From d8f09ab4d4b160c0409168c9785b1c18532e8e4c Mon Sep 17 00:00:00 2001
From: MassimilianoPinto <massimiliano.pinto@mariadb.com>
Date: Tue, 4 Oct 2016 17:32:06 +0200
Subject: [PATCH] Encryption context is passed to blr_read_binlog()

Encryption context has been removed from BLFILE struct and is now
passed to blr_read_binlog()
---
 server/modules/include/blr.h              |  4 +---
 server/modules/routing/binlog/blr_file.c  | 17 +++++------------
 server/modules/routing/binlog/blr_slave.c | 16 ++++++++++------
 3 files changed, 16 insertions(+), 21 deletions(-)

diff --git a/server/modules/include/blr.h b/server/modules/include/blr.h
index 6a352116f..979f3aab0 100644
--- a/server/modules/include/blr.h
+++ b/server/modules/include/blr.h
@@ -317,7 +317,6 @@ typedef struct blfile
     int             refcnt;                         /*< Reference count for file */
     BLCACHE         *cache;                         /*< Record cache for this file */
     SPINLOCK        lock;                           /*< The file lock */
-    void            *encryption_ctx;                /*< The encryption context */
     struct blfile   *next;                          /*< Next file in list */
 } BLFILE;
 
@@ -616,7 +615,6 @@ typedef struct binlog_encryption_ctx
 #define BLRM_NONCE_LENGTH           (BLRM_IV_LENGTH - BLRM_IV_OFFS_LENGTH)
 
 
-
 /**
  * State machine for the master to MaxScale replication
  */
@@ -729,7 +727,7 @@ extern int  blr_write_binlog_record(ROUTER_INSTANCE *, REP_HEADER *, uint32_t po
 extern int  blr_file_rotate(ROUTER_INSTANCE *, char *, uint64_t);
 extern void blr_file_flush(ROUTER_INSTANCE *);
 extern BLFILE *blr_open_binlog(ROUTER_INSTANCE *, char *);
-extern GWBUF *blr_read_binlog(ROUTER_INSTANCE *, BLFILE *, unsigned long, REP_HEADER *, char *);
+extern GWBUF *blr_read_binlog(ROUTER_INSTANCE *, BLFILE *, unsigned long, REP_HEADER *, char *, SLAVE_ENCRYPTION_CTX *);
 extern void blr_close_binlog(ROUTER_INSTANCE *, BLFILE *);
 extern unsigned long blr_file_size(BLFILE *);
 extern int blr_statistics(ROUTER_INSTANCE *, ROUTER_SLAVE *, GWBUF *);
diff --git a/server/modules/routing/binlog/blr_file.c b/server/modules/routing/binlog/blr_file.c
index f05576e1a..b0d0673f2 100644
--- a/server/modules/routing/binlog/blr_file.c
+++ b/server/modules/routing/binlog/blr_file.c
@@ -473,7 +473,7 @@ blr_write_binlog_record(ROUTER_INSTANCE *router, REP_HEADER *hdr, uint32_t size,
         memmove(buf + BINLOG_EVENT_LEN_OFFSET, buf, 4);
         uint8_t *buf_ptr = buf + 4;
         /* 16 bytes after buf + 4 are owerwritten by XORed with IV */
-        /* Only 15 bytes are involved */ 
+        /* Only 15 bytes are involved */
         for (int i = 0; i < (AES_BLOCK_SIZE - 1); i++)
         {
             buf_ptr[i]= buf_ptr[i] ^ iv[i];
@@ -605,8 +605,6 @@ blr_open_binlog(ROUTER_INSTANCE *router, char *binlog)
         return NULL;
     }
 
-    file->encryption_ctx = NULL;
-
     file->next = router->files;
     router->files = file;
     spinlock_release(&router->fileslock);
@@ -622,10 +620,11 @@ blr_open_binlog(ROUTER_INSTANCE *router, char *binlog)
  * @param pos       Position of binlog record to read
  * @param hdr       Binlog header to populate
  * @param errmsg    Allocated BINLOG_ERROR_MSG_LEN bytes message error buffer
+ * @param enc_ctx   Encryption context for binlog file being read
  * @return          The binlog record wrapped in a GWBUF structure
  */
 GWBUF *
-blr_read_binlog(ROUTER_INSTANCE *router, BLFILE *file, unsigned long pos, REP_HEADER *hdr, char *errmsg)
+blr_read_binlog(ROUTER_INSTANCE *router, BLFILE *file, unsigned long pos, REP_HEADER *hdr, char *errmsg, SLAVE_ENCRYPTION_CTX *enc_ctx)
 {
     uint8_t hdbuf[BINLOG_EVENT_HDR_LEN];
     GWBUF *result;
@@ -633,7 +632,6 @@ blr_read_binlog(ROUTER_INSTANCE *router, BLFILE *file, unsigned long pos, REP_HE
     int n;
     unsigned long filelen = 0;
     struct stat statb;
-    SLAVE_ENCRYPTION_CTX *file_enc_ctx = NULL;
 
     memset(hdbuf, '\0', BINLOG_EVENT_HDR_LEN);
 
