Split secrets.h to public and core + miscellaneous cleanup

Also, changed some function names to this_style from thisStyle. More of this in later commits.
2017-01-27 13:14:31 +02:00
parent 6cc205dafa
commit 1f9b18e3bc
15 changed files with 107 additions and 72 deletions
--- a/include/maxscale/notification.h
+++ b/include/maxscale/notification.h
@ -45,16 +45,16 @@ MXS_BEGIN_DECLS

 typedef struct
 {
-    int feedback_enable;        /**< Enable/Disable Notification feedback */
-    char    *feedback_url;          /**< URL to which the data is sent */
-    char    *feedback_user_info;        /**< User info included in the feedback data sent */
-    int feedback_timeout;       /**< An attempt to write/read the data times out and fails after this many seconds */
-    int feedback_connect_timeout;   /**< An attempt to send the data times out and fails after this many seconds */
-    int feedback_last_action;       /**< Holds the feedback last send action status */
-    int     feedback_frequency;             /*< Frequency of the housekeeper task */
-    char    *release_info;          /**< Operating system Release name */
-    char    *sysname;           /**< Operating system name */
-    uint8_t *mac_sha1;          /**< First available MAC address*/
+    int feedback_enable;         /**< Enable/Disable Notification feedback */
+    char *feedback_url;          /**< URL to which the data is sent */
+    char *feedback_user_info;    /**< User info included in the feedback data sent */
+    int feedback_timeout;        /**< An attempt to write/read the data times out and fails after this many seconds */
+    int feedback_connect_timeout;/**< An attempt to send the data times out and fails after this many seconds */
+    int feedback_last_action;    /**< Holds the feedback last send action status */
+    int feedback_frequency;      /*< Frequency of the housekeeper task */
+    char *release_info;          /**< Operating system Release name */
+    char *sysname;               /**< Operating system name */
+    uint8_t *mac_sha1;           /**< First available MAC address*/
 } FEEDBACK_CONF;

 extern char  *gw_bin2hex(char *out, const uint8_t *in, unsigned int len);
--- a/include/maxscale/routing.h
+++ b/include/maxscale/routing.h
@ -43,7 +43,7 @@ typedef enum routing_capability
    /** Result sets are delivered in one buffer; implies RCAP_TYPE_STMT_OUTPUT. */
    RCAP_TYPE_RESULTSET_OUTPUT      = 0x0050, /* 0b0000000001110000 */

-} routing_capability_t;
+} mxs_routing_capability_t;

 #define RCAP_TYPE_NONE 0

--- a/include/maxscale/secrets.h
+++ b/include/maxscale/secrets.h
@ -13,48 +13,15 @@
 */

 /**
- * @file secrets.h
- *
- * @verbatim
- * Revision History
- *
- * Date         Who                     Description
- * 23/06/2013   Massimiliano Pinto      Initial implementation
- *
- * @endverbatim
+ * @file include/maxscale/secrets.h - MaxScale config file password decryption
 */

 #include <maxscale/cdefs.h>
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
+
 #include <sys/types.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-#include <errno.h>
-#include <openssl/aes.h>

 MXS_BEGIN_DECLS

-#define MAXSCALE_KEYLEN 32
-#define MAXSCALE_IV_LEN 16
-
-/**
- * The key structure held in the secrets file
- */
-typedef struct maxkeys
-{
-    unsigned char enckey[MAXSCALE_KEYLEN];
-    unsigned char initvector[MAXSCALE_IV_LEN];
-} MAXKEYS;
-
-enum
-{
-    MXS_PASSWORD_MAXLEN = 79
-};
-
-extern int  secrets_writeKeys(const char *directory);
-extern char *decryptPassword(const char *);
-extern char *encryptPassword(const char*, const char *);
+char *decrypt_password(const char *);

 MXS_END_DECLS
--- a/server/core/maxkeys.c
+++ b/server/core/maxkeys.c
@ -22,9 +22,11 @@
 *
 * @endverbatim
 */
+#include "maxscale/secrets.h"
+
 #include <getopt.h>
 #include <stdio.h>
-#include <maxscale/secrets.h>
+
 #include <maxscale/log_manager.h>
 #include <maxscale/paths.h>

@ -93,7 +95,7 @@ int main(int argc, char **argv)

    mxs_log_init(NULL, NULL, MXS_LOG_TARGET_DEFAULT);

