hcq/openGauss-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Disabled gs_ktool and removed kmc

Browse Source
This commit is contained in:
dengxuyue
2020-12-31 19:42:37 +08:00
parent c681fe0ab4
commit c76d64f14f
26 changed files with 31 additions and 175 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
build/script/gsql_env.sh
View File

@ -44,27 +44,17 @@ function doing()
#------------------------------
# gsql things
#------------------------------
function cofig_gsql_and_gs_ktool()
function cofig_gsql()
{
doing 'Configuring LD_LIBRARY_PATH, PATH and GS_KTOOL_FILE_PATH for gsql and gs_ktool...'
doing 'Configuring LD_LIBRARY_PATH and PATH for gsql...'
LIB_PATH="${LOCAL_PATH}/lib"
BIN_PATH="${LOCAL_PATH}/bin"
GS_KT_FILE_PATH="${LOCAL_PATH}/gs_ktool_file"
if [ ! -f "${LOCAL_PATH}/bin/gsql" ]; then
logerr "failed to locate ./bin/gsql, please source this file at the path where it is. "
return 1;
fi;
if [ ! -f "${LOCAL_PATH}/bin/gs_ktool" ]; then
logerr "failed to locate ./bin/gs_ktool, please source this file at the path where it is. "
return 1;
fi;
if [ ! -f "${LOCAL_PATH}/gs_ktool_file/gs_ktool_conf.ini" ]; then
logerr "failed to locate ./gs_ktool_file/gs_ktool_con.ini, please source this file at the path where it is. "
return 1;
fi;
export LD_LIBRARY_PATH=${LIB_PATH}:${LD_LIBRARY_PATH}
export PATH=${BIN_PATH}:${PATH}
export GS_KTOOL_FILE_PATH=${GS_KT_FILE_PATH}
echo 'done'
return 0
}
@ -73,7 +63,7 @@ if [ ! -z "$1" ]; then
echo "Usage:"
echo " source $0"
else
cofig_gsql_and_gs_ktool
cofig_gsql
if [ 0 -eq $? ]; then
echo 'All things done.'
fi

11
build/script/mpp_package.sh
View File

@ -966,7 +966,6 @@ function make_package_gsql()
mkdir -p gsql
mkdir -p gsql/bin
mkdir -p gsql/lib
mkdir -p gsql/gs_ktool_file
# copy gsql and depend *.so
cp ${BUILD_DIR}/bin/gsql gsql/bin
@ -974,16 +973,6 @@ function make_package_gsql()
die "copy gsql failed."
fi
cp ${BUILD_DIR}/bin/gs_ktool gsql/bin
if [ $? -ne 0 ]; then
die "copy gsql failed."
fi
cp -r ${BUILD_DIR}/etc/gs_ktool_file/gs_ktool_conf.ini gsql/gs_ktool_file
if [ $? -ne 0 ]; then
die "copy gs_ktool_con.ini failed."
fi
cd gsql
tar -xvf ${package_path}/${libpq_package_name}
if [ $? -ne 0 ]; then

8
build/script/mpp_release_list_centos
View File

@ -2,7 +2,6 @@
./bin/gds
./bin/gs_log
./bin/gsql
./bin/gs_ktool
./bin/gaussdb
./bin/gaussdb.version.GaussDB200
./bin/gaussdb.version.GaussDB300
@ -790,8 +789,6 @@
./lib/postgresql/pg_upgrade_support.so
./lib/postgresql/java/pljava.jar
./lib/libpljava.so
./lib/libgs_ktool.so
./lib/libkmc.so
./lib/libpq.a
./lib/libpq.so
./lib/libpq.so.5
@ -1214,7 +1211,6 @@
./jre/THIRD_PARTY_README
[client]
./bin/gsql
./bin/gs_ktool
./bin/gs_dump
./bin/gs_dumpall
./bin/gs_restore
@ -1255,8 +1251,6 @@
./lib/postgresql/utf8_and_big5.so
./lib/postgresql/java/pljava.jar
./lib/libpljava.so
./lib/libgs_ktool.so
./lib/libkmc.so
./lib/libpq.a
./lib/libpq.so
./lib/libpq.so.5
@ -1290,8 +1284,6 @@
./odbc/lib/psqlodbcw.la
./odbc/lib/psqlodbcw.so
[libpq]
./lib/libgs_ktool.so
./lib/libkmc.so
./lib/libpq.a
./lib/libpq.so
./lib/libpq.so.5