@@ -719,9 +717,6 @@ blr_read_binlog(ROUTER_INSTANCE *router, BLFILE *file, unsigned long pos, REP_HE
         return NULL;
     }
 
-    /* Get encryption_ctx */
-    file_enc_ctx = file->encryption_ctx;
-
     spinlock_release(&file->lock);
     spinlock_release(&router->binlog_lock);
 
@@ -763,14 +758,14 @@ blr_read_binlog(ROUTER_INSTANCE *router, BLFILE *file, unsigned long pos, REP_HE
     }
 
     /* Check whether we need to decrypt the current event */
-    if (file_enc_ctx && pos >= file_enc_ctx->first_enc_event_pos)
+    if (enc_ctx && pos >= enc_ctx->first_enc_event_pos)
     {
         uint8_t *event_ptr = hdbuf;
         uint8_t iv[AES_BLOCK_SIZE];
         uint8_t event_size[4];
 
         /* Encryption IV is 12 bytes nonce + 4 bytes event position */
-        memcpy(&iv, file_enc_ctx->nonce, BLRM_NONCE_LENGTH);
+        memcpy(&iv, enc_ctx->nonce, BLRM_NONCE_LENGTH);
         gw_mysql_set_byte4(iv + BLRM_NONCE_LENGTH, (unsigned long)pos);
 
         /* Save event size */
@@ -990,7 +985,6 @@ blr_close_binlog(ROUTER_INSTANCE *router, BLFILE *file)
     {
         close(file->fd);
         file->fd = -1;
-        file->encryption_ctx = NULL;
         MXS_FREE(file);
     }
 }
@@ -2582,4 +2576,3 @@ blr_create_start_encryption_event(ROUTER_INSTANCE *router, uint32_t event_pos, b
 
     return new_event;
 }
-
diff --git a/server/modules/routing/binlog/blr_slave.c b/server/modules/routing/binlog/blr_slave.c
index 2201771cd..fecca64bd 100644
--- a/server/modules/routing/binlog/blr_slave.c
+++ b/server/modules/routing/binlog/blr_slave.c
@@ -2327,11 +2327,8 @@ blr_slave_catchup(ROUTER_INSTANCE *router, ROUTER_SLAVE *slave, bool large)
 #endif
     int events_before = slave->stats.n_events;
 
-    /* Set file encryption context from slave pointer */
-    file->encryption_ctx = slave->encryption_ctx;
-
     while (burst-- && burst_size > 0 &&
-           (record = blr_read_binlog(router, file, slave->binlog_pos, &hdr, read_errmsg)) != NULL)
+           (record = blr_read_binlog(router, file, slave->binlog_pos, &hdr, read_errmsg, slave->encryption_ctx)) != NULL)
     {
         char binlog_name[BINLOG_FNAMELEN + 1];
         uint32_t binlog_pos;
@@ -2489,6 +2486,11 @@ blr_slave_catchup(ROUTER_INSTANCE *router, ROUTER_SLAVE *slave, bool large)
             slave->lastReply = time(0);
         }
     }
+
+    /**
+     * End of while reading
+     * Checking last buffer first
+     */ 
     if (record == NULL)
     {
         slave->stats.n_failed_read++;
@@ -2874,7 +2876,8 @@ blr_slave_read_fde(ROUTER_INSTANCE *router, ROUTER_SLAVE *slave)
     {
         return NULL;
     }
-    if ((record = blr_read_binlog(router, file, 4, &hdr, err_msg)) == NULL)
+    /* FDE is not encrypted, so we can pass NULL to last parameter */
+    if ((record = blr_read_binlog(router, file, 4, &hdr, err_msg, NULL)) == NULL)
     {
         if (hdr.ok != SLAVE_POS_READ_OK)
         {
@@ -5722,7 +5725,8 @@ blr_slave_read_ste(ROUTER_INSTANCE *router, ROUTER_SLAVE *slave, uint32_t fde_en
     {
         return 0;
     }
-    if ((record = blr_read_binlog(router, file, fde_end_pos, &hdr, err_msg)) == NULL)
+    /* Start Encryption Event is not encrypted, we can pass NULL to last parameter */
+    if ((record = blr_read_binlog(router, file, fde_end_pos, &hdr, err_msg, NULL)) == NULL)
     {
         if (hdr.ok != SLAVE_POS_READ_OK)
         {