_("  -R RANDFILEDIR         set the dir that put the rand file\n"));
    (void)printf(_("  -C CIPHERFILEDIR       set the dir that put the cipher file\n"));
@ -1997,7 +1998,8 @@ static void do_help_generate_options(void)

    (void)printf(_("\nOptions for generate: \n"));
    (void)printf(_("  -o PREFIX               the cipher files prefix. default value is obsserver\n"));
-    (void)printf(_("  -S CIPHERKEY            the plain password you want to encrypt, which length should between 8~16 and at least 3 different types of characters\n"));
+    (void)printf(_("  -S CIPHERKEY            the plain password you want to encrypt, which length should between "
+                   "8~15 and at least 3 different types of characters\n"));
 }

 /*
@ -2367,11 +2369,11 @@ void checkDataDir(const char* datadir)
 void checkCipherkey()
 {
    if (g_cipherkey == NULL) {
-        g_cipherkey = simple_prompt("Password: ", MAX_KEY_LEN + 1, false);
-        if (!check_input_password(g_cipherkey)) {
+        g_cipherkey = simple_prompt("Password: ", MAX_GUC_PASS_LEN + 1, false);
+        if (!check_input_password(g_cipherkey, MAX_GUC_PASS_LEN)) {
            write_stderr(_("%s: The input key must be %d~%d bytes and "
                "contain at least three kinds of characters!\n"),
-                progname, MIN_KEY_LEN, MAX_KEY_LEN);
+                progname, MIN_KEY_LEN, MAX_GUC_PASS_LEN);
            do_advice();
            exit(1);
        }
@ -2421,10 +2423,10 @@ void doGenerateOperation(const char* datadir, const char* loginfo)
        OPENSSL_free(g_cipherkey);
        g_cipherkey = NULL;
    } else {
-        if (!check_input_password(g_cipherkey)) {
+        if (!check_input_password(g_cipherkey, MAX_GUC_PASS_LEN)) {
            write_stderr(_("%s: The input key must be %d~%d bytes and "
                "contain at least three kinds of characters!\n"),
-                progname, MIN_KEY_LEN, MAX_KEY_LEN);
+                progname, MIN_KEY_LEN, MAX_GUC_PASS_LEN);
            GS_FREE(g_cipherkey);
            do_advice();
            exit(1);
@ -2848,7 +2850,7 @@ int main(int argc, char** argv)
                }
                case 'K': {
                    char key_str[MAX_KEY_LEN] = {0};
-                    if (!check_input_password(optarg)) {
+                    if (!check_input_password(optarg, MAX_GUC_PASS_LEN)) {
                        do_advice();
                        exit(1);
                    }
@ -3749,11 +3751,11 @@ static void check_encrypt_options(void)
        return;
    }
    if (g_plainkey == NULL) {
-        g_plainkey = simple_prompt("Password: ", MAX_KEY_LEN + 1, false);
-        if (!check_input_password(g_plainkey)) {
+        g_plainkey = simple_prompt("Password: ", MAX_GUC_PASS_LEN + 1, false);
+        if (!check_input_password(g_plainkey, MAX_GUC_PASS_LEN)) {
            write_stderr(_("%s: The input key must be %d~%d bytes and "
                "contain at least three kinds of characters!\n"),
-                progname, MIN_KEY_LEN, MAX_KEY_LEN);
+                progname, MIN_KEY_LEN, MAX_GUC_PASS_LEN);
            do_advice();
            exit(1);
        }
--- a/src/common/port/cipher.cpp
+++ b/src/common/port/cipher.cpp
@ -102,7 +102,7 @@ bool init_vector_random(GS_UCHAR* init_vector, size_t vector_len)
 }

