hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Encryption context is passed to blr_read_binlog()

Browse Source 
Encryption context has been removed from BLFILE struct and is now
passed to blr_read_binlog()
This commit is contained in:
MassimilianoPinto
2016-10-04 17:32:06 +02:00
parent e5b34e30ae
commit d8f09ab4d4
3 changed files with 16 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
server/modules/include/blr.h
View File

@ -317,7 +317,6 @@ typedef struct blfile
int refcnt; /*< Reference count for file */ int refcnt; /*< Reference count for file */
BLCACHE *cache; /*< Record cache for this file */ BLCACHE *cache; /*< Record cache for this file */
SPINLOCK lock; /*< The file lock */ SPINLOCK lock; /*< The file lock */
void *encryption_ctx; /*< The encryption context */
struct blfile *next; /*< Next file in list */ struct blfile *next; /*< Next file in list */
} BLFILE; } BLFILE;
@ -616,7 +615,6 @@ typedef struct binlog_encryption_ctx
#define BLRM_NONCE_LENGTH (BLRM_IV_LENGTH - BLRM_IV_OFFS_LENGTH) #define BLRM_NONCE_LENGTH (BLRM_IV_LENGTH - BLRM_IV_OFFS_LENGTH)
/** /**
* State machine for the master to MaxScale replication * State machine for the master to MaxScale replication
*/ */
@ -729,7 +727,7 @@ extern int blr_write_binlog_record(ROUTER_INSTANCE *, REP_HEADER *, uint32_t po
extern int blr_file_rotate(ROUTER_INSTANCE *, char *, uint64_t); extern int blr_file_rotate(ROUTER_INSTANCE *, char *, uint64_t);
extern void blr_file_flush(ROUTER_INSTANCE *); extern void blr_file_flush(ROUTER_INSTANCE *);
extern BLFILE *blr_open_binlog(ROUTER_INSTANCE *, char *); extern BLFILE *blr_open_binlog(ROUTER_INSTANCE *, char *);
extern GWBUF *blr_read_binlog(ROUTER_INSTANCE *, BLFILE *, unsigned long, REP_HEADER *, char *); extern GWBUF *blr_read_binlog(ROUTER_INSTANCE *, BLFILE *, unsigned long, REP_HEADER *, char *, SLAVE_ENCRYPTION_CTX *);
extern void blr_close_binlog(ROUTER_INSTANCE *, BLFILE *); extern void blr_close_binlog(ROUTER_INSTANCE *, BLFILE *);
extern unsigned long blr_file_size(BLFILE *); extern unsigned long blr_file_size(BLFILE *);
extern int blr_statistics(ROUTER_INSTANCE *, ROUTER_SLAVE *, GWBUF *); extern int blr_statistics(ROUTER_INSTANCE *, ROUTER_SLAVE *, GWBUF *);

