Encryption context code review update

2016-09-26 09:54:57 +02:00
parent 56d345e833
commit ad86b16fa2
3 changed files with 24 additions and 14 deletions
--- a/server/modules/include/blr.h
+++ b/server/modules/include/blr.h
@ -61,7 +61,7 @@
 #define BINLOG_EVENT_CRC_ALGO_TYPE  1
 #define BINLOG_EVENT_CRC_SIZE       4
 #define BINLOG_EVENT_LEN_OFFSET     9
-#define BINLOG_ENCRYPTION_ALGORYTM_NAME_LEN  13
+#define BINLOG_ENCRYPTION_ALGORYTHM_NAME_LEN  13
 #define BINLOG_FATAL_ERROR_READING         1236

 /**
@ -466,7 +466,7 @@ typedef struct
 typedef struct binlog_encryption_setup
 {
  bool enabled;
-  char encryption_algorithm[BINLOG_ENCRYPTION_ALGORYTM_NAME_LEN];
+  char encryption_algorithm[BINLOG_ENCRYPTION_ALGORYTHM_NAME_LEN];
  char *key_management_filename;
  uint8_t *keys;
 } BINLOG_ENCRYPTION_SETUP;
--- a/server/modules/routing/binlog/blr.c
+++ b/server/modules/routing/binlog/blr.c
@ -842,10 +842,10 @@ createInstance(SERVICE *service, char **options)
        if (!inst->encryption.enabled && inst->encryption_ctx)
        {
            MXS_ERROR("Found START_ENCRYPTION_EVENT but "
-                      "binlog ecryption option is currently Off. Replication can't start right now. "
-                      "Please restart maxScale with option set to On");
+                      "binlog encryption option is currently Off. Replication can't start right now. "
+                      "Please restart MaxScale with option set to On");

-            /* Force STOPPED state */ 
+            /* Force STOPPED state */
            inst->master_state = BLRM_SLAVE_STOPPED;
            /* Set mysql_errno and error message */
            inst->m_errno = BINLOG_FATAL_ERROR_READING;
--- a/server/modules/routing/binlog/blr_file.c
+++ b/server/modules/routing/binlog/blr_file.c
@ -135,9 +135,11 @@ typedef enum
 typedef struct start_encryption_event
 {
    uint8_t header[BINLOG_EVENT_HDR_LEN];
-    uint8_t binlog_crypto_scheme;
-    uint32_t binlog_key_version;
-    uint8_t nonce[BLRM_NONCE_LENGTH];
+    uint8_t binlog_crypto_scheme; /**< Encryption scheme */
+    uint32_t binlog_key_version;  /**< Encryption key version */
+    uint8_t nonce[BLRM_NONCE_LENGTH]; /**< nonce (random bytes) of current binlog.
+                                       * These bytes + the binlog event current pos
+                                       * form the encrryption IV for the event */
 } START_ENCRYPTION_EVENT;

 /**
@ -149,9 +151,11 @@ typedef struct start_encryption_event
 */
 typedef struct binlog_encryption_ctx
 {
-    uint8_t binlog_crypto_scheme;
-    uint32_t binlog_key_version;
-    uint8_t nonce[BLRM_NONCE_LENGTH];
+    uint8_t binlog_crypto_scheme; /**< Encryption scheme */
+    uint32_t binlog_key_version;  /**< Encryption key version */
+    uint8_t nonce[BLRM_NONCE_LENGTH]; /**< nonce (random bytes) of current binlog.
+                                       * These bytes + the binlog event current pos
+                                       * form the encrryption IV for the event */
 } BINLOG_ENCRYPTION_CTX;

 /**
@ -1683,8 +1687,12 @@ blr_read_events_all_events(ROUTER_INSTANCE *router, int fix, int debug)
        if (hdr.event_type == MARIADB10_START_ENCRYPTION_EVENT)
        {
            char nonce_hex[12 * 2 + 1] = "";
-            BINLOG_ENCRYPTION_CTX *new_encryption_ctx = MXS_CALLOC(1, sizeof(BINLOG_ENCRYPTION_CTX));
            START_ENCRYPTION_EVENT ste_event = {};
+            BINLOG_ENCRYPTION_CTX *new_encryption_ctx = MXS_CALLOC(1, sizeof(BINLOG_ENCRYPTION_CTX));
+            if (new_encryption_ctx == NULL)
+            {
+                return 1;
+            }

            /* The start encryption event data is 17 bytes long:
             * Scheme = 1
@ -1738,7 +1746,6 @@ blr_read_events_all_events(ROUTER_INSTANCE *router, int fix, int debug)

            /* Update the router encryption context */
            MXS_FREE(router->encryption_ctx);
-            router->encryption_ctx = NULL;
            router->encryption_ctx = new_encryption_ctx;
        }

@ -2485,6 +2492,10 @@ blr_create_start_encryption_event(ROUTER_INSTANCE *router, uint32_t event_pos, b
    uint8_t *new_event;
    uint8_t event_size = sizeof(START_ENCRYPTION_EVENT);
    BINLOG_ENCRYPTION_CTX *new_encryption_ctx = MXS_CALLOC(1, sizeof(BINLOG_ENCRYPTION_CTX));
+    if (new_encryption_ctx == NULL)
+    {
+        return NULL;
+    }

    /* Add 4 bytes to event size with crc32 */
    if (do_checksum)
@ -2545,7 +2556,6 @@ blr_create_start_encryption_event(ROUTER_INSTANCE *router, uint32_t event_pos, b
           &new_event[BINLOG_EVENT_HDR_LEN + 1], BLRM_KEY_VERSION_LENGTH);

    MXS_FREE(router->encryption_ctx);
-    router->encryption_ctx = NULL;
    router->encryption_ctx = new_encryption_ctx;

    spinlock_release(&router->binlog_lock);