8
build/script/mpp_release_list_centos_aarch64
View File

@ -2,7 +2,6 @@
./bin/gds
./bin/gs_log
./bin/gsql
./bin/gs_ktool
./bin/gaussdb
./bin/gaussdb.version.GaussDB200
./bin/gaussdb.version.GaussDB300
@ -780,8 +779,6 @@
./lib/postgresql/java/pljava.jar
./lib/postgresql/gsredistribute.so
./lib/libpljava.so
./lib/libgs_ktool.so
./lib/libkmc.so
./lib/libpq.a
./lib/libpq.so
./lib/libpq.so.5
@ -1203,7 +1200,6 @@
./jre/THIRD_PARTY_README
[client]
./bin/gsql
./bin/gs_ktool
./bin/gs_dump
./bin/gs_dumpall
./bin/gs_restore
@ -1244,8 +1240,6 @@
./lib/postgresql/utf8_and_big5.so
./lib/postgresql/java/pljava.jar
./lib/libpljava.so
./lib/libgs_ktool.so
./lib/libkmc.so
./lib/libpq.a
./lib/libpq.so
./lib/libpq.so.5
@ -1279,8 +1273,6 @@
./odbc/lib/psqlodbcw.la
./odbc/lib/psqlodbcw.so
[libpq]
./lib/libgs_ktool.so
./lib/libkmc.so
./lib/libpq.a
./lib/libpq.so
./lib/libpq.so.5

8
build/script/mpp_release_list_centos_single
View File

@ -2,7 +2,6 @@
./bin/gds
./bin/gs_log
./bin/gsql
./bin/gs_ktool
./bin/gaussdb
./bin/gaussdb.version.GaussDB200
./bin/gaussdb.version.GaussDB300
@ -775,8 +774,6 @@
./lib/postgresql/java/pljava.jar
./lib/postgresql/postgres_fdw.so
./lib/libpljava.so
./lib/libgs_ktool.so
./lib/libkmc.so
./lib/libpq.a
./lib/libpq.so
./lib/libpq.so.5
@ -1196,7 +1193,6 @@
./jre/THIRD_PARTY_README
[client]
./bin/gsql
./bin/gs_ktool
./bin/gs_dump
./bin/gs_dumpall
./bin/gs_restore
@ -1237,8 +1233,6 @@
./lib/postgresql/utf8_and_big5.so
./lib/postgresql/java/pljava.jar
./lib/libpljava.so
./lib/libgs_ktool.so
./lib/libkmc.so
./lib/libpq.a
./lib/libpq.so
./lib/libpq.so.5
@ -1272,8 +1266,6 @@
./odbc/lib/psqlodbcw.la
./odbc/lib/psqlodbcw.so
[libpq]
./lib/libgs_ktool.so
./lib/libkmc.so
./lib/libpq.a
./lib/libpq.so
./lib/libpq.so.5

8
build/script/mpp_release_list_euleros
View File

@ -2,7 +2,6 @@
./bin/gds
./bin/gs_log
./bin/gsql
./bin/gs_ktool
./bin/gaussdb
./bin/gaussdb.version.GaussDB200
./bin/gaussdb.version.GaussDB300
@ -803,8 +802,6 @@
./lib/libpq_ce.so
./lib/libpq_ce.so.5
./lib/libpq_ce.so.5.5
./lib/libkmc.so
./lib/libgs_ktool.so
./lib/libcgroup.so
./lib/libcgroup.so.1
./lib/libcom_err_gauss.so
@ -1221,7 +1218,6 @@
./jre/THIRD_PARTY_README
[client]
./bin/gsql
./bin/gs_ktool
./bin/gs_dump
./bin/gs_dumpall
./bin/gs_restore
@ -1269,8 +1265,6 @@
./lib/libpq_ce.so
./lib/libpq_ce.so.5
./lib/libpq_ce.so.5.5
./lib/libkmc.so
./lib/libgs_ktool.so
./lib/libcrypto.so
./lib/libcrypto.so.1.1
./lib/libstdc++.so.6
@ -1312,8 +1306,6 @@
./lib/libcmcommon.so.2
./lib/libcmpq.so
./lib/libcmpq.so.1
./lib/libkmc.so
./lib/libgs_ktool.so
./lib/libcrypto.so
./lib/libcrypto.so.1.1
./lib/libstdc++.so.6