-    if (secrets_writeKeys(directory) != 0)
+    if (secrets_write_keys(directory) != 0)
    {
        fprintf(stderr, "Failed to create the .secrets file.\n");
        rval = EXIT_FAILURE;
--- a/server/core/maxpasswd.c
+++ b/server/core/maxpasswd.c
@ -22,10 +22,17 @@
 *
 * @endverbatim
 */
+
+#include <maxscale/cdefs.h>
+
 #include <stdio.h>
+#include <errno.h>
+#include <sys/stat.h>
+
 #include <maxscale/paths.h>
 #include <maxscale/log_manager.h>
-#include <maxscale/secrets.h>
+
+#include "maxscale/secrets.h"

 struct option options[] =
 {
@ -162,7 +169,7 @@ int main(int argc, char **argv)

    int rval = EXIT_SUCCESS;

-    char* enc = encryptPassword(path, used_password);
+    char* enc = encrypt_password(path, used_password);
    if (enc)
    {
        printf("%s\n", enc);
--- a/server/core/maxscale/secrets.h
+++ b/server/core/maxscale/secrets.h
@ -0,0 +1,43 @@
+#pragma once
+/*
+ * Copyright (c) 2016 MariaDB Corporation Ab
+ *
+ * Use of this software is governed by the Business Source License included
+ * in the LICENSE.TXT file and at www.mariadb.com/bsl.
+ *
+ * Change Date: 2019-07-01
+ *
+ * On the date above, in accordance with the Business Source License, use
+ * of this software will be governed by version 2 or later of the General
+ * Public License.
+ */
+
+/**
+ * @file core/maxscale/secrets.h - MaxScale config file password encryption/decryption
+ */
+
+#include <maxscale/secrets.h>
+
+MXS_BEGIN_DECLS
+
+#define MAXSCALE_KEYLEN 32
+#define MAXSCALE_IV_LEN 16
+
+/**
+ * The key structure held in the secrets file
+ */
+typedef struct maxkeys
+{
+    unsigned char enckey[MAXSCALE_KEYLEN];
+    unsigned char initvector[MAXSCALE_IV_LEN];
+} MAXKEYS;
+
+enum
+{
+    MXS_PASSWORD_MAXLEN = 79
+};
+
+int  secrets_write_keys(const char *directory);
+char *encrypt_password(const char*, const char *);
+
+MXS_END_DECLS
--- a/server/core/monitor.c
+++ b/server/core/monitor.c
@ -29,6 +29,7 @@
 */
 #include <maxscale/monitor.h>

+#include <fcntl.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@ -676,7 +677,7 @@ bool check_monitor_permissions(MXS_MONITOR* monitor, const char* query)
    }

    char *user = monitor->user;
-    char *dpasswd = decryptPassword(monitor->password);
+    char *dpasswd = decrypt_password(monitor->password);
    MXS_CONFIG* cnf = config_get_global_options();
    bool rval = false;

@ -1169,7 +1170,7 @@ mon_connect_to_db(MXS_MONITOR* mon, MXS_MONITOR_SERVERS *database)
            passwd = database->server->monpw;
        }

-        char *dpwd = decryptPassword(passwd);
+        char *dpwd = decrypt_password(passwd);

        mysql_options(database->con, MYSQL_OPT_CONNECT_TIMEOUT, (void *) &mon->connect_timeout);
        mysql_options(database->con, MYSQL_OPT_READ_TIMEOUT, (void *) &mon->read_timeout);
--- a/server/core/secrets.c
+++ b/server/core/secrets.c
@ -12,13 +12,20 @@
 */

 #include <maxscale/secrets.h>
-#include <time.h>
-#include <maxscale/log_manager.h>
+
 #include <ctype.h>
-#include <maxscale/protocol/mysql.h>
-#include <maxscale/paths.h>
-#include <maxscale/random_jkiss.h>
+#include <time.h>
+#include <sys/stat.h>
+
+#include <openssl/aes.h>
+
 #include <maxscale/alloc.h>
+#include <maxscale/log_manager.h>
+#include <maxscale/paths.h>
+#include <maxscale/protocol/mysql.h>
+#include <maxscale/random_jkiss.h>
+
+#include "maxscale/secrets.h"

 /**
 * Generate a random printable character
@ -245,7 +252,7 @@ secrets_readKeys(const char* path)
 * @param dir The directory where the ".secrets" file should be created.
 * @return 0 on success and 1 on failure
 */
-int secrets_writeKeys(const char *dir)
+int secrets_write_keys(const char *dir)
 {
    int fd, randfd;
    unsigned int randval;
@ -345,7 +352,7 @@ int secrets_writeKeys(const char *dir)
 * @return  The decrypted password or NULL if allocation failure.
 */
 char *
-decryptPassword(const char *crypt)
+decrypt_password(const char *crypt)
 {
    MAXKEYS *keys;
    AES_KEY aeskey;
@ -398,7 +405,7 @@ decryptPassword(const char *crypt)
 * @return  The encrypted password
 */
 char *
-encryptPassword(const char* path, const char *password)
+encrypt_password(const char* path, const char *password)
 {
    MAXKEYS *keys;
    AES_KEY aeskey;
--- a/server/core/utils.c
+++ b/server/core/utils.c
@ -29,12 +29,17 @@
 */