 /* check whether the input password(for key derivation) meet the requirements of the length and complexity */
-bool check_input_password(const char* password)
+bool check_input_password(const char* password, int maxlen)
 {
 #define PASSWD_KINDS 4
    int key_input_len = 0;
@ -119,8 +119,8 @@ bool check_input_password(const char* password)
        (void)fprintf(stderr, _("Invalid password,it must contain at least eight characters\n"));
        return false;
    }
-    if (key_input_len > MAX_KEY_LEN) {
-        (void)fprintf(stderr, _("Invalid password,the length exceed %d\n"), MAX_KEY_LEN);
+    if (key_input_len > maxlen) {
+        (void)fprintf(stderr, _("Invalid password,the length exceed %d\n"), maxlen);
        return false;
    }
    ptr = password;
--- a/src/include/cipher.h
+++ b/src/include/cipher.h
@ -65,6 +65,7 @@ typedef unsigned char GS_UCHAR;
 #define MAC_LEN 20
 #define MIN_KEY_LEN 8
 #define MAX_KEY_LEN 16
+#define MAX_GUC_PASS_LEN 15
 #define AK_LEN 512
 #define SK_LEN 512
 #define AK_VALID_CHRS "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
@ -119,7 +120,7 @@ extern void gen_cipher_rand_files(
    KeyMode mode, const char* plain_key, const char* user_name, const char* datadir, const char* preStr);
 extern void decode_cipher_files(
    KeyMode mode, const char* user_name, const char* datadir, GS_UCHAR* plainpwd, bool obs_server_mode = false);
-extern bool check_input_password(const char* password);
+extern bool check_input_password(const char* password, int maxlen = MAX_KEY_LEN);
 extern bool EncryptInputKey(GS_UCHAR* pucPlainText, GS_UCHAR* initrand, GS_UCHAR* keySaltVector,
    GS_UCHAR* encryptVector, GS_UCHAR* pucCipherText, GS_UINT32* pulCLen);
 extern bool ReadContentFromFile(const char* filename, void* content, size_t csize);
--- a/src/test/regress/output/gs_encrypt.source
+++ b/src/test/regress/output/gs_encrypt.source
@ -36,9 +36,9 @@
 --?.*
 \! @abs_bindir@/gs_encrypt -B MTIzNDU2Nzg5MGFiY2RlZg== -v 0123456789abcdef plaintext 
 Invalid password,it must contain at least three kinds of characters
-gs_encrypt: The input key must be 8~16 bytes and contain at least three kinds of characters!
+gs_encrypt: The input key must be 8~15 bytes and contain at least three kinds of characters!
 \! @abs_bindir@/gs_encrypt -B MTIzNDU2Nzg5MGFiY2RlZg== -D MTIzNDU2Nzg5MGFiY2RlZg== plaintext 
 Invalid password,it must contain at least three kinds of characters
-gs_encrypt: The input key must be 8~16 bytes and contain at least three kinds of characters!
+gs_encrypt: The input key must be 8~15 bytes and contain at least three kinds of characters!
 \! rm -f @abs_bindir@/tde.key.cipher
 \! rm -f @abs_bindir@/tde.key.rand
--- a/src/test/regress/output/gs_guc.source
+++ b/src/test/regress/output/gs_guc.source
@ -68,7 +68,7 @@ Options for set and reload with -h host-auth-policy:

 Options for encrypt: 
  -M, --keymode=MODE     the cipher files will be applies in server, client or source,default value is server mode
-  -K PASSWORD            the plain password you want to encrypt, which length should between 8~16 and at least 3 different types of characters
+  -K PASSWORD            the plain password you want to encrypt, which length should between 8~15 and at least 3 different types of characters
  -U, --keyuser=USER     if appointed, the cipher files will name with the user name
  -R RANDFILEDIR         set the dir that put the rand file
  -C CIPHERFILEDIR       set the dir that put the cipher file
@ -76,7 +76,7 @@ Options for encrypt:

 Options for generate: 
  -o PREFIX               the cipher files prefix. default value is obsserver
-  -S CIPHERKEY            the plain password you want to encrypt, which length should between 8~16 and at least 3 different types of characters
+  -S CIPHERKEY            the plain password you want to encrypt, which length should between 8~15 and at least 3 different types of characters
 -----Check(GUC)
 \! /usr3/data1/jiangyan/openGauss-server/src/test/regress/./tmp_check/install//data1/jiangyan/openGauss-server//dest/bin/gs_guc check -D /usr3/data1/jiangyan/openGauss-server/src/test/regress/tmp_check/datanode1/ -c cstore_buffers
 The gs_guc run with the following arguments: [/usr3/data1/jiangyan/openGauss-server/src/test/regress/./tmp_check/install//data1/jiangyan/openGauss-server//dest/bin/gs_guc -D /usr3/data1/jiangyan/openGauss-server/src/test/regress/tmp_check/datanode1/ -c cstore_buffers check ].
--- a/src/test/regress/wastebin/output/guc_help.source
+++ b/src/test/regress/wastebin/output/guc_help.source
@ -53,7 +53,7 @@ Options for set and reload with -h host-auth-policy:

 Options for encrypt: 
  -M, --keymode=MODE     the cipher files will be applies in server, client or source,default value is server mode
-  -K PASSWORD            the plain password you want to encrypt, which length should between 8~16 and at least 3 different types of characters
+  -K PASSWORD            the plain password you want to encrypt, which length should between 8~15 and at least 3 different types of characters
  -U, --keyuser=USER     if appointed, the cipher files will name with the user name
  -R RANDFILEDIR         set the dir that put the rand file
  -C CIPHERFILEDIR       set the dir that put the cipher file
@ -61,4 +61,4 @@ Options for encrypt:

 Options for generate: 
  -o PREFIX               the cipher files prefix. default value is obsserver
-  -S CIPHERKEY            the plain password you want to encrypt, which length should between 8~16 and at least 3 different types of characters
+  -S CIPHERKEY            the plain password you want to encrypt, which length should between 8~15 and at least 3 different types of characters