8
build/script/mpp_release_list_euleros_aarch64
View File

@ -2,7 +2,6 @@
./bin/gds
./bin/gs_log
./bin/gsql
./bin/gs_ktool
./bin/gaussdb
./bin/gaussdb.version.GaussDB200
./bin/gaussdb.version.GaussDB300
@ -797,8 +796,6 @@
./lib/postgresql/java/pljava.jar
./lib/postgresql/gsredistribute.so
./lib/libpljava.so
./lib/libgs_ktool.so
./lib/libkmc.so
./lib/libpq.a
./lib/libpq.so
./lib/libpq.so.5
@ -1226,7 +1223,6 @@
./jre/THIRD_PARTY_README
[client]
./bin/gsql
./bin/gs_ktool
./bin/gs_dump
./bin/gs_dumpall
./bin/gs_restore
@ -1267,8 +1263,6 @@
./lib/postgresql/utf8_and_big5.so
./lib/postgresql/java/pljava.jar
./lib/libpljava.so
./lib/libgs_ktool.so
./lib/libkmc.so
./lib/libpq.a
./lib/libpq.so
./lib/libpq.so.5
@ -1302,8 +1296,6 @@
./odbc/lib/psqlodbcw.la
./odbc/lib/psqlodbcw.so
[libpq]
./lib/libgs_ktool.so
./lib/libkmc.so
./lib/libpq.a
./lib/libpq.so
./lib/libpq.so.5

8
build/script/mpp_release_list_euleros_aarch64_single
View File

@ -2,7 +2,6 @@
./bin/gds
./bin/gs_log
./bin/gsql
./bin/gs_ktool
./bin/gaussdb
./bin/gaussdb.version.GaussDB200
./bin/gaussdb.version.GaussDB300
@ -792,8 +791,6 @@
./lib/postgresql/java/pljava.jar
./lib/postgresql/postgres_fdw.so
./lib/libpljava.so
./lib/libgs_ktool.so
./lib/libkmc.so
./lib/libpq.a
./lib/libpq.so
./lib/libpq.so.5
@ -1216,7 +1213,6 @@
./jre/THIRD_PARTY_README
[client]
./bin/gsql
./bin/gs_ktool
./bin/gs_dump
./bin/gs_dumpall
./bin/gs_restore
@ -1257,8 +1253,6 @@
./lib/postgresql/utf8_and_big5.so
./lib/postgresql/java/pljava.jar
./lib/libpljava.so
./lib/libgs_ktool.so
./lib/libkmc.so
./lib/libpq.a
./lib/libpq.so
./lib/libpq.so.5
@ -1292,8 +1286,6 @@
./odbc/lib/psqlodbcw.la
./odbc/lib/psqlodbcw.so
[libpq]
./lib/libgs_ktool.so
./lib/libkmc.so
./lib/libpq.a
./lib/libpq.so
./lib/libpq.so.5

8
build/script/mpp_release_list_euleros_single
View File

@ -2,7 +2,6 @@
./bin/gds
./bin/gs_log
./bin/gsql
./bin/gs_ktool
./bin/gaussdb
./bin/gaussdb.version.GaussDB200
./bin/gaussdb.version.GaussDB300
@ -785,8 +784,6 @@
./lib/postgresql/java/pljava.jar
./lib/postgresql/postgres_fdw.so
./lib/libpljava.so
./lib/libgs_ktool.so
./lib/libkmc.so
./lib/libpq.a
./lib/libpq.so
./lib/libpq.so.5
@ -1209,7 +1206,6 @@
./jre/THIRD_PARTY_README
[client]
./bin/gsql
./bin/gs_ktool
./bin/gs_dump
./bin/gs_dumpall
./bin/gs_restore
@ -1250,8 +1246,6 @@
./lib/postgresql/utf8_and_big5.so
./lib/postgresql/java/pljava.jar
./lib/libpljava.so
./lib/libgs_ktool.so
./lib/libkmc.so
./lib/libpq.a
./lib/libpq.so
./lib/libpq.so.5
@ -1285,8 +1279,6 @@
./odbc/lib/psqlodbcw.la
./odbc/lib/psqlodbcw.so
[libpq]
./lib/libgs_ktool.so
./lib/libkmc.so
./lib/libpq.a
./lib/libpq.so
./lib/libpq.so.5

10
build/script/mpp_release_list_linux_x86_64
View File

@ -2,7 +2,6 @@
[server]:./bin/gds
[server]:./bin/gs_log
[server]:./bin/gsql
[server]:./bin/gs_ktool
[server]:./bin/gaussdb
[server]:./bin/gaussdb.version.GaussDB200
[server]:./bin/gaussdb.version.GaussDB300
@ -776,8 +775,6 @@
[server]:./lib/postgresql/java/pljava.jar
[server]:./lib/postgresql/gsredistribute.so*
[server]:./lib/libpljava.so*
[server]:./lib/libgs_ktool.so*
[server]:./lib/libkmc.so
[server]:./lib/libpq.a
[server]:./lib/libpq.so*
[server]:./lib/libpq_ce.so*
@ -1121,7 +1118,6 @@
[server]:./jre/THIRD_PARTY_README
[client]
[client]:./bin/gsql
[client]:./bin/gs_ktool
[client]:./bin/gs_dump
[client]:./bin/gs_dumpall
[client]:./bin/gs_restore
@ -1162,8 +1158,6 @@
[client]:./lib/postgresql/utf8_and_big5.so*
[client]:./lib/postgresql/java/pljava.jar
[client]:./lib/libpljava.so*
[client]:./lib/libgs_ktool.so*
[client]:./lib/libkmc.so
[client]:./lib/libpq.a
[client]:./lib/libpq.so*
[client]:./lib/libpq_ce.so*
@ -1192,8 +1186,6 @@
[odbc]:./lib/libkrb5_gauss.so*
[odbc]:./lib/libcom_err_gauss.so*
[odbc]:./lib/libpgport_tool.so*
[odbc]:./lib/libgs_ktool.so*
[odbc]:./lib/libkmc.so
[odbc]:./lib/libpq.a
[odbc]:./lib/libpq.so*
[odbc]:./lib/libpq_ce.so*
@ -1206,8 +1198,6 @@
[libpq]:./lib/libpq.a
[libpq]:./lib/libpq.so*
[libpq]:./lib/libpq_ce.so*
[libpq]:./lib/libgs_ktool.so*
[libpq]:./lib/libkmc.so
[libpq]:./lib/libstdc++.so*
[libpq]:./lib/libconfig.so*
[libpq]:./lib/libcmclient.so*

8
build/script/mpp_release_list_openeuler_aarch64
View File

@ -2,7 +2,6 @@
./bin/gds
./bin/gs_log
./bin/gsql
./bin/gs_ktool
./bin/gaussdb
./bin/gaussdb.version.GaussDB200
./bin/gaussdb.version.GaussDB300
@ -784,8 +783,6 @@
./lib/postgresql/java/pljava.jar
./lib/postgresql/gsredistribute.so
./lib/libpljava.so
./lib/libgs_ktool.so
./lib/libkmc.so
./lib/libpq.a
./lib/libpq.so
./lib/libpq.so.5
@ -1212,7 +1209,6 @@
./jre/THIRD_PARTY_README
[client]
./bin/gsql
./bin/gs_ktool
./bin/gs_dump
./bin/gs_dumpall
./bin/gs_restore
@ -1253,8 +1249,6 @@
./lib/postgresql/utf8_and_big5.so
./lib/postgresql/java/pljava.jar
./lib/libpljava.so
./lib/libgs_ktool.so
./lib/libkmc.so
./lib/libpq.a
./lib/libpq.so
./lib/libpq.so.5
@ -1288,8 +1282,6 @@
./odbc/lib/psqlodbcw.la
./odbc/lib/psqlodbcw.so
[libpq]
./lib/libgs_ktool.so
./lib/libkmc.so
./lib/libpq.a
./lib/libpq.so
./lib/libpq.so.5

8
build/script/opengauss_release_list_centos_single
View File

@ -1,7 +1,6 @@
[server]
./bin/gs_log
./bin/gsql
./bin/gs_ktool
./bin/gaussdb
./bin/gaussdb.version.GaussDB200
./bin/gaussdb.version.GaussDB300
@ -771,8 +770,6 @@
./lib/postgresql/java/pljava.jar
./lib/postgresql/postgres_fdw.so
./lib/libpljava.so
./lib/libgs_ktool.so
./lib/libkmc.so
./lib/libpq.a
./lib/libpq.so
./lib/libpq.so.5
@ -1186,7 +1183,6 @@
./jre/THIRD_PARTY_README
[client]
./bin/gsql
./bin/gs_ktool
./bin/gs_dump
./bin/gs_dumpall
./bin/gs_restore
@ -1227,8 +1223,6 @@
./lib/postgresql/utf8_and_big5.so
./lib/postgresql/java/pljava.jar
./lib/libpljava.so
./lib/libgs_ktool.so
./lib/libkmc.so
./lib/libpq.a
./lib/libpq.so
./lib/libpq.so.5
@ -1262,8 +1256,6 @@
./odbc/lib/psqlodbcw.la
./odbc/lib/psqlodbcw.so
[libpq]
./lib/libgs_ktool.so
./lib/libkmc.so
./lib/libpq.a
./lib/libpq.so
./lib/libpq.so.5

8
build/script/opengauss_release_list_euleros_aarch64_single
View File

@ -1,7 +1,6 @@
[server]
./bin/gs_log
./bin/gsql
./bin/gs_ktool
./bin/gaussdb
./bin/gaussdb.version.GaussDB200
./bin/gaussdb.version.GaussDB300
@ -775,8 +774,6 @@
./lib/postgresql/java/pljava.jar
./lib/postgresql/postgres_fdw.so
./lib/libpljava.so
./lib/libgs_ktool.so
./lib/libkmc.so
./lib/libpq.a
./lib/libpq.so
./lib/libpq.so.5
@ -1193,7 +1190,6 @@
./jre/THIRD_PARTY_README
[client]
./bin/gsql
./bin/gs_ktool
./bin/gs_dump
./bin/gs_dumpall
./bin/gs_restore
@ -1234,8 +1230,6 @@
./lib/postgresql/utf8_and_big5.so
./lib/postgresql/java/pljava.jar
./lib/libpljava.so
./lib/libgs_ktool.so
./lib/libkmc.so
./lib/libpq.a
./lib/libpq.so
./lib/libpq.so.5
@ -1269,8 +1263,6 @@
./odbc/lib/psqlodbcw.la
./odbc/lib/psqlodbcw.so
[libpq]
./lib/libgs_ktool.so
./lib/libkmc.so
./lib/libpq.a
./lib/libpq.so
./lib/libpq.so.5

10
src/Makefile.global.in
View File

@ -355,7 +355,7 @@ else
LIBORC_HOME = $(with_3rd)/$(BINARYPATH)/liborc/$(LIB_SUPPORT_LLT)
SNAPPY_HOME = $(with_3rd)/$(BINARYPATH)/snappy/$(LIB_SUPPORT_LLT)
LIBOPENSSL_HOME = $(with_3rd)/$(BINARYPATH)/openssl/$(LIB_NOT_SUPPORT_LLT)
LIBKMC_HOME = $(with_3rd)/$(PLATFORMPATH)/kmc/comm
SECURE_HOME = $(with_3rd)/$(PLATFORMPATH)/Huawei_Secure_C/$(LIB_NOT_SUPPORT_LLT)
SECUREDYNAMICLIB_HOME = $(with_3rd)/$(PLATFORMPATH)/Huawei_Secure_C/Dynamic_Lib
LICENSE_HOME = $(with_3rd)/$(PLATFORMPATH)/AdaptiveLM_C_V100R005C01SPC002/$(LIB_SUPPORT_LLT)
@ -616,12 +616,6 @@ LIBOPENSSL_LIB_PATH = $(LIBOPENSSL_HOME)/lib
LIBOPENSSL_SSL_PATH = $(LIBOPENSSL_HOME)/ssl
LIBOPENSSL_INCLUDE_PATH = $(LIBOPENSSL_HOME)/include
#############################################################################
# kmc component
#############################################################################
LIBKMC_LIB_PATH = $(LIBKMC_HOME)/lib
LIBKMC_INCLUDE_PATH = $(LIBKMC_HOME)/include
#############################################################################
# security component
#############################################################################
@ -1065,7 +1059,7 @@ endif
# This macro is for use by libraries linking to libpq. (Because libpgport
# isn't created with the same link flags as libpq, it can't be used.)
libpq = -L$(libpq_builddir) -lpq
libpq_ce = -L$(libpq_builddir) -lpq_ce -L$(top_builddir)/src/bin/gs_ktool/ -lgs_ktool -lsecurec -lkmc
libpq_ce = -L$(libpq_builddir) -lpq_ce
# If doing static linking, shared library dependency info isn't available,
# so add in the libraries that libpq depends on.

7
src/bin/Makefile
View File

@ -34,8 +34,7 @@ SUBDIRS = \
gsqlerr \
pg_upgrade \
pg_basebackup \
pg_probackup \
gs_ktool
pg_probackup
ifeq ($(PORTNAME), win32)
SUBDIRS += pgevent
@ -55,9 +54,7 @@ SUBDIRS = \
gs_guc \
gsqlerr \
pg_basebackup \
pg_probackup \
gs_ktool
pg_probackup

2
src/bin/pg_dump/Makefile
View File

@ -56,7 +56,7 @@ kwlookup.cpp: % : $(top_srcdir)/src/common/backend/parser/%
rm -f $@ && $(LN_S) $< .
all: submake-aes gs_dump gs_restore gs_dumpall
libpq_pgport:=$(subst -lpq,-lpq_ce,$(libpq_pgport)) -L$(top_builddir)/src/bin/gs_ktool/ -lgs_ktool -lsecurec -L$(LIBKMC_LIB_PATH) -lkmc
libpq_pgport:=$(subst -lpq,-lpq_ce,$(libpq_pgport))
gs_dump: pg_dump.o common.o pg_dump_sort.o $(OBJS) $(KEYWRDOBJS) $(COMMON_OBJS) | submake-libpq_ce submake-libpgport
$(CC) $(CXXFLAGS) $(MY_CFLAGS) pg_dump.o common.o pg_dump_sort.o $(KEYWRDOBJS) $(OBJS) $(EXTRA_OBJS) $(COMMON_OBJS) $(LIBS) $(libpq_pgport) $(LDFLAGS) $(LDFLAGS_EX) -o $@$(X)

4
src/bin/psql/Makefile
View File

@ -21,7 +21,7 @@ REFDOCDIR= $(top_srcdir)/doc/src/sgml/ref
MAKESGMLDIR = $(top_builddir)/src/common/pgxc/tools/makesgml
SGMLDIR= $(top_builddir)/doc/src/sgml
override CPPFLAGS := -I. -I$(srcdir) -I$(libpq_srcdir) -I$(top_srcdir)/src/bin/pg_dump -DHAVE_CE -L$(top_builddir)/src/bin/gs_ktool/ -lgs_ktool -L$(LIBKMC_LIB_PATH) -lkmc $(CPPFLAGS)
override CPPFLAGS := -I. -I$(srcdir) -I$(libpq_srcdir) -I$(top_srcdir)/src/bin/pg_dump -DHAVE_CE $(CPPFLAGS)
$(top_builddir)/src/common/interfaces/libpq/client_logic_processor/stmt_processor.o:
$(MAKE) -C $(top_builddir)/src/common/interfaces/libpq/client_logic_processor/ stmt_processor.o ENABLE_CE=1
@ -65,7 +65,7 @@ FLEXFLAGS = -Cfe -b -p -p
all: submake-aes gsql
libpq_pgport:=$(subst -lpq,-lpq_ce,$(libpq_pgport)) -L$(top_builddir)/src/bin/gs_ktool/ -lgs_ktool -lsecurec -L$(LIBKMC_LIB_PATH) -lkmc
libpq_pgport:=$(subst -lpq,-lpq_ce,$(libpq_pgport))
$(top_builddir)/src/lib/elog/elog.a:
$(MAKE) -C $(top_builddir)/src/lib/elog elog.a

4
src/common/backend/client_logic/client_logic.cpp
View File

@ -348,7 +348,7 @@ static int process_global_settings_args(CreateClientLogicGlobal *parsetree, Oid
break;
case ClientLogicGlobalProperty::CMK_KEY_STORE: {
CmkKeyStore key_store = get_key_store_from_string(global_param->value);
if (key_store != CmkKeyStore::GS_KTOOL) {
if (key_store != CmkKeyStore::LOCALKMS) {
ereport(ERROR, (errcode(ERRCODE_SYNTAX_ERROR), errmsg("Invalid key store")));
}
string_args.set("KEY_STORE", global_param->value);
@ -361,7 +361,7 @@ static int process_global_settings_args(CreateClientLogicGlobal *parsetree, Oid
}
case ClientLogicGlobalProperty::CMK_ALGORITHM: {
CmkAlgorithm cmk_algo = get_algorithm_from_string(global_param->value);
if (cmk_algo != CmkAlgorithm::AES_256_CBC) {
if (cmk_algo != CmkAlgorithm::RAS_2048) {
ereport(ERROR, (errcode(ERRCODE_SYNTAX_ERROR), errmsg("Invalid algorithm")));
}
string_args.set("ALGORITHM", global_param->value);

6
src/common/interfaces/libpq/Makefile
View File

@ -27,7 +27,7 @@ override CPPFLAGS += -I$(top_builddir)/$(subdir)/client_logic_hooks
override CPPFLAGS += -I$(top_builddir)/$(subdir)/client_logic_hooks/encryption_hooks
ifeq "$(ENABLE_CE)" "1"
override CPPFLAGS += -DHAVE_CE -DWORDS_BIGENDIAN -L$(top_builddir)/src/bin/gs_ktool/ -lgs_ktool -lsecurec -L$(LIBKMC_LIB_PATH) -lkmc
override CPPFLAGS += -DHAVE_CE -DWORDS_BIGENDIAN
endif
ifneq ($(PORTNAME), win32)
@ -162,9 +162,7 @@ all-lib-depends: libpq_ce subsystem
$(MAKE) all-lib
endif
all: gs_ktool all-lib-depends
gs_ktool:
$(MAKE) -C $(top_builddir)/src/bin/gs_ktool
all: all-lib-depends
utlibpq: all-lib
cp libpq.so $(top_builddir)/src/distribute/test/ut/lib/libutlibpq.so

1
src/common/interfaces/libpq/client_logic_hooks/Makefile
View File

@ -19,7 +19,6 @@ encryption_hooks_dir = "$(top_builddir)/src/common/interfaces/libpq/client_logic
override CPPFLAGS := -DFRONTEND -DFRONTEND_PARSER -DPGXC -Wno-write-strings -fstack-protector-all -I$(srcdir) $(CPPFLAGS) -I$(top_builddir)/src/ -I$(top_builddir)/src/include
override CPPFLAGS += -I$(top_builddir)/src/common/interfaces/libpq/ -I$(top_builddir)/src/include/libpq/ -I$(top_builddir)/src/include/libpq/client_logic_cache
override CPPFLAGS += -I$(top_builddir)/src/common/interfaces/libpq/client_logic_hooks -I$(encryption_hooks_dir)
override CPPFLAGS += -L$(top_builddir)/src/bin/gs_ktool/ -lgs_ktool -lsecurec -L$(LIBKMC_LIB_PATH) -lkmc
override CPPFLAGS := $(filter-out -fPIE, $(CPPFLAGS)) -fPIC -shared
override CFLAGS := $(filter-out -fPIE, $(CFLAGS)) -fPIC -shared

4
src/common/interfaces/libpq/client_logic_hooks/encryption_hooks/Makefile
View File

@ -15,8 +15,8 @@ top_builddir = ../../../../../../
# shared library parameters
NAME=client_logic_encryption_hooks
override CPPFLAGS := -DFRONTEND -DPGXC -Wno-write-strings -fstack-protector-all -I$(srcdir) $(CPPFLAGS) -I$(top_builddir)/src/ -I$(top_builddir)/src/include -I$(top_builddir)/src/include/libpq -I$(top_builddir)/src/common/interfaces/libpq -I$(top_builddir)/src/common/interfaces/libpq/client_logic_hooks/ -I.
override CPPFLAGS += -L$(top_builddir)/src/bin/gs_ktool/ -lgs_ktool -lsecurec -L$(LIBKMC_LIB_PATH) -lkmc
override CPPFLAGS := -DFRONTEND -DPGXC -Wno-write-strings -fstack-protector-all -I$(srcdir) $(CPPFLAGS) -I$(top_builddir)/src/ -I$(top_builddir)/src/include -I$(top_builddir)/src/include/libpq -I$(top_builddir)/src/common/interfaces/libpq -I$(top_builddir)/src/common/interfaces/libpq/client_logic_hooks/ -I.
override CPPFLAGS += -lsecurec -lssl -lcrypto
override CPPFLAGS := $(filter-out -fPIE, $(CPPFLAGS)) -fPIC -shared
override CFLAGS := $(filter-out -fPIE, $(CFLAGS)) -fPIC -shared

4
src/common/interfaces/libpq/client_logic_hooks/encryption_hooks/encryption_column_hook_executor.cpp
View File

@ -243,7 +243,7 @@ bool EncryptionColumnHookExecutor::deprocess_column_encryption_key(bool is_durin
* case 2 : do not report error and try again
*/
CmkKeyStore keyStore = get_key_store_from_string(key_store_str);
if (keyStore == CmkKeyStore::GS_KTOOL) {
if (keyStore == CmkKeyStore::LOCALKMS) {
if (!kt_atoi(key_path_str, &cmk_id)) {
return false;
}
@ -366,7 +366,7 @@ bool EncryptionColumnHookExecutor::pre_create(PGClientLogic &column_encryption,
unsigned char cmk_plain[DEFAULT_CMK_LEN + 1] = {0};
unsigned int cmk_id = 0;
if (keyStore == CmkKeyStore::GS_KTOOL) {
if (keyStore == CmkKeyStore::LOCALKMS) {
if (!kt_atoi(key_path_str, &cmk_id)) {
libpq_free(common_expected_value);
return false;

6
src/common/interfaces/libpq/client_logic_hooks/encryption_hooks/encryption_global_hook_executor.cpp
View File

@ -49,7 +49,7 @@ bool EncryptionGlobalHookExecutor::pre_create(const StringArgs &args,
/* check algorithm */
CmkAlgorithm cmk_algo = get_algorithm_from_string(algorithm_type_str);
if (cmk_algo != CmkAlgorithm::AES_256_CBC) {
if (cmk_algo != CmkAlgorithm::RAS_2048) {
printfPQExpBuffer(&conn->errorMessage,
libpq_gettext("ERROR(CLIENT): unsupported client master key algorithm\n"));
return false;
@ -57,7 +57,7 @@ bool EncryptionGlobalHookExecutor::pre_create(const StringArgs &args,
/* check key store */
CmkKeyStore key_store = get_key_store_from_string(key_store_str);
if (key_store != CmkKeyStore::GS_KTOOL) {
if (key_store != CmkKeyStore::LOCALKMS) {
printfPQExpBuffer(&conn->errorMessage, libpq_gettext("ERROR(CLIENT): key store are mandatory\n"));
return false;
}
@ -87,7 +87,7 @@ bool EncryptionGlobalHookExecutor::pre_create(const StringArgs &args,
}
}
/* generate cmk */
if (key_store == CmkKeyStore::GS_KTOOL) {
if (key_store == CmkKeyStore::LOCALKMS) {
unsigned int cmk_id = 0;
if (!kt_atoi(key_path_str, &cmk_id)) {

30
src/common/interfaces/libpq/client_logic_hooks/encryption_hooks/gs_ktool_interface.cpp
View File

@ -29,17 +29,16 @@
#include <openssl/rand.h>
#include "encrypt_decrypt.h"
#include "aead_aes_hamc_enc_key.h"
#include "gs_ktool/kt_interface.h"
#include "cmk_cache_lru.h"
static CmkCacheList *cmk_cache_list = NULL;
extern bool kt_check_algorithm_type(CmkAlgorithm algo_type)
{
if (algo_type == CmkAlgorithm::AES_256_CBC) {
if (algo_type == CmkAlgorithm::RAS_2048) {
return true;
} else {
printf("ERROR(CLIENT): Invalid algorithm, keys generated by gs_ktool are only used for AES_256_CBC.\n");
printf("ERROR(CLIENT): Invalid algorithm, keys generated by gs_ktool are only used for RAS_2048.\n");
}
return false;
@ -47,6 +46,7 @@ extern bool kt_check_algorithm_type(CmkAlgorithm algo_type)
bool kt_atoi(const char *cmk_id_str, unsigned int *cmk_id)
{
return true;
const char *key_path_tag = "gs_ktool/";
char tmp_str[MAX_KEYPATH_LEN] = {0};
int tmp_pos = 0;
@ -87,24 +87,18 @@ bool create_cmk(unsigned int cmk_id)
{
unsigned int cmk_len = 0;
if (!get_cmk_len(cmk_id, &cmk_len)) {
return false;
}
if (cmk_len != DEFAULT_CMK_LEN) {
printf(
"ERROR(GS_KTOOL): Default cmk len is %u, but the len of cmk read from gs_ktool is %u.\n",
DEFAULT_CMK_LEN, cmk_len);
return false;
}
return true;
}
bool read_cmk_plain(const unsigned int cmk_id, unsigned char *cmk_plain, bool is_report_err)
{
unsigned int cmk_len = 0;
if (cmk_plain == NULL) {
return false;
}
@ -120,21 +114,7 @@ bool read_cmk_plain(const unsigned int cmk_id, unsigned char *cmk_plain, bool is
/* case a : try to get cmk plain from cache */
if (!get_cmk_from_cache(cmk_cache_list, cmk_id, cmk_plain)) {
/* case b : failed to get cmk plian from cache, try to get it from gs_ktool */
if (!get_cmk_plain(cmk_id, cmk_plain, &cmk_len, is_report_err)) {
return false;
}
/* check the length of cmk plain read from gs_ktool */
if (cmk_len != DEFAULT_CMK_LEN) {
if (is_report_err) {
printf(
"ERROR(GS_KTOOL): Default cmk len is %u, but the len of cmk read from gs_ktool is %u.\n",
DEFAULT_CMK_LEN, cmk_len);
}
return false;
}
push_cmk_to_cache(cmk_cache_list, cmk_id, cmk_plain);
return true;
}
return true;

1
src/common/interfaces/libpq/client_logic_hooks/encryption_hooks/gs_ktool_interface.h
View File

@ -25,7 +25,6 @@
#ifndef KTOOL_KT_INTERFACES_H
#define KTOOL_KT_INTERFACES_H
#include "gs_ktool/kt_interface.h"
#include "client_logic/client_logic_enums.h"
#define DEFAULT_CMK_LEN 32

10
src/include/client_logic/client_logic_enums.h
View File

@ -28,12 +28,12 @@
typedef enum class CmkKeyStore {
INVALID_KEYSTORE = -1,
GS_KTOOL
LOCALKMS
} CmkKeyStore;
typedef enum class CmkAlgorithm {
INVALID_ALGORITHM,
AES_256_CBC
RAS_2048
} CmkAlgorithm;
typedef enum class EncryptionType {
@ -70,7 +70,7 @@ inline CmkKeyStore get_key_store_from_string(const char *key_store)
}
if (strncasecmp(key_store, "gs_ktool", strlen("gs_ktool")) == 0) {
return CmkKeyStore::GS_KTOOL;
return CmkKeyStore::LOCALKMS;
}
return CmkKeyStore::INVALID_KEYSTORE;
@ -82,8 +82,8 @@ inline CmkAlgorithm get_algorithm_from_string(const char *algorithm)
return CmkAlgorithm::INVALID_ALGORITHM;
}
if (strncasecmp(algorithm, "AES_256_CBC", strlen("AES_256_CBC")) == 0) {
return CmkAlgorithm::AES_256_CBC;
if (strncasecmp(algorithm, "RAS_2048", strlen("RAS_2048")) == 0) {
return CmkAlgorithm::RAS_2048;
}
return CmkAlgorithm::INVALID_ALGORITHM;