 #include <maxscale/utils.h>
-#include <arpa/inet.h>
+
+#include <fcntl.h>
 #include <netdb.h>
 #include <regex.h>
+#include <arpa/inet.h>
 #include <sys/socket.h>
+#include <sys/stat.h>
 #include <sys/types.h>
+
 #include <openssl/sha.h>
+
 #include <maxscale/alloc.h>
 #include <maxscale/dcb.h>
 #include <maxscale/log_manager.h>
--- a/server/modules/authenticator/CDCPlainAuth/cdc_plain_auth.c
+++ b/server/modules/authenticator/CDCPlainAuth/cdc_plain_auth.c
@ -436,7 +436,7 @@ cdc_set_service_user(SERV_LISTENER *listener)
        return 1;
    }

-    dpwd = decryptPassword(service->credentials.authdata);
+    dpwd = decrypt_password(service->credentials.authdata);

    if (!dpwd)
    {
--- a/server/modules/authenticator/GSSAPI/GSSAPIAuth/gssapi_auth.c
+++ b/server/modules/authenticator/GSSAPI/GSSAPIAuth/gssapi_auth.c
@ -547,7 +547,7 @@ int gssapi_auth_load_users(SERV_LISTENER *listener)
    int rval = MXS_AUTH_LOADUSERS_ERROR;
    GSSAPI_INSTANCE *inst = (GSSAPI_INSTANCE*)listener->auth_instance;

-    if (serviceGetUser(listener->service, &user, &pw) && (pw = decryptPassword(pw)))
+    if (serviceGetUser(listener->service, &user, &pw) && (pw = decrypt_password(pw)))
    {
        for (SERVER_REF *servers = listener->service->dbref; servers; servers = servers->next)
        {
--- a/server/modules/authenticator/HTTPAuth/http_auth.c
+++ b/server/modules/authenticator/HTTPAuth/http_auth.c
@ -103,7 +103,7 @@ http_auth_authenticate(DCB *dcb)
    HTTP_AUTH *ses = (HTTP_AUTH*)dcb->data;
    char *user, *pw;
    serviceGetUser(dcb->service, &user, &pw);
-    pw = decryptPassword(pw);
+    pw = decrypt_password(pw);

    if (ses && strcmp(ses->user, user) == 0 && strcmp(ses->pw, pw) == 0)
    {
--- a/server/modules/authenticator/MySQLAuth/dbusers.c
+++ b/server/modules/authenticator/MySQLAuth/dbusers.c
@ -739,7 +739,7 @@ get_all_users(SERV_LISTENER *listener, USERS *users)
        return -1;
    }

-    dpwd = decryptPassword(service_passwd);
+    dpwd = decrypt_password(service_passwd);
    final_data = (char*) MXS_MALLOC(sizeof(char));
    MXS_ABORT_IF_NULL(final_data);
    *final_data = '\0';
@ -1236,7 +1236,7 @@ get_users(SERV_LISTENER *listener, USERS *users)
     * to try
     */
    server = service->dbref;
-    dpwd = decryptPassword(service_passwd);
+    dpwd = decrypt_password(service_passwd);

    /* Select a server with Master bit, if available */
    while (server != NULL && !(server->server->status & SERVER_MASTER))
@ -2685,7 +2685,7 @@ bool check_service_permissions(SERVICE* service)
        return false;
    }

-    char *dpasswd = decryptPassword(password);
+    char *dpasswd = decrypt_password(password);
    bool rval = false;

    for (SERVER_REF *server = service->dbref; server; server = server->next)
--- a/server/modules/authenticator/MySQLAuth/mysql_auth.c
+++ b/server/modules/authenticator/MySQLAuth/mysql_auth.c
@ -836,7 +836,7 @@ static bool add_service_user(SERV_LISTENER *port)

    if (serviceGetUser(port->service, &user, &pw))
    {
-        pw = decryptPassword(pw);
+        pw = decrypt_password(pw);

        if (pw)
        {
--- a/server/modules/routing/binlogrouter/blr.h
+++ b/server/modules/routing/binlogrouter/blr.h
@ -46,12 +46,15 @@
 #define MXS_MODULE_NAME "binlogrouter"

 #include <maxscale/cdefs.h>
+
+#include <stdint.h>
+#include <openssl/aes.h>
+#include <pthread.h>
+#include <zlib.h>
+
 #include <maxscale/dcb.h>
 #include <maxscale/buffer.h>
-#include <pthread.h>
-#include <stdint.h>
 #include <maxscale/thread.h>
-#include <zlib.h>
 #include <maxscale/protocol/mysql.h>
 #include <maxscale/secrets.h>