15
server/modules/routing/binlog/blr_file.c
View File

@ -605,8 +605,6 @@ blr_open_binlog(ROUTER_INSTANCE *router, char *binlog)
return NULL; return NULL;
} }
file->encryption_ctx = NULL;
file->next = router->files; file->next = router->files;
router->files = file; router->files = file;
spinlock_release(&router->fileslock); spinlock_release(&router->fileslock);
@ -622,10 +620,11 @@ blr_open_binlog(ROUTER_INSTANCE *router, char *binlog)
* @param pos Position of binlog record to read * @param pos Position of binlog record to read
* @param hdr Binlog header to populate * @param hdr Binlog header to populate
* @param errmsg Allocated BINLOG_ERROR_MSG_LEN bytes message error buffer * @param errmsg Allocated BINLOG_ERROR_MSG_LEN bytes message error buffer
* @param enc_ctx Encryption context for binlog file being read
* @return The binlog record wrapped in a GWBUF structure * @return The binlog record wrapped in a GWBUF structure
*/ */
GWBUF * GWBUF *
blr_read_binlog(ROUTER_INSTANCE *router, BLFILE *file, unsigned long pos, REP_HEADER *hdr, char *errmsg) blr_read_binlog(ROUTER_INSTANCE *router, BLFILE *file, unsigned long pos, REP_HEADER *hdr, char *errmsg, SLAVE_ENCRYPTION_CTX *enc_ctx)
{ {
uint8_t hdbuf[BINLOG_EVENT_HDR_LEN]; uint8_t hdbuf[BINLOG_EVENT_HDR_LEN];
GWBUF *result; GWBUF *result;
@ -633,7 +632,6 @@ blr_read_binlog(ROUTER_INSTANCE *router, BLFILE *file, unsigned long pos, REP_HE
int n; int n;
unsigned long filelen = 0; unsigned long filelen = 0;
struct stat statb; struct stat statb;
SLAVE_ENCRYPTION_CTX *file_enc_ctx = NULL;
memset(hdbuf, '\0', BINLOG_EVENT_HDR_LEN); memset(hdbuf, '\0', BINLOG_EVENT_HDR_LEN);
@ -719,9 +717,6 @@ blr_read_binlog(ROUTER_INSTANCE *router, BLFILE *file, unsigned long pos, REP_HE
return NULL; return NULL;
} }
/* Get encryption_ctx */
file_enc_ctx = file->encryption_ctx;
spinlock_release(&file->lock); spinlock_release(&file->lock);
spinlock_release(&router->binlog_lock); spinlock_release(&router->binlog_lock);
@ -763,14 +758,14 @@ blr_read_binlog(ROUTER_INSTANCE *router, BLFILE *file, unsigned long pos, REP_HE
} }
/* Check whether we need to decrypt the current event */ /* Check whether we need to decrypt the current event */
if (file_enc_ctx && pos >= file_enc_ctx->first_enc_event_pos) if (enc_ctx && pos >= enc_ctx->first_enc_event_pos)
{ {
uint8_t *event_ptr = hdbuf; uint8_t *event_ptr = hdbuf;
uint8_t iv[AES_BLOCK_SIZE]; uint8_t iv[AES_BLOCK_SIZE];
uint8_t event_size[4]; uint8_t event_size[4];
/* Encryption IV is 12 bytes nonce + 4 bytes event position */ /* Encryption IV is 12 bytes nonce + 4 bytes event position */
memcpy(&iv, file_enc_ctx->nonce, BLRM_NONCE_LENGTH); memcpy(&iv, enc_ctx->nonce, BLRM_NONCE_LENGTH);
gw_mysql_set_byte4(iv + BLRM_NONCE_LENGTH, (unsigned long)pos); gw_mysql_set_byte4(iv + BLRM_NONCE_LENGTH, (unsigned long)pos);
/* Save event size */ /* Save event size */
@ -990,7 +985,6 @@ blr_close_binlog(ROUTER_INSTANCE *router, BLFILE *file)
{ {
close(file->fd); close(file->fd);
file->fd = -1; file->fd = -1;
file->encryption_ctx = NULL;
MXS_FREE(file); MXS_FREE(file);
} }
} }
@ -2582,4 +2576,3 @@ blr_create_start_encryption_event(ROUTER_INSTANCE *router, uint32_t event_pos, b
return new_event; return new_event;
} }

16
server/modules/routing/binlog/blr_slave.c
View File

@ -2327,11 +2327,8 @@ blr_slave_catchup(ROUTER_INSTANCE *router, ROUTER_SLAVE *slave, bool large)
#endif #endif
int events_before = slave->stats.n_events; int events_before = slave->stats.n_events;
/* Set file encryption context from slave pointer */
file->encryption_ctx = slave->encryption_ctx;
while (burst-- && burst_size > 0 && while (burst-- && burst_size > 0 &&
(record = blr_read_binlog(router, file, slave->binlog_pos, &hdr, read_errmsg)) != NULL) (record = blr_read_binlog(router, file, slave->binlog_pos, &hdr, read_errmsg, slave->encryption_ctx)) != NULL)
{ {
char binlog_name[BINLOG_FNAMELEN + 1]; char binlog_name[BINLOG_FNAMELEN + 1];
uint32_t binlog_pos; uint32_t binlog_pos;
@ -2489,6 +2486,11 @@ blr_slave_catchup(ROUTER_INSTANCE *router, ROUTER_SLAVE *slave, bool large)
slave->lastReply = time(0); slave->lastReply = time(0);
} }
} }
/**
* End of while reading
* Checking last buffer first
*/
if (record == NULL) if (record == NULL)
{ {
slave->stats.n_failed_read++; slave->stats.n_failed_read++;
@ -2874,7 +2876,8 @@ blr_slave_read_fde(ROUTER_INSTANCE *router, ROUTER_SLAVE *slave)
{ {
return NULL; return NULL;
} }
if ((record = blr_read_binlog(router, file, 4, &hdr, err_msg)) == NULL) /* FDE is not encrypted, so we can pass NULL to last parameter */
if ((record = blr_read_binlog(router, file, 4, &hdr, err_msg, NULL)) == NULL)
{ {
if (hdr.ok != SLAVE_POS_READ_OK) if (hdr.ok != SLAVE_POS_READ_OK)
{ {
@ -5722,7 +5725,8 @@ blr_slave_read_ste(ROUTER_INSTANCE *router, ROUTER_SLAVE *slave, uint32_t fde_en
{ {
return 0; return 0;
} }
if ((record = blr_read_binlog(router, file, fde_end_pos, &hdr, err_msg)) == NULL) /* Start Encryption Event is not encrypted, we can pass NULL to last parameter */
if ((record = blr_read_binlog(router, file, fde_end_pos, &hdr, err_msg, NULL)) == NULL)
{ {
if (hdr.ok != SLAVE_POS_READ_OK) if (hdr.ok != SLAVE_POS_READ_OK)